regorus/
compile.rs

1// Copyright (c) Microsoft Corporation.
2// Licensed under the MIT License.
3
4use crate::compiled_policy::CompiledPolicy;
5use crate::engine::Engine;
6use crate::value::Value;
7use crate::*;
8
9use anyhow::Result;
10
11/// Represents a Rego policy module with an identifier and content.
12#[derive(Debug, Clone)]
13pub struct PolicyModule {
14    pub id: Rc<str>,
15    pub content: Rc<str>,
16}
17
18/// Compiles a target-aware policy from data and modules.
19///
20/// This is a convenience function that sets up an [`Engine`] and calls
21/// [`Engine::compile_for_target`]. For more control over the compilation process
22/// or to reuse an engine, use the engine method directly.
23///
24/// # Arguments
25///
26/// * `data` - Static data to be available during policy evaluation
27/// * `modules` - Array of Rego policy modules to compile together
28///
29/// # Returns
30///
31/// Returns a [`CompiledPolicy`] for target-aware evaluation.
32///
33/// # Note
34///
35/// This function is only available when the `azure_policy` feature is enabled.
36///
37/// # See Also
38///
39/// - [`Engine::compile_for_target`] for detailed documentation and examples
40/// - [`compile_policy_with_entrypoint`] for explicit rule-based compilation
41#[cfg(feature = "azure_policy")]
42#[cfg_attr(docsrs, doc(cfg(feature = "azure_policy")))]
43pub fn compile_policy_for_target(data: Value, modules: &[PolicyModule]) -> Result<CompiledPolicy> {
44    let mut engine = setup_engine_with_modules(data, modules)?;
45    engine.compile_for_target()
46}
47
48/// Compiles a policy from data and modules with a specific entry point rule.
49///
50/// This is a convenience function that sets up an [`Engine`] and calls
51/// [`Engine::compile_with_entrypoint`]. For more control over the compilation process
52/// or to reuse an engine, use the engine method directly.
53///
54/// # Arguments
55///
56/// * `data` - Static data to be available during policy evaluation
57/// * `modules` - Array of Rego policy modules to compile together
58/// * `entry_point_rule` - The specific rule path to evaluate (e.g., "data.policy.allow")
59///
60/// # Returns
61///
62/// Returns a [`CompiledPolicy`] focused on the specified entry point rule.
63///
64/// # See Also
65///
66/// - [`Engine::compile_with_entrypoint`] for detailed documentation and examples
67/// - [`compile_policy_for_target`] for target-aware compilation
68pub fn compile_policy_with_entrypoint(
69    data: Value,
70    modules: &[PolicyModule],
71    entry_point_rule: Rc<str>,
72) -> Result<CompiledPolicy> {
73    let mut engine = setup_engine_with_modules(data, modules)?;
74    engine.compile_with_entrypoint(&entry_point_rule)
75}
76
77/// Helper function to set up an engine with data and modules.
78fn setup_engine_with_modules(data: Value, modules: &[PolicyModule]) -> Result<Engine> {
79    let mut engine = Engine::new();
80
81    // Add data to the engine
82    engine.add_data(data)?;
83    engine.set_gather_prints(true);
84
85    // Add all modules to the engine
86    for module in modules {
87        engine.add_policy(module.id.to_string(), module.content.to_string())?;
88    }
89
90    Ok(engine)
91}