[#18] acl: Add impersonate field to bearer token

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-02-21 11:18:35 +03:00 · 2023-02-21 11:18:35 +03:00 · bd50db1151
commit bd50db1151
parent cbc038f84e
3 changed files with 6 additions and 0 deletions
--- a/proto-docs/acl.md
+++ b/proto-docs/acl.md
@ -60,6 +60,7 @@ owner with additional information preventing token abuse.
 | eacl_table | [EACLTable](#neo.fs.v2.acl.EACLTable) |  | Table of Extended ACL rules to use instead of the ones attached to the container. If it contains `container_id` field, bearer token is only valid for this specific container. Otherwise, any container of the same owner is allowed. |
 | owner_id | [neo.fs.v2.refs.OwnerID](#neo.fs.v2.refs.OwnerID) |  | `OwnerID` defines to whom the token was issued. It must match the request originator's `OwnerID`. If empty, any token bearer will be accepted. |
 | lifetime | [BearerToken.Body.TokenLifetime](#neo.fs.v2.acl.BearerToken.Body.TokenLifetime) |  | Token expiration and valid time period parameters |
+| allow_impersonate | [bool](#bool) |  | AllowImpersonate flag to consider token signer as request owner. If this field is true extended ACL table in token body isn't processed. |


 <a name="neo.fs.v2.acl.BearerToken.Body.TokenLifetime"></a>