#!/usr/bin/env sh
set -eu

schema_file="docker/ory/kratos/identity.schema.json"

forbidden_traits="hanmacFamily userType"

for trait in $forbidden_traits; do
  if grep -Fq "\"$trait\"" "$schema_file"; then
    echo "forbidden Kratos trait in $schema_file: $trait" >&2
    exit 1
  fi
done

echo "kratos identity schema policy checks passed"