main
1package rpc
2
3import (
4 context "context"
5
6 "github.com/cedar-policy/cedar-go"
7 "gitlab.com/mokhax/spike/pkg/gid"
8 "gitlab.com/mokhax/spike/pkg/policies"
9)
10
11type AbilityService struct {
12 UnimplementedAbilityServer
13}
14
15func NewAbilityService() *AbilityService {
16 return &AbilityService{}
17}
18
19func (h *AbilityService) Allowed(ctx context.Context, req *AllowRequest) (*AllowReply, error) {
20 ok := policies.Allowed(cedar.Request{
21 Principal: gid.NewEntityUID(req.Subject),
22 Action: cedar.NewEntityUID("Permission", cedar.String(req.Permission)),
23 Resource: gid.NewEntityUID(req.Resource),
24 Context: cedar.NewRecord(cedar.RecordMap{}),
25 })
26 return &AllowReply{Result: ok}, nil
27}