Go to file
ndiezel0 530f8e646f
MSPF-629: Add decisions (#12)
* MSPF-629: Add decisions

* MSPF-629: Fix compile

* MSPF-629: Review fix

* MSPF-629: Update bouncer_proto

* MSPF-629: Fix lint and move from_thrift_struct/4 to bouncer_thrift

* MSPF-629: Fix merge

* MSPF-629: Remove `jsx:encode/1` for restrictions

* MSPF-629: Rename decision -> judgement

* MSPF-629: Change README.md

* MSPF-629: Fix tests

* MSPF-629: Add bundle.tar.gz to gitignore

* MSPF-629: Fix test

* MSPF-629: Fix last test

* MSPF-629: Fix lint

* MSPF-629: Simplify regex

* MSPF-629: Alternative solution to atomization

* MSPF-629: Review fix

* MSPF-629: Review fix
2020-12-31 17:26:12 +03:00
build_utils@2c4c2289ad Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
config Add forgotten vm.args file (#6) 2020-10-30 16:14:01 +03:00
src MSPF-629: Add decisions (#12) 2020-12-31 17:26:12 +03:00
test MSPF-629: Add decisions (#12) 2020-12-31 17:26:12 +03:00
.gitignore MSPF-629: Add decisions (#12) 2020-12-31 17:26:12 +03:00
.gitmodules Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
docker-compose.sh Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
Dockerfile.sh Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
Jenkinsfile Implement a thrift service around opa policy solver (#1) 2020-10-14 12:09:26 +03:00
Makefile Switch to pre-alpine rbkmoney/image-service-erlang@688cee7 (#7) 2020-10-31 21:31:33 +03:00
README.md MSPF-629: Add decisions (#12) 2020-12-31 17:26:12 +03:00
rebar.config MSPF-629: Add decisions (#12) 2020-12-31 17:26:12 +03:00
rebar.lock MSPF-629: Add decisions (#12) 2020-12-31 17:26:12 +03:00

Bouncer

Does someone look like a troublemaker?

Primary Arbiter thrift service implementation.

In a nutshell this service maps incoming contexts into OPA input documents and asks OPA to compute a judgement allowing, restricting or forbidding actions under given input context.

From the service's point of view a ruleset id is a path to OPA document that define a subdocument named judgement with a rudimentary schema. See https://github.com/rbkmoney/bouncer-policies#authoring for more detailed information.