acs-integration-tests/src/test/resources/policies/permit-admin-only-using-condition.json - gerrit/www.eclipse.org/keti - Git at Google

 {
     "name" : "permit-admin-only-using-condition",
     "policies" : [
         {
             "name" : "Subject with role Administrator has access to everything",
             "conditions" : [
                 {
                   "name":"",
                   "condition" : "match.single(subject.attributes('https://acs.attributes.int', 'role'), 'administrator')"
                 }
             ],
             "effect" : "PERMIT"
         },
         {
             "name" : "DENY to everyone else",
             "effect" : "DENY"
         }
     ]
 }
	{
	"name" : "permit-admin-only-using-condition",
	"policies" : [
	{
	"name" : "Subject with role Administrator has access to everything",
	"conditions" : [
	{
	"name":"",
	"condition" : "match.single(subject.attributes('https://acs.attributes.int', 'role'), 'administrator')"
	}
	],
	"effect" : "PERMIT"
	},
	{
	"name" : "DENY to everyone else",
	"effect" : "DENY"
	}
	]
	}