stringlike comparison operator?
mewalig opened this issue · 2 comments
Any plans to add a StringLike operator such as used in AWS policies (e.g. http://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html)? Would be nice to have something in between StringEqual and Regex-- easier for users and more scalable than RegEx, and also lowers the barriers to porting between AWS and Ladon policies.
Hi, that is a good point and it has been on my mind for a long time. I think you are talking about resource/action/subject names, right?
My current idea would be to allow both - regexp and StringEqual, but disallow a mixture of the two, so you could do:
foo:bar:*foo:bar:<.*>
But not:
foo:bar:*:<.*>
What do you think?
Closing because this repository is being archived. This feature is scheduled for implementation in ORY Keto.