authz: Allow directory read access for sub repo permissions (!38487) · Merge requests · Administrator / sourcegraph

Administrator requested to merge rs/sub-repo-dir-match into main Jul 08, 2022

Created by: ryanslade

If a path is allowed by sub repo permissions, we should also allow read access to any directories the lie above that path in the tree.

For example, if we allow access to "foo/bar/data.txt" we should also allow the path "foo/" and "foo/bar/" so that we can navigate down the tree.

This does NOT imply access to all items living under "foo/" or "foo/bar/"

Caveat: The logic above cannot be applied to rules that start with a wildcard because it can lead to allowing read access to any directory.

Test plan

More test cases added Tested manually