summaryrefslogtreecommitdiffstats
path: root/api/etc/property-protections-roles.conf.sample
diff options
context:
space:
mode:
Diffstat (limited to 'api/etc/property-protections-roles.conf.sample')
-rw-r--r--api/etc/property-protections-roles.conf.sample32
1 files changed, 32 insertions, 0 deletions
diff --git a/api/etc/property-protections-roles.conf.sample b/api/etc/property-protections-roles.conf.sample
new file mode 100644
index 0000000..3f9d6ef
--- /dev/null
+++ b/api/etc/property-protections-roles.conf.sample
@@ -0,0 +1,32 @@
+# property-protections-roles.conf.sample
+#
+# This file is an example config file for when
+# property_protection_rule_format=roles is enabled.
+#
+# Specify regular expression for which properties will be protected in []
+# For each section, specify CRUD permissions.
+# The property rules will be applied in the order specified. Once
+# a match is found the remaining property rules will not be applied.
+#
+# WARNING:
+# * If the reg ex specified below does not compile, then
+# escalator-api service will not start. (Guide for reg ex python compiler used:
+# http://docs.python.org/2/library/re.html#regular-expression-syntax)
+# * If an operation(create, read, update, delete) is not specified or misspelt
+# then the escalator-api service will not start.
+# So, remember, with GREAT POWER comes GREAT RESPONSIBILITY!
+#
+# NOTE: Multiple roles can be specified for a given operation. These roles must
+# be comma separated.
+
+[^x_.*]
+create = admin,member
+read = admin,member
+update = admin,member
+delete = admin,member
+
+[.*]
+create = admin
+read = admin
+update = admin
+delete = admin