From 036f61841fbc196eb3d81cc2ce7cd0d106e776e4 Mon Sep 17 00:00:00 2001
From: Edwin Lawrance <Edwin.Lawrance@amdocs.com>
Date: Wed, 24 Oct 2018 14:47:01 +0100
Subject: Adding pluggable security to Babel

Change-Id: Ie96d9438d66021941c3d0c12ca19b28e2c2ed71e
Issue-ID: AAI-1764
Signed-off-by: Edwin Lawrance <Edwin.Lawrance@amdocs.com>
---
 .../rproxy/config/auth/uri-authorization.json      | 93 ++++++++++++++++++++++
 1 file changed, 93 insertions(+)
 create mode 100644 charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json

(limited to 'charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json')

diff --git a/charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json b/charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json
new file mode 100644
index 0000000..acc9409
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json
@@ -0,0 +1,93 @@
+[
+  {
+    "uri": "\/not\/allowed\/at\/all$",
+    "permissions": [
+      "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+     ]
+  },
+  {
+    "uri": "\/one\/auth\/required$",
+    "permissions": [
+      "test.auth.access.aSimpleSingleAuth"
+     ]
+  },
+  {
+    "uri": "\/multi\/auth\/required$",
+    "permissions": [
+      "test.auth.access.aMultipleAuth1",
+      "test.auth.access.aMultipleAuth2",
+      "test.auth.access.aMultipleAuth3"
+     ]
+  },
+  {
+    "uri": "\/one\/[^\/]+\/required$",
+    "permissions": [
+      "test.auth.access.aSimpleSingleAuth"
+     ]
+  },
+  {
+    "uri": "\/services\/getAAFRequest$",
+    "permissions": [
+      "test.auth.access|services|GET,PUT"
+     ]
+  },
+  {
+    "uri": "\/admin\/getAAFRequest$",
+    "permissions": [
+      "test.auth.access|admin|GET,PUT,POST"
+     ]
+  },
+  {
+    "uri": "\/service\/aai\/webapp\/index.html$",
+    "permissions": [
+      "test.auth.access|services|GET,PUT"
+     ]
+  },
+  {
+    "uri": "\/services\/aai\/webapp\/index.html$",
+    "permissions": [
+      "test.auth.access|services|GET,PUT"
+     ]
+  },
+  {
+    "uri": "\/$",
+    "permissions": [
+    	"\\|services\\|GET",
+      "test\\.auth\\.access\\|services\\|GET,PUT"
+     ]
+  },
+  {
+    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+    "permissions": [
+      "test\\.auth\\.access\\|rest\\|read"
+     ]
+  },
+  {
+    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+    "permissions": [
+      "test.auth.access|clouds|read",
+      "test.auth.access|tenants|read"
+    ]
+  },
+  {
+    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+    "permissions": [
+      "test.auth.access|clouds|read",
+      "test.auth.access|tenants|read",
+      "test.auth.access|vservers|read"
+    ]
+  },
+  {
+    "uri": "\/backend$",
+    "permissions": [
+      "test\\.auth\\.access\\|services\\|GET,PUT",
+      "\\|services\\|GET"
+     ]
+  },
+  {
+    "uri": "\/services\/babel-service\/.*",
+    "permissions": [
+      "org\\.access\\|\\*\\|\\*"
+     ]
+  }
+]
-- 
cgit 1.2.3-korg