Skip to content

feat: adds REST API for policy evaluation plan #4452

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
wolf4ood merged 1 commit into from
Sep 5, 2024
Merged

feat: adds REST API for policy evaluation plan #4452

wolf4ood merged 1 commit into from
Sep 5, 2024

Conversation

@wolf4ood
Copy link
Contributor

@wolf4ood wolf4ood commented Sep 4, 2024
edited
Loading

What this PR changes/adds

introduces an alpha REST API for policy evaluation plan.

Why it does that

Improve policies management and debuggability

Further notes

For example given this policy in MVD:

policy example 
{
       "@id": "require-membership",
       "@type": "PolicyDefinition",
       "createdAt": 1725466366896,
       "policy": {
           "@id": "51d3c610-b141-4269-a4c0-df2a77122cfe",
           "@type": "odrl:Set",
           "odrl:permission": {
               "odrl:action": {
                   "@id": "use"
               },
               "odrl:constraint": {
                   "odrl:leftOperand": {
                       "@id": "MembershipCredential"
                   },
                   "odrl:operator": {
                       "@id": "odrl:eq"
                   },
                   "odrl:rightOperand": "active"
               }
           },
           "odrl:prohibition": [],
           "odrl:obligation": []
       },
       "@context": {
           "@vocab": "https://w3id.org/edc/v0.0.1/ns/",
           "edc": "https://w3id.org/edc/v0.0.1/ns/",
           "odrl": "http://www.w3.org/ns/odrl/2/"
       }
   },

An evaluation plan output within the catalog scope will look like this:

evaluation plan in catalog scope 
{
    "@type": "PolicyEvaluationPlan",
    "preValidators": [],
    "permissionSteps": {
        "@type": "PermissionStep",
        "isFiltered": false,
        "filteringReasons": [],
        "ruleFunctionSteps": "ExamplePermissionFunction",
        "constraintSteps": {
            "@type": "AtomicConstraintStep",
            "isFiltered": false,
            "filteringReasons": [],
            "functionName": "MembershipCredentialEvaluationFunction",
            "functionParams": [
                "'MembershipCredential'",
                "EQ",
                "'active'"
            ]
        },
        "dutySteps": []
    },
    "prohibitionSteps": [],
    "obligationSteps": [],
    "postValidators": [],
    "@context": {
        "@vocab": "https://w3id.org/edc/v0.0.1/ns/",
        "edc": "https://w3id.org/edc/v0.0.1/ns/",
        "odrl": "http://www.w3.org/ns/odrl/2/"
    }
}

while in the request.catalog scope will look like this:

evaluation plan in catalog scope 
{
    "@type": "PolicyEvaluationPlan",
    "preValidators": "DcpScopeExtractorFunction",
    "permissionSteps": {
        "@type": "PermissionStep",
        "isFiltered": false,
        "filteringReasons": [],
        "ruleFunctionSteps": [],
        "constraintSteps": {
            "@type": "AtomicConstraintStep",
            "isFiltered": true,
            "filteringReasons": [
                "leftOperand 'MembershipCredential' is not bound to scope 'request.catalog'",
                "leftOperand 'MembershipCredential' is not bound to any function within scope 'request.catalog'"
            ],
            "functionParams": [
                "'MembershipCredential'",
                "EQ",
                "'active'"
            ]
        },
        "dutySteps": []
    },
    "prohibitionSteps": [],
    "obligationSteps": [],
    "postValidators": "DefaultScopeMappingFunction",
    "@context": {
        "@vocab": "https://w3id.org/edc/v0.0.1/ns/",
        "edc": "https://w3id.org/edc/v0.0.1/ns/",
        "odrl": "http://www.w3.org/ns/odrl/2/"
    }
}

Linked Issue(s)

Closes #4447

@wolf4ood wolf4ood self-assigned this Sep 4, 2024
@wolf4ood wolf4ood added the enhancement New feature or request label Sep 4, 2024
@wolf4ood wolf4ood force-pushed the feat/4447_rest_api_policy_evaluation_plan branch 3 times, most recently from bcc639a to 6a7e870 Compare September 4, 2024 16:03
@wolf4ood wolf4ood force-pushed the feat/4447_rest_api_policy_evaluation_plan branch 4 times, most recently from 8798c27 to e53a35d Compare September 5, 2024 08:04
@wolf4ood wolf4ood marked this pull request as ready for review September 5, 2024 08:41
@wolf4ood wolf4ood force-pushed the feat/4447_rest_api_policy_evaluation_plan branch from e53a35d to 3a55b24 Compare September 5, 2024 13:40
@wolf4ood wolf4ood merged commit 70ba9c2 into eclipse-edc:main Sep 5, 2024
@wolf4ood wolf4ood deleted the feat/4447_rest_api_policy_evaluation_plan branch September 5, 2024 13:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ndr-brt ndr-brt ndr-brt approved these changes

@paullatzelsperger paullatzelsperger Awaiting requested review from paullatzelsperger

Assignees

@wolf4ood wolf4ood

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add REST APIs for policy evaluation plan

2 participants

@wolf4ood @ndr-brt