diff --git a/doc/REGO.md b/doc/REGO.md index 28c5625..e114461 100644 --- a/doc/REGO.md +++ b/doc/REGO.md @@ -10,7 +10,6 @@ | leftOperand | dome-op:relatedParty | related_party(http_part) | get the entity from tm-forum and extract related party | | leftOperand | dome-op:owner | owner(related_party) | filter the given list of related_party(ies) for one with role "Owner" | | leftOperand | dome-op:relatedParty_role | related_party_role(entity) | return the role from the related party of an entity | -| leftOperand | TMF-PCMA:lifecycleStatus | life_cycle_status(entity) | return the lifeCycleStatus of a given entity | | leftOperand | dome-op:validFor_endDateTime | valid_for_end_date_time(entity) | return the end of the validity of an entity | | leftOperand | dome-op:validFor_startDateTime | valid_for_start_date_time(entity) | return the start of the validity of an entity | | action | dome-op:create | is_creation(request) | Check if the given request is a creation | @@ -68,6 +67,7 @@ | --- | --- | --- | --- | | leftOperand | vc:role | role(verifiable_credential,organization_id) | retrieves the roles from the credential, that target the current organization | | leftOperand | vc:currentParty | current_party(credential) | the current (organization)party, | +| assignee | odrl:any | is_any | allows for any user | ## ngsild @@ -78,3 +78,10 @@ | leftOperand | ngsi-ld:_observedAt | # | retrieves the observedAt of the property The method should be concretized in the mapping.json, to match a concrete property. | | leftOperand | ngsi-ld:_modifiedAt | # | retrieves the modifiedAt of the property The method should be concretized in the mapping.json, to match a concrete property. | | leftOperand | ngsi-ld: | # | retrieves the object of the relationship, only applies to properties of type "Relationship". The method should be concretized in the mapping.json, to match a concrete property. | + +## tmf + +| ODRL Class | ODRL Key | Rego-Method | Description | +| --- | --- | --- | --- | +| leftOperand | tmf:lifecycleStatus | life_cycle_status(entity) | return the lifeCycleStatus of a given entity | +| leftOperand | tmf:resource | resource_type(http_part) | retrieves the type of the resource from the path | diff --git a/src/main/resources/mapping.json b/src/main/resources/mapping.json index 844147e..0aa4318 100644 --- a/src/main/resources/mapping.json +++ b/src/main/resources/mapping.json @@ -176,10 +176,14 @@ "regoMethod": "dome_lo.valid_for_end_date_time(helper.entity)" } }, - "TMF-PCMA": { + "tmf": { "lifecycleStatus": { - "regoPackage": "dome.leftOperand as dome_lo", - "regoMethod": "dome_lo.life_cycle_status(helper.entity)" + "regoPackage": "tmf.leftOperand as tmf_lo", + "regoMethod": "tmf_lo.life_cycle_status(helper.entity)" + }, + "resource": { + "regoPackage": "tmf.leftOperand as tmf_lo", + "regoMethod": "tmf_lo.resource_type(helper.http_part)" } } }, @@ -192,10 +196,12 @@ "assignee": { "regoPackage": "odrl.assignee as odrl_assignee", "regoMethod": "odrl_assignee.is_user(helper.issuer,%s)" - }, + } + }, + "vc": { "any": { - "regoPackage": "odrl.assignee as odrl_assignee", - "regoMethod": "odrl_assignee.is_any" + "regoPackage": "vc.assignee as vc_assignee", + "regoMethod": "vc_assignee.is_any" } } }, diff --git a/src/main/resources/rego-resources.txt b/src/main/resources/rego-resources.txt index c80b3de..c66edae 100644 --- a/src/main/resources/rego-resources.txt +++ b/src/main/resources/rego-resources.txt @@ -57,3 +57,33 @@ rego/utils/kong.rego rego/utils/apisix.rego rego/vc/leftOperand.rego rego/ngsi-ld/leftOperand.rego +rego/dome/leftOperand.rego +rego/dome/action.rego +rego/odrl/operand.rego +rego/odrl/rightOperand.rego +rego/odrl/operator.rego +rego/odrl/leftOperand.rego +rego/odrl/target.rego +rego/odrl/action.rego +rego/odrl/assignee.rego +rego/utils/kong.rego +rego/utils/apisix.rego +rego/vc/leftOperand.rego +rego/vc/assignee.rego +rego/ngsi-ld/leftOperand.rego +rego/tmf/leftOperand.rego +rego/dome/leftOperand.rego +rego/dome/action.rego +rego/odrl/operand.rego +rego/odrl/rightOperand.rego +rego/odrl/operator.rego +rego/odrl/leftOperand.rego +rego/odrl/target.rego +rego/odrl/action.rego +rego/odrl/assignee.rego +rego/utils/kong.rego +rego/utils/apisix.rego +rego/vc/leftOperand.rego +rego/vc/assignee.rego +rego/ngsi-ld/leftOperand.rego +rego/tmf/leftOperand.rego diff --git a/src/main/resources/rego/dome/leftOperand.rego b/src/main/resources/rego/dome/leftOperand.rego index b7fe90f..3e58f93 100644 --- a/src/main/resources/rego/dome/leftOperand.rego +++ b/src/main/resources/rego/dome/leftOperand.rego @@ -34,10 +34,6 @@ owner(related_party) := o_id if { # return the role from the related party of an entity related_party_role(entity) := related_party(entity).role -## TMF-PCMA:lifecycleStatus -# return the lifeCycleStatus of a given entity -life_cycle_status(entity) := entity.lifeCycleStatus - ## dome-op:validFor_endDateTime # return the end of the validity of an entity valid_for_end_date_time(entity) := time.parse_rfc3339_ns(entity.validFor.endDataTime) diff --git a/src/main/resources/rego/odrl/assignee.rego b/src/main/resources/rego/odrl/assignee.rego index cf03d72..0e603c1 100644 --- a/src/main/resources/rego/odrl/assignee.rego +++ b/src/main/resources/rego/odrl/assignee.rego @@ -5,8 +5,3 @@ import rego.v1 ## odrl:uid,odrl:assignee # is the given user id the same as the given uid is_user(user,uid) if user == uid - -## odrl:any -# allows for any user -is_any := true - diff --git a/src/main/resources/rego/tmf/leftOperand.rego b/src/main/resources/rego/tmf/leftOperand.rego new file mode 100644 index 0000000..4f15cb9 --- /dev/null +++ b/src/main/resources/rego/tmf/leftOperand.rego @@ -0,0 +1,20 @@ +package tmf.leftOperand + +import rego.v1 + +## tmf:lifecycleStatus +# return the lifeCycleStatus of a given entity +life_cycle_status(entity) := entity.lifeCycleStatus + +## tmf:resource +# retrieves the type of the resource from the path +resource_type(http_part) := resource if { + path_without_query := split(http_part.path, "?")[0] + path_elements := split(path_without_query, "/") + # reverse the path to get the potential id element first + reversed := array.reverse(path_elements) + # remove the (potential) id element from the path array + non_id_parts := [path_element | some path_element in reversed; not contains(path_element, "ngsi-ld")] + # after removal of the id, the resource is the first one to be retrieved + resource = non_id_parts[0] +} diff --git a/src/main/resources/rego/vc/assignee.rego b/src/main/resources/rego/vc/assignee.rego new file mode 100644 index 0000000..f7b063a --- /dev/null +++ b/src/main/resources/rego/vc/assignee.rego @@ -0,0 +1,7 @@ +package vc.assignee + +import rego.v1 + +## odrl:any +# allows for any user +is_any := true diff --git a/src/test/resources/examples/dome/1004/1004.json b/src/test/resources/examples/dome/1004/1004.json index c21f0e2..98355f6 100644 Binary files a/src/test/resources/examples/dome/1004/1004.json and b/src/test/resources/examples/dome/1004/1004.json differ diff --git a/src/test/resources/examples/ngsi-ld/types/types.json b/src/test/resources/examples/ngsi-ld/types/types.json index 4ae8ac6..f2557ee 100644 --- a/src/test/resources/examples/ngsi-ld/types/types.json +++ b/src/test/resources/examples/ngsi-ld/types/types.json @@ -30,7 +30,7 @@ ] }, "odrl:assignee": { - "@id": "odrl:any" + "@id": "vc:any" }, "odrl:action": { "@id": "dome-op:read"