get.pme.sh/pnats@v0.0.0-20240304004023-26bb5a137ed0/server/configs/new_style_authorization.conf

get.pme.sh/pnats@v0.0.0-20240304004023-26bb5a137ed0/server/configs/new_style_authorization.conf (about)

     1  listen: 127.0.0.1:4222
     2  
     3  authorization {
     4    # Our new style role based permissions.
     5    # These support both allow and deny.
     6  
     7    # If allow is empty it means all or ">"
     8    # If deny is empty it means none, or empty list.
     9  
    10    normal_user = {
    11      # Can send to foo, bar or baz only.
    12      publish = {
    13        allow = ["foo", "bar", "baz"]
    14      }
    15      # Can subscribe to everything but $SYS prefixed subjects.
    16      subscribe = {
    17        deny = "$SYS.>"
    18      }
    19    }
    20  
    21   admin_user = {
    22     publish = "$SYS.>"
    23     subscribe = {
    24       deny = ["foo", "bar", "baz"]
    25     }
    26   }
    27  
    28    # Users listed with persmissions.
    29    users = [
    30      {user: alice, password: foo, permissions: $normal_user}
    31      {user: bob, password: special, permissions: $admin_user}
    32    ]
    33  }