Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
0.9.2
-
None
-
None
Description
The policies API doesn't do any validation of scope or directives for access policies, e.g.:
- * WHATEVER
... is accepted as a valid policy, as is
FAIL * MAYBE