From c75ceda92ce98c654747457c4fdfd32766487653 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Wed, 2 Apr 2025 09:45:37 -0600
Subject: feat: embed cedar policies in policies package

---
 pkg/rpc/ability_handler.go | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to 'pkg/rpc/ability_handler.go')

diff --git a/pkg/rpc/ability_handler.go b/pkg/rpc/ability_handler.go
index b36ce14e..973e1db8 100644
--- a/pkg/rpc/ability_handler.go
+++ b/pkg/rpc/ability_handler.go
@@ -2,14 +2,25 @@ package rpc
 
 import (
 	context "context"
+
+	"github.com/cedar-policy/cedar-go"
+	"gitlab.com/mokhax/spike/pkg/policies"
 )
 
 type AbilityHandler struct {
 	UnimplementedAbilityServer
 }
 
+func NewAbilityHandler() *AbilityHandler {
+	return &AbilityHandler{}
+}
+
 func (h *AbilityHandler) Allowed(ctx context.Context, req *AllowRequest) (*AllowReply, error) {
-	return &AllowReply{
-		Result: false,
-	}, nil
+	ok := policies.Allowed(cedar.Request{
+		Principal: cedar.NewEntityUID("User", cedar.String(req.Subject)),
+		Action:    cedar.NewEntityUID("Action", cedar.String(req.Permission)),
+		Resource:  cedar.NewEntityUID("Album", cedar.String(req.Resource)),
+		Context:   cedar.NewRecord(cedar.RecordMap{}),
+	})
+	return &AllowReply{Result: ok}, nil
 }
-- 
cgit v1.2.3