Add evaluation service per client

narval-xyz · Mar 18, 2024 · 35043bb · 35043bb
1 parent 5ffdd67
commit 35043bb
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 3 deletions.
diff --git a/apps/policy-engine/src/engine/core/service/evaluation.service.ts b/apps/policy-engine/src/engine/core/service/evaluation.service.ts
@@ -0,0 +1,39 @@
+import { EvaluationRequest, EvaluationResponse } from '@narval/policy-engine-shared'
+import { HttpStatus, Injectable } from '@nestjs/common'
+import { OpenPolicyAgentEngine } from '../../../open-policy-agent/core/open-policy-agent.engine'
+import { ApplicationException } from '../../../shared/exception/application.exception'
+import { TenantService } from '../../../tenant/core/service/tenant.service'
+
+@Injectable()
+export class EvaluationService {
+  constructor(private tenantService: TenantService) {}
+
+  async evaluate(clientId: string, evaluation: EvaluationRequest): Promise<EvaluationResponse> {
+    const [entityStore, policyStore] = await Promise.all([
+      this.tenantService.findEntityStore(clientId),
+      this.tenantService.findPolicyStore(clientId)
+    ])
+
+    if (!entityStore) {
+      throw new ApplicationException({
+        message: 'Missing client entity store',
+        suggestedHttpStatusCode: HttpStatus.UNPROCESSABLE_ENTITY,
+        context: { clientId }
+      })
+    }
+
+    if (!policyStore) {
+      throw new ApplicationException({
+        message: 'Missing client entity store',
+        suggestedHttpStatusCode: HttpStatus.UNPROCESSABLE_ENTITY,
+        context: { clientId }
+      })
+    }
+
+    // WARN: Loading a new engine is an IO bounded process due to the Rego
+    // transpilation and WASM build.
+    const engine = await new OpenPolicyAgentEngine(policyStore.data, entityStore.data).load()
+
+    return engine.evaluate(evaluation)
+  }
+}
diff --git a/apps/vault/src/tenant/core/service/tenant.service.ts b/apps/vault/src/tenant/core/service/tenant.service.ts
@@ -1,12 +1,10 @@
-import { HttpStatus, Injectable, Logger } from '@nestjs/common'
+import { HttpStatus, Injectable } from '@nestjs/common'
 import { ApplicationException } from '../../../shared/exception/application.exception'
 import { Tenant } from '../../../shared/type/domain.type'
 import { TenantRepository } from '../../persistence/repository/tenant.repository'
 
 @Injectable()
 export class TenantService {
-  private logger = new Logger(TenantService.name)
-
   constructor(private tenantRepository: TenantRepository) {}
 
   async findByClientId(clientId: string): Promise<Tenant | null> {