50e7e5535b
The HCL parser allows for labels that aren't needed, which makes it easy to accidentally write a `secure_variable` block that has the intended path as the label for that block instead of the innner `path` block. This can result in silent failure to lock down variables if an incorrectly specified block was used to reduce the scope of capabilities (for example, if another correctly-written rule allows access to `*`). We can't detect the extraneous label in the HCL API, but we can detect if we're missing `path` blocks entirely. Use this to block obvious user errors. |
||
|---|---|---|
| .. | ||
| acl.go | ||
| acl_test.go | ||
| policy.go | ||
| policy_test.go | ||