Skip to content

Commit da19987

Browse files
committed
merge main
Signed-off-by: Jose I. Paris <jiparis@chainloop.dev>
1 parent 9730f4d commit da19987

2 files changed

Lines changed: 1 addition & 31 deletions

File tree

app/controlplane/pkg/authz/authz.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -373,7 +373,7 @@ var ServerOperationsMap = map[string]*OperationPolicy{
373373
// CAS Backend listing
374374
"/controlplane.v1.CASBackendService/List": {Policies: []*Policy{PolicyCASBackendList}},
375375
"/controlplane.v1.CASBackendService/Revalidate": {Policies: []*Policy{PolicyCASBackendUpdate}},
376-
"/controlplane.v1.CASBackendService/Create": {Policies: []*Policy{PolicyCASBackendCreate}, ExternalAuthz: true},
376+
"/controlplane.v1.CASBackendService/Create": {Policies: []*Policy{PolicyCASBackendCreate}},
377377
// Available integrations
378378
"/controlplane.v1.IntegrationsService/ListAvailable": {Policies: []*Policy{PolicyAvailableIntegrationList, PolicyAvailableIntegrationRead}},
379379
// Registered integrations

app/controlplane/pkg/authz/authz_test.go

Lines changed: 0 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -129,36 +129,6 @@ func TestDoSync(t *testing.T) {
129129
assert.Equal(t, "delete", got[0][2])
130130
}
131131

132-
func TestRequiresExternalAuthz(t *testing.T) {
133-
testCases := []struct {
134-
name string
135-
operation string
136-
want bool
137-
}{
138-
{
139-
name: "CAS backend creation is forwarded to the external authorizer",
140-
operation: "/controlplane.v1.CASBackendService/Create",
141-
want: true,
142-
},
143-
{
144-
name: "operations without external authz flag are not forwarded",
145-
operation: "/controlplane.v1.WorkflowService/List",
146-
want: false,
147-
},
148-
{
149-
name: "unknown operations are not forwarded",
150-
operation: "/controlplane.v1.UnknownService/Unknown",
151-
want: false,
152-
},
153-
}
154-
155-
for _, tc := range testCases {
156-
t.Run(tc.name, func(t *testing.T) {
157-
assert.Equal(t, tc.want, RequiresExternalAuthz(tc.operation))
158-
})
159-
}
160-
}
161-
162132
func testEnforcer(t *testing.T) (*CasbinEnforcer, io.Closer) {
163133
f, err := os.CreateTemp(t.TempDir(), "policy*.csv")
164134
if err != nil {

0 commit comments

Comments
 (0)