You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is currently not possible to delete data in OPA once it has been added. The REST API supports this, the OPAL server's API does not. A workaround is to set the affected document to null or an empty array but, depending on the use-case, this is not ideal.
This is currently not an option and we're stuck with updating the data to reflect the change:
{
"entries": [
{
"url": "http://some-api/tenants/tenantA/users/userA"// doesn't point to anything as the user has been deleted"topics": [ "users" ],
"data": []
"dst_path": "/tenants/tenantA/users/userA",
"save_method": "PUT"
}
]
}
...which in our case inadvertently has an impact on our policies as we check for a user's mere existence within a tenant.
Requested changes to the public API:
valid save_method values should include "DELETE"
DataSourceEntry.url is required. Should be optional when using save_method="DELETE"
possibly change some wording, e.g. save_method and dst_path don't really make sense in the context of deleting data
Plus whatever is necessary internally to have the OPAL clients request deletion of the affected data in OPA. I'd be willing to open a PR if this change makes sense to you.
The text was updated successfully, but these errors were encountered:
It is currently not possible to delete data in OPA once it has been added. The REST API supports this, the OPAL server's API does not. A workaround is to set the affected document to null or an empty array but, depending on the use-case, this is not ideal.
Example:
Given this data:
I would like to send a data update to the OPAL server that tempts the OPAL clients to call the aforementioned DELETE api in OPA:
This is currently not an option and we're stuck with updating the data to reflect the change:
We're left with the following data:
...which in our case inadvertently has an impact on our policies as we check for a user's mere existence within a tenant.
Requested changes to the public API:
save_method
values should include "DELETE"DataSourceEntry.url
is required. Should be optional when usingsave_method="DELETE"
save_method
anddst_path
don't really make sense in the context of deleting dataPlus whatever is necessary internally to have the OPAL clients request deletion of the affected data in OPA. I'd be willing to open a PR if this change makes sense to you.
The text was updated successfully, but these errors were encountered: