opa

package

v1.0.0 Latest Latest Go to latest Published: Feb 24, 2025 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/opencloud-eu/opencloud

Links

Documentation ¶

Index ¶

Variables
func RFMimetypeExtensions(f io.Reader) (func(*rego.Rego), error)
type OPA
- func NewOPA(timeout time.Duration, logger log.Logger, conf config.Engine) (OPA, error)
- func (o OPA) Evaluate(ctx context.Context, qs string, env engine.Environment) (bool, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var RFMimetypeDetect = rego.Function1(
	&rego.Function{
		Name:             "opencloud.mimetype.detect",
		Decl:             types.NewFunction(types.Args(types.A), types.S),
		Memoize:          true,
		Nondeterministic: true,
	},
	func(_ rego.BuiltinContext, a *ast.Term) (*ast.Term, error) {
		var body []byte

		if err := ast.As(a.Value, &body); err != nil {
			return nil, err
		}

		mimetype := mimetype.Detect(body).String()

		return ast.StringTerm(strings.Split(mimetype, ";")[0]), nil
	},
)

RFMimetypeDetect extends the rego dictionary with the possibility to detect mimetypes. Be careful, the list of known mimetypes is limited.

Rego: `opencloud.mimetype.extensions(".txt")` Result `text/plain`

View Source

var RFResourceDownload = rego.Function1(
	&rego.Function{
		Name:             "opencloud.resource.download",
		Decl:             types.NewFunction(types.Args(types.S), types.A),
		Memoize:          true,
		Nondeterministic: true,
	},
	func(_ rego.BuiltinContext, a *ast.Term) (*ast.Term, error) {
		var url string

		if err := ast.As(a.Value, &url); err != nil {
			return nil, err
		}

		req, err := http.NewRequest(http.MethodGet, url, nil)
		if err != nil {
			return nil, err
		}

		client := rhttp.GetHTTPClient(rhttp.Insecure(true))
		res, err := client.Do(req)
		if err != nil {
			return nil, err
		}
		defer res.Body.Close()

		if res.StatusCode != http.StatusOK {
			return nil, fmt.Errorf("unexpected status code from Download %v", res.StatusCode)
		}

		buf := new(bytes.Buffer)
		if _, err := buf.ReadFrom(res.Body); err != nil {
			return nil, err
		}

		v, err := ast.InterfaceToValue(buf.Bytes())
		if err != nil {
			return nil, err
		}

		return ast.NewTerm(v), nil
	},
)

RFResourceDownload extends the rego dictionary with the possibility to download opencloud resources.

Rego: `opencloud.resource.download("opencloud/path/0034892347349827")` Result: bytes

Functions ¶

func RFMimetypeExtensions ¶

func RFMimetypeExtensions(f io.Reader) (func(*rego.Rego), error)

RFMimetypeExtensions extends the rego dictionary with the possibility of mapping mimetypes to file extensions. Be careful calling this multiple times with individual readers, the mime store is global, which results in one global store which holds all known mimetype mappings at once.

Rego: `opencloud.mimetype.extensions("application/pdf")` Result `[.pdf]`

Types ¶

type OPA ¶

type OPA struct {
	// contains filtered or unexported fields
}

OPA wraps open policy agent makes it possible to ask if an action is granted.

func NewOPA ¶

func NewOPA(timeout time.Duration, logger log.Logger, conf config.Engine) (OPA, error)

NewOPA returns a ready to use opa engine.

func (OPA) Evaluate ¶

func (o OPA) Evaluate(ctx context.Context, qs string, env engine.Environment) (bool, error)

Evaluate evaluates the opa policies and returns the result.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL