From 0460b69177bf4e758e58791af8f297d5728c8ed2 Mon Sep 17 00:00:00 2001
From: Evgenii Baidakov <evgenii@nspcc.io>
Date: Tue, 11 Jun 2024 08:36:43 +0400
Subject: [PATCH] authmate: Rid of no-op record

Closes #824.

Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
---
 authmate/authmate.go | 2 +-
 docs/authmate.md     | 1 -
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/authmate/authmate.go b/authmate/authmate.go
index 73c8dfd3..456232d1 100644
--- a/authmate/authmate.go
+++ b/authmate/authmate.go
@@ -336,7 +336,7 @@ func buildEACLTable(eaclTable []byte) (*eacl.Table, error) {
 }
 
 func restrictedRecords() (records []*eacl.Record) {
-	for op := eacl.OperationGet; op <= eacl.OperationRangeHash; op++ {
+	for op := eacl.OperationHead; op <= eacl.OperationRangeHash; op++ {
 		record := eacl.NewRecord()
 		record.SetOperation(op)
 		record.SetAction(eacl.ActionDeny)
diff --git a/docs/authmate.md b/docs/authmate.md
index 86eabe5d..5206eafe 100644
--- a/docs/authmate.md
+++ b/docs/authmate.md
@@ -225,7 +225,6 @@ If bearer rules are not set, a token will be auto-generated with a value:
     "records": [
        {"operation": "GET", "action": "ALLOW", "filters": [], "targets": [{"role": "OTHERS", "keys": []}]},
 
-       {"operation": "GET", "action": "DENY", "filters": [], "targets": [{"role": "OTHERS", "keys": []}]},
        {"operation": "HEAD", "action": "DENY", "filters": [], "targets": [{"role": "OTHERS", "keys": []}]},
        {"operation": "PUT", "action": "DENY", "filters": [], "targets": [{"role": "OTHERS", "keys": []}]},
        {"operation": "DELETE", "action": "DENY", "filters": [], "targets": [{"role": "OTHERS", "keys": []}]},