From cdbe10ec67edd118616f5c37c07318fa0636928b Mon Sep 17 00:00:00 2001 From: Gerald Baulig Date: Mon, 7 Oct 2024 13:05:29 +0200 Subject: [PATCH] fix(rules): set back to fallback-deny-rule and drop fallback-deny-policy --- datasets/system/data/seed-data/policies.yaml | 34 +++++++++++++++++++ .../system/data/seed-data/policy_sets.yaml | 1 - 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/datasets/system/data/seed-data/policies.yaml b/datasets/system/data/seed-data/policies.yaml index a9e8bc9..123a633 100644 --- a/datasets/system/data/seed-data/policies.yaml +++ b/datasets/system/data/seed-data/policies.yaml @@ -39,6 +39,7 @@ - user-permits-all-owned - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -87,6 +88,7 @@ - sales-permits-read-hr-scoped - customer-permits-read-hr-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -116,6 +118,7 @@ - user-permits-all-owned - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -142,6 +145,7 @@ - customer-permits-read-hr-scoped - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -168,6 +172,7 @@ - customer-permits-read-hr-scoped - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -196,6 +201,7 @@ - user-permits-all-owned - customer-permits-read-owned - unauthenticated-user-permits-read-owned + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -218,6 +224,7 @@ value: urn:restorecommerce:acs:model:credential.Credental rules: - user-permits-all-owned + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -242,6 +249,7 @@ - administrator-permits-all-hr-scoped - sales-permits-read-hr-scoped - customer-permits-read-hr-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -266,6 +274,7 @@ - administrator-permits-all-hr-scoped - sales-permits-read-hr-scoped - customer-permits-read-hr-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -291,6 +300,7 @@ - sales-permits-all-hr-scoped - moderator-permits-read-hr-scoped - user-permits-read-owned + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -316,6 +326,7 @@ - sales-permits-all-hr-scoped - moderator-permits-read-hr-scoped - user-permits-read-owned + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -342,6 +353,7 @@ - customer-permits-read-hr-scoped - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -366,6 +378,7 @@ - administrator-permits-all-hr-scoped - sales-permits-all-hr-scoped - customer-permits-read-hr-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -393,6 +406,7 @@ - sales-permits-all-hr-scoped - moderator-permits-all-hr-scoped - user-permits-read-owned + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -419,6 +433,7 @@ - administrator-permits-all-hr-scoped - sales-requires-order-state-submitted - user-requires-order-state-pending + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -464,6 +479,7 @@ rules: - administrator-permits-all-hr-scoped - customer-requires-order-state-pending + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -489,6 +505,7 @@ - sales-requires-order-state-submitted - moderator-requires-order-state-submitted - customer-requires-order-state-submitted + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -513,6 +530,7 @@ - administrator-permits-all-hr-scoped - sales-requires-order-state-submitted - sales-requires-order-state-withdrawn + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -543,6 +561,7 @@ - customer-permits-read-hr-scoped - user-permits-all-owned - permit-read-strict-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -570,6 +589,7 @@ - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system - user-permits-all-owned + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -596,6 +616,7 @@ - customer-permits-read-hr-scoped - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -621,6 +642,7 @@ - sales-permits-read-hr-scoped - moderator-permits-read-hr-scoped - user-permits-read-owned + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -645,6 +667,7 @@ - administrator-permits-all-hr-scoped - sales-permits-all-hr-scoped - customer-permits-read-hr-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -669,6 +692,7 @@ - administrator-permits-all-hr-scoped - sales-permits-all-hr-scoped - customer-permits-read-hr-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -693,6 +717,7 @@ - administrator-permits-all-hr-scoped - sales-permits-all-hr-scoped - customer-permits-read-hr-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -717,6 +742,7 @@ - administrator-permits-all-hr-scoped - sales-permits-all-hr-scoped - customer-permits-read-hr-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -763,6 +789,7 @@ - administrator-permits-all-hr-scoped - sales-permits-all-hr-scoped - customer-permits-read-hr-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -787,6 +814,7 @@ - administrator-permits-all-hr-scoped - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -812,6 +840,7 @@ - sales-permits-read-hr-scoped - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -837,6 +866,7 @@ - sales-permits-read-hr-scoped - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -859,6 +889,7 @@ value: urn:restorecommerce:acs:model:token.Token rules: - user-permits-all-owned + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -884,6 +915,7 @@ - sales-permits-read-hr-scoped - permit-read-strict-scoped - domainless-unauthenticated-permits-read-system + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -912,6 +944,7 @@ - user-permits-read-owned - user-permits-update-owned - unauthenticated-user-permits-create-strict-scoped + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity @@ -942,6 +975,7 @@ - domainless-unauthenticated-permits-update - unauthenticated-user-permits-update-hr-scoped - user-permits-update-user-owned + - fallback-deny-all meta: owners: - id: urn:restorecommerce:acs:names:ownerIndicatoryEntity diff --git a/datasets/system/data/seed-data/policy_sets.yaml b/datasets/system/data/seed-data/policy_sets.yaml index 08875cf..45f3b73 100644 --- a/datasets/system/data/seed-data/policy_sets.yaml +++ b/datasets/system/data/seed-data/policy_sets.yaml @@ -45,7 +45,6 @@ - unit-code-policy - user-policy - user-credentials-reset-policy - - fallback-deny-policy meta: modifiedBy: "" owners: