-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cleanup in frontend code #740
Conversation
let policy_set = match policies { | ||
PolicySpecification::Concatenated(policies) => match PolicySet::from_str(&policies) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fyi (to help processing the diff): This parsing code, and the parse_policy_set_from_individual_policies
function below were copied verbatim to util.rs
.
If you rebase, the downstream build should hopefully pass now |
Signed-off-by: Kesha Hietala <khieta@amazon.com>
Signed-off-by: Craig Disselkoen <cdiss@amazon.com> Signed-off-by: Kesha Hietala <khieta@amazon.com>
Signed-off-by: Andrew Wells <anmwells@amazon.com> Signed-off-by: Kesha Hietala <khieta@amazon.com>
Signed-off-by: Kesha Hietala <khieta@amazon.com>
#[serde(default)] | ||
#[serde(rename = "validationSettings")] | ||
validation_settings: ValidationSettings, | ||
schema: cedar_policy_validator::SchemaFragment, | ||
/// Schema in JSON format | ||
schema: JsonValueWithNoDuplicateKeys, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's the benefit of this change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consistency with AuthorizationCall
#[derive(Serialize, Deserialize)] | ||
#[cfg_attr(feature = "wasm", derive(tsify::Tsify))] | ||
#[cfg_attr(feature = "wasm", tsify(into_wasm_abi, from_wasm_abi))] | ||
struct ValidateCall { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The Validate
to Validation
change looks nice, but I wonder if it's worth making a breaking change to the API. Depends on how much we care about keeping this interface stable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this isn't breaking since the ValidateCall
type was only ever exposed indirectly via its serialized JSON format.
Signed-off-by: Kesha Hietala <khieta@amazon.com>
Description of changes
This PR fixes a few inconsistencies in our frontend, which will become visible once we make these structures public in #737. I believe that all of these changes are non-breaking because they affect private data structures... but please double check my work.
ValidateCall
->ValidationCall
for consistency withAuthorizationCall
ValidateAnswer
->ValidationAnswer
for consistency withAuthorizationAnswer
ParseFailed
->Failure
since failures encompass more than just parsing (e.g., failure to convert aSchema
to the internalValidatorSchema
type)validate
to call the public function incedar_policy
instead of the internal one incedar_policy_validator
ValidationMode
->ValidationEnabled
since "mode" usually refers to "strict" vs. "permissive"ValidationCall
to be aJsonValueWithNoDuplicateKeys
for consistency withAuthorizationCall
A few other things I'd like to change, but didn't because they will be breaking (will make in a followup PR):
InterfaceResponse
,InterfaceDiagnostics
toResponse
,Diagnostics
. We are already redefining types (e.g.,ValidationError
) so I don't think this is too confusing.InterfaceResult
and instead use theFailure
field ofAuthorizationAnswer
,ValidationAnswer
to report errors. I don't think it's worth the extra infrastructure to distinguish between internal and non-internal errors.json_is_authorized
tojson_str_is_authorized
& update it to return a json string encoding of aAuthorizationAnswer
. Similar forjson_validate
.Issue #, if available
Checklist for requesting a review
The change in this PR is (choose one, and delete the other options):
cedar-policy-core
,cedar-validator
, etc.)I confirm that this PR (choose one, and delete the other options):
I confirm that
cedar-spec
(choose one, and delete the other options):