49 lines
1.3 KiB
Rego
49 lines
1.3 KiB
Rego
package croplogic.authz
|
|
|
|
import rego.v1
|
|
|
|
has_feature_rule(feature) if {
|
|
is_sensor_7_in_1_feature(feature)
|
|
}
|
|
|
|
feature_rule(feature) := {
|
|
"code": "sensor-7-in-1-requires-sensor-code",
|
|
"allow": true,
|
|
"reason": "sensor-7-in-1 feature requires sensor_codes to include a supported 7-in-1 sensor code",
|
|
} if {
|
|
is_sensor_7_in_1_feature(feature)
|
|
has_any_supported_sensor_7_in_1_code
|
|
}
|
|
|
|
feature_rule(feature) := {
|
|
"code": "sensor-7-in-1-requires-sensor-code",
|
|
"allow": false,
|
|
"reason": "sensor-7-in-1 feature requires sensor_codes to include a supported 7-in-1 sensor code",
|
|
} if {
|
|
is_sensor_7_in_1_feature(feature)
|
|
not has_any_supported_sensor_7_in_1_code
|
|
}
|
|
|
|
is_sensor_7_in_1_feature(feature) if {
|
|
lower(sprintf("%v", [feature])) == "sensor-7-in-1"
|
|
}
|
|
|
|
has_any_supported_sensor_7_in_1_code if {
|
|
supported_code := {"sensor-7-in-1", "sensor_7_soil_moisture_sensor_v1_2"}[_]
|
|
has_sensor_code(supported_code)
|
|
}
|
|
|
|
has_sensor_code(code) if {
|
|
sensor_codes := object.get(input.resource, "sensor_codes", [])
|
|
is_array(sensor_codes)
|
|
sensor_code := sensor_codes[_]
|
|
lower(sprintf("%v", [sensor_code])) == lower(sprintf("%v", [code]))
|
|
}
|
|
|
|
has_sensor_code(code) if {
|
|
sensor_code := object.get(input.resource, "sensor_codes", null)
|
|
sensor_code != null
|
|
not is_array(sensor_code)
|
|
lower(sprintf("%v", [sensor_code])) == lower(sprintf("%v", [code]))
|
|
}
|