redhat-cop/rego-policies

OPA/Rego AND operator usage

gituserjava opened this issue · 1 comments

I am new to OPA(and Rego) and writing simple policies. My use-case is the policy should return true when both input.path and input.headers values match and return false when one of them does not match. When I execute below policy I am not getting expected result. Could you please point me an example policy that shows usage of AND operator. I tried using semi-colon and it also did not work. I am using Rego playground to execute my examples.

Policy:

package demo

default allow = false

allow = {
        input.path == "/api/v1/employees/departments",
        input.headers["x-custom-header"] == "foo"
}

Input:

{
       "path":"/api/v1/employees/divisions",
       "headers": {
              "x-custom-header" :"foo"
        }
}

As I have passed incorrect path, expected Output should be below:

{
     "allow": [
           false
     ]
}

However i see actual Output as below:

{
     "allow": [
           false,
           true
     ]
}

@gituserjava ; you could do something like:

but, since you said you are new to rego, I'd join the slack channel and ask questions there.