blob: b80d89aeb9fc67e1e2d5451f2d4bb6f350cb41e5 (
plain) (
blame)
1
2
3
4
|
{ cert, group, groups, user }: {
assertion = cert.group == group || builtins.any (u: u == user) groups.${cert.group}.members;
message = "Group for certificate ${cert.domain} must be ${group}, or user ${user} must be a member of group ${cert.group}";
}
|