aboutsummaryrefslogtreecommitdiffstats
path: root/compose/config/opa-pdp/policies/account/policy.rego
diff options
context:
space:
mode:
Diffstat (limited to 'compose/config/opa-pdp/policies/account/policy.rego')
-rw-r--r--compose/config/opa-pdp/policies/account/policy.rego17
1 files changed, 17 insertions, 0 deletions
diff --git a/compose/config/opa-pdp/policies/account/policy.rego b/compose/config/opa-pdp/policies/account/policy.rego
new file mode 100644
index 00000000..f99e8eb0
--- /dev/null
+++ b/compose/config/opa-pdp/policies/account/policy.rego
@@ -0,0 +1,17 @@
+package account
+
+import rego.v1
+
+default allow := false
+
+allow if {
+ creditor_is_valid
+ debtor_is_valid
+ period_is_valid
+ amount_is_valid
+}
+creditor_is_valid if data.account.account_attributes[input.creditor_account].owner == input.creditor
+debtor_is_valid if data.account.account_attributes[input.debtor_account].owner == input.debtor
+
+period_is_valid if input.period <= 30
+amount_is_valid if data.account.account_attributes[input.debtor_account].amount >= input.amount