From fcbd40faee7c7fbd64bc0f2f78677bc2aa570557 Mon Sep 17 00:00:00 2001
From: Jan Gottschick <jan.gottschick@fokus.fraunhofer.de>
Date: Sat, 5 Oct 2024 22:12:55 +0200
Subject: [PATCH] * add authz examples

---
 templates/middleware/authz.rego.tmpl | 32 ++++++++++++++++++++++++++--
 1 file changed, 30 insertions(+), 2 deletions(-)

diff --git a/templates/middleware/authz.rego.tmpl b/templates/middleware/authz.rego.tmpl
index 37b5ce6..e83a6bd 100644
--- a/templates/middleware/authz.rego.tmpl
+++ b/templates/middleware/authz.rego.tmpl
@@ -78,14 +78,42 @@ default allowEntrypoint = false
 
 default allowAccess = false
 
+#
+# examples how you could set permission for each path in the API endpoint
+#
+
 allowEntrypoint {
-#    user
+    user
 #	getMethod
 #   input.path == "/livez"
 }
 
 allowAccess {
-#	user
+	user
 #	getMethod
 #   input.path == "/livez"
 }
+
+#allowEntrypoint {
+#   staffuser
+#	postMethod
+#   input.path == "/admin"
+#}
+
+#allowAccess {
+#   staffuser
+#	postMethod
+#   input.path == "/admin"
+#}
+
+#allowEntrypoint {
+#   api
+#	deleteMethod
+#   input.path == "/func"
+#}
+
+#allowAccess {
+#   api
+#	deleteMethod
+#   input.path == "/func"
+#}