fix(commands): acl check panic on decode failure (#3697)

This fixes an issue with the authelia access-control check-policy command which potentially panics when a decode hook fails to parse an item.

docs/content/en/integration/openid-connect/argocd/index.md

@@ -31,8 +31,8 @@ This example makes the following assumptions:
 * __Application Root URL:__ `https://argocd.example.com`
 * __Authelia Root URL:__ `https://auth.example.com`
 * __Client ID:__ `argocd`
-* __CLI Client ID:__ `argocd-cli`
 * __Client Secret:__ `argocd_client_secret`
+* __CLI Client ID:__ `argocd-cli`
 
 ## Configuration
 
@@ -44,8 +44,8 @@ To configure [ArgoCD] to utilize Authelia as an [OpenID Connect] Provider use th
 name: Authelia
 issuer: https://auth.example.com
 clientID: argocd
-cliClientID: argocd-cli
 clientSecret: argocd_client_secret
+cliClientID: argocd-cli
 requestedScopes:
   - openid
   - profile
@@ -72,7 +72,7 @@ which will operate with the above example:
   secret: argocd_client_secret
   userinfo_signing_algorithm: none
 - id: argocd-cli
-  description: ArgoCD CLI
+  description: Argo CD (CLI)
   public: true
   redirect_uris:
     - http://localhost:8085/auth/callback

internal/commands/acl.go

@@ -74,11 +74,9 @@ func accessControlCheckRunE(cmd *cobra.Command, _ []string) (err error) {
 		return err
 	}
 
-	v := schema.NewStructValidator()
+	validator.ValidateAccessControl(accessControlConfig, val)
 
-	validator.ValidateAccessControl(accessControlConfig, v)
+	if val.HasErrors() || val.HasWarnings() {
-
-	if v.HasErrors() || v.HasWarnings() {
 		return errors.New("your configuration has errors")
 	}