Better OAS-based configuration for policy configuration
Closed this issue · 2 comments
Is your feature request related to a problem? Please describe.
Currently, from the docs, in order to configure rönd sidecar with OAS exposed by an application service you have to specify something link this:
{
"x-permission": {
"allow": "greetings_read",
"resourceFilter": {
"rowFilter": {
"enabled": true,
"headerKey": "x-acl-rows"
}
},
"responseFilter": {
"policy": "filter_response_example"
},
"options": {
"enableResourcePermissionsMapOptimization": true
}
}
}
I find this configuration a bit redundant and suggest the following (heavily breaking) change:
{
"x-rond-config": {
"requestFlow": {
"policyName": "greetings_read",
"generateQuery": true,
"queryOptions": {
"headerName": "...",
"language": "..." // for future support to different query languages
}
},
"responseFlow": {
"policyName": "filter_response_example"
},
"options": {
"enableResourcePermissionsMapOptimization": true
}
}
}
We could prevent the breaking change by defining a period where both configuration are accepted (with priority to the new one) so that people can adapt; we can start deprecating the x-permission
keyword and then remove support in v2
With PR #84 I've added the new OAS configuration format (named x-rond
) but made it non-breaking; as soon as the work is merged I'm going to close this PR and open a new one for the deprecation and removal of the old configuration to be done in v2