[#1177] cli: Fix resource name parsing
All checks were successful
DCO action / DCO (pull_request) Successful in 8m11s
Vulncheck / Vulncheck (pull_request) Successful in 8m55s
Build / Build Components (1.22) (pull_request) Successful in 9m37s
Build / Build Components (1.21) (pull_request) Successful in 9m59s
Tests and linters / Staticcheck (pull_request) Successful in 11m10s
Tests and linters / Lint (pull_request) Successful in 12m17s
Tests and linters / gopls check (pull_request) Successful in 12m11s
Tests and linters / Tests (1.21) (pull_request) Successful in 17m5s
Tests and linters / Tests (1.22) (pull_request) Successful in 17m38s
Tests and linters / Tests with -race (pull_request) Successful in 17m37s
Pre-commit hooks / Pre-commit (pull_request) Successful in 17m52s
All checks were successful
DCO action / DCO (pull_request) Successful in 8m11s
Vulncheck / Vulncheck (pull_request) Successful in 8m55s
Build / Build Components (1.22) (pull_request) Successful in 9m37s
Build / Build Components (1.21) (pull_request) Successful in 9m59s
Tests and linters / Staticcheck (pull_request) Successful in 11m10s
Tests and linters / Lint (pull_request) Successful in 12m17s
Tests and linters / gopls check (pull_request) Successful in 12m11s
Tests and linters / Tests (1.21) (pull_request) Successful in 17m5s
Tests and linters / Tests (1.22) (pull_request) Successful in 17m38s
Tests and linters / Tests with -race (pull_request) Successful in 17m37s
Pre-commit hooks / Pre-commit (pull_request) Successful in 17m52s
* If `root` name is given explicitly, then it should be translated to `//` but not `/root/`. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
This commit is contained in:
parent
3fc8e0e08c
commit
b9d6c9d10c
2 changed files with 11 additions and 2 deletions
|
|
@ -279,7 +279,7 @@ func parseResource(lexeme string, isObj bool) (string, error) {
|
|||
if isObj {
|
||||
if lexeme == "*" {
|
||||
return nativeschema.ResourceFormatAllObjects, nil
|
||||
} else if lexeme == "/*" {
|
||||
} else if lexeme == "/*" || lexeme == "root/*" {
|
||||
return nativeschema.ResourceFormatRootObjects, nil
|
||||
} else if strings.HasPrefix(lexeme, "/") {
|
||||
lexeme = lexeme[1:]
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ func TestParseAPERule(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
name: "Valid rule for all objects in root namespace",
|
||||
name: "Valid rule for all objects in implicit root namespace",
|
||||
rule: "allow Object.Put /*",
|
||||
expectRule: policyengine.Rule{
|
||||
Status: policyengine.Allow,
|
||||
|
|
@ -34,6 +34,15 @@ func TestParseAPERule(t *testing.T) {
|
|||
Resources: policyengine.Resources{Names: []string{nativeschema.ResourceFormatRootObjects}},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Valid rule for all objects in explicit root namespace",
|
||||
rule: "allow Object.Put root/*",
|
||||
expectRule: policyengine.Rule{
|
||||
Status: policyengine.Allow,
|
||||
Actions: policyengine.Actions{Names: []string{nativeschema.MethodPutObject}},
|
||||
Resources: policyengine.Resources{Names: []string{nativeschema.ResourceFormatRootObjects}},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Valid rule for all objects in root namespace and container",
|
||||
rule: "allow Object.Put /cid/*",
|
||||
|
|
|
|||
Loading…
Reference in a new issue