authz_model.conf 249 Bytes
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14


[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && keyMatch(r.obj, p.obj) && (r.act == p.act || p.act == "*")