etc/authzd/policy1.cedar


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

permit (principal, action, resource)
when
{
  context has host &&
  context has method &&
  context has path &&
  (
    (
      context.host == "sparkle.runway.gitlab.net" ||
      context.host == "sparkle.staging.runway.gitlab.net" ||
      context.host like "localhost:*"
    ) && (
      (
      context.method == "GET" &&
     (context.path == "/" ||
      context.path == "/callback" ||
      context.path == "/dashboard/nav" ||
      context.path == "/health" ||
      context.path == "/signout" ||
      context.path == "/sparkles")) ||
    (context.method == "POST" && (context.path == "/sparkles/restore"))))
};