generated from amazon-archives/__template_Apache-2.0
-
Notifications
You must be signed in to change notification settings - Fork 35
Expand file tree
/
Copy pathrun.sh
More file actions
executable file
·62 lines (53 loc) · 10.1 KB
/
run.sh
File metadata and controls
executable file
·62 lines (53 loc) · 10.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
echo "Testing that Alice can do all actions on the Administration Folder as a member"
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"viewFolder\"" --resource "Folder::\"administration\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"editFolder\"" --resource "Folder::\"administration\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"shareFolder\"" --resource "Folder::\"administration\""
echo "Testing that Alice can do all actions on all Documents in the Administration Folder"
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"viewThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"editThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"commentThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"shareThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"viewThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"editThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"commentThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"shareThread\"" --resource "Thread::\"budget_report\""
echo "Testing that Bob and Charlie can not do any actions on the folder"
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"viewFolder\"" --resource "Folder::\"administration\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"editFolder\"" --resource "Folder::\"administration\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"shareFolder\"" --resource "Folder::\"administration\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"viewFolder\"" --resource "Folder::\"administration\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"editFolder\"" --resource "Folder::\"administration\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"shareFolder\"" --resource "Folder::\"administration\""
echo "Testing that Bob can access Budget Report with Comment actions"
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"viewThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"editThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"commentThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"shareThread\"" --resource "Thread::\"budget_report\""
echo "Testing that Bob can not access Meeting Minutes"
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"viewThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"editThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"commentThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"shareThread\"" --resource "Thread::\"meeting_minutes\""
echo "Testing that Charlie can not access Budget Report or Meeting Minutes"
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"viewThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"editThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"commentThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"shareThread\"" --resource "Thread::\"budget_report\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"viewThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"editThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"commentThread\"" --resource "Thread::\"meeting_minutes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"shareThread\"" --resource "Thread::\"meeting_minutes\""
echo "Testing that Charlie has full access to Charlie's Personal Notes as the author"
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"viewThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"editThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"commentThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"charlie\"" --action "Action::\"shareThread\"" --resource "Thread::\"charlies_personal_notes\""
echo "Testing that Alice and Bob do not have access to Charlie's Personal Notes"
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"viewThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"editThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"commentThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"alice\"" --action "Action::\"shareThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"viewThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"editThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"commentThread\"" --resource "Thread::\"charlies_personal_notes\""
cedar authorize --policies quip.cedar --schema quip.cedarschema --schema-format cedar --entities entity.json --principal "User::\"bob\"" --action "Action::\"shareThread\"" --resource "Thread::\"charlies_personal_notes\""