diff --git a/README.md b/README.md index a4c3719c3..64a3f8966 100644 --- a/README.md +++ b/README.md @@ -240,7 +240,7 @@ Creation of the bearer token is mandatory, and creation of the session token is optional. If you want to add the session token you need to add a parameter `create-session-token`. -Rules for bearer token can be set via param `bearer-rules`, if it is not set, +Rules for bearer token can be set via param `bearer-rules` (json-string and file path allowed), if it is not set, it will be auto-generated with values: ``` @@ -268,7 +268,7 @@ it will be auto-generated with values: } ``` -Rules for session token can be set via param `session-rules`, default value is: +Rules for session token can be set via param `session-rules` (json-string and file path allowed), default value is: ``` { "verb": "PUT", diff --git a/cmd/authmate/main.go b/cmd/authmate/main.go index d557fc242..7e46c4c44 100644 --- a/cmd/authmate/main.go +++ b/cmd/authmate/main.go @@ -246,8 +246,8 @@ func issueSecret() *cli.Command { ContainerFriendlyName: containerFriendlyName, NeoFSKey: key, GatesPublicKeys: gatesPublicKeys, - EACLRules: []byte(eaclRulesFlag), - ContextRules: []byte(contextRulesFlag), + EACLRules: getJSONRules(eaclRulesFlag), + ContextRules: getJSONRules(contextRulesFlag), SessionTkn: sessionTokenFlag, Lifetime: lifetimeFlag, } @@ -261,6 +261,14 @@ func issueSecret() *cli.Command { } } +func getJSONRules(val string) []byte { + if data, err := os.ReadFile(val); err == nil { + return data + } + + return []byte(val) +} + func obtainSecret() *cli.Command { command := &cli.Command{ Name: "obtain-secret",