package app.rbac
import future.keywords.contains
import future.keywords.if
import future.keywords.in
default allow := false
allow if user_is_admin
allow if {
some permisson in role_permission
input.endpoint == permisson.endpoint
input.method == permisson.method
}
user_is_admin if "admin" in data.user_roles[input.user]
role_permission contains permission if {
some role in data.user_roles[input.user]
some permission in data.roles[role]
}
https://play.openpolicyagent.org/p/eLMHzIHOMl
rego
data
input
output