regorus 0.9.1

A fast, lightweight Rego (OPA policy language) interpreter
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.

use alloc::string::String;
use serde::{Deserialize, Serialize};

use crate::value::Value;

/// Principal type
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub enum PrincipalType {
    User,
    Group,
    ServicePrincipal,
    ManagedServiceIdentity,
}

/// Evaluation context - what information is available when evaluating RBAC policies
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct EvaluationContext {
    pub principal: Principal,
    pub resource: Resource,
    pub request: RequestContext,
    pub environment: EnvironmentContext,
    pub action: Option<String>,
    pub suboperation: Option<String>,
}

/// Principal information (user, group, service principal, etc.)
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct Principal {
    pub id: String,
    pub principal_type: PrincipalType,
    pub custom_security_attributes: Value,
}

/// Resource information
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct Resource {
    pub id: String,
    pub resource_type: String,
    pub scope: String,
    pub attributes: Value,
}

/// Request context information
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct RequestContext {
    pub action: Option<String>,
    pub data_action: Option<String>,
    pub attributes: Value,
}

/// Environment context information
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct EnvironmentContext {
    pub is_private_link: Option<bool>,
    pub private_endpoint: Option<String>,
    pub subnet: Option<String>,
    pub utc_now: Option<String>,
}