infra/authelia-controller
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Default access policy one factor if no rules

Browse Source
This commit is contained in:
Dreaded_X
2025-12-23 03:23:43 +01:00
parent c80024972c
commit fc9f34939b
1 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/resources/access_control_rule.rs
View File

@@ -45,6 +45,7 @@ pub struct AccessControlRuleSpec {
#[derive(Serialize, Deserialize, Clone, Debug, Hash)] #[derive(Serialize, Deserialize, Clone, Debug, Hash)]
struct AccessControl { struct AccessControl {
rules: Vec<AccessControlRuleSpec>, rules: Vec<AccessControlRuleSpec>,
default_policy: AccessPolicy,
} }
#[derive(Serialize, Deserialize, Clone, Debug, Hash)] #[derive(Serialize, Deserialize, Clone, Debug, Hash)]
@@ -60,14 +61,22 @@ impl AccessControlRule {
debug!("Updating acl"); debug!("Updating acl");
rules.sort_by_cached_key(|rule| rule.name_any()); rules.sort_by_cached_key(|rule| rule.name_any());
let rules = rules let rules: Vec<_> = rules
.iter() .iter()
.inspect(|rule| trace!(name = rule.name_any(), "Rule found")) .inspect(|rule| trace!(name = rule.name_any(), "Rule found"))
.map(|rule| rule.spec.clone()) .map(|rule| rule.spec.clone())
.collect(); .collect();
let top = TopLevel { let top = TopLevel {
access_control: AccessControl { rules }, access_control: AccessControl {
// TODO: Make sure configurable?
default_policy: if rules.is_empty() {
AccessPolicy::OneFactor
} else {
AccessPolicy::Deny
},
rules,
},
}; };
let contents = BTreeMap::from([( let contents = BTreeMap::from([(