Examples

In this section we aim to present some examples of policies defined in natural language and how they can be translated into Hapi.

"Bob can read all resources, Alice can read and update emails, but only read credit card numbers."

main =
DENY
EXCEPT {
ALLOW {
Actor: Bob
Resources
}
ALLOW {
Actor: Alice
Resources: EMAIL, CCN
}
ALLOW {
Actor: Alice
Resources: EMAIL
}
};


"Everyone can read emails. Bob can read and delete all data but only updates credit card numbers. Alice can perform all actions in emails"

main =
DENY
EXCEPT {
ALLOW {
Actor: Bob
Resources
}
ALLOW {
Actor: Bob
Resources: CCN
}
ALLOW {
Actor
Resources: EMAIL
}
ALLOW {
Actor: Alice
Resources: EMAIL
Actions
}
};


Apply the same rules to a group of users

"Bob, Alex and Jeff can read all resources, but Alex can't read emails."

alexCantReadEmails =
DENY {
Actors: Alex
Resources: EMAIL
};

main =
DENY
EXCEPT {
ALLOW {
Actor: Bob, Alex, Jeff
Resources
}
EXCEPT {
}
};


Apply rule to a service/group identified by its name

"Operating Cost Predictor service can read all the data."

main =
DENY
EXCEPT {
ALLOW {
Actor: OperatingCostPredictor
Resources
}
};


Here we're applying rules to a group of values in our lattice. In this case, the service OperatingCostPredictor may be composed of members such as Alice, Bob and Jeff. Then the rules applied to OperatingCostPredictor will also be applied to the three of them.

Combining rules to services/groups with intersections

"Operating Cost Predictor service can read all the data but Intern can't read sensitive ones."

internDontAccessSensitiveData =
DENY {
Actors: Intern
Resources: Sensitive
Actions
};

main =
DENY
EXCEPT {
ALLOW {
Actor: OperatingCostPredictor
Resources

In this context, let's say that the group Intern is made of Bob and Jeff. And the OperatingCostPredictor service contains Alice and Jeff. Therefore, Alice will be able to read all data, but Jeff, because he is an intern, won't be able to read sensitive data.