Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
IAM policy engine, parser, and entity refactoring - EUCA-10449
The policy engine is updated so the relevant polcies are passed in rather than being obtained from the user/account. The policy parser now outputs immutable policy objects rather than persistent entities. Policy persistence is updated to remove persistence of the decomposed policy and the corresponding entities. The policy engine is updated so it no longer checks for an enabled user, this check is now performed at authentication time. Special cases for account and administrator checks are removed, we now use a single pass for policy evaluation. Some of the vestigal user/account registration functionality is removed. EUCA-5242 EUCA-9481 EUCA-10449
- Loading branch information
Showing
114 changed files
with
1,233 additions
and
2,882 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.