Skip to content
This repository has been archived by the owner on Feb 14, 2025. It is now read-only.

Commit

Permalink
fix
Browse files Browse the repository at this point in the history
  • Loading branch information
@meng-han
meng-han committed Oct 16, 2024
1 parent 525b8fd commit 0f82ee9
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion confidant/authnz/rbac.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,9 @@ def default_acl(*args, **kwargs):
action = kwargs.get('action')
resource_id = kwargs.get('resource_id')
resource_kwargs = kwargs.get('kwargs')
logger.info(f"input: {resource_type} {action} {resource_id} {resource_kwargs}")
logger.info(f"authnz.user_is_user_type('user') = {authnz.user_is_user_type('user')}")
logger.info(f"authnz.user_is_user_type('service') = {authnz.user_is_user_type('service')}")
if authnz.user_is_user_type('user'):
if resource_type == 'certificate':
return False
Expand All @@ -41,7 +44,7 @@ def default_acl(*args, **kwargs):
return True
elif resource_type == 'ca' and action in ['list', 'get']:
return True
elif resource_type == 'certificate' and action in ['get', 'post']:
elif resource_type == 'certificate' and action in ['get']:
ca_object = certificatemanager.get_ca(resource_kwargs.get('ca'))
logger.info(f'ca object settings = {ca_object.settings}')
# Require a name pattern
Expand Down

0 comments on commit 0f82ee9

Please sign in to comment.