search

mozilla / doorman

Doorman is an authorization (micro)service.
https://mozilla-doorman.readthedocs.io/
Mozilla Public License 2.0
52 stars 12 forks source link

Simulate authorization requests #53

Open leplatrem opened 7 years ago

leplatrem commented 7 years ago
leplatrem commented 7 years ago

Idea:

Provide test files that would be executed out of the http request/response. They could be define in YAML as well (and even as part of the same file as policies)

POLICIES=policies.yaml doorman test

# policies.yaml
policies:
  - ...
tests:
  -
    principals:
      - userid: ldap|alice
      - group:hris_staff
    action:   create
    resource: pto
    policy:   staff-create-pto
    allowed:  true
  -
    principals:
      - userid: ldap|alice
    action:   delete
    resource: article
    allowed:  false
  -
    principals:
      - userid: ldap|alice
    action:   delete
    resource: article
    context:
      roles:
        - author
    allowed:  false