https://linen.dev logo
Join SlackCommunities
Powered by
This message was deleted.
# opal
s
This message was deleted.
👀 1
d
Say for example I have a list of users like the sample repos:
Copy code
{
  "users": {
    "alice": {
      "roles": [
        "admin"
      ],
      "location": {
        "country": "US",
        "ip": "8.8.8.8"
      }
    },
    "bob": {
      "roles": [
        "employee",
        "billing"
      ],
      "location": {
        "country": "US",
        "ip": "8.8.8.8"
      }
    },
    "sunil": {
      "roles": [
        "guest"
      ],
      "location": {
        "country": "US",
        "ip": "8.8.8.8"
      }
    },
    "eve": {
      "roles": [
        "customer"
      ],
      "location": {
        "country": "US",
        "ip": "8.8.8.8"
      }
    }
  }
}
The example data update updates users/bob/location. Doing this with inline data would just be setting the data to
Copy code
{
  "country": "US",
  "ip": "8.8.8.8"
}
but what if I only wanted to update one field, say for example the 
ip
in this case
I cannot do PATCH to /users/bob/location/ip with value "1.1.1.1" because the Entry object expects an Object or Array, not a value
so if I PATCH /users/bob/location and send 
{"ip":"1.1.1.1"}
, then it will overwrite bob.location to only have the new ip and no country
same for PUT or POST, no difference in behavior
To be clear, i'm just asking is this possible/am I doing something wrong. I can easily work around this, I'm just curious
What I would expect is that • POST would create the resource where it doesn't exist • PUT would create or replace the resource • PATCH would update the resource with the fields sent
a
i don't think this is currently implemented, we are currently only using PUT in our implementation (to delete data we are setting an empty dict)
we do have plans to change this in the near future to a more robust solution, but if you want to go ahead and implement PATCH and DELETE we would be happy to review and accept that PR.
👍 1
cc @Ro'e Katz
d
Thank you 🙂
o
Just for reference the JSON PATCH RFC (Which OPA implements): https://www.rfc-editor.org/rfc/rfc6902
👍 1
b
We are looking for the same functionality. There is currently an open merge request for deleting policy data. Is that implementation sufficient and something the OPAL team will accept?
o
Hi @Brian Hyder, thanks for surfacing this up. I think we can definitely take a look. @Asaf Cohen, @Ro'e Katz - any reason we didn't review this one yet? CC: @Maurice Brand-Freitag
r
@Or Weis Was busy with the other changes for the release and that one escaped my attention. I’ll take a look today (@Brian Hyder @Maurice Brand-Freitag)
🙏 1
s
I have a similar question about JSON PATCH support in OPAL. Using the same data from https://permit-io.slack.com/archives/C01RUUYV3TP/p1683118243688099?thread_ts=1683118207.113369&cid=C01RUUYV3TP If I wanted to add a “security” role to bob in OPA, I would use the following patch:
Copy code
curl --location --request PATCH '0.0.0.0:8181/v1/data/users/bob/roles' \
--header 'Content-Type: application/json-patch+json' \
--data-raw '[{ 
    "op": "add", 
    "path": "-", 
    "value": "security"
}]'
Is this supported or scheduled to be worked on?
a
Hi @Steven Daniels we can definitely implement this, or review a PR if you're willing to contribute this feature. @Ro'e Katz can work on PATCH support next week. In the meanwhile i recommend replacing the bottom-most key with PUT. It is in general better to work in OPA with dicts rather than lists for performance reasons.
🙌 1
s
It is in general better to work in OPA with dicts rather than lists for performance reasons.
Do you have any metrics or other info about this?
a
2 Views
Open in Slack
PreviousNext
Powered by