{ | |
"name" : "default", | |
"policies" : [ | |
{ | |
"name" : "Operators can read a site if they are assigned to the site.", | |
"target" : { | |
"name" : "When a operator reads a site", | |
"resource" : { | |
"name" : "Site", | |
"uriTemplate" : "/secured-by-value/sites/{site_id}" | |
}, | |
"action" : "GET", | |
"subject" : { | |
"name":"" | |
} | |
}, | |
"conditions" : [ | |
{ | |
"name":"", | |
"condition" : "match.single(subject.attributes('https://acs.attributes.int', 'site'), resource.uriVariable('site_id'))" | |
} | |
], | |
"effect" : "PERMIT" | |
} | |
] | |
} |