我正在编写非常简单的 rego 文件,但它显示语法错误。谁能建议我做错了什么?
package example.accesscontrol
# Define the allowed UPNs
allowed_upns = {"[email protected]", "[email protected]" }
# Default deny all access
default allow = false
# Allow access if the UPN is in the list of allowed UPNs
allow {
input.user.upn in allowed_upns
}
输入
{
"upn": "[email protected]"
}
错误:
1 error occurred: policy.rego:11: rego_parse_error: unexpected identifier token: expected \n or ; or }
input.user.upn in allowed_upns
^
我期待结果会被允许。
要在不使用
import rego.v1
的情况下解决此问题,您需要迭代 allowed_upns
集以检查它们中是否有任何一个与输入 upn 匹配,如下所示:
package example.accesscontrol
# Define the allowed UPNs
allowed_upns := {"[email protected]", "[email protected]"}
# Default deny all access
default allow := false
# Allow access if the UPN is in the list of allowed UPNs
allow {
allowed_upn := allowed_upns[_]
input.upn == allowed_upn
}
要使用
in
关键字,您需要使用 import rego.v1
语句并将代码更新为以下内容:
package example.accesscontrol
import rego.v1
# Define the allowed UPNs
allowed_upns := {"[email protected]", "[email protected]"}
# Default deny all access
default allow := false
# Allow access if the UPN is in the list of allowed UPNs
allow if {
input.upn in allowed_upns
}
示例
input.json
用于测试的文件
{
"upn": "[email protected]"
}