package services import ( "context" "git.sch9.ru/new_gate/models" "github.com/open-policy-agent/opa/rego" ) type PermissionService struct { query *rego.PreparedEvalQuery } func NewPermissionService() *PermissionService { query, err := rego.New( rego.Query("allow = data.problem.rbac.allow"), rego.Load([]string{"./opa/all.rego"}, nil), ).PrepareForEval(context.TODO()) if err != nil { panic(err) } return &PermissionService{ query: &query, } } func (s *PermissionService) Allowed(ctx context.Context, user *models.User, action string) bool { input := map[string]interface{}{ "user": user, "action": action, } result, err := s.query.Eval(ctx, rego.EvalInput(input)) if err != nil { panic(err) } return result[0].Bindings["allow"].(bool) }