To add a collaborator to this project you will need to use the Relish gem to add the collaborator via a terminal command. Soon you'll be able to also add collaborators here!
More about adding a collaboratorRBAC privileges control whether a role can update and/or fetch a secret.
- Background
-
- Given
- I create a new resource
- And
- a new user "bob"
- And
- I create 1 secret values
- Scenarios
-
- Fetching a secret as an unauthorized user results in a 403 error.
- Updating a secret as an unauthorized user results in a 403 error.
- A foreign role can be granted permission to fetch a secret.
- A foreign role can be granted permission to update a secret.
- Fetching a secret as an unauthorized user results in a 403 error.
-
- Given
- I login as "bob"
- When
- I GET "/secrets/:account/:resource_kind/:resource_id"
- Then
- it's forbidden
- Updating a secret as an unauthorized user results in a 403 error.
-
- Given
- I login as "bob"
- When
-
I POST "/secrets/:account/:resource_kind/:resource_id" with parameters:
v-1
- Then
- it's forbidden
- A foreign role can be granted permission to fetch a secret.
-
The
execute
privilege can be granted to any role to allow it to fetch a secret.- Given
- I permit user "bob" to "execute" it
- And
- I login as "bob"
- Then
- I can GET "/secrets/:account/:resource_kind/:resource_id"
- A foreign role can be granted permission to update a secret.
-
The
update
privilege can be granted to any role to allow it to update a secret.- Given
- I permit user "bob" to "update" it
- When
- I login as "bob"
- Then
-
I can POST "/secrets/:account/:resource_kind/:resource_id" with parameters:
v-1
Last published almost 6 years ago by Kevin Gilpin.