If you specify something like below in policy file then it will work,
"restricted": "not ('test_key':%(test_key)s and role:_member_)" "download_image": "role:admin or rule:restricted"
Where test_key is extra property for image.
ImageTarget class was added to search this property specified in json either in core properties or in extra properties.
If you specify something like below in policy file then it will work,
"restricted": "not ('test_ key':%( test_key) s and role:_member_)"
"download_image": "role:admin or rule:restricted"
Where test_key is extra property for image.
ImageTarget class was added to search this property specified in json either in core properties or in extra properties.