Show current state of access

[jeffandersen]

Was asked an interesting question today:

How do I see which policies affect me?

The short answer today is:

With a lot of effort

To understand your position in the ACLs you'd need to:

• torus teams list
• torus teams members <team> for each team
• torus policies list
• torus policies view <policy> for each policy attached to each team
• Then decipher in your head how the policies resolve.

I propose that we add a command which will show the current access status: torus policies access for example.

This would look at the authenticated user/machine, and then dump the complete resolved policy so that you can easily understand the position you're in.

[jeffandersen]

Additional features that should come out of this:

• Viewing the aggregate policy for a team or another user
• Test an action against a path for a given user