Extract schema.polar file

src/adapter/auth-oso/src/kamu_auth_oso.rs

@@ -40,32 +40,7 @@ impl KamuAuthOso {
         oso.register_class(DatasetResource::get_polar_class())?;
         oso.register_class(UserActor::get_polar_class())?;
 
-        oso.load_str(
-            r#"
-            actor UserActor {}
-
-            resource DatasetResource {
-                permissions = ["read", "write"];
-            }
-
-            has_permission(actor: UserActor, "read", dataset: DatasetResource) if
-                dataset.allows_public_read or
-                dataset.created_by == actor.name or (
-                    actor_name = actor.name and
-                    dataset.authorized_users.(actor_name) in ["Reader", "Editor"]
-                );
-
-            has_permission(actor: UserActor, "write", dataset: DatasetResource) if
-                dataset.created_by == actor.name or (
-                    actor_name = actor.name and
-                    dataset.authorized_users.(actor_name) == "Editor"
-                );
-
-            allow(actor: UserActor, action: String, dataset: DatasetResource) if
-                actor.is_admin or
-                has_permission(actor, action, dataset);
-        "#,
-        )?;
+        oso.load_str(include_str!("schema.polar"))?;
 
         Ok(oso)
     }

src/adapter/auth-oso/src/schema.polar

@@ -0,0 +1,22 @@
+actor UserActor {}
+
+resource DatasetResource {
+    permissions = ["read", "write"];
+}
+
+has_permission(actor: UserActor, "read", dataset: DatasetResource) if
+    dataset.allows_public_read or
+    dataset.created_by == actor.name or (
+        actor_name = actor.name and
+        dataset.authorized_users.(actor_name) in ["Reader", "Editor"]
+    );
+
+has_permission(actor: UserActor, "write", dataset: DatasetResource) if
+    dataset.created_by == actor.name or (
+        actor_name = actor.name and
+        dataset.authorized_users.(actor_name) == "Editor"
+    );
+
+allow(actor: UserActor, action: String, dataset: DatasetResource) if
+    actor.is_admin or
+    has_permission(actor, action, dataset);