You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What is the underlying problem you're trying to solve?
Currently, Partial Reference Rule Heads only allow the last term to be a variable, (as with this playground) or else they throw a rego_type_error: rule head must only contain string terms (except for last), as with this playground.
Describe the ideal solution
In the ideal scenario, one would be able to use an arbitrary number of variables in the rule head, as with this playground, however this also introduces a rego_parse_error.
Describe a "Good Enough" solution
In a "good enough" solution, only terms after the first term can be variables, as with this playground.
Additional Context
A motivating example is as follows: suppose one uses partial rules to define the context of an "allow" policy, before defining the conditions, like so:
allow.manager.view_compensation[entity] {
some entity in ["employee", "contractor"]
external.entity_reports_to_manager(input.entity, input.manager)
}
In order to add an action to this policy, one must currently add a new, nearly identical policy with a new action:
allow.manager.view_address[entity] {
some entity in ["employee", "contractor"]
external.entity_reports_to_manager(input.entity, input.manager)
}
if more than one variable were allowed in the rule head, one could simply add the policy to the variable:
allow.manager[action][entity] {
some entity in ["employee", "contractor"]
some action in ["view_compensation", "view_address"]
external.entity_reports_to_manager(input.entity, input.manager)
}
The text was updated successfully, but these errors were encountered:
What is the underlying problem you're trying to solve?
Currently, Partial Reference Rule Heads only allow the last term to be a variable, (as with this playground) or else they throw a
rego_type_error: rule head must only contain string terms (except for last)
, as with this playground.Describe the ideal solution
In the ideal scenario, one would be able to use an arbitrary number of variables in the rule head, as with this playground, however this also introduces a
rego_parse_error
.Describe a "Good Enough" solution
In a "good enough" solution, only terms after the first term can be variables, as with this playground.
Additional Context
A motivating example is as follows: suppose one uses partial rules to define the context of an "allow" policy, before defining the conditions, like so:
In order to add an action to this policy, one must currently add a new, nearly identical policy with a new action:
if more than one variable were allowed in the rule head, one could simply add the policy to the variable:
The text was updated successfully, but these errors were encountered: