- Affirmative‘ means that at least one policy must evaluate to a positive decision in order to grant access to a resource and its scopes.
- ‘Unanimous‘ means that all permissions must evaluate to a positive decision in order for the final decision to be also positive.
Create a permission with 2 policies
- Decision Strategy Unanimous
Validate permisson with Decision Strategy Unanious
Decision Strategy Unanimous
- manage_account_perms is denied as superadmin_policy does not PERMIT these scopes
- scope:create
- scope:view
- scope:manage
- manage_account_perm decision was DENY by Unanimous decision
Change decision Strategy to Affirmative
- Decision Strategy: Affirmative
Validate permisson with Decision Strategy Affirmative
- Decision Strategy: Affirmative
- manage_account_perm decision was PERMIT by Affirmative decision
Be First to Comment