|
|
|
|
|
|
by bullcitydev
825 days ago
|
|
|
We're currently evaluating OPA for adding RBAC to our open-source application [0]. We plan on using the Go API [1] and doing the policy eval directly in our app since our app is also written in Go. The thinking is we'll have some basic built-in policies (like admins can do X, editors can do Y, etc) but also allow users to configure their own policies if they want by writing rego and loading their policy rules at startup time (via config). We'd document the inputs that we pass to the evaluation call such as request headers, IP, role, etc. I'm curious if anyone has ever tried something like this or similar? [0] https://github.com/flipt-io/flipt [1] https://www.openpolicyagent.org/docs/latest/integration/#int... |
|
|