summaryrefslogtreecommitdiffstats
path: root/sidecar/rproxy/config/auth
diff options
context:
space:
mode:
authorIanB <IanB@amdocs.com>2019-03-13 11:15:31 +0000
committerIanB <IanB@amdocs.com>2019-03-13 11:30:27 +0000
commit94f286b3ab4da2d73f9cbdf3849aebb72c0476ea (patch)
treee3265f0606dcfd179b47bebc6fc9429b5233d8a0 /sidecar/rproxy/config/auth
parent8f1cca674c0430d0d6424778d2a720f2c9f156c7 (diff)
Enhance RProxy authorization to use request method
Authorization filter now takes into account the request method. The desired method can now be added to the authorization file defaulting to GET if not supplied. The request URI & method can now be checked against the authorization configuration along with the needed permissions. Issue-ID: AAF-786 Change-Id: I25f6f2180ac9d94a30ca5ba1aa349fb424c18d81 Signed-off-by: IanB <IanB@amdocs.com>
Diffstat (limited to 'sidecar/rproxy/config/auth')
-rw-r--r--sidecar/rproxy/config/auth/uri-authorization.json9
1 files changed, 9 insertions, 0 deletions
diff --git a/sidecar/rproxy/config/auth/uri-authorization.json b/sidecar/rproxy/config/auth/uri-authorization.json
index 61ea9e6..208db1a 100644
--- a/sidecar/rproxy/config/auth/uri-authorization.json
+++ b/sidecar/rproxy/config/auth/uri-authorization.json
@@ -7,6 +7,14 @@
},
{
"uri": "\/single\/permission\/required$",
+ "method": "GET",
+ "permissions": [
+ "test.single.access\\|single\\|permission"
+ ]
+ },
+ {
+ "uri": "\/single\/permission\/required$",
+ "method": "PUT|POST",
"permissions": [
"test.single.access\\|single\\|permission"
]
@@ -92,6 +100,7 @@
},
{
"uri": "\/aai\/v13\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+ "method": "GET",
"permissions": [
"test.auth.access\\|clouds\\|read",
"test.auth.access\\|tenants\\|read"