Skip to content

Commit

Permalink
clarify the relationship between get/info
Browse files Browse the repository at this point in the history
  • Loading branch information
@creachadair
creachadair committed Feb 19, 2024
1 parent ff4dff4 commit 9b0e109
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
2 changes: 2 additions & 0 deletions acl/acl.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ type Action string

const (
// ActionGet ("get" in the API) denotes permission to fetch the contents of a secret.
//
// Note: ActionGet does not imply ActionInfo, or vice versa.
ActionGet = Action("get")

// ActionInfo ("info" in the API) denotes permission to read the metadata
Expand Down
4 changes: 3 additions & 1 deletion docs/api.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,9 @@ This prevents browser scripts from initiating calls to the service.

The service defines named _actions_ that are subject to access control:

- `get`: Denotes permission to fetch the contents of a secret. |
- `get`: Denotes permission to fetch the contents of a secret. Note that `get`
does not imply `info`, or vice versa.

- `info`: Denotes permission to read the metadata for a secret, including
available and active version numbers, but not the secret values

Expand Down

0 comments on commit 9b0e109

Please sign in to comment.