diff --git a/CedarJava/build.gradle b/CedarJava/build.gradle index 90bebb69..1730ac6c 100644 --- a/CedarJava/build.gradle +++ b/CedarJava/build.gradle @@ -76,7 +76,7 @@ configurations { } dependencies { - // Do not upgrade to Jackson 3.x without addressing stack overflow issues in ValueCedarDeserializer + // Do not upgrade to Jackson 3.x without addressing stack overflow issues in ValueDeserializer // The upgrade should be reviewed by AppSec implementation 'com.fasterxml.jackson.core:jackson-databind:2.17.1' implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.17.1' diff --git a/CedarJava/src/main/java/com/cedarpolicy/AuthorizationEngine.java b/CedarJava/src/main/java/com/cedarpolicy/AuthorizationEngine.java index 4dd6fe25..ff7c2ad4 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/AuthorizationEngine.java +++ b/CedarJava/src/main/java/com/cedarpolicy/AuthorizationEngine.java @@ -19,8 +19,8 @@ import com.cedarpolicy.model.*; import com.cedarpolicy.model.exception.AuthException; import com.cedarpolicy.model.exception.BadRequestException; -import com.cedarpolicy.model.slice.Entity; -import com.cedarpolicy.model.slice.PolicySet; +import com.cedarpolicy.model.entity.Entity; +import com.cedarpolicy.model.policy.PolicySet; import java.util.Set; diff --git a/CedarJava/src/main/java/com/cedarpolicy/BasicAuthorizationEngine.java b/CedarJava/src/main/java/com/cedarpolicy/BasicAuthorizationEngine.java index bdf664f8..fd8666c6 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/BasicAuthorizationEngine.java +++ b/CedarJava/src/main/java/com/cedarpolicy/BasicAuthorizationEngine.java @@ -27,8 +27,8 @@ import com.cedarpolicy.model.exception.InternalException; import com.cedarpolicy.model.exception.MissingExperimentalFeatureException; import com.cedarpolicy.model.slice.BasicSlice; -import com.cedarpolicy.model.slice.Entity; -import com.cedarpolicy.model.slice.PolicySet; +import com.cedarpolicy.model.entity.Entity; +import com.cedarpolicy.model.policy.PolicySet; import com.cedarpolicy.model.slice.Slice; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; @@ -113,7 +113,7 @@ private static class AuthorizationRequest extends com.cedarpolicy.model.Authoriz request.context, request.schema, request.enableRequestValidation); - this.slice = new BasicSlice(policySet.policies, entities, policySet.templates, policySet.templateInstantiations); + this.slice = new BasicSlice(policySet.policies, entities, policySet.templates, policySet.templateLinks); } } @@ -124,7 +124,7 @@ private static final class PartialAuthorizationRequest { PartialAuthorizationRequest(com.cedarpolicy.model.PartialAuthorizationRequest request, PolicySet policySet, Set entities) { this.request = request; - this.slice = new BasicSlice(policySet.policies, entities, policySet.templates, policySet.templateInstantiations); + this.slice = new BasicSlice(policySet.policies, entities, policySet.templates, policySet.templateLinks); } } diff --git a/CedarJava/src/main/java/com/cedarpolicy/CedarJson.java b/CedarJava/src/main/java/com/cedarpolicy/CedarJson.java index 509ef4ff..6e5b6b03 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/CedarJson.java +++ b/CedarJava/src/main/java/com/cedarpolicy/CedarJson.java @@ -17,8 +17,9 @@ package com.cedarpolicy; import com.cedarpolicy.model.slice.Slice; -import com.cedarpolicy.serializer.ValueCedarDeserializer; -import com.cedarpolicy.serializer.ValueCedarSerializer; +import com.cedarpolicy.serializer.SliceSerializer; +import com.cedarpolicy.serializer.ValueDeserializer; +import com.cedarpolicy.serializer.ValueSerializer; import com.cedarpolicy.value.Value; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectReader; @@ -49,9 +50,9 @@ private static ObjectMapper createObjectMapper() { final ObjectMapper mapper = new ObjectMapper(); final SimpleModule module = new SimpleModule(); - module.addSerializer(Slice.class, new SliceJsonSerializer()); - module.addSerializer(Value.class, new ValueCedarSerializer()); - module.addDeserializer(Value.class, new ValueCedarDeserializer()); + module.addSerializer(Slice.class, new SliceSerializer()); + module.addSerializer(Value.class, new ValueSerializer()); + module.addDeserializer(Value.class, new ValueDeserializer()); mapper.registerModule(module); mapper.registerModule(new Jdk8Module()); diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationRequest.java b/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationRequest.java index ac4c9f28..48800aaa 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationRequest.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationRequest.java @@ -17,7 +17,7 @@ package com.cedarpolicy.model; import com.cedarpolicy.model.schema.Schema; -import com.cedarpolicy.model.slice.Entity; +import com.cedarpolicy.model.entity.Entity; import com.cedarpolicy.value.EntityUID; import com.cedarpolicy.value.Value; import com.fasterxml.jackson.annotation.JsonProperty; diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/ValidationRequest.java b/CedarJava/src/main/java/com/cedarpolicy/model/ValidationRequest.java index b56fa061..7e695061 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/ValidationRequest.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/ValidationRequest.java @@ -17,7 +17,7 @@ package com.cedarpolicy.model; import com.cedarpolicy.model.schema.Schema; -import com.cedarpolicy.model.slice.Policy; +import com.cedarpolicy.model.policy.Policy; import com.fasterxml.jackson.annotation.JsonProperty; import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/slice/Entity.java b/CedarJava/src/main/java/com/cedarpolicy/model/entity/Entity.java similarity index 98% rename from CedarJava/src/main/java/com/cedarpolicy/model/slice/Entity.java rename to CedarJava/src/main/java/com/cedarpolicy/model/entity/Entity.java index 57b4d692..624e9ab6 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/slice/Entity.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/entity/Entity.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package com.cedarpolicy.model.slice; +package com.cedarpolicy.model.entity; import com.cedarpolicy.value.EntityUID; import com.cedarpolicy.value.Value; diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/entity/package-info.java b/CedarJava/src/main/java/com/cedarpolicy/model/entity/package-info.java new file mode 100644 index 00000000..ea8adae3 --- /dev/null +++ b/CedarJava/src/main/java/com/cedarpolicy/model/entity/package-info.java @@ -0,0 +1,20 @@ +/* + * Copyright 2022-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * This module represents entities passed into Cedar + */ +package com.cedarpolicy.model.entity; diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/exception/InvalidValueSerializationException.java b/CedarJava/src/main/java/com/cedarpolicy/model/exception/InvalidValueSerializationException.java index 97b6bacc..b3fe5003 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/exception/InvalidValueSerializationException.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/exception/InvalidValueSerializationException.java @@ -17,7 +17,7 @@ package com.cedarpolicy.model.exception; /** Error deserializing a value. This will be thrown if you extend the value class and don't - * handle the new Value type in `ValueCedarSerializer.java` */ + * handle the new Value type in `ValueSerializer.java` */ public class InvalidValueSerializationException extends RuntimeException { /** * Construct InvalidValueSerializationException. diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/slice/EntityTypeAndId.java b/CedarJava/src/main/java/com/cedarpolicy/model/policy/EntityTypeAndId.java similarity index 97% rename from CedarJava/src/main/java/com/cedarpolicy/model/slice/EntityTypeAndId.java rename to CedarJava/src/main/java/com/cedarpolicy/model/policy/EntityTypeAndId.java index 3d13bd04..5512f386 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/slice/EntityTypeAndId.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/policy/EntityTypeAndId.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package com.cedarpolicy.model.slice; +package com.cedarpolicy.model.policy; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonProperty; diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/slice/Instantiation.java b/CedarJava/src/main/java/com/cedarpolicy/model/policy/LinkValue.java similarity index 88% rename from CedarJava/src/main/java/com/cedarpolicy/model/slice/Instantiation.java rename to CedarJava/src/main/java/com/cedarpolicy/model/policy/LinkValue.java index 67ce9050..07c5f23a 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/slice/Instantiation.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/policy/LinkValue.java @@ -14,24 +14,24 @@ * limitations under the License. */ -package com.cedarpolicy.model.slice; +package com.cedarpolicy.model.policy; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonProperty; -/** Instantiation for policy template. */ -public class Instantiation { +/** Link for policy template. */ +public class LinkValue { private final String slot; private final EntityTypeAndId value; /** - * Instantiation for policy template. + * Link for policy template. * * @param slot the slot in the template. * @param value the value to put in the slot */ @JsonCreator - public Instantiation( + public LinkValue( @JsonProperty("slot") String slot, @JsonProperty("value") EntityTypeAndId value) { this.slot = slot; this.value = value; diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/slice/Policy.java b/CedarJava/src/main/java/com/cedarpolicy/model/policy/Policy.java similarity index 89% rename from CedarJava/src/main/java/com/cedarpolicy/model/slice/Policy.java rename to CedarJava/src/main/java/com/cedarpolicy/model/policy/Policy.java index a145af9e..edfaea59 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/slice/Policy.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/policy/Policy.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package com.cedarpolicy.model.slice; +package com.cedarpolicy.model.policy; import com.cedarpolicy.loader.LibraryLoader; import com.cedarpolicy.model.exception.InternalException; @@ -76,10 +76,10 @@ public static Policy parsePolicyTemplate(String templateStr) throws InternalExc } /** - * This method takes in a Policy and a list of Instantiations and calls Cedar JNI to ensure those slots - * can be used to instantiate the template. If the Template is validated ahead of time by using Policy.parsePolicyTemplate - * and the Instantiations are also ensured to be valid (for example, by validating their parts using EntityTypeName.parse - * and EntityIdentifier.parse), then this should only fail because the slots in the template don't match the instantiations + * This method takes in a template and a list of link values and calls Cedar JNI to ensure those slots + * can be used to link the template. If the template is validated ahead of time by using Policy.parsePolicyTemplate + * and the link values are also ensured to be valid (for example, by validating their parts using EntityTypeName.parse + * and EntityIdentifier.parse), then this should only fail because the slots in the template don't match the link values * (barring JNI failures). * @param p Policy object constructed from a valid template. Best if built from Policy.parsePolicyTemplate * @param principal EntityUid to put into the principal slot. Leave null if there's no principal slot diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/slice/PolicySet.java b/CedarJava/src/main/java/com/cedarpolicy/model/policy/PolicySet.java similarity index 83% rename from CedarJava/src/main/java/com/cedarpolicy/model/slice/PolicySet.java rename to CedarJava/src/main/java/com/cedarpolicy/model/policy/PolicySet.java index c22bbde3..9658e074 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/slice/PolicySet.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/policy/PolicySet.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package com.cedarpolicy.model.slice; +package com.cedarpolicy.model.policy; import com.cedarpolicy.loader.LibraryLoader; @@ -28,43 +28,43 @@ import java.nio.file.Files; import java.nio.file.Path; -/** Policy Set containing policies in the Cedar language. */ +/** Policy set containing policies in the Cedar language. */ public class PolicySet { static { LibraryLoader.loadLibrary(); } - /** Policy set. */ + /** Static policies */ public Set policies; - /** Template Instantiations. */ - public List templateInstantiations; + /** Template-linked policies */ + public List templateLinks; - /** Templates. */ + /** Policy templates */ public Set templates; public PolicySet() { this.policies = Collections.emptySet(); this.templates = Collections.emptySet(); - this.templateInstantiations = Collections.emptyList(); + this.templateLinks = Collections.emptyList(); } public PolicySet(Set policies) { this.policies = policies; this.templates = Collections.emptySet(); - this.templateInstantiations = Collections.emptyList(); + this.templateLinks = Collections.emptyList(); } public PolicySet(Set policies, Set templates) { this.policies = policies; this.templates = templates; - this.templateInstantiations = Collections.emptyList(); + this.templateLinks = Collections.emptyList(); } - public PolicySet(Set policies, Set templates, List templateInstantiations) { + public PolicySet(Set policies, Set templates, List templateLinks) { this.policies = policies; this.templates = templates; - this.templateInstantiations = templateInstantiations; + this.templateLinks = templateLinks; } /** diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/slice/TemplateInstantiation.java b/CedarJava/src/main/java/com/cedarpolicy/model/policy/TemplateLink.java similarity index 74% rename from CedarJava/src/main/java/com/cedarpolicy/model/slice/TemplateInstantiation.java rename to CedarJava/src/main/java/com/cedarpolicy/model/policy/TemplateLink.java index b9d3c6ab..895d6f15 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/slice/TemplateInstantiation.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/policy/TemplateLink.java @@ -14,15 +14,15 @@ * limitations under the License. */ -package com.cedarpolicy.model.slice; +package com.cedarpolicy.model.policy; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; import com.google.common.collect.ImmutableList; -/** Template instantiation. */ -public class TemplateInstantiation { +/** Template-linked policy. */ +public class TemplateLink { @JsonProperty("templateId") private final String templateId; @@ -30,23 +30,24 @@ public class TemplateInstantiation { @JsonProperty("resultPolicyId") private final String resultPolicyId; - private final List instantiations; + @JsonProperty("instantiations") + private final List linkValues; /** - * Template Instantiation. + * Template-linked policy. * * @param templateId the template ID. * @param resultPolicyId the id of the resulting policy. - * @param instantiations the instantiations. + * @param linkValues the link values. */ @JsonCreator - public TemplateInstantiation( + public TemplateLink( @JsonProperty("templateId") String templateId, @JsonProperty("resultPolicyId") String resultPolicyId, - @JsonProperty("instantiations") List instantiations) { + @JsonProperty("instantiations") List linkValues) { this.templateId = templateId; this.resultPolicyId = resultPolicyId; - this.instantiations = ImmutableList.copyOf(instantiations); + this.linkValues = ImmutableList.copyOf(linkValues); } /** Get the template ID. */ @@ -59,8 +60,8 @@ public String getResultPolicyId() { return resultPolicyId; } - /** Get the instantiations to fill the slots. */ - public List getInstantiations() { - return instantiations; + /** Get the link values, which map slots to EUIDs. */ + public List getLinkValues() { + return linkValues; } } diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/policy/package-info.java b/CedarJava/src/main/java/com/cedarpolicy/model/policy/package-info.java new file mode 100644 index 00000000..7dd2655e --- /dev/null +++ b/CedarJava/src/main/java/com/cedarpolicy/model/policy/package-info.java @@ -0,0 +1,20 @@ +/* + * Copyright 2022-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * This module represents policies passed into Cedar + */ +package com.cedarpolicy.model.policy; diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/slice/BasicSlice.java b/CedarJava/src/main/java/com/cedarpolicy/model/slice/BasicSlice.java index a65409a5..2ae2a4d2 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/slice/BasicSlice.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/slice/BasicSlice.java @@ -16,6 +16,9 @@ package com.cedarpolicy.model.slice; +import com.cedarpolicy.model.entity.Entity; +import com.cedarpolicy.model.policy.Policy; +import com.cedarpolicy.model.policy.TemplateLink; import com.cedarpolicy.value.Value; import com.fasterxml.jackson.annotation.JsonProperty; import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; @@ -38,7 +41,7 @@ public class BasicSlice implements Slice { private final Map templatePolicies; @JsonProperty("templateInstantiations") - private final List templateInstantiations; + private final List templateLinks; /** * Construct a Slice from Entity and Policy objects. @@ -46,14 +49,14 @@ public class BasicSlice implements Slice { * @param policies Set of policies. * @param entities Set of entities. * @param templates Set of policy templates. - * @param templateInstantiations List of TemplateInstantiations. + * @param templateLinks List of templateLinks. */ @SuppressFBWarnings public BasicSlice( Set policies, Set entities, Set templates, - List templateInstantiations) { + List templateLinks) { // Copy of previous constructor. We can't call the previous constructor because fields are // final this.policies = new HashMap<>(); @@ -76,7 +79,7 @@ public BasicSlice( this.templatePolicies = templates.stream().collect(Collectors.toMap(p -> p.policyID, p -> p.policySrc)); - this.templateInstantiations = new ArrayList(templateInstantiations); + this.templateLinks = new ArrayList(templateLinks); } @@ -125,8 +128,8 @@ public Map getTemplates() { @Override @SuppressFBWarnings - public List getTemplateInstantiations() { - return templateInstantiations; + public List getTemplateLinks() { + return templateLinks; } @Override diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/slice/Slice.java b/CedarJava/src/main/java/com/cedarpolicy/model/slice/Slice.java index fca92b70..af2c97d4 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/model/slice/Slice.java +++ b/CedarJava/src/main/java/com/cedarpolicy/model/slice/Slice.java @@ -16,6 +16,8 @@ package com.cedarpolicy.model.slice; +import com.cedarpolicy.model.entity.Entity; +import com.cedarpolicy.model.policy.TemplateLink; import com.cedarpolicy.value.Value; import java.util.List; import java.util.Map; @@ -66,9 +68,9 @@ public interface Slice { Map getTemplates(); /** - * Get the template instantiations. + * Get the template links. * - * @return List of template instatiations + * @return List of template links */ - List getTemplateInstantiations(); + List getTemplateLinks(); } diff --git a/CedarJava/src/main/java/com/cedarpolicy/SliceJsonSerializer.java b/CedarJava/src/main/java/com/cedarpolicy/serializer/SliceSerializer.java similarity index 91% rename from CedarJava/src/main/java/com/cedarpolicy/SliceJsonSerializer.java rename to CedarJava/src/main/java/com/cedarpolicy/serializer/SliceSerializer.java index 8c15cb44..46735f75 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/SliceJsonSerializer.java +++ b/CedarJava/src/main/java/com/cedarpolicy/serializer/SliceSerializer.java @@ -14,11 +14,10 @@ * limitations under the License. */ -package com.cedarpolicy; +package com.cedarpolicy.serializer; -import com.cedarpolicy.model.slice.Entity; +import com.cedarpolicy.model.entity.Entity; import com.cedarpolicy.model.slice.Slice; -import com.cedarpolicy.serializer.JsonEUID; import com.cedarpolicy.value.Value; import com.fasterxml.jackson.core.JsonGenerator; import com.fasterxml.jackson.databind.JsonSerializer; @@ -31,7 +30,7 @@ import java.util.stream.Collectors; /** Serialize a slice. Only used internally by CedarJson */ -class SliceJsonSerializer extends JsonSerializer { +public class SliceSerializer extends JsonSerializer { /** Serialize a slice. */ @Override @@ -44,7 +43,7 @@ public void serialize( "entities", convertEntitiesToJsonEntities(slice.getEntities())); jsonGenerator.writeObjectField("templates", slice.getTemplates()); jsonGenerator.writeObjectField( - "templateInstantiations", slice.getTemplateInstantiations()); + "templateInstantiations", slice.getTemplateLinks()); jsonGenerator.writeEndObject(); } diff --git a/CedarJava/src/main/java/com/cedarpolicy/serializer/ValueCedarDeserializer.java b/CedarJava/src/main/java/com/cedarpolicy/serializer/ValueDeserializer.java similarity index 99% rename from CedarJava/src/main/java/com/cedarpolicy/serializer/ValueCedarDeserializer.java rename to CedarJava/src/main/java/com/cedarpolicy/serializer/ValueDeserializer.java index 2c97b02e..14d6e003 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/serializer/ValueCedarDeserializer.java +++ b/CedarJava/src/main/java/com/cedarpolicy/serializer/ValueDeserializer.java @@ -40,7 +40,7 @@ /** Deserialize Json to Value. This is mostly an implementation detail, but you may need to modify it if you extend the * `Value` class. */ -public class ValueCedarDeserializer extends JsonDeserializer { +public class ValueDeserializer extends JsonDeserializer { private static final String ENTITY_ESCAPE_SEQ = "__entity"; private static final String EXTENSION_ESCAPE_SEQ = "__extn"; diff --git a/CedarJava/src/main/java/com/cedarpolicy/serializer/ValueCedarSerializer.java b/CedarJava/src/main/java/com/cedarpolicy/serializer/ValueSerializer.java similarity index 97% rename from CedarJava/src/main/java/com/cedarpolicy/serializer/ValueCedarSerializer.java rename to CedarJava/src/main/java/com/cedarpolicy/serializer/ValueSerializer.java index 50b79a8f..efd5743d 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/serializer/ValueCedarSerializer.java +++ b/CedarJava/src/main/java/com/cedarpolicy/serializer/ValueSerializer.java @@ -34,7 +34,7 @@ /** Serialize Value to Json. This is mostly an implementation detail, but you may need to modify it if you extend the * `Value` class. */ -public class ValueCedarSerializer extends JsonSerializer { +public class ValueSerializer extends JsonSerializer { private static final String ENTITY_ESCAPE_SEQ = "__entity"; private static final String EXTENSION_ESCAPE_SEQ = "__extn"; @@ -96,7 +96,7 @@ public void serialize( // main.java.com.cedarpolicy.model.value or that you convert your class to a CedarMap throw new InvalidValueSerializationException( "Error serializing `Value`: " + value.toString() + ". No branch matched `instanceof` for this `Value`." - + " If you extended `Value`, please modify `ValueCedarSerializer.java` to handle the new" + + " If you extended `Value`, please modify `ValueSerializer.java` to handle the new" + "type."); } } diff --git a/CedarJava/src/main/java/com/cedarpolicy/value/Value.java b/CedarJava/src/main/java/com/cedarpolicy/value/Value.java index 00a352d4..9cd3313e 100644 --- a/CedarJava/src/main/java/com/cedarpolicy/value/Value.java +++ b/CedarJava/src/main/java/com/cedarpolicy/value/Value.java @@ -16,11 +16,11 @@ package com.cedarpolicy.value; -import com.cedarpolicy.serializer.ValueCedarDeserializer; +import com.cedarpolicy.serializer.ValueDeserializer; import com.fasterxml.jackson.databind.annotation.JsonDeserialize; /** A value in the Cedar language model. */ -@JsonDeserialize(using = ValueCedarDeserializer.class) +@JsonDeserialize(using = ValueDeserializer.class) public abstract class Value { /** * Convert the Value instance into a string containing the Cedar source code for the equivalent diff --git a/CedarJava/src/test/java/com/cedarpolicy/AuthTests.java b/CedarJava/src/test/java/com/cedarpolicy/AuthTests.java index 18053b6f..50dc26f9 100644 --- a/CedarJava/src/test/java/com/cedarpolicy/AuthTests.java +++ b/CedarJava/src/test/java/com/cedarpolicy/AuthTests.java @@ -9,9 +9,9 @@ import com.cedarpolicy.model.AuthorizationResponse.SuccessOrFailure; import com.cedarpolicy.model.AuthorizationSuccessResponse.Decision; import com.cedarpolicy.model.exception.MissingExperimentalFeatureException; -import com.cedarpolicy.model.slice.Entity; -import com.cedarpolicy.model.slice.Policy; -import com.cedarpolicy.model.slice.PolicySet; +import com.cedarpolicy.model.entity.Entity; +import com.cedarpolicy.model.policy.Policy; +import com.cedarpolicy.model.policy.PolicySet; import com.cedarpolicy.value.EntityTypeName; import com.cedarpolicy.value.EntityUID; import org.junit.jupiter.api.Test; diff --git a/CedarJava/src/test/java/com/cedarpolicy/PolicySetTests.java b/CedarJava/src/test/java/com/cedarpolicy/PolicySetTests.java index 597448bf..f39971a8 100644 --- a/CedarJava/src/test/java/com/cedarpolicy/PolicySetTests.java +++ b/CedarJava/src/test/java/com/cedarpolicy/PolicySetTests.java @@ -1,8 +1,8 @@ package com.cedarpolicy; import com.cedarpolicy.model.exception.InternalException; -import com.cedarpolicy.model.slice.Policy; -import com.cedarpolicy.model.slice.PolicySet; +import com.cedarpolicy.model.policy.Policy; +import com.cedarpolicy.model.policy.PolicySet; import org.junit.jupiter.api.Test; import java.io.IOException; diff --git a/CedarJava/src/test/java/com/cedarpolicy/PolicyTests.java b/CedarJava/src/test/java/com/cedarpolicy/PolicyTests.java index 16a069c0..1e9fb17e 100644 --- a/CedarJava/src/test/java/com/cedarpolicy/PolicyTests.java +++ b/CedarJava/src/test/java/com/cedarpolicy/PolicyTests.java @@ -1,7 +1,7 @@ package com.cedarpolicy; import com.cedarpolicy.model.exception.InternalException; -import com.cedarpolicy.model.slice.Policy; +import com.cedarpolicy.model.policy.Policy; import com.cedarpolicy.value.EntityUID; import org.junit.jupiter.api.Test; diff --git a/CedarJava/src/test/java/com/cedarpolicy/SharedIntegrationTests.java b/CedarJava/src/test/java/com/cedarpolicy/SharedIntegrationTests.java index 93bfc88d..7998f654 100644 --- a/CedarJava/src/test/java/com/cedarpolicy/SharedIntegrationTests.java +++ b/CedarJava/src/test/java/com/cedarpolicy/SharedIntegrationTests.java @@ -31,9 +31,9 @@ import com.cedarpolicy.model.exception.BadRequestException; import com.cedarpolicy.model.exception.InternalException; import com.cedarpolicy.model.schema.Schema; -import com.cedarpolicy.model.slice.Entity; -import com.cedarpolicy.model.slice.Policy; -import com.cedarpolicy.model.slice.PolicySet; +import com.cedarpolicy.model.entity.Entity; +import com.cedarpolicy.model.policy.Policy; +import com.cedarpolicy.model.policy.PolicySet; import com.cedarpolicy.value.EntityUID; import com.cedarpolicy.serializer.JsonEUID; import com.cedarpolicy.value.Value; diff --git a/CedarJava/src/test/java/com/cedarpolicy/pbt/EntityGen.java b/CedarJava/src/test/java/com/cedarpolicy/pbt/EntityGen.java index e9d3f949..d32ddc7c 100644 --- a/CedarJava/src/test/java/com/cedarpolicy/pbt/EntityGen.java +++ b/CedarJava/src/test/java/com/cedarpolicy/pbt/EntityGen.java @@ -16,7 +16,7 @@ package com.cedarpolicy.pbt; -import com.cedarpolicy.model.slice.Entity; +import com.cedarpolicy.model.entity.Entity; import com.cedarpolicy.value.EntityIdentifier; import com.cedarpolicy.value.EntityTypeName; import com.cedarpolicy.value.EntityUID; diff --git a/CedarJava/src/test/java/com/cedarpolicy/pbt/IntegrationTests.java b/CedarJava/src/test/java/com/cedarpolicy/pbt/IntegrationTests.java index 44344fc3..2eba3f82 100644 --- a/CedarJava/src/test/java/com/cedarpolicy/pbt/IntegrationTests.java +++ b/CedarJava/src/test/java/com/cedarpolicy/pbt/IntegrationTests.java @@ -25,12 +25,12 @@ import com.cedarpolicy.BasicAuthorizationEngine; import com.cedarpolicy.model.AuthorizationRequest; import com.cedarpolicy.model.AuthorizationResponse; -import com.cedarpolicy.model.slice.Entity; -import com.cedarpolicy.model.slice.EntityTypeAndId; -import com.cedarpolicy.model.slice.Instantiation; -import com.cedarpolicy.model.slice.Policy; -import com.cedarpolicy.model.slice.PolicySet; -import com.cedarpolicy.model.slice.TemplateInstantiation; +import com.cedarpolicy.model.entity.Entity; +import com.cedarpolicy.model.policy.EntityTypeAndId; +import com.cedarpolicy.model.policy.LinkValue; +import com.cedarpolicy.model.policy.Policy; +import com.cedarpolicy.model.policy.PolicySet; +import com.cedarpolicy.model.policy.TemplateLink; import com.cedarpolicy.value.Decimal; import com.cedarpolicy.value.EntityUID; import com.cedarpolicy.value.EntityTypeName; @@ -554,20 +554,19 @@ public void testTemplateResourceAttribute() { Set templates = new HashSet<>(); templates.add(policy); - Instantiation instantiation = - new Instantiation(principalSlot, new EntityTypeAndId("User", "alice")); + LinkValue linkValue = new LinkValue(principalSlot, new EntityTypeAndId("User", "alice")); - final String instantiatedPolicyId = "ID0_alice"; - TemplateInstantiation templateInstantiation = - new TemplateInstantiation( + final String linkId = "ID0_alice"; + TemplateLink templateLink = + new TemplateLink( policyId, - instantiatedPolicyId, - new ArrayList(Arrays.asList(instantiation))); + linkId, + new ArrayList(Arrays.asList(linkValue))); - ArrayList templateInstantiations = - new ArrayList(Arrays.asList(templateInstantiation)); + ArrayList templateLinks = + new ArrayList(Arrays.asList(templateLink)); - PolicySet policySet = new PolicySet(policies, templates, templateInstantiations); + PolicySet policySet = new PolicySet(policies, templates, templateLinks); Map currentContext = new HashMap<>(); AuthorizationRequest request = new AuthorizationRequest( diff --git a/CedarJava/src/test/java/com/cedarpolicy/pbt/ParserTest.java b/CedarJava/src/test/java/com/cedarpolicy/pbt/ParserTest.java index 377a83db..eb7f7a88 100644 --- a/CedarJava/src/test/java/com/cedarpolicy/pbt/ParserTest.java +++ b/CedarJava/src/test/java/com/cedarpolicy/pbt/ParserTest.java @@ -19,9 +19,9 @@ import com.cedarpolicy.BasicAuthorizationEngine; import com.cedarpolicy.model.AuthorizationRequest; import com.cedarpolicy.model.AuthorizationResponse; -import com.cedarpolicy.model.slice.Entity; -import com.cedarpolicy.model.slice.Policy; -import com.cedarpolicy.model.slice.PolicySet; +import com.cedarpolicy.model.entity.Entity; +import com.cedarpolicy.model.policy.Policy; +import com.cedarpolicy.model.policy.PolicySet; import com.cedarpolicy.value.Value; import com.cedarpolicy.value.EntityIdentifier; import com.cedarpolicy.value.EntityTypeName; diff --git a/CedarJavaFFI/src/interface.rs b/CedarJavaFFI/src/interface.rs index 188aa74a..3b6f331c 100644 --- a/CedarJavaFFI/src/interface.rs +++ b/CedarJavaFFI/src/interface.rs @@ -119,7 +119,9 @@ pub(crate) fn call_cedar(call: &str, input: &str) -> String { serde_json::to_string(&ires) } }; - result.expect("failed to serialize or deserialize") + result.unwrap_or_else(|err| { + panic!("failed to handle call {call} with input {input}\nError: {err}") + }) } #[derive(Debug, Serialize, Deserialize)] @@ -193,7 +195,7 @@ fn parse_human_schema_internal<'a>( } } -#[jni_fn("com.cedarpolicy.model.slice.Policy")] +#[jni_fn("com.cedarpolicy.model.policy.Policy")] pub fn parsePolicyJni<'a>(mut env: JNIEnv<'a>, _: JClass, policy_jstr: JString<'a>) -> jvalue { match parse_policy_internal(&mut env, policy_jstr) { Err(e) => jni_failed(&mut env, e.as_ref()), @@ -220,7 +222,7 @@ fn parse_policy_internal<'a>( } } -#[jni_fn("com.cedarpolicy.model.slice.PolicySet")] +#[jni_fn("com.cedarpolicy.model.policy.PolicySet")] pub fn parsePoliciesJni<'a>(mut env: JNIEnv<'a>, _: JClass, policies_jstr: JString<'a>) -> jvalue { match parse_policies_internal(&mut env, policies_jstr) { Err(e) => jni_failed(&mut env, e.as_ref()), @@ -281,7 +283,7 @@ fn create_java_policy_set<'a>( templates_java_hash_set: &JObject<'a>, ) -> JObject<'a> { env.new_object( - "com/cedarpolicy/model/slice/PolicySet", + "com/cedarpolicy/model/policy/PolicySet", &"(Ljava/util/Set;Ljava/util/Set;)V", &[ JValueGen::Object(&policies_java_hash_set), @@ -291,7 +293,7 @@ fn create_java_policy_set<'a>( .expect("Failed to create new PolicySet object") } -#[jni_fn("com.cedarpolicy.model.slice.Policy")] +#[jni_fn("com.cedarpolicy.model.policy.Policy")] pub fn parsePolicyTemplateJni<'a>( mut env: JNIEnv<'a>, _: JClass, @@ -322,7 +324,7 @@ fn parse_policy_template_internal<'a>( } } -#[jni_fn("com.cedarpolicy.model.slice.Policy")] +#[jni_fn("com.cedarpolicy.model.policy.Policy")] pub fn validateTemplateLinkedPolicyJni<'a>( mut env: JNIEnv<'a>, _: JClass, @@ -369,11 +371,11 @@ fn validate_template_linked_policy_internal<'a>( } let template_id = template.id().clone(); - let instantiated_id = PolicyId::from_str("x")?; + let link_id = PolicyId::from_str("x")?; let mut policy_set = PolicySet::new(); policy_set.add_template(template)?; - policy_set.link(template_id, instantiated_id, slots_map)?; + policy_set.link(template_id, link_id, slots_map)?; Ok(JValueGen::Bool(1)) } } diff --git a/CedarJavaFFI/src/objects.rs b/CedarJavaFFI/src/objects.rs index d01b83a4..74d5d216 100644 --- a/CedarJavaFFI/src/objects.rs +++ b/CedarJavaFFI/src/objects.rs @@ -341,7 +341,7 @@ impl<'a> AsRef> for JEntityUID<'a> { } /// Typed wrapper for Policy objects -/// (com.cedarpolicy.model.slice.Policy) +/// (com.cedarpolicy.model.policy.Policy) pub struct JPolicy<'a> { obj: JObject<'a>, } @@ -355,7 +355,7 @@ impl<'a> JPolicy<'a> { ) -> Result { let obj = env .new_object( - "com/cedarpolicy/model/slice/Policy", + "com/cedarpolicy/model/policy/Policy", &"(Ljava/lang/String;Ljava/lang/String;)V", &[ JValueGen::Object(&policy_string), @@ -370,7 +370,7 @@ impl<'a> JPolicy<'a> { impl<'a> Object<'a> for JPolicy<'a> { fn cast(env: &mut JNIEnv<'a>, obj: JObject<'a>) -> Result { - assert_is_class(env, &obj, "com/cedarpolicy/model/slice/Policy")?; + assert_is_class(env, &obj, "com/cedarpolicy/model/policy/Policy")?; Ok(Self { obj }) } }