EvaluateFilter - support dynamic variables on either side of a comparison

hexa-org / policy-opa

Supports integration of Hexa IDQL Policy into OPA environments

Apache License 2.0

3 stars 1 forks source link

Closed independentid closed 2 months ago

independentid commented 3 months ago

currently condition expressions only support a variable on the left and a static value on the right. e.g.

subject.roles co editor

For authZen, we will have to compare values of multiple inputs against each other:

subject.roles co admin or resource.ownerid eq subject.claims.email

Note: Though generally applicable, this enhancement required for AuthZen interop.

independentid commented 3 months ago

Re-worked to allow variables to be used on the right side of a filter (instead of static values).
Also re-worked to do proper json.Number comparison.
Arrays supported on left or right side
Fix to "in" comparisons (note: eq means that one value has to compare for now)