github.com/mmatczuk/gohan@v0.0.0-20170206152520-30e45d9bdb69/examples/noauth/README.md (about)

     1  'Nobody resource paths' policy
     2  --------------------
     3  
     4  In this example, we show how to define a list of paths that never
     5  require an authorization. A single path is defined as a regular
     6  expression (regex). In order to define a list of not autorized paths,
     7  add the following entry in the schema file:
     8  
     9  ``` yaml
    10  policies:
    11  - id: no_auth_favicon
    12    principal: Nobody
    13    resource:
    14      path: /favicon.ico
    15  - id: no_auth_member_resources
    16    action: '*'
    17    principal: Nobody
    18    resource:
    19      path: /v0.1/member_resources*
    20  ```
    21  
    22  See 'docs/policy.md' for more information.
    23  
    24  Test script
    25  ------------------
    26  
    27  An example script is provided in 'examples/noauth'. It can be run by invoking:
    28  ``` bash
    29  ./examples/noauth/curl_test.sh
    30  ```
    31  
    32  In the example, three scenarios are tested:
    33  
    34  * a given path does not exist; the result should be 401.
    35  
    36  * a given path exists but it requires an authorization; the result should be 401.
    37  
    38  * a given path exists and it does not require authorization; the result should be 200.