Skip to content

Instantly share code, notes, and snippets.

View anderseknert's full-sized avatar
👨‍💻
Hacking on all things OPA

Anders Eknert anderseknert

👨‍💻
Hacking on all things OPA
176 followers · 121 following
View GitHub Profile
@anderseknert
anderseknert / helper_functions.rego
Created September 20, 2023 12:44
Helper functions
package policy
import future.keywords.if
default allow := false
allow if {
idx := indexof(input.user.email, "@")
fullname := substring(input.user.email, 0, idx)
firstname := lower(split(fullname, ".")[0])
@anderseknert
anderseknert / helper_rules.rego
Created September 20, 2023 12:42
Helper rules
package policy
import future.keywords.if
import future.keywords.in
default allow := false
allow if {
# User attempting to access internal resource
# i.e. something under /internal
@anderseknert
anderseknert / or.rego
Created September 20, 2023 12:41
Rego OR
# implicit assignment, same as: allow := true if ...
allow if expression1
allow if expression2
allow if expression3
@anderseknert
anderseknert / or.js
Created September 20, 2023 12:41
Imperative OR
var allow
if (expression1 || expression2 || expression3) {
// allow will only be assigned true if any of the expressions above are true
allow = true
}
@anderseknert
anderseknert / policy.rego
Created September 20, 2023 12:39
Simple policy
package policy
import future.keywords.if
import future.keywords.in
default allow := false
allow if {
# User attempting to access internal resource
# i.e. something under /internal
@anderseknert
anderseknert / and.rego
Created September 20, 2023 12:38
Rego AND
# implicit assignment, same as: allow := true if {
allow if {
expression1
expression2
expression3
}
@anderseknert
anderseknert / and.js
Created September 20, 2023 12:35
Imperative AND
var allow
if (expression1 && expression2 && expression3) {
// allow will only be assigned true if all expressions above are true
allow = true
}
@anderseknert
anderseknert / logical_and.rego
Created September 20, 2023 12:26
Logical AND
package policy
import future.keywords.if
#
# valid_email will be assigned the value of the email variable if, and only if, # all the expressions in the body evaluate
#
valid_email := email if { # rule head, name + (optional) assignment
email := lower(input.user.email) # fails if input.user.email is undefined
endswith(email, "hooli.com") # fails unless email ends with hooli.com
@anderseknert
anderseknert / p.rego
Created April 5, 2023 20:11
Policy
package p
import future.keywords
global := "foo"
allow if {
a := global
b := [c | c := input[x]] # can't capture x
@anderseknert
anderseknert / clojureclr.md
Last active January 7, 2023 09:05
ClojureCLR notes

ClojureCLR Notes

Some random notes from using ClojureCLR (.NET Core version) on Mac OS. YMMV, obviously :)

REPL

The REPL provided by Clojure.Main does not support niceties like history, or even using arrow keys to move around while editing. On Linux and Mac, this may be solved by rlwrap, which is also used to enhance the built-in REPL in JVM Clojure (included in the clj script). To create a similar wrapper for Clojure.Main, you can create a cljr script (and place it somewhere on $PATH) as follows: