Merge pull request #2 from osohq/beta

Beta

.gitignore

@@ -1,3 +1,6 @@
+# Maven target
+target/
+
 # Compiled class file
 *.class
 

Makefile

@@ -1,12 +1,7 @@
 CURL_API := $(shell curl -s https://api.github.com/repos/osohq/oso/releases/latest | jq -r '.assets[] | select(.name| match("oso-java-*")) | .url')
 
-build:
-	curl -L -H "Accept: application/octet-stream" $(CURL_API) --output oso-jar.zip
-	unzip -o oso-jar.zip
-	javac -cp ./*:src src/Server.java
+install:
+	mvn install
 
 run:
-	java -cp ./*:src:. Server
-
-clean:
-	rm -f oso-*.zip oso-*.jar
+	mvn clean package exec:java -Dexec.mainClass="quickstart.Server"

README.md

@@ -1,12 +1,31 @@
-# oso Java Quickstart
+# Oso Java Quickstart
 
-Follow along [here](https://docs.osohq.com/getting-started/quickstart.html).
+Follow along [here](https://docs.osohq.com/java/getting-started/quickstart.html).
 
 ## Instructions
 
+This project uses [Maven](https://maven.apache.org/) to manage dependencies. The
+steps to get the example running are:
+
 1. Clone this repository.
-2. Go to the
-   [Maven Repository](https://search.maven.org/artifact/com.osohq/oso) to
-   install oso. Either add oso as a dependency to your build system, or
-   download the latest JAR file and add it to your Java project libraries.
-3. Once you have oso installed, run `Server.java`.
+2. Install dependencies: `make install`
+3. Run the server: `make run`
+
+## Make some changes
+
+If you visit
+[http://localhost:5000/repo/gmail](http://localhost:5000/repo/gmail), you
+should get a 200 response. If you visit
+[http://localhost:5000/repo/react](http://localhost:5000/repo/react), you
+should see a 404.
+
+Add this code to `main.polar`:
+```python
+has_permission(_user: User, "read", repository: Repository) if
+  repository.IsPublic;
+```
+
+Now, when you visit
+[http://localhost:5000/repo/react](http://localhost:5000/repo/react), you should
+see a proper 200 response, because the `react` repository is marked as public
+in `models.go`.

pom.xml

@@ -0,0 +1,47 @@
+<project>
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>quickstart</groupId>
+  <artifactId>quickstart</artifactId>
+  <version>0.0.0-SNAPSHOT</version>
+
+  <properties>
+    <maven.compiler.source>10</maven.compiler.source>
+    <maven.compiler.target>10</maven.compiler.target>
+  </properties>
+
+  <dependencies>
+    <dependency>
+      <groupId>io.javalin</groupId>
+      <artifactId>javalin</artifactId>
+      <version>4.0.0</version>
+    </dependency>
+    <dependency>
+      <groupId>org.slf4j</groupId>
+      <artifactId>slf4j-simple</artifactId>
+      <version>1.7.31</version>
+    </dependency>
+    <dependency>
+      <groupId>com.osohq</groupId>
+      <artifactId>oso</artifactId>
+      <version>0.20.1-beta</version>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.codehaus.mojo</groupId>
+        <artifactId>exec-maven-plugin</artifactId>
+        <version>3.0.0</version>
+        <executions>
+          <execution>
+            <goals>
+              <goal>exec</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+</project>

src/main/java/quickstart/Models.java

@@ -0,0 +1,54 @@
+package quickstart;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class Models {
+    public static class Repository {
+        public String name;
+        public boolean isPublic;
+
+        public Repository(String name, boolean isPublic) {
+            this.name = name;
+            this.isPublic = isPublic;
+        }
+
+        public static Repository byName(String name) {
+            return Models.reposDb.get(name);
+        }
+    }
+
+    public static class Role {
+      public String name;
+      public Repository repository;
+
+      public Role(String name, Repository repository) {
+          this.name = name;
+          this.repository = repository;
+      }
+    }
+
+    public static class User {
+        public Role[] roles;
+
+        public User(Role[] roles) {
+            this.roles = roles;
+        }
+
+        public static User getCurrentUser() {
+            return Models.usersDb.get("larry");
+        }
+    }
+
+    static Map<String, Repository> reposDb = Map.of(
+        "gmail", new Repository("gmail", false),
+        "react", new Repository("react", true), // react is public
+        "oso", new Repository("oso", false)
+    );
+
+    static Map<String, User> usersDb = Map.of(
+        "larry", new User(new Role[] {new Role("admin", reposDb.get("gmail"))}),
+        "anne", new User(new Role[] {new Role("maintainer", reposDb.get("react"))}),
+        "graham", new User(new Role[] {new Role("contributor", reposDb.get("oso"))})
+    );
+}

src/main/java/quickstart/Server.java

@@ -0,0 +1,33 @@
+package quickstart;
+
+import java.io.IOException;
+import io.javalin.Javalin;
+import com.osohq.oso.Oso;
+import com.osohq.oso.Exceptions.NotFoundException;
+import quickstart.Models.Repository;
+import quickstart.Models.User;
+
+public class Server {
+    public static void main(String[] args) throws IOException {
+        Javalin app = Javalin.create();
+        Oso oso = new Oso();
+        oso.registerClass(User.class, "User");
+        oso.registerClass(Repository.class, "Repository");
+        oso.loadFile("src/main/java/quickstart/main.polar");
+        app.get("/repo/{name}", ctx -> {
+            ctx.contentType("text/html");
+            String name = ctx.pathParam("name");
+            Repository repo = Repository.byName(name);
+            User user = User.getCurrentUser();
+
+            try {
+                oso.authorize(user, "read", repo);
+                ctx.result(String.format("<h1>A Repo</h1><p>Welcome to repo %s</p>", repo.name));
+            } catch (NotFoundException e) {
+                ctx.status(404);
+                ctx.result(String.format("<h1>Whoops!</h1><p>Repo named %s was not found</p>", name));
+            }
+        });
+        app.start(5000);
+    }
+}

src/main/java/quickstart/main.polar

@@ -0,0 +1,22 @@
+allow(actor, action, resource) if
+  has_permission(actor, action, resource);
+
+actor User {}
+
+resource Repository {
+  permissions = ["read", "push", "delete"];
+  roles = ["contributor", "maintainer", "admin"];
+
+  "read" if "contributor";
+  "push" if "maintainer";
+  "delete" if "admin";
+
+  "maintainer" if "admin";
+  "contributor" if "maintainer";
+}
+
+# This rule tells Oso how to fetch roles for a repository
+has_role(actor: User, role_name: String, repository: Repository) if
+  role in actor.roles and
+  role_name = role.name and
+  repository = role.repository;