All Rego expressions in this rule's rule body. @see RegoExp
Full name of the rule. Includes fulle package path
e.g. data.object.content.allowRead
Whether the rule contains any expressions that has any resolvable references.
reference start with input.
should be considered as non-resolvable in context of partial evaluation.
When this field is set to true
, we should not attempt to evaluate this expression.
i.e. evaluate() method should return immediately.
This will speed up evaluation process.
If the rule is fully evaluate Default to false
Whether a rule is a default Rule Its value only be used if any other residual rules are not matched (or no other residual rules)
If the rule is matched or not
Default to undefined
Its value is only set when isCompleteEvaluated
is true
the local name of the rule. i.e. doesn't include full package path
e.g. allow
Reference to OpaParser
Rule value. Rule value is this value if all expression in rule body are true It can be any type. e.g. can be object or array etc. But a simple policy normally outputs a boolean true or false
Re-evaluate this rule If fully evaluated, this.isCompleteEvaluated will be set to true
Test whether the rule is an "impossible" rule. If so, the rule should be simply discarded. See: https://github.com/open-policy-agent/opa/issues/4516
{boolean}
Whether or not the rule is resolvable (i.e. we can tell whether it's matched or not) now.
{boolean}
OPA PE result might contain duplicate expressions. https://github.com/open-policy-agent/opa/issues/4516 This method will remove those duplication by simply string comparison.
Generate Human Readable string of this rule
If it's fully evaluated, the output will be true or false (or actual rule value)
Otherwise, will generate expressions concate with AND
Generated using TypeDoc
RegoRule represents Rule concept in Rego language.
true
true
You can opt to define adefault
rule. A default rule has no rule body and will only considered as matched if all other rules are not matched.