mirror of
https://github.com/meta-llama/llama-stack.git
synced 2025-12-03 01:48:05 +00:00
a29253e9bf
Changed UserInOwnersList.matches() to return False instead of True when a resource's owner attributes are None. This prevents unintended access when resource when owner attributes arn't present. For example, checking "user in owners teams" now returns False if the resource has no teams attribute, rather than defaulting to True. Changed UserIsOwner.matches() to return True when a resource has no owner attribute set. This allows access to resources that don't use the owner attribute. Updated default_policy to use multiple separate "user in owners" AccessRules instead of a single rule with multiple when clauses. With the new fail-closed behavior, only one rule needs to match. Added a "user is owner" rule to handle resources without attribute-based access. Closes: #4272 Signed-off-by: Derek Higgins <derekh@redhat.com> |
||
|---|---|---|
| .. | ||
| test_access_control.py | ||
| test_auth.py | ||
| test_auth_github.py | ||
| test_cors.py | ||
| test_quota.py | ||
| test_replace_env_vars.py | ||
| test_resolver.py | ||
| test_schema_registry.py | ||
| test_server.py | ||
| test_sse.py | ||