- Download and install opa binary (https://www.openpolicyagent.org/docs/latest/#running-opa)
- Run opa
opa run -s rego/example.rego -l debugurl
data.example.test_ok: PASS (2.469597ms)
data.example.test_get_same_user: PASS (1.15647ms)
data.example.test_del_same_user: PASS (165.701µs)
data.example.test_del_manager: PASS (218.433µs)
data.example.test_path_wrong_user: PASS (118.561µs)
data.example.test_root_no_user: PASS (105.119µs)
data.example.test_root_user: PASS (91.836µs)
--------------------------------------------------------------------------------
PASS: 7/7
- Under
data.json
- Install dependencies (
requirements.txt) $ python app.pyswagger url- port:
12345
If you would like to keep your computer clean and not install OPA or any Python dependencies on it, you can use Docker. The Dockerfile in this project repository builds a Docker container with both OPA and flask-opa in it. The defined target architecture is ARM64, but can be swapped by changing the OPA download instructions in the Dockerfile.
- docker build -t flask-opa .
- docker run -ti -p 127.0.0.1:12345:12345 flask-opa
This will show the logs for both OPA and flask-opa, scrolling on your console.
- Anybody can query
/office(to list all employees) - All other paths require an authorization header
Authorization: <emp-id> mikeis the manager. He can add/delete other employees (nottoby)- Any employee can view/update his/her information
/office/<emp-id>
