1

I am writing very simple rego file but it is showing syntex error. Can anyone suggest what am I doing wrong?

package example.accesscontrol

# Define the allowed UPNs
allowed_upns = {"[email protected]", "[email protected]" }

# Default deny all access
default allow = false

# Allow access if the UPN is in the list of allowed UPNs
allow {
    input.user.upn in allowed_upns
}

Input

{
      "upn": "[email protected]"
}

Error:

1 error occurred: policy.rego:11: rego_parse_error: unexpected identifier token: expected \n or ; or }
        input.user.upn in allowed_upns
                       ^

I was expecting the outcome to be allowed.

Improve this question

1 Answer 1

Reset to default
0

To fix this without using import rego.v1 you would need to iterate over the set of allowed_upns to check if any of them match with the input upn as follows:

package example.accesscontrol

# Define the allowed UPNs
allowed_upns := {"[email protected]", "[email protected]"}

# Default deny all access
default allow := false

# Allow access if the UPN is in the list of allowed UPNs
allow {
    allowed_upn := allowed_upns[_]
    input.upn == allowed_upn
}

To use the in keyword you would need to use the import rego.v1 statement and update the code as well to the following:

package example.accesscontrol

import rego.v1

# Define the allowed UPNs
allowed_upns := {"[email protected]", "[email protected]"}

# Default deny all access
default allow := false

# Allow access if the UPN is in the list of allowed UPNs
allow if {
    input.upn in allowed_upns
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.