refactor: move policies and entities in policies package

author: mo khan <mo@mokhan.ca> 2025-04-02 11:23:47 -0600
committer: mo khan <mo@mokhan.ca> 2025-04-02 11:23:47 -0600
commit: 3f54e2fc59f21029813863491b37e39bb6015115 (patch)
tree: 423d1d427e4d340d8030d3c9d98794084c0d5edb /pkg/rpc/ability_service.go
parent: e8708d505dfbe6c3ecbf41afb9732b73b6f1f156 (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/pkg/rpc/ability_service.go b/pkg/rpc/ability_service.go
new file mode 100644
index 0000000..bf299da
--- /dev/null
+++ b/pkg/rpc/ability_service.go
@@ -0,0 +1,26 @@
+package rpc
+
+import (
+	context "context"
+
+	"github.com/cedar-policy/cedar-go"
+	"gitlab.com/mokhax/spike/pkg/policies"
+)
+
+type AbilityService struct {
+	UnimplementedAbilityServer
+}
+
+func NewAbilityService() *AbilityService {
+	return &AbilityService{}
+}
+
+func (h *AbilityService) Allowed(ctx context.Context, req *AllowRequest) (*AllowReply, error) {
+	ok := policies.Allowed(cedar.Request{
+		Principal: cedar.NewEntityUID("User", cedar.String(req.Subject)),
+		Action:    cedar.NewEntityUID("Action", cedar.String(req.Permission)),
+		Resource:  cedar.NewEntityUID("Album", cedar.String(req.Resource)),
+		Context:   cedar.NewRecord(cedar.RecordMap{}),
+	})
+	return &AllowReply{Result: ok}, nil
+}
author	mo khan <mo@mokhan.ca>	2025-04-02 11:23:47 -0600
committer	mo khan <mo@mokhan.ca>	2025-04-02 11:23:47 -0600
commit	3f54e2fc59f21029813863491b37e39bb6015115 (patch)
tree	423d1d427e4d340d8030d3c9d98794084c0d5edb /pkg/rpc/ability_service.go
parent	e8708d505dfbe6c3ecbf41afb9732b73b6f1f156 (diff)