Skip to content

Commit 504e75f

Browse files
andrest50andrest50
authored
Merge pull request #111 from linuxfoundation/andrest50/fix-rulesets
[LFXV2-1043] Update Heimdall ruleset to use v1 OpenFGA object types
2 parents 6d6f487 + 233b7ba commit 504e75f

File tree

2 files changed

+23
-23
lines changed

2 files changed

+23
-23
lines changed

charts/lfx-v2-meeting-service/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,5 +5,5 @@ apiVersion: v2
55
name: lfx-v2-meeting-service
66
description: LFX Platform V2 Meeting Service chart
77
type: application
8-
version: 0.6.1
8+
version: 0.6.2
99
appVersion: "latest"

charts/lfx-v2-meeting-service/templates/ruleset.yaml

Lines changed: 22 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -83,7 +83,7 @@ spec:
8383
config:
8484
values:
8585
relation: viewer
86-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
86+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
8787
{{- else }}
8888
{{/*
8989
When OpenFGA is disabled, allow all requests
@@ -114,7 +114,7 @@ spec:
114114
config:
115115
values:
116116
relation: organizer
117-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
117+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
118118
{{- else }}
119119
{{/*
120120
When OpenFGA is disabled, allow all requests
@@ -145,7 +145,7 @@ spec:
145145
config:
146146
values:
147147
relation: organizer
148-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
148+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
149149
{{- else }}
150150
{{/*
151151
When OpenFGA is disabled, allow all requests
@@ -207,7 +207,7 @@ spec:
207207
config:
208208
values:
209209
relation: viewer
210-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
210+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
211211
{{- else }}
212212
{{/*
213213
When OpenFGA is disabled, allow all requests
@@ -238,7 +238,7 @@ spec:
238238
config:
239239
values:
240240
relation: organizer
241-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
241+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
242242
{{- else }}
243243
{{/*
244244
When OpenFGA is disabled, allow all requests
@@ -269,7 +269,7 @@ spec:
269269
config:
270270
values:
271271
relation: organizer
272-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
272+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
273273
{{- else }}
274274
{{/*
275275
When OpenFGA is disabled, allow all requests
@@ -300,7 +300,7 @@ spec:
300300
config:
301301
values:
302302
relation: auditor
303-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
303+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
304304
{{- else }}
305305
{{/*
306306
When OpenFGA is disabled, allow all requests
@@ -331,7 +331,7 @@ spec:
331331
config:
332332
values:
333333
relation: organizer
334-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
334+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
335335
{{- else }}
336336
{{/*
337337
When OpenFGA is disabled, allow all requests
@@ -362,7 +362,7 @@ spec:
362362
config:
363363
values:
364364
relation: organizer
365-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
365+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
366366
{{- else }}
367367
{{/*
368368
When OpenFGA is disabled, allow all requests
@@ -393,7 +393,7 @@ spec:
393393
config:
394394
values:
395395
relation: viewer
396-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
396+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
397397
{{- else }}
398398
{{/*
399399
When OpenFGA is disabled, allow all requests
@@ -424,7 +424,7 @@ spec:
424424
config:
425425
values:
426426
relation: organizer
427-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
427+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
428428
{{- else }}
429429
{{/*
430430
When OpenFGA is disabled, allow all requests
@@ -455,7 +455,7 @@ spec:
455455
config:
456456
values:
457457
relation: organizer
458-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
458+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
459459
{{- else }}
460460
{{/*
461461
When OpenFGA is disabled, allow all requests
@@ -486,7 +486,7 @@ spec:
486486
config:
487487
values:
488488
relation: organizer
489-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
489+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
490490
{{- else }}
491491
{{/*
492492
When OpenFGA is disabled, allow all requests
@@ -517,7 +517,7 @@ spec:
517517
config:
518518
values:
519519
relation: organizer
520-
object: "meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
520+
object: "v1_meeting:{{ "{{- .Request.URL.Captures.meeting_id -}}" }}"
521521
{{- else }}
522522
{{/*
523523
When OpenFGA is disabled, allow all requests
@@ -579,7 +579,7 @@ spec:
579579
config:
580580
values:
581581
relation: viewer
582-
object: "past_meeting:{{ "{{- .Request.PathParameters.past_meeting_id -}}" }}"
582+
object: "v1_past_meeting:{{ "{{- .Request.URL.Captures.past_meeting_id -}}" }}"
583583
{{- else }}
584584
{{/*
585585
When OpenFGA is disabled, allow all requests
@@ -610,7 +610,7 @@ spec:
610610
config:
611611
values:
612612
relation: organizer
613-
object: "past_meeting:{{ "{{- .Request.PathParameters.past_meeting_id -}}" }}"
613+
object: "v1_past_meeting:{{ "{{- .Request.URL.Captures.past_meeting_id -}}" }}"
614614
{{- else }}
615615
{{/*
616616
When OpenFGA is disabled, allow all requests
@@ -641,7 +641,7 @@ spec:
641641
config:
642642
values:
643643
relation: organizer
644-
object: "past_meeting:{{ "{{- .Request.PathParameters.past_meeting_id -}}" }}"
644+
object: "v1_past_meeting:{{ "{{- .Request.URL.Captures.past_meeting_id -}}" }}"
645645
{{- else }}
646646
- authorizer: allow_all
647647
{{- end }}
@@ -668,7 +668,7 @@ spec:
668668
config:
669669
values:
670670
relation: viewer
671-
object: "past_meeting_summary:{{ "{{- .Request.PathParameters.summary_uid -}}" }}"
671+
object: "v1_past_meeting_summary:{{ "{{- .Request.URL.Captures.summary_uid -}}" }}"
672672
{{- else }}
673673
{{/*
674674
When OpenFGA is disabled, allow all requests
@@ -699,7 +699,7 @@ spec:
699699
config:
700700
values:
701701
relation: organizer
702-
object: "past_meeting_summary:{{ "{{- .Request.PathParameters.summary_uid -}}" }}"
702+
object: "v1_past_meeting_summary:{{ "{{- .Request.URL.Captures.summary_uid -}}" }}"
703703
{{- else }}
704704
{{/*
705705
When OpenFGA is disabled, allow all requests
@@ -730,7 +730,7 @@ spec:
730730
config:
731731
values:
732732
relation: organizer
733-
object: "past_meeting:{{ "{{- .Request.PathParameters.past_meeting_id -}}" }}"
733+
object: "v1_past_meeting:{{ "{{- .Request.URL.Captures.past_meeting_id -}}" }}"
734734
{{- else }}
735735
{{/*
736736
When OpenFGA is disabled, allow all requests
@@ -761,7 +761,7 @@ spec:
761761
config:
762762
values:
763763
relation: organizer
764-
object: "past_meeting:{{ "{{- .Request.PathParameters.past_meeting_id -}}" }}"
764+
object: "v1_past_meeting:{{ "{{- .Request.URL.Captures.past_meeting_id -}}" }}"
765765
{{- else }}
766766
{{/*
767767
When OpenFGA is disabled, allow all requests
@@ -792,7 +792,7 @@ spec:
792792
config:
793793
values:
794794
relation: organizer
795-
object: "past_meeting:{{ "{{- .Request.PathParameters.past_meeting_id -}}" }}"
795+
object: "v1_past_meeting:{{ "{{- .Request.URL.Captures.past_meeting_id -}}" }}"
796796
{{- else }}
797797
{{/*
798798
When OpenFGA is disabled, allow all requests

0 commit comments

Comments
 (0)