Me and @expede had discussed this a lot in the side channels and after a long hold I have hard time finding any of it so I have decided to document the syntax here.
// Policy holds if all inner rules are `true` if contains no rules it is considered `true`.
type Policy = Rule[]
type Rule =
| Or
| And
| Not
| Some
| Every
| Constraint
type Constraint
| Is
| Compare
| Like
// jq style selector for details see https://github.com/ucan-wg/delegation/issues/5
type Selector = `.${string}`
// Any data that can be expressed in IPLD data model
type Constant = Data
type Operand = Constant | Selector
// Asserts that operands are equal
type Is = ['==', Operand, Operand]
// Asserts operands by via comparison operator
type Compare = ['>' | '<' | '>=' | '<=', Operand, Operand]
// Asserts that operand matches a pattern. The `*` symbol in pattern
type Like = [operator: 'like', pattern: string, operand: Selector]
// Rule is `true` if every enclosed rule is `false`.
type Not = [operator: "not", ...Rule[]]
// Rule it `true` if every enclosed rule is `true`.
type And = [operator: "and", ...Rule[]]
// Rule is `true` if some enclosed rule is `true`.
type Or = [operator: "or", ...Rule[]]
// Rule is true if some member matching a selector satisfies every enclosed rule.
// Enclosed rule selector context is the selected item
type Some = ["some", Selector, ...Rule[]]
// Rule is true if every member matching a selector satisfies every enclosed rule
// Enclosed rule selector context is the selected item
type Every = ["every", Selector, ...Rule[]]
Me and @expede had discussed this a lot in the side channels and after a long hold I have hard time finding any of it so I have decided to document the syntax here.