Skip to content

Commit

Permalink
add sample policies and data
Browse files Browse the repository at this point in the history
  • Loading branch information
@apoland
apoland committed Nov 22, 2023
1 parent 064e5fe commit d7c682c
Show file tree
Hide file tree
Showing 11 changed files with 432 additions and 18 deletions.
1 change: 0 additions & 1 deletion assets/docker-compose/.gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,2 @@
certs/
db/
data/
19 changes: 2 additions & 17 deletions assets/docker-compose/config/local.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,22 +211,7 @@ api:
opa:
instance_id: "-"
graceful_shutdown_period_seconds: 2
# max_plugin_wait_time_seconds: 30 set as default
local_bundles:
paths: []
paths: [${TOPAZ_POLICIES_PATH}]
skip_verification: true
config:
services:
ghcr:
url: https://ghcr.io
type: "oci"
response_header_timeout_seconds: 5
bundles:
todo:
service: ghcr
resource: "ghcr.io/aserto-policies/policy-todo-rebac:latest"
persist: false
config:
polling:
min_delay_seconds: 60
max_delay_seconds: 120
watch: true
184 changes: 184 additions & 0 deletions assets/docker-compose/data/citadel_objects.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,184 @@
{
"objects": [
{
"type": "identity",
"id": "CiRmZDQ2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"properties": {
"kind": "IDENTITY_KIND_PID",
"provider": "local",
"verified": true
}
},
{
"type": "identity",
"id": "CiRmZDI2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"properties": {
"kind": "IDENTITY_KIND_PID",
"provider": "local",
"verified": true
}
},
{
"type": "group",
"id": "evil_genius",
"display_name": "evil_genius-group",
"properties": {}
},
{
"type": "identity",
"id": "CiRmZDM2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"properties": {
"kind": "IDENTITY_KIND_PID",
"provider": "local",
"verified": true
}
},
{
"type": "group",
"id": "admin",
"display_name": "admin-group",
"properties": {}
},
{
"type": "identity",
"id": "[email protected]",
"properties": {
"kind": "IDENTITY_KIND_EMAIL",
"provider": "local",
"verified": true
}
},
{
"type": "identity",
"id": "CiRmZDA2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"properties": {
"kind": "IDENTITY_KIND_PID",
"provider": "local",
"verified": true
}
},
{
"type": "identity",
"id": "[email protected]",
"properties": {
"kind": "IDENTITY_KIND_EMAIL",
"provider": "local",
"verified": true
}
},
{
"type": "identity",
"id": "[email protected]",
"properties": {
"kind": "IDENTITY_KIND_EMAIL",
"provider": "local",
"verified": true
}
},
{
"type": "group",
"id": "viewer",
"display_name": "viewer-group",
"properties": {}
},
{
"type": "identity",
"id": "[email protected]",
"properties": {
"kind": "IDENTITY_KIND_EMAIL",
"provider": "local",
"verified": true
}
},
{
"type": "user",
"id": "[email protected]",
"display_name": "Jerry Smith",
"properties": {
"email": "[email protected]",
"picture": "https://github.com/aserto-demo/contoso-ad-sample/raw/main/UserImages/Jerry%20Smith.jpg",
"roles": [
"viewer"
],
"status": "USER_STATUS_ACTIVE"
}
},
{
"type": "user",
"id": "[email protected]",
"display_name": "Beth Smith",
"properties": {
"email": "[email protected]",
"picture": "https://github.com/aserto-demo/contoso-ad-sample/raw/main/UserImages/Beth%20Smith.jpg",
"roles": [
"viewer"
],
"status": "USER_STATUS_ACTIVE"
}
},
{
"type": "identity",
"id": "CiRmZDE2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"properties": {
"kind": "IDENTITY_KIND_PID",
"provider": "local",
"verified": true
}
},
{
"type": "user",
"id": "[email protected]",
"display_name": "Rick Sanchez",
"properties": {
"email": "[email protected]",
"picture": "https://github.com/aserto-demo/contoso-ad-sample/raw/main/UserImages/Rick%20Sanchez.jpg",
"roles": [
"admin",
"evil_genius"
],
"status": "USER_STATUS_ACTIVE"
}
},
{
"type": "user",
"id": "[email protected]",
"display_name": "Morty Smith",
"properties": {
"email": "[email protected]",
"picture": "https://github.com/aserto-demo/contoso-ad-sample/raw/main/UserImages/Morty%20Smith.jpg",
"roles": [
"editor"
],
"status": "USER_STATUS_ACTIVE"
}
},
{
"type": "user",
"id": "[email protected]",
"display_name": "Summer Smith",
"properties": {
"email": "[email protected]",
"picture": "https://github.com/aserto-demo/contoso-ad-sample/raw/main/UserImages/Summer%20Smith.jpg",
"roles": [
"editor"
],
"status": "USER_STATUS_ACTIVE"
}
},
{
"type": "group",
"id": "editor",
"display_name": "editor-group",
"properties": {}
},
{
"type": "identity",
"id": "[email protected]",
"properties": {
"kind": "IDENTITY_KIND_EMAIL",
"provider": "local",
"verified": true
}
}
]
}
144 changes: 144 additions & 0 deletions assets/docker-compose/data/citadel_relations.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,144 @@
{
"relations": [
{
"object_type": "user",
"object_id": "[email protected]",
"relation": "manager",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "user",
"object_id": "[email protected]",
"relation": "manager",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "user",
"object_id": "[email protected]",
"relation": "manager",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "user",
"object_id": "[email protected]",
"relation": "manager",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "[email protected]",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "CiRmZDA2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "CiRmZDE2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "CiRmZDI2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "CiRmZDM2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "CiRmZDQ2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "[email protected]",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "[email protected]",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "[email protected]",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "identity",
"object_id": "[email protected]",
"relation": "identifier",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "group",
"object_id": "admin",
"relation": "member",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "group",
"object_id": "editor",
"relation": "member",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "group",
"object_id": "editor",
"relation": "member",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "group",
"object_id": "evil_genius",
"relation": "member",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "group",
"object_id": "viewer",
"relation": "member",
"subject_type": "user",
"subject_id": "[email protected]"
},
{
"object_type": "group",
"object_id": "viewer",
"relation": "member",
"subject_type": "user",
"subject_id": "[email protected]"
}
]
}
31 changes: 31 additions & 0 deletions assets/docker-compose/data/manifest.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# yaml-language-server: $schema=https://www.topaz.sh/schema/manifest.json
---

### filename: manifest.yaml ###
### datetime: 2023-10-17T00:00:00-00:00 ###
### description: citadel manifest ###

### model ###
model:
version: 3

### object type definitions ###
types:
### display_name: User ###
user:
relations:
### display_name: user#manager ###
manager: user

### display_name: Identity ###
identity:
relations:
### display_name: identity#identifier ###
identifier: user

### display_name: Group ###
group:
relations:
### display_name: group#member ###
member: user

Loading

0 comments on commit d7c682c

Please sign in to comment.