Fix policy schema (#228)

* Add new vault properties * Update policy schema
djenriquez · Jan 2, 2018 · 7ea0ea6 · 7ea0ea6
1 parent 28e6378
commit 7ea0ea6
Showing 1 changed file with 106 additions and 44 deletions.
diff --git a/app/components/Policies/vault-policy-schema.json b/app/components/Policies/vault-policy-schema.json
@@ -1,50 +1,112 @@
 {
-    "type": "object",
-    "required": [ "path" ],
-    "properties": {
-        "path": {
-            "type": "object",
-            "minProperties": 1,
-            "additionalProperties": false,
-            "patternProperties": {
+  "type": "object",
+  "required": [
+    "path"
+  ],
+  "properties": {
+    "path": {
+      "type": "object",
+      "minProperties": 1,
+      "additionalProperties": false,
+      "patternProperties": {
+        "^[^\/].*$": {
+          "type": "object",
+          "additionalProperties": false,
+          "anyOf": [
+            {
+              "required": [
+                "capabilities"
+              ]
+            },
+            {
+              "required": [
+                "policy"
+              ]
+            },
+            {
+              "optional": [
+                "required_parameters"
+              ]
+            },
+            {
+              "optional": [
+                "allowed_parameters"
+              ]
+            },
+            {
+              "optional": [
+                "denied_parameters"
+              ]
+            }
+          ],
+          "properties": {
+            "capabilities": {
+              "type": "array",
+              "minItems": 1,
+              "uniqueItems": true,
+              "items": {
+                "type": "string",
+                "enum": [
+                  "create",
+                  "read",
+                  "update",
+                  "delete",
+                  "list",
+                  "sudo",
+                  "deny"
+                ]
+              }
+            },
+            "required_parameters": {
+              "type": "array",
+              "minItems": 0,
+              "uniqueItems": true,
+              "items": {
+                "type": "string"
+              }
+            },
+            "allowed_parameters": {
+              "type": "object",
+              "minProperties": 0,
+              "additionalProperties": true,
+              "patternProperties": {
+                "^[^\/].*$": {
+                  "type": "array",
+                  "minItems": 0,
+                  "uniqueItems": true,
+                  "items": {
+                    "type": "string"
+                  }
+                }
+              }
+            },
+            "denied_parameters": {
+              "type": "object",
+              "minProperties": 0,
+              "additionalProperties": true,
+              "patternProperties": {
                 "^[^\/].*$": {
-                    "type": "object",
-                    "additionalProperties": false,
-                    "anyOf": [
-                            {"required": ["capabilities"]},
-                            {"required": ["policy"]}
-                    ],
-                    "properties": {
-                        "capabilities" : {
-                            "type": "array",
-                            "minItems": 1,
-                            "uniqueItems": true,
-                            "items": {
-                                "type": "string",
-                                "enum": [
-                                    "create",
-                                    "read",
-                                    "update",
-                                    "delete",
-                                    "list",
-                                    "sudo",
-                                    "deny"
-                                ]
-                            }
-                        },
-                        "policy" : {
-                            "type": "string",
-                            "enum": [
-                                "read",
-                                "write",
-                                "sudo",
-                                "deny"
-                            ]
-                        }
-                    }
-
+                  "type": "array",
+                  "minItems": 0,
+                  "uniqueItems": true,
+                  "items": {
+                    "type": "string"
+                  }
                 }
+              }
+            },
+            "policy": {
+              "type": "string",
+              "enum": [
+                "read",
+                "write",
+                "sudo",
+                "deny"
+              ]
             }
+          }
         }
+      }
     }
-}
+  }
+}