rule
The rule keyword is used in TypeQL schema to define a rule for rule-based inference.
Syntax
The syntax of a plays statement includes:
-
header — the
rulekeyword followed by a rule label and a colon -
condition — the
whenkeyword followed by a condition pattern in curly brackets -
conclusion — the
thenkeyword followed by a conclusion pattern in curly brackets
rule <rule-label>: when {
<condition>
} then {
<conclusion>
};Behavior
TypeQL statements with the rule keyword can be used only in Define queries.
To undefine a rule, use the rule keyword, followed by the rule’s label, and a semicolon.
The rule keyword adds a new rule to a schema, or updates an existing rule with the same label.
Usage in a schema definition
For this example, use a database with the IAM schema and sample data loaded.
Usually, Define and Undefine queries you can’t use variables. But rules use patterns for matching data in their condition and conclusion.
A condition of a rule can be any pattern, similar to a match clause.
A conclusion of a rule can be a single statement: either a has statement, or an isa statement for a relation with any number of roles.
For example, to define the add-view-permission rule,
that adds a permission for a subject to view a file if there is one to modify it, use:
define
rule add-view-permission: when {
$modify isa action, has name "modify_file";
$view isa action, has name "view_file";
$ac_modify (object: $obj, action: $modify) isa access;
$ac_view (object: $obj, action: $view) isa access;
(subject: $subj, access: $ac_modify) isa permission;
} then {
(subject: $subj, access: $ac_view) isa permission;
};To remove the new rule, use:
undefine
rule add-view-permission;