feat: Default access policy one factor if no rules

docker-bake.hcl

@@ -6,23 +6,9 @@ group "default" {
 }
 
 target "docker-metadata-action" {}
-target "cache" {
-  cache-from = [
-    {
-      type = "gha",
-    }
-  ]
-
-  cache-to = [
-    {
-      type = "gha",
-      mode = "max"
-    }
-  ]
-}
 
 target "authelia-controller" {
-  inherits = ["docker-metadata-action", "cache"]
+  inherits = ["docker-metadata-action"]
   context = "./"
   dockerfile = "Dockerfile"
   tags = [for tag in target.docker-metadata-action.tags : "${TAG_BASE}:${tag}"]
@@ -30,7 +16,6 @@ target "authelia-controller" {
 }
 
 target "manifests" {
-  inherits = ["cache"]
   context = "./"
   dockerfile = "Dockerfile"
   target = "manifests"

src/resources/access_control_rule.rs

@@ -45,11 +45,11 @@ pub struct AccessControlRuleSpec {
 #[derive(Serialize, Deserialize, Clone, Debug, Hash)]
 struct AccessControl {
     rules: Vec<AccessControlRuleSpec>,
-    default_policy: AccessPolicy,
 }
 
 #[derive(Serialize, Deserialize, Clone, Debug, Hash)]
 struct TopLevel {
+    default_policy: AccessPolicy,
     access_control: AccessControl,
 }
 
@@ -68,15 +68,13 @@ impl AccessControlRule {
             .collect();
 
         let top = TopLevel {
-            access_control: AccessControl {
+            // TODO: Make sure configurable?
-                // TODO: Make sure configurable?
+            default_policy: if rules.is_empty() {
-                default_policy: if rules.is_empty() {
+                AccessPolicy::OneFactor
-                    AccessPolicy::OneFactor
+            } else {
-                } else {
+                AccessPolicy::Deny
-                    AccessPolicy::Deny
-                },
-                rules,
             },
+            access_control: AccessControl { rules },
         };
 
         let contents = BTreeMap::from([(