|
|
|
|
|
|
by charlieegan3
832 days ago
|
|
|
I am not sure how your groups are structured, but something like this might work for this [0] use case: package play
import rego.v1
default allow := false
allow if {
user := input.id
user in data.groups.A
user in data.groups.B
not user in data.groups.C
}
[0] https://play.openpolicyagent.org/p/adMo9TE9bS |
|
|