Examples

There are several ways to create Hapi policies using Visualizer. As an example, the following demonstrate how to use Visualizer to create the same policy by three different means.

The policy in question declares the types of data: Actors, Actions and Resources, and determines that the members of the Actors Actors group Analyst have access to Resources CCN, EMAIL, SSN, performing the Actions Deletes, Updates, Reads. However, Analyst Bob cannot perform any Action under Resource EMAIL.

This policy can be defined in two sets: The Data declaration:

data Actors = 
  Looker(Analyst),
  Analyst(Alice, Bob),
  Intern(Bob, Jeff),
  Alice, Bob, Jeff;

data Actions = Reads, Deletes, Updates;

data Resources = 
  Claims(Finance),
  Finance(Customers, Companies),
  Customers(CCN), Companies(EMAIL, SSN),
  CCN, EMAIL, SSN;

The Main:

main =  
  DENY
  EXCEPT {
    ALLOW {
      Actors: Analyst
      Resources: CCN, EMAIL, SSN
      Actions: Deletes, Updates, Reads
    }
    EXCEPT {
      DENY {
        Actors: Bob
        Resources: EMAIL
        Actions: Deletes, Updates, Reads
      }
    }
  };

Ways:

  • 1 - The User can place all the data in a single file, simply importing it from MAIN's Browse, or transcripting the entire file into the designated field.

Visualizer field: Main

  • 2 - The policy can be divided into two files, one with the data declaration and the other with the main. Thus, the user can create their policies beforehand and only later come to insert them in Visualizer.

Visualizer field: Browse Main

Visualizer field: Browse Data

  • 3 - The User can define the data declaration file in advance, importing it into Visualizer, and create his main through the tool. This way, he will be able to create not only this specific "Bob policy", but also several others, without ever needing to change his imported data files.

In all these cases, the generated modal will be the same, with the YAML file, the Matrix and the identical Lattices.

Visualizer Modal

We hope to make Visualizer a complete and versatile tool, having a simple interface while integrating all Hapi functionalities. By having several ways to create your policies, we hope that the user will find one that best suits their needs and feels motivated to use the tool through the link: Visualizer.