Organizations update

2018-04-30 13:25:10 +02:00
parent 654e8a5817
commit bc6bfdec46
12 changed files with 414 additions and 209 deletions
--- a/authorization_model.conf
+++ b/authorization_model.conf
@@ -1,11 +1,11 @@
 [request_definition]
-r = role, objectsRole, orgRelation, objectsRelation, obj, act
+r = role, objectsRole, orgType, objectsOrgType, orgRelation, objectsRelation, obj, act

 [policy_definition]
-p = role, objectsRole, orgRelation, objectsRelation, obj, act
+p = role, objectsRole, orgType, objectsOrgType, orgRelation, objectsRelation, obj, act

 [policy_effect]
 e = some(where (p.eft == allow)) && !some(where (p.eft == deny))

 [matchers]
-m = keyMatch(r.role, p.role) && keyMatch(r.objectsRole, p.objectsRole) && keyMatch(r.objectsRelation, p.objectsRelation) && keyMatch(r.orgRelation, p.orgRelation) && keyMatch(r.obj, p.obj) && (r.act == p.act || p.act == "*")
+m = keyMatch(r.role, p.role) && keyMatch(r.objectsRole, p.objectsRole) && keyMatch(r.orgType, p.orgType) && keyMatch(r.objectsOrgType, p.objectsOrgType) && keyMatch(r.objectsRelation, p.objectsRelation) && keyMatch(r.orgRelation, p.orgRelation) && keyMatch(r.obj, p.obj) && (r.act == p.act || p.act == "*")