Anders Eknert anderseknert
👨💻
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Expressions may be evaluated in any order | |
| allow if expression1 | |
| allow if expression2 | |
| allow if expression3 | |
| # Expressions evaluated from top to bottom | |
| allow if { | |
| expression1 | |
| } else { | |
| expression2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # First name may be either "joe" or "jane" for function to evaluate | |
| # No rule body needed as argument passed will be matched for equality | |
| allowed_firstname("joe") | |
| allowed_firstname("jane") | |
| # This works with multiple arguments too, where only some are matched | |
| # statically | |
| alcohol_allowed("Sweden", age) if age > 18 | |
| alcohol_allowed("USA", age) if age > 21 | |
| alcohol_allowed(country, age) if { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # First name may be either "joe" or "jane" for function to evaluate | |
| allowed_firstname(name) if name == "joe" | |
| allowed_firstname(name) if name == "jane" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package play | |
| import future.keywords.if | |
| import future.keywords.in | |
| # Both of the conditions could be true | |
| validate_user(user) := "valid" if "admin" in user.roles | |
| validate_user(user) := "invalid" if not user.email | |
| valid := validate_user(input.user) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package policy | |
| import future.keywords.if | |
| default allow := false | |
| allow if { | |
| idx := indexof(input.user.email, "@") | |
| fullname := substring(input.user.email, 0, idx) | |
| firstname := lower(split(fullname, ".")[0]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package policy | |
| import future.keywords.if | |
| default allow := false | |
| allow if { | |
| idx := indexof(input.user.email, "@") | |
| fullname := substring(input.user.email, 0, idx) | |
| firstname := lower(split(fullname, ".")[0]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package policy | |
| import future.keywords.if | |
| import future.keywords.in | |
| default allow := false | |
| allow if { | |
| # User attempting to access internal resource | |
| # i.e. something under /internal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # implicit assignment, same as: allow := true if ... | |
| allow if expression1 | |
| allow if expression2 | |
| allow if expression3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var allow | |
| if (expression1 || expression2 || expression3) { | |
| // allow will only be assigned true if any of the expressions above are true | |
| allow = true | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package policy | |
| import future.keywords.if | |
| import future.keywords.in | |
| default allow := false | |
| allow if { | |
| # User attempting to access internal resource | |
| # i.e. something under /internal |