Fix principal id in rego files (#177)

narval-xyz · Mar 22, 2024 · e7e28cf · e7e28cf
1 parent 3f67d59
commit e7e28cf
Show file tree

Hide file tree

Showing 6 changed files with 26 additions and 21 deletions.
diff --git a/apps/policy-engine/src/engine/app.controller.ts b/apps/policy-engine/src/engine/app.controller.ts
@@ -30,7 +30,12 @@ export class AppController {
       body
     })
 
-    return this.evaluationService.evaluate(FIXTURE.ORGANIZATION.id, body)
+    const result = await this.evaluationService.evaluate(FIXTURE.ORGANIZATION.id, body)
+
+    this.logger.log({
+      message: 'Evaluation result',
+      body: result
+    })
   }
 
   @Post('/evaluation-demo')

diff --git a/apps/policy-engine/src/resource/open-policy-agent/rego/__test__/criteria/principal_test.rego b/apps/policy-engine/src/resource/open-policy-agent/rego/__test__/criteria/principal_test.rego
@@ -4,7 +4,7 @@ test_principal {
 	user = principal with input as request
 		with data.entities as entities
 
-	user == {"uid": "test-bob-uid", "role": "root"}
+	user == {"id": "test-bob-uid", "role": "root"}
 
 	groups = principalGroups with input as request
 		with data.entities as entities

diff --git a/apps/policy-engine/src/resource/open-policy-agent/rego/__test__/main_test.rego b/apps/policy-engine/src/resource/open-policy-agent/rego/__test__/main_test.rego
@@ -115,23 +115,23 @@ request = {
 entities = {
 	"users": {
 		"test-bob-uid": {
-			"uid": "test-bob-uid",
+			"id": "test-bob-uid",
 			"role": "root",
 		},
 		"test-alice-uid": {
-			"uid": "test-alice-uid",
+			"id": "test-alice-uid",
 			"role": "member",
 		},
 		"test-bar-uid": {
-			"uid": "test-bar-uid",
+			"id": "test-bar-uid",
 			"role": "admin",
 		},
 		"test-foo-uid": {
-			"uid": "test-foo-uid",
+			"id": "test-foo-uid",
 			"role": "admin",
 		},
 		"0xaaa8ee1cbaa1856f4550c6fc24abb16c5c9b2a43": {
-			"uid": "0xaaa8ee1cbaa1856f4550c6fc24abb16c5c9b2a43",
+			"id": "0xaaa8ee1cbaa1856f4550c6fc24abb16c5c9b2a43",
 			"role": "admin",
 		},
 	},

diff --git a/apps/policy-engine/src/resource/open-policy-agent/rego/__test__/policies/e2e_test.rego b/apps/policy-engine/src/resource/open-policy-agent/rego/__test__/policies/e2e_test.rego
@@ -120,10 +120,10 @@ e2e_req = {
 
 e2e_entities = {
 	"users": {
-		"u:root_user": {"uid": "u:root_user", "role": "root"},
-		"[email protected]": {"uid": "[email protected]", "role": "admin"},
-		"[email protected]": {"uid": "[email protected]", "role": "admin"},
-		"[email protected]": {"uid": "[email protected]", "role": "admin"},
+		"u:root_user": {"id": "u:root_user", "role": "root"},
+		"[email protected]": {"id": "[email protected]", "role": "admin"},
+		"[email protected]": {"id": "[email protected]", "role": "admin"},
+		"[email protected]": {"id": "[email protected]", "role": "admin"},
 	},
 	"userGroups": {
 		"ug:dev-group": {"uid": "ug:dev-group", "name": "Dev", "users": ["[email protected]"]},

diff --git a/apps/policy-engine/src/resource/open-policy-agent/rego/criteria/approval.rego b/apps/policy-engine/src/resource/open-policy-agent/rego/criteria/approval.rego
@@ -30,7 +30,7 @@ getApprovalsCount(possibleApprovers) = result {
 checkApproval(approval) = result {
 	approval.countPrincipal == true
 	approval.approvalEntityType == "Narval::User"
-	possibleApprovers = {entity | entity = approval.entityIds[_]} | {principal.uid}
+	possibleApprovers = {entity | entity = approval.entityIds[_]} | {principal.id}
 	result = getApprovalsCount(possibleApprovers)
 }
 
@@ -39,7 +39,7 @@ checkApproval(approval) = result {
 	approval.approvalEntityType == "Narval::User"
 	possibleApprovers = {entity |
 		entity = approval.entityIds[_]
-		entity != principal.uid
+		entity != principal.id
 	}
 	result = getApprovalsCount(possibleApprovers)
 }
@@ -53,7 +53,7 @@ checkApproval(approval) = result {
 		entity = approval.entityIds[_]
 		users = userGroupsEntities[entity].users
 		user = users[_]
-	} | {principal.uid}
+	} | {principal.id}
 
 	result = getApprovalsCount(possibleApprovers)
 }
@@ -65,7 +65,7 @@ checkApproval(approval) = result {
 		entity = approval.entityIds[_]
 		users = userGroupsEntities[entity].users
 		user = users[_]
-		user != principal.uid
+		user != principal.id
 	}
 
 	result = getApprovalsCount(possibleApprovers)
@@ -76,21 +76,21 @@ checkApproval(approval) = result {
 checkApproval(approval) = result {
 	approval.countPrincipal == true
 	approval.approvalEntityType == "Narval::UserRole"
-	possibleApprovers = {user.uid |
+	possibleApprovers = {user.id |
 		user = usersEntities[_]
 		user.role in approval.entityIds
-	} | {principal.uid}
+	} | {principal.id}
 
 	result = getApprovalsCount(possibleApprovers)
 }
 
 checkApproval(approval) = result {
 	approval.countPrincipal == false
 	approval.approvalEntityType == "Narval::UserRole"
-	possibleApprovers = {user.uid |
+	possibleApprovers = {user.id |
 		user = usersEntities[_]
 		user.role in approval.entityIds
-		user.uid != principal.uid
+		user.id != principal.id
 	}
 
 	result = getApprovalsCount(possibleApprovers)

diff --git a/apps/policy-engine/src/resource/open-policy-agent/rego/criteria/principal.rego b/apps/policy-engine/src/resource/open-policy-agent/rego/criteria/principal.rego
@@ -11,14 +11,14 @@ principalGroups = {group.uid |
 
 isPrincipalRootUser = principal.role == "root"
 
-isPrincipalAssignedToWallet = principal.uid in resource.assignees
+isPrincipalAssignedToWallet = principal.id in resource.assignees
 
 checkPrincipal {
 	not isPrincipalRootUser
 	isPrincipalAssignedToWallet
 }
 
-checkPrincipalId(values) = principal.uid in values
+checkPrincipalId(values) = principal.id in values
 
 checkPrincipalRole(values) = principal.role in values