@cedar-policy/cedar-wasm 3.2.4 → 3.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/esm/cedar_wasm.d.ts +54 -54
- package/esm/cedar_wasm_bg.js +17 -17
- package/esm/cedar_wasm_bg.wasm +0 -0
- package/esm/cedar_wasm_bg.wasm.d.ts +2 -2
- package/esm/package.json +1 -1
- package/nodejs/cedar_wasm.d.ts +54 -54
- package/nodejs/cedar_wasm.js +17 -17
- package/nodejs/cedar_wasm_bg.wasm +0 -0
- package/nodejs/cedar_wasm_bg.wasm.d.ts +2 -2
- package/nodejs/package.json +1 -1
- package/package.json +1 -1
- package/web/cedar_wasm.d.ts +56 -56
- package/web/cedar_wasm.js +17 -17
- package/web/cedar_wasm_bg.wasm +0 -0
- package/web/cedar_wasm_bg.wasm.d.ts +2 -2
- package/web/package.json +1 -1
package/esm/cedar_wasm.d.ts
CHANGED
|
@@ -21,13 +21,6 @@ export function checkParsePolicySet(input_policies_str: string): CheckParsePolic
|
|
|
21
21
|
*/
|
|
22
22
|
export function checkParseTemplate(template_str: string): CheckParseTemplateResult;
|
|
23
23
|
/**
|
|
24
|
-
* @param {string} policies_str
|
|
25
|
-
* @param {number} line_width
|
|
26
|
-
* @param {number} indent_width
|
|
27
|
-
* @returns {FormattingResult}
|
|
28
|
-
*/
|
|
29
|
-
export function formatPolicies(policies_str: string, line_width: number, indent_width: number): FormattingResult;
|
|
30
|
-
/**
|
|
31
24
|
* @param {string} input_schema
|
|
32
25
|
* @returns {CheckParseResult}
|
|
33
26
|
*/
|
|
@@ -46,10 +39,12 @@ export function checkParseEntities(entities_str: string, schema_str: string): Ch
|
|
|
46
39
|
*/
|
|
47
40
|
export function checkParseContext(context_str: string, action_str: string, schema_str: string): CheckParseResult;
|
|
48
41
|
/**
|
|
49
|
-
* @param {
|
|
50
|
-
* @
|
|
42
|
+
* @param {string} policies_str
|
|
43
|
+
* @param {number} line_width
|
|
44
|
+
* @param {number} indent_width
|
|
45
|
+
* @returns {FormattingResult}
|
|
51
46
|
*/
|
|
52
|
-
export function
|
|
47
|
+
export function formatPolicies(policies_str: string, line_width: number, indent_width: number): FormattingResult;
|
|
53
48
|
/**
|
|
54
49
|
* @param {ValidationCall} call
|
|
55
50
|
* @returns {ValidationAnswer}
|
|
@@ -59,6 +54,11 @@ export function validate(call: ValidationCall): ValidationAnswer;
|
|
|
59
54
|
* @returns {string}
|
|
60
55
|
*/
|
|
61
56
|
export function getCedarVersion(): string;
|
|
57
|
+
/**
|
|
58
|
+
* @param {AuthorizationCall} call
|
|
59
|
+
* @returns {AuthorizationAnswer}
|
|
60
|
+
*/
|
|
61
|
+
export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
|
|
62
62
|
export type JsonToPolicyResult = { type: "success"; policyText: string } | { type: "error"; errors: string[] };
|
|
63
63
|
|
|
64
64
|
export type PolicyToJsonResult = { type: "success"; policy: Policy } | { type: "error"; errors: string[] };
|
|
@@ -67,34 +67,9 @@ export type CheckParsePolicySetResult = { type: "success"; policies: number; tem
|
|
|
67
67
|
|
|
68
68
|
export type CheckParseTemplateResult = { type: "success"; slots: string[] } | { type: "error"; errors: string[] };
|
|
69
69
|
|
|
70
|
-
export type FormattingResult = { type: "success"; formatted_policy: string } | { type: "error"; errors: string[] };
|
|
71
|
-
|
|
72
70
|
export type CheckParseResult = { type: "success" } | { type: "error"; errors: string[] };
|
|
73
71
|
|
|
74
|
-
export type
|
|
75
|
-
|
|
76
|
-
export type PolicySet = string | Record<string, string>;
|
|
77
|
-
|
|
78
|
-
export interface SourceLocation {
|
|
79
|
-
start: number;
|
|
80
|
-
end: number;
|
|
81
|
-
}
|
|
82
|
-
|
|
83
|
-
export interface SourceLabel extends SourceLocation {
|
|
84
|
-
label: string | null;
|
|
85
|
-
}
|
|
86
|
-
|
|
87
|
-
export type Severity = "advice" | "warning" | "error";
|
|
88
|
-
|
|
89
|
-
export interface DetailedError {
|
|
90
|
-
message: string;
|
|
91
|
-
help: string | null;
|
|
92
|
-
code: string | null;
|
|
93
|
-
url: string | null;
|
|
94
|
-
severity: Severity | null;
|
|
95
|
-
sourceLocations?: SourceLabel[];
|
|
96
|
-
related?: DetailedError[];
|
|
97
|
-
}
|
|
72
|
+
export type FormattingResult = { type: "success"; formatted_policy: string } | { type: "error"; errors: string[] };
|
|
98
73
|
|
|
99
74
|
export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
|
|
100
75
|
|
|
@@ -167,6 +142,31 @@ export interface Response {
|
|
|
167
142
|
diagnostics: Diagnostics;
|
|
168
143
|
}
|
|
169
144
|
|
|
145
|
+
export type Schema = { human: string } | { json: SchemaJson };
|
|
146
|
+
|
|
147
|
+
export type PolicySet = string | Record<string, string>;
|
|
148
|
+
|
|
149
|
+
export interface SourceLocation {
|
|
150
|
+
start: number;
|
|
151
|
+
end: number;
|
|
152
|
+
}
|
|
153
|
+
|
|
154
|
+
export interface SourceLabel extends SourceLocation {
|
|
155
|
+
label: string | null;
|
|
156
|
+
}
|
|
157
|
+
|
|
158
|
+
export type Severity = "advice" | "warning" | "error";
|
|
159
|
+
|
|
160
|
+
export interface DetailedError {
|
|
161
|
+
message: string;
|
|
162
|
+
help: string | null;
|
|
163
|
+
code: string | null;
|
|
164
|
+
url: string | null;
|
|
165
|
+
severity: Severity | null;
|
|
166
|
+
sourceLocations?: SourceLabel[];
|
|
167
|
+
related?: DetailedError[];
|
|
168
|
+
}
|
|
169
|
+
|
|
170
170
|
export type SchemaTypeVariant = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: SchemaType } | { type: "Record"; attributes: Record<SmolStr, TypeOfAttribute>; additionalAttributes: boolean } | { type: "Entity"; name: Name } | { type: "Extension"; name: Id };
|
|
171
171
|
|
|
172
172
|
export type SchemaType = SchemaTypeVariant | { type: Name };
|
|
@@ -220,6 +220,24 @@ export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | (
|
|
|
220
220
|
|
|
221
221
|
export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
|
|
222
222
|
|
|
223
|
+
export type EntityUidJson = { __expr: string } | { __entity: TypeAndId } | TypeAndId;
|
|
224
|
+
|
|
225
|
+
export interface FnAndArg {
|
|
226
|
+
fn: string;
|
|
227
|
+
arg: CedarValueJson;
|
|
228
|
+
}
|
|
229
|
+
|
|
230
|
+
export interface TypeAndId {
|
|
231
|
+
type: string;
|
|
232
|
+
id: string;
|
|
233
|
+
}
|
|
234
|
+
|
|
235
|
+
export type CedarValueJson = { __expr: string } | { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
|
|
236
|
+
|
|
237
|
+
export type Effect = "permit" | "forbid";
|
|
238
|
+
|
|
239
|
+
export type Var = "principal" | "action" | "resource" | "context";
|
|
240
|
+
|
|
223
241
|
export interface EntityJson {
|
|
224
242
|
uid: EntityUidJson;
|
|
225
243
|
attrs: Record<string, CedarValueJson>;
|
|
@@ -237,32 +255,14 @@ export interface Policy {
|
|
|
237
255
|
annotations?: Record<string, string>;
|
|
238
256
|
}
|
|
239
257
|
|
|
240
|
-
export type Effect = "permit" | "forbid";
|
|
241
|
-
|
|
242
258
|
export type ExtFuncCall = {} & Record<string, Array<Expr>>;
|
|
243
259
|
|
|
244
260
|
export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { Unknown: { name: string } } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: SmolStr } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
|
|
245
261
|
|
|
246
262
|
export type Expr = ExprNoExt | ExtFuncCall;
|
|
247
263
|
|
|
248
|
-
export type EntityUidJson = { __expr: string } | { __entity: TypeAndId } | TypeAndId;
|
|
249
|
-
|
|
250
|
-
export interface FnAndArg {
|
|
251
|
-
fn: string;
|
|
252
|
-
arg: CedarValueJson;
|
|
253
|
-
}
|
|
254
|
-
|
|
255
|
-
export interface TypeAndId {
|
|
256
|
-
type: string;
|
|
257
|
-
id: string;
|
|
258
|
-
}
|
|
259
|
-
|
|
260
|
-
export type CedarValueJson = { __expr: string } | { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
|
|
261
|
-
|
|
262
264
|
export type Decision = "Allow" | "Deny";
|
|
263
265
|
|
|
264
|
-
export type Var = "principal" | "action" | "resource" | "context";
|
|
265
|
-
|
|
266
266
|
type SmolStr = string;
|
|
267
267
|
type Name = string;
|
|
268
268
|
type Id = string;
|
package/esm/cedar_wasm_bg.js
CHANGED
|
@@ -167,19 +167,6 @@ export function checkParseTemplate(template_str) {
|
|
|
167
167
|
return takeObject(ret);
|
|
168
168
|
}
|
|
169
169
|
|
|
170
|
-
/**
|
|
171
|
-
* @param {string} policies_str
|
|
172
|
-
* @param {number} line_width
|
|
173
|
-
* @param {number} indent_width
|
|
174
|
-
* @returns {FormattingResult}
|
|
175
|
-
*/
|
|
176
|
-
export function formatPolicies(policies_str, line_width, indent_width) {
|
|
177
|
-
const ptr0 = passStringToWasm0(policies_str, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
|
|
178
|
-
const len0 = WASM_VECTOR_LEN;
|
|
179
|
-
const ret = wasm.formatPolicies(ptr0, len0, line_width, indent_width);
|
|
180
|
-
return takeObject(ret);
|
|
181
|
-
}
|
|
182
|
-
|
|
183
170
|
/**
|
|
184
171
|
* @param {string} input_schema
|
|
185
172
|
* @returns {CheckParseResult}
|
|
@@ -223,11 +210,15 @@ export function checkParseContext(context_str, action_str, schema_str) {
|
|
|
223
210
|
}
|
|
224
211
|
|
|
225
212
|
/**
|
|
226
|
-
* @param {
|
|
227
|
-
* @
|
|
213
|
+
* @param {string} policies_str
|
|
214
|
+
* @param {number} line_width
|
|
215
|
+
* @param {number} indent_width
|
|
216
|
+
* @returns {FormattingResult}
|
|
228
217
|
*/
|
|
229
|
-
export function
|
|
230
|
-
const
|
|
218
|
+
export function formatPolicies(policies_str, line_width, indent_width) {
|
|
219
|
+
const ptr0 = passStringToWasm0(policies_str, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
|
|
220
|
+
const len0 = WASM_VECTOR_LEN;
|
|
221
|
+
const ret = wasm.formatPolicies(ptr0, len0, line_width, indent_width);
|
|
231
222
|
return takeObject(ret);
|
|
232
223
|
}
|
|
233
224
|
|
|
@@ -260,6 +251,15 @@ export function getCedarVersion() {
|
|
|
260
251
|
}
|
|
261
252
|
}
|
|
262
253
|
|
|
254
|
+
/**
|
|
255
|
+
* @param {AuthorizationCall} call
|
|
256
|
+
* @returns {AuthorizationAnswer}
|
|
257
|
+
*/
|
|
258
|
+
export function isAuthorized(call) {
|
|
259
|
+
const ret = wasm.isAuthorized(addHeapObject(call));
|
|
260
|
+
return takeObject(ret);
|
|
261
|
+
}
|
|
262
|
+
|
|
263
263
|
function handleError(f, args) {
|
|
264
264
|
try {
|
|
265
265
|
return f.apply(this, args);
|
package/esm/cedar_wasm_bg.wasm
CHANGED
|
Binary file
|
|
@@ -5,13 +5,13 @@ export function policyTextFromJson(a: number, b: number): number;
|
|
|
5
5
|
export function policyTextToJson(a: number, b: number): number;
|
|
6
6
|
export function checkParsePolicySet(a: number, b: number): number;
|
|
7
7
|
export function checkParseTemplate(a: number, b: number): number;
|
|
8
|
-
export function formatPolicies(a: number, b: number, c: number, d: number): number;
|
|
9
8
|
export function checkParseSchema(a: number, b: number): number;
|
|
10
9
|
export function checkParseEntities(a: number, b: number, c: number, d: number): number;
|
|
11
10
|
export function checkParseContext(a: number, b: number, c: number, d: number, e: number, f: number): number;
|
|
12
|
-
export function
|
|
11
|
+
export function formatPolicies(a: number, b: number, c: number, d: number): number;
|
|
13
12
|
export function validate(a: number): number;
|
|
14
13
|
export function getCedarVersion(a: number): void;
|
|
14
|
+
export function isAuthorized(a: number): number;
|
|
15
15
|
export function __wbindgen_malloc(a: number, b: number): number;
|
|
16
16
|
export function __wbindgen_realloc(a: number, b: number, c: number, d: number): number;
|
|
17
17
|
export function __wbindgen_add_to_stack_pointer(a: number): number;
|
package/esm/package.json
CHANGED
package/nodejs/cedar_wasm.d.ts
CHANGED
|
@@ -21,13 +21,6 @@ export function checkParsePolicySet(input_policies_str: string): CheckParsePolic
|
|
|
21
21
|
*/
|
|
22
22
|
export function checkParseTemplate(template_str: string): CheckParseTemplateResult;
|
|
23
23
|
/**
|
|
24
|
-
* @param {string} policies_str
|
|
25
|
-
* @param {number} line_width
|
|
26
|
-
* @param {number} indent_width
|
|
27
|
-
* @returns {FormattingResult}
|
|
28
|
-
*/
|
|
29
|
-
export function formatPolicies(policies_str: string, line_width: number, indent_width: number): FormattingResult;
|
|
30
|
-
/**
|
|
31
24
|
* @param {string} input_schema
|
|
32
25
|
* @returns {CheckParseResult}
|
|
33
26
|
*/
|
|
@@ -46,10 +39,12 @@ export function checkParseEntities(entities_str: string, schema_str: string): Ch
|
|
|
46
39
|
*/
|
|
47
40
|
export function checkParseContext(context_str: string, action_str: string, schema_str: string): CheckParseResult;
|
|
48
41
|
/**
|
|
49
|
-
* @param {
|
|
50
|
-
* @
|
|
42
|
+
* @param {string} policies_str
|
|
43
|
+
* @param {number} line_width
|
|
44
|
+
* @param {number} indent_width
|
|
45
|
+
* @returns {FormattingResult}
|
|
51
46
|
*/
|
|
52
|
-
export function
|
|
47
|
+
export function formatPolicies(policies_str: string, line_width: number, indent_width: number): FormattingResult;
|
|
53
48
|
/**
|
|
54
49
|
* @param {ValidationCall} call
|
|
55
50
|
* @returns {ValidationAnswer}
|
|
@@ -59,6 +54,11 @@ export function validate(call: ValidationCall): ValidationAnswer;
|
|
|
59
54
|
* @returns {string}
|
|
60
55
|
*/
|
|
61
56
|
export function getCedarVersion(): string;
|
|
57
|
+
/**
|
|
58
|
+
* @param {AuthorizationCall} call
|
|
59
|
+
* @returns {AuthorizationAnswer}
|
|
60
|
+
*/
|
|
61
|
+
export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
|
|
62
62
|
export type JsonToPolicyResult = { type: "success"; policyText: string } | { type: "error"; errors: string[] };
|
|
63
63
|
|
|
64
64
|
export type PolicyToJsonResult = { type: "success"; policy: Policy } | { type: "error"; errors: string[] };
|
|
@@ -67,34 +67,9 @@ export type CheckParsePolicySetResult = { type: "success"; policies: number; tem
|
|
|
67
67
|
|
|
68
68
|
export type CheckParseTemplateResult = { type: "success"; slots: string[] } | { type: "error"; errors: string[] };
|
|
69
69
|
|
|
70
|
-
export type FormattingResult = { type: "success"; formatted_policy: string } | { type: "error"; errors: string[] };
|
|
71
|
-
|
|
72
70
|
export type CheckParseResult = { type: "success" } | { type: "error"; errors: string[] };
|
|
73
71
|
|
|
74
|
-
export type
|
|
75
|
-
|
|
76
|
-
export type PolicySet = string | Record<string, string>;
|
|
77
|
-
|
|
78
|
-
export interface SourceLocation {
|
|
79
|
-
start: number;
|
|
80
|
-
end: number;
|
|
81
|
-
}
|
|
82
|
-
|
|
83
|
-
export interface SourceLabel extends SourceLocation {
|
|
84
|
-
label: string | null;
|
|
85
|
-
}
|
|
86
|
-
|
|
87
|
-
export type Severity = "advice" | "warning" | "error";
|
|
88
|
-
|
|
89
|
-
export interface DetailedError {
|
|
90
|
-
message: string;
|
|
91
|
-
help: string | null;
|
|
92
|
-
code: string | null;
|
|
93
|
-
url: string | null;
|
|
94
|
-
severity: Severity | null;
|
|
95
|
-
sourceLocations?: SourceLabel[];
|
|
96
|
-
related?: DetailedError[];
|
|
97
|
-
}
|
|
72
|
+
export type FormattingResult = { type: "success"; formatted_policy: string } | { type: "error"; errors: string[] };
|
|
98
73
|
|
|
99
74
|
export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
|
|
100
75
|
|
|
@@ -167,6 +142,31 @@ export interface Response {
|
|
|
167
142
|
diagnostics: Diagnostics;
|
|
168
143
|
}
|
|
169
144
|
|
|
145
|
+
export type Schema = { human: string } | { json: SchemaJson };
|
|
146
|
+
|
|
147
|
+
export type PolicySet = string | Record<string, string>;
|
|
148
|
+
|
|
149
|
+
export interface SourceLocation {
|
|
150
|
+
start: number;
|
|
151
|
+
end: number;
|
|
152
|
+
}
|
|
153
|
+
|
|
154
|
+
export interface SourceLabel extends SourceLocation {
|
|
155
|
+
label: string | null;
|
|
156
|
+
}
|
|
157
|
+
|
|
158
|
+
export type Severity = "advice" | "warning" | "error";
|
|
159
|
+
|
|
160
|
+
export interface DetailedError {
|
|
161
|
+
message: string;
|
|
162
|
+
help: string | null;
|
|
163
|
+
code: string | null;
|
|
164
|
+
url: string | null;
|
|
165
|
+
severity: Severity | null;
|
|
166
|
+
sourceLocations?: SourceLabel[];
|
|
167
|
+
related?: DetailedError[];
|
|
168
|
+
}
|
|
169
|
+
|
|
170
170
|
export type SchemaTypeVariant = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: SchemaType } | { type: "Record"; attributes: Record<SmolStr, TypeOfAttribute>; additionalAttributes: boolean } | { type: "Entity"; name: Name } | { type: "Extension"; name: Id };
|
|
171
171
|
|
|
172
172
|
export type SchemaType = SchemaTypeVariant | { type: Name };
|
|
@@ -220,6 +220,24 @@ export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | (
|
|
|
220
220
|
|
|
221
221
|
export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
|
|
222
222
|
|
|
223
|
+
export type EntityUidJson = { __expr: string } | { __entity: TypeAndId } | TypeAndId;
|
|
224
|
+
|
|
225
|
+
export interface FnAndArg {
|
|
226
|
+
fn: string;
|
|
227
|
+
arg: CedarValueJson;
|
|
228
|
+
}
|
|
229
|
+
|
|
230
|
+
export interface TypeAndId {
|
|
231
|
+
type: string;
|
|
232
|
+
id: string;
|
|
233
|
+
}
|
|
234
|
+
|
|
235
|
+
export type CedarValueJson = { __expr: string } | { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
|
|
236
|
+
|
|
237
|
+
export type Effect = "permit" | "forbid";
|
|
238
|
+
|
|
239
|
+
export type Var = "principal" | "action" | "resource" | "context";
|
|
240
|
+
|
|
223
241
|
export interface EntityJson {
|
|
224
242
|
uid: EntityUidJson;
|
|
225
243
|
attrs: Record<string, CedarValueJson>;
|
|
@@ -237,32 +255,14 @@ export interface Policy {
|
|
|
237
255
|
annotations?: Record<string, string>;
|
|
238
256
|
}
|
|
239
257
|
|
|
240
|
-
export type Effect = "permit" | "forbid";
|
|
241
|
-
|
|
242
258
|
export type ExtFuncCall = {} & Record<string, Array<Expr>>;
|
|
243
259
|
|
|
244
260
|
export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { Unknown: { name: string } } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: SmolStr } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
|
|
245
261
|
|
|
246
262
|
export type Expr = ExprNoExt | ExtFuncCall;
|
|
247
263
|
|
|
248
|
-
export type EntityUidJson = { __expr: string } | { __entity: TypeAndId } | TypeAndId;
|
|
249
|
-
|
|
250
|
-
export interface FnAndArg {
|
|
251
|
-
fn: string;
|
|
252
|
-
arg: CedarValueJson;
|
|
253
|
-
}
|
|
254
|
-
|
|
255
|
-
export interface TypeAndId {
|
|
256
|
-
type: string;
|
|
257
|
-
id: string;
|
|
258
|
-
}
|
|
259
|
-
|
|
260
|
-
export type CedarValueJson = { __expr: string } | { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
|
|
261
|
-
|
|
262
264
|
export type Decision = "Allow" | "Deny";
|
|
263
265
|
|
|
264
|
-
export type Var = "principal" | "action" | "resource" | "context";
|
|
265
|
-
|
|
266
266
|
type SmolStr = string;
|
|
267
267
|
type Name = string;
|
|
268
268
|
type Id = string;
|
package/nodejs/cedar_wasm.js
CHANGED
|
@@ -162,19 +162,6 @@ module.exports.checkParseTemplate = function(template_str) {
|
|
|
162
162
|
return takeObject(ret);
|
|
163
163
|
};
|
|
164
164
|
|
|
165
|
-
/**
|
|
166
|
-
* @param {string} policies_str
|
|
167
|
-
* @param {number} line_width
|
|
168
|
-
* @param {number} indent_width
|
|
169
|
-
* @returns {FormattingResult}
|
|
170
|
-
*/
|
|
171
|
-
module.exports.formatPolicies = function(policies_str, line_width, indent_width) {
|
|
172
|
-
const ptr0 = passStringToWasm0(policies_str, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
|
|
173
|
-
const len0 = WASM_VECTOR_LEN;
|
|
174
|
-
const ret = wasm.formatPolicies(ptr0, len0, line_width, indent_width);
|
|
175
|
-
return takeObject(ret);
|
|
176
|
-
};
|
|
177
|
-
|
|
178
165
|
/**
|
|
179
166
|
* @param {string} input_schema
|
|
180
167
|
* @returns {CheckParseResult}
|
|
@@ -218,11 +205,15 @@ module.exports.checkParseContext = function(context_str, action_str, schema_str)
|
|
|
218
205
|
};
|
|
219
206
|
|
|
220
207
|
/**
|
|
221
|
-
* @param {
|
|
222
|
-
* @
|
|
208
|
+
* @param {string} policies_str
|
|
209
|
+
* @param {number} line_width
|
|
210
|
+
* @param {number} indent_width
|
|
211
|
+
* @returns {FormattingResult}
|
|
223
212
|
*/
|
|
224
|
-
module.exports.
|
|
225
|
-
const
|
|
213
|
+
module.exports.formatPolicies = function(policies_str, line_width, indent_width) {
|
|
214
|
+
const ptr0 = passStringToWasm0(policies_str, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
|
|
215
|
+
const len0 = WASM_VECTOR_LEN;
|
|
216
|
+
const ret = wasm.formatPolicies(ptr0, len0, line_width, indent_width);
|
|
226
217
|
return takeObject(ret);
|
|
227
218
|
};
|
|
228
219
|
|
|
@@ -255,6 +246,15 @@ module.exports.getCedarVersion = function() {
|
|
|
255
246
|
}
|
|
256
247
|
};
|
|
257
248
|
|
|
249
|
+
/**
|
|
250
|
+
* @param {AuthorizationCall} call
|
|
251
|
+
* @returns {AuthorizationAnswer}
|
|
252
|
+
*/
|
|
253
|
+
module.exports.isAuthorized = function(call) {
|
|
254
|
+
const ret = wasm.isAuthorized(addHeapObject(call));
|
|
255
|
+
return takeObject(ret);
|
|
256
|
+
};
|
|
257
|
+
|
|
258
258
|
function handleError(f, args) {
|
|
259
259
|
try {
|
|
260
260
|
return f.apply(this, args);
|
|
Binary file
|
|
@@ -5,13 +5,13 @@ export function policyTextFromJson(a: number, b: number): number;
|
|
|
5
5
|
export function policyTextToJson(a: number, b: number): number;
|
|
6
6
|
export function checkParsePolicySet(a: number, b: number): number;
|
|
7
7
|
export function checkParseTemplate(a: number, b: number): number;
|
|
8
|
-
export function formatPolicies(a: number, b: number, c: number, d: number): number;
|
|
9
8
|
export function checkParseSchema(a: number, b: number): number;
|
|
10
9
|
export function checkParseEntities(a: number, b: number, c: number, d: number): number;
|
|
11
10
|
export function checkParseContext(a: number, b: number, c: number, d: number, e: number, f: number): number;
|
|
12
|
-
export function
|
|
11
|
+
export function formatPolicies(a: number, b: number, c: number, d: number): number;
|
|
13
12
|
export function validate(a: number): number;
|
|
14
13
|
export function getCedarVersion(a: number): void;
|
|
14
|
+
export function isAuthorized(a: number): number;
|
|
15
15
|
export function __wbindgen_malloc(a: number, b: number): number;
|
|
16
16
|
export function __wbindgen_realloc(a: number, b: number, c: number, d: number): number;
|
|
17
17
|
export function __wbindgen_add_to_stack_pointer(a: number): number;
|
package/nodejs/package.json
CHANGED
package/package.json
CHANGED
package/web/cedar_wasm.d.ts
CHANGED
|
@@ -21,13 +21,6 @@ export function checkParsePolicySet(input_policies_str: string): CheckParsePolic
|
|
|
21
21
|
*/
|
|
22
22
|
export function checkParseTemplate(template_str: string): CheckParseTemplateResult;
|
|
23
23
|
/**
|
|
24
|
-
* @param {string} policies_str
|
|
25
|
-
* @param {number} line_width
|
|
26
|
-
* @param {number} indent_width
|
|
27
|
-
* @returns {FormattingResult}
|
|
28
|
-
*/
|
|
29
|
-
export function formatPolicies(policies_str: string, line_width: number, indent_width: number): FormattingResult;
|
|
30
|
-
/**
|
|
31
24
|
* @param {string} input_schema
|
|
32
25
|
* @returns {CheckParseResult}
|
|
33
26
|
*/
|
|
@@ -46,10 +39,12 @@ export function checkParseEntities(entities_str: string, schema_str: string): Ch
|
|
|
46
39
|
*/
|
|
47
40
|
export function checkParseContext(context_str: string, action_str: string, schema_str: string): CheckParseResult;
|
|
48
41
|
/**
|
|
49
|
-
* @param {
|
|
50
|
-
* @
|
|
42
|
+
* @param {string} policies_str
|
|
43
|
+
* @param {number} line_width
|
|
44
|
+
* @param {number} indent_width
|
|
45
|
+
* @returns {FormattingResult}
|
|
51
46
|
*/
|
|
52
|
-
export function
|
|
47
|
+
export function formatPolicies(policies_str: string, line_width: number, indent_width: number): FormattingResult;
|
|
53
48
|
/**
|
|
54
49
|
* @param {ValidationCall} call
|
|
55
50
|
* @returns {ValidationAnswer}
|
|
@@ -59,6 +54,11 @@ export function validate(call: ValidationCall): ValidationAnswer;
|
|
|
59
54
|
* @returns {string}
|
|
60
55
|
*/
|
|
61
56
|
export function getCedarVersion(): string;
|
|
57
|
+
/**
|
|
58
|
+
* @param {AuthorizationCall} call
|
|
59
|
+
* @returns {AuthorizationAnswer}
|
|
60
|
+
*/
|
|
61
|
+
export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
|
|
62
62
|
export type JsonToPolicyResult = { type: "success"; policyText: string } | { type: "error"; errors: string[] };
|
|
63
63
|
|
|
64
64
|
export type PolicyToJsonResult = { type: "success"; policy: Policy } | { type: "error"; errors: string[] };
|
|
@@ -67,34 +67,9 @@ export type CheckParsePolicySetResult = { type: "success"; policies: number; tem
|
|
|
67
67
|
|
|
68
68
|
export type CheckParseTemplateResult = { type: "success"; slots: string[] } | { type: "error"; errors: string[] };
|
|
69
69
|
|
|
70
|
-
export type FormattingResult = { type: "success"; formatted_policy: string } | { type: "error"; errors: string[] };
|
|
71
|
-
|
|
72
70
|
export type CheckParseResult = { type: "success" } | { type: "error"; errors: string[] };
|
|
73
71
|
|
|
74
|
-
export type
|
|
75
|
-
|
|
76
|
-
export type PolicySet = string | Record<string, string>;
|
|
77
|
-
|
|
78
|
-
export interface SourceLocation {
|
|
79
|
-
start: number;
|
|
80
|
-
end: number;
|
|
81
|
-
}
|
|
82
|
-
|
|
83
|
-
export interface SourceLabel extends SourceLocation {
|
|
84
|
-
label: string | null;
|
|
85
|
-
}
|
|
86
|
-
|
|
87
|
-
export type Severity = "advice" | "warning" | "error";
|
|
88
|
-
|
|
89
|
-
export interface DetailedError {
|
|
90
|
-
message: string;
|
|
91
|
-
help: string | null;
|
|
92
|
-
code: string | null;
|
|
93
|
-
url: string | null;
|
|
94
|
-
severity: Severity | null;
|
|
95
|
-
sourceLocations?: SourceLabel[];
|
|
96
|
-
related?: DetailedError[];
|
|
97
|
-
}
|
|
72
|
+
export type FormattingResult = { type: "success"; formatted_policy: string } | { type: "error"; errors: string[] };
|
|
98
73
|
|
|
99
74
|
export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
|
|
100
75
|
|
|
@@ -167,6 +142,31 @@ export interface Response {
|
|
|
167
142
|
diagnostics: Diagnostics;
|
|
168
143
|
}
|
|
169
144
|
|
|
145
|
+
export type Schema = { human: string } | { json: SchemaJson };
|
|
146
|
+
|
|
147
|
+
export type PolicySet = string | Record<string, string>;
|
|
148
|
+
|
|
149
|
+
export interface SourceLocation {
|
|
150
|
+
start: number;
|
|
151
|
+
end: number;
|
|
152
|
+
}
|
|
153
|
+
|
|
154
|
+
export interface SourceLabel extends SourceLocation {
|
|
155
|
+
label: string | null;
|
|
156
|
+
}
|
|
157
|
+
|
|
158
|
+
export type Severity = "advice" | "warning" | "error";
|
|
159
|
+
|
|
160
|
+
export interface DetailedError {
|
|
161
|
+
message: string;
|
|
162
|
+
help: string | null;
|
|
163
|
+
code: string | null;
|
|
164
|
+
url: string | null;
|
|
165
|
+
severity: Severity | null;
|
|
166
|
+
sourceLocations?: SourceLabel[];
|
|
167
|
+
related?: DetailedError[];
|
|
168
|
+
}
|
|
169
|
+
|
|
170
170
|
export type SchemaTypeVariant = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: SchemaType } | { type: "Record"; attributes: Record<SmolStr, TypeOfAttribute>; additionalAttributes: boolean } | { type: "Entity"; name: Name } | { type: "Extension"; name: Id };
|
|
171
171
|
|
|
172
172
|
export type SchemaType = SchemaTypeVariant | { type: Name };
|
|
@@ -220,6 +220,24 @@ export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | (
|
|
|
220
220
|
|
|
221
221
|
export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
|
|
222
222
|
|
|
223
|
+
export type EntityUidJson = { __expr: string } | { __entity: TypeAndId } | TypeAndId;
|
|
224
|
+
|
|
225
|
+
export interface FnAndArg {
|
|
226
|
+
fn: string;
|
|
227
|
+
arg: CedarValueJson;
|
|
228
|
+
}
|
|
229
|
+
|
|
230
|
+
export interface TypeAndId {
|
|
231
|
+
type: string;
|
|
232
|
+
id: string;
|
|
233
|
+
}
|
|
234
|
+
|
|
235
|
+
export type CedarValueJson = { __expr: string } | { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
|
|
236
|
+
|
|
237
|
+
export type Effect = "permit" | "forbid";
|
|
238
|
+
|
|
239
|
+
export type Var = "principal" | "action" | "resource" | "context";
|
|
240
|
+
|
|
223
241
|
export interface EntityJson {
|
|
224
242
|
uid: EntityUidJson;
|
|
225
243
|
attrs: Record<string, CedarValueJson>;
|
|
@@ -237,32 +255,14 @@ export interface Policy {
|
|
|
237
255
|
annotations?: Record<string, string>;
|
|
238
256
|
}
|
|
239
257
|
|
|
240
|
-
export type Effect = "permit" | "forbid";
|
|
241
|
-
|
|
242
258
|
export type ExtFuncCall = {} & Record<string, Array<Expr>>;
|
|
243
259
|
|
|
244
260
|
export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { Unknown: { name: string } } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: SmolStr } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
|
|
245
261
|
|
|
246
262
|
export type Expr = ExprNoExt | ExtFuncCall;
|
|
247
263
|
|
|
248
|
-
export type EntityUidJson = { __expr: string } | { __entity: TypeAndId } | TypeAndId;
|
|
249
|
-
|
|
250
|
-
export interface FnAndArg {
|
|
251
|
-
fn: string;
|
|
252
|
-
arg: CedarValueJson;
|
|
253
|
-
}
|
|
254
|
-
|
|
255
|
-
export interface TypeAndId {
|
|
256
|
-
type: string;
|
|
257
|
-
id: string;
|
|
258
|
-
}
|
|
259
|
-
|
|
260
|
-
export type CedarValueJson = { __expr: string } | { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
|
|
261
|
-
|
|
262
264
|
export type Decision = "Allow" | "Deny";
|
|
263
265
|
|
|
264
|
-
export type Var = "principal" | "action" | "resource" | "context";
|
|
265
|
-
|
|
266
266
|
|
|
267
267
|
export type InitInput = RequestInfo | URL | Response | BufferSource | WebAssembly.Module;
|
|
268
268
|
|
|
@@ -272,13 +272,13 @@ export interface InitOutput {
|
|
|
272
272
|
readonly policyTextToJson: (a: number, b: number) => number;
|
|
273
273
|
readonly checkParsePolicySet: (a: number, b: number) => number;
|
|
274
274
|
readonly checkParseTemplate: (a: number, b: number) => number;
|
|
275
|
-
readonly formatPolicies: (a: number, b: number, c: number, d: number) => number;
|
|
276
275
|
readonly checkParseSchema: (a: number, b: number) => number;
|
|
277
276
|
readonly checkParseEntities: (a: number, b: number, c: number, d: number) => number;
|
|
278
277
|
readonly checkParseContext: (a: number, b: number, c: number, d: number, e: number, f: number) => number;
|
|
279
|
-
readonly
|
|
278
|
+
readonly formatPolicies: (a: number, b: number, c: number, d: number) => number;
|
|
280
279
|
readonly validate: (a: number) => number;
|
|
281
280
|
readonly getCedarVersion: (a: number) => void;
|
|
281
|
+
readonly isAuthorized: (a: number) => number;
|
|
282
282
|
readonly __wbindgen_malloc: (a: number, b: number) => number;
|
|
283
283
|
readonly __wbindgen_realloc: (a: number, b: number, c: number, d: number) => number;
|
|
284
284
|
readonly __wbindgen_add_to_stack_pointer: (a: number) => number;
|
package/web/cedar_wasm.js
CHANGED
|
@@ -159,19 +159,6 @@ export function checkParseTemplate(template_str) {
|
|
|
159
159
|
return takeObject(ret);
|
|
160
160
|
}
|
|
161
161
|
|
|
162
|
-
/**
|
|
163
|
-
* @param {string} policies_str
|
|
164
|
-
* @param {number} line_width
|
|
165
|
-
* @param {number} indent_width
|
|
166
|
-
* @returns {FormattingResult}
|
|
167
|
-
*/
|
|
168
|
-
export function formatPolicies(policies_str, line_width, indent_width) {
|
|
169
|
-
const ptr0 = passStringToWasm0(policies_str, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
|
|
170
|
-
const len0 = WASM_VECTOR_LEN;
|
|
171
|
-
const ret = wasm.formatPolicies(ptr0, len0, line_width, indent_width);
|
|
172
|
-
return takeObject(ret);
|
|
173
|
-
}
|
|
174
|
-
|
|
175
162
|
/**
|
|
176
163
|
* @param {string} input_schema
|
|
177
164
|
* @returns {CheckParseResult}
|
|
@@ -215,11 +202,15 @@ export function checkParseContext(context_str, action_str, schema_str) {
|
|
|
215
202
|
}
|
|
216
203
|
|
|
217
204
|
/**
|
|
218
|
-
* @param {
|
|
219
|
-
* @
|
|
205
|
+
* @param {string} policies_str
|
|
206
|
+
* @param {number} line_width
|
|
207
|
+
* @param {number} indent_width
|
|
208
|
+
* @returns {FormattingResult}
|
|
220
209
|
*/
|
|
221
|
-
export function
|
|
222
|
-
const
|
|
210
|
+
export function formatPolicies(policies_str, line_width, indent_width) {
|
|
211
|
+
const ptr0 = passStringToWasm0(policies_str, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
|
|
212
|
+
const len0 = WASM_VECTOR_LEN;
|
|
213
|
+
const ret = wasm.formatPolicies(ptr0, len0, line_width, indent_width);
|
|
223
214
|
return takeObject(ret);
|
|
224
215
|
}
|
|
225
216
|
|
|
@@ -252,6 +243,15 @@ export function getCedarVersion() {
|
|
|
252
243
|
}
|
|
253
244
|
}
|
|
254
245
|
|
|
246
|
+
/**
|
|
247
|
+
* @param {AuthorizationCall} call
|
|
248
|
+
* @returns {AuthorizationAnswer}
|
|
249
|
+
*/
|
|
250
|
+
export function isAuthorized(call) {
|
|
251
|
+
const ret = wasm.isAuthorized(addHeapObject(call));
|
|
252
|
+
return takeObject(ret);
|
|
253
|
+
}
|
|
254
|
+
|
|
255
255
|
function handleError(f, args) {
|
|
256
256
|
try {
|
|
257
257
|
return f.apply(this, args);
|
package/web/cedar_wasm_bg.wasm
CHANGED
|
Binary file
|
|
@@ -5,13 +5,13 @@ export function policyTextFromJson(a: number, b: number): number;
|
|
|
5
5
|
export function policyTextToJson(a: number, b: number): number;
|
|
6
6
|
export function checkParsePolicySet(a: number, b: number): number;
|
|
7
7
|
export function checkParseTemplate(a: number, b: number): number;
|
|
8
|
-
export function formatPolicies(a: number, b: number, c: number, d: number): number;
|
|
9
8
|
export function checkParseSchema(a: number, b: number): number;
|
|
10
9
|
export function checkParseEntities(a: number, b: number, c: number, d: number): number;
|
|
11
10
|
export function checkParseContext(a: number, b: number, c: number, d: number, e: number, f: number): number;
|
|
12
|
-
export function
|
|
11
|
+
export function formatPolicies(a: number, b: number, c: number, d: number): number;
|
|
13
12
|
export function validate(a: number): number;
|
|
14
13
|
export function getCedarVersion(a: number): void;
|
|
14
|
+
export function isAuthorized(a: number): number;
|
|
15
15
|
export function __wbindgen_malloc(a: number, b: number): number;
|
|
16
16
|
export function __wbindgen_realloc(a: number, b: number, c: number, d: number): number;
|
|
17
17
|
export function __wbindgen_add_to_stack_pointer(a: number): number;
|