Using the Trust Framework attributes and services we created, we now create a policy for the meme game API to get a user's answers and change the server response with various statements based on the consent status.
Here is a snippet of an unedited response. It shows the id
,
type
, and attributes
attributes.
{
"data": [{
"id": "1",
"type": "answers",
"attributes": {
"url": "https: //l.imqflip.com/2fm6x.jpq",
"captions": ["Still waiting for the bus to Jennie's"],
"rating": null,
"created_at": "2020-05-e6T22:25:06-00:00"
}
},
- Sign on to the Policy Editor, click Policies in the left pane, and then click Policies along the top.
- Select the existing meme-game policies policy. The new policy is created under this policy.
- From the + menu, select Add Policy.
- For the name, replace Untitled with Control user's response to answers request.
- Click + next to Applies to.
- Click Add definitions and targets, or drag from Components and add the meme-game.user_answers service, which we set up in Getting a path component from the request URL. Also, because we want to control the response to the client, add the outbound-GET action.
- Set Combining Algorithm to Unless one decision is deny, the decision will be permit.
-
Add a rule to include attributes.
-
Add a rule to exclude attributes.
-
Add a rule to modify attributes.