Oso 0.25.0 is out! It includes:
- The Data Filtering Adapter API for Python and Go
- A more concise info logging level
- and a new guide on testing Oso.
Data Filtering Adapter API in Python and Go (Preview)
Our new data filtering API is now available for Python and Go (as well as Ruby which was part of the last release.) This API that allows you to translate data filters into a query in your preferred ORM or database by implementing an Adapter.
For more information on using it, see this page in our documentation with Ruby examples. Full documentation for Python & Go will be added shortly. Currently, there is a Go example that uses the sqlboiler ORM and a Python example of a SQLAlchemy adapter.
If you're trying out the Adapter API, we'd love to hear from you in our Slack community.
Comparison & inverter operations supported
You can now use not, forall, or and < <= > >= in more cases with the Adapter API.
New info logging level
We have a new logging level, POLAR_LOG=info. Before this, Oso only had one log level with high verbosity, making it difficult to debug a misbehaving policy. Check out the new docs on tracing to see how it works. https://docs.osohq.com/reference/tooling/tracing.html
Here’s an example of the more concise log output for a query to an allow rule:
[oso][info] QUERY RULE: allow(<__main__.User object at 0x7f1db433d640> TYPE `User`, "view", <__main__.Repository object at 0x7f1db433d610> TYPE `Repository`)
[oso][info] APPLICABLE_RULES:
[oso][info] allow(actor, action, resource) at line 11, column 5
[oso][info] QUERY RULE: has_permission(_actor_4, _action_5, _resource_6)
[oso][info] QUERY RULE: has_relation(_actor_11, "owner", _repository_12)
[oso][info] RESULT: SUCCESS
True
[oso][info] QUERY RULE: allow(<__main__.User object at 0x7f1db433d640> TYPE `User`, "view", <__main__.Project object at 0x7f1db433d310> TYPE `UNKNOWN`)
[oso][info] APPLICABLE_RULES:
[oso][info] allow(actor, action, resource) at line 11, column 5
[oso][info] QUERY RULE: has_permission(_actor_26, _action_27, _resource_28)
[oso][info] No matching rules found
False
Testing Oso Guide
One of the advantages of Oso is you can test the policy independently of your application. We’ve published a new guide on testing policies with some common patterns for testing your authorization. Check it out here: https://docs.osohq.com/guides/more/testing.html. We’ve also updated our Polar Language page which covers declarative programming models, and some of the benefits of using Polar.
For more details on these and other changes, read the changelog.
Set up a 1x1 with an Oso engineer
Our team is happy to help you get started with Oso. If you'd like to try out any of these new features, or if you're interested in learning how to use Oso in your app, schedule a 1x1 with an Oso engineers.
Our team is also available to help in Slack.
