mirror of https://github.com/status-im/consul.git
dfea3a0efe
To properly enforce writes on resources that have workload selectors with prefixes, we need another service authorization rule that allows us to check whether read is allowed within a given prefix. Specifically we need to only allow writes if the policy prefix allows for a wider set of names than the prefix selector on the resource. We should also not allow policies with exact names for prefix matches. Part of [NET-3993] |
||
|---|---|---|
| .. | ||
| catalogtest | ||
| internal | ||
| exports.go | ||