@cedar-policy/cedar-wasm 3.4.0 → 4.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/esm/cedar_wasm.d.ts +222 -142
- package/esm/cedar_wasm_bg.js +126 -88
- package/esm/cedar_wasm_bg.wasm +0 -0
- package/esm/cedar_wasm_bg.wasm.d.ts +14 -9
- package/esm/package.json +1 -1
- package/nodejs/cedar_wasm.d.ts +222 -142
- package/nodejs/cedar_wasm.js +126 -88
- package/nodejs/cedar_wasm_bg.wasm +0 -0
- package/nodejs/cedar_wasm_bg.wasm.d.ts +14 -9
- package/nodejs/package.json +1 -1
- package/package.json +1 -1
- package/web/cedar_wasm.d.ts +236 -151
- package/web/cedar_wasm.js +125 -87
- package/web/cedar_wasm_bg.wasm +0 -0
- package/web/cedar_wasm_bg.wasm.d.ts +14 -9
- package/web/package.json +1 -1
package/esm/cedar_wasm.d.ts
CHANGED
|
@@ -1,150 +1,180 @@
|
|
|
1
1
|
/* tslint:disable */
|
|
2
2
|
/* eslint-disable */
|
|
3
3
|
/**
|
|
4
|
-
*
|
|
5
|
-
* @
|
|
4
|
+
* Get valid request environment
|
|
5
|
+
* @param {Template} t
|
|
6
|
+
* @param {Schema} s
|
|
7
|
+
* @returns {GetValidRequestEnvsResult}
|
|
6
8
|
*/
|
|
7
|
-
export function
|
|
9
|
+
export function getValidRequestEnvsTemplate(t: Template, s: Schema): GetValidRequestEnvsResult;
|
|
8
10
|
/**
|
|
9
|
-
*
|
|
10
|
-
* @
|
|
11
|
+
* Get valid request environment
|
|
12
|
+
* @param {Policy} t
|
|
13
|
+
* @param {Schema} s
|
|
14
|
+
* @returns {GetValidRequestEnvsResult}
|
|
11
15
|
*/
|
|
12
|
-
export function
|
|
16
|
+
export function getValidRequestEnvsPolicy(t: Policy, s: Schema): GetValidRequestEnvsResult;
|
|
13
17
|
/**
|
|
14
|
-
* @
|
|
15
|
-
* @returns {CheckParsePolicySetResult}
|
|
18
|
+
* @returns {string}
|
|
16
19
|
*/
|
|
17
|
-
export function
|
|
20
|
+
export function getCedarVersion(): string;
|
|
18
21
|
/**
|
|
19
|
-
*
|
|
20
|
-
* @
|
|
22
|
+
* Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
|
|
23
|
+
* @param {AuthorizationCall} call
|
|
24
|
+
* @returns {AuthorizationAnswer}
|
|
21
25
|
*/
|
|
22
|
-
export function
|
|
26
|
+
export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
|
|
23
27
|
/**
|
|
24
|
-
*
|
|
25
|
-
*
|
|
28
|
+
* Parse a policy set and optionally validate it against a provided schema
|
|
29
|
+
*
|
|
30
|
+
* This is the basic validator interface, using [`ValidationCall`] and
|
|
31
|
+
* [`ValidationAnswer`] types
|
|
32
|
+
* @param {ValidationCall} call
|
|
33
|
+
* @returns {ValidationAnswer}
|
|
26
34
|
*/
|
|
27
|
-
export function
|
|
35
|
+
export function validate(call: ValidationCall): ValidationAnswer;
|
|
28
36
|
/**
|
|
29
|
-
*
|
|
30
|
-
* @param {
|
|
31
|
-
* @returns {
|
|
37
|
+
* Apply the Cedar policy formatter to a policy set in the Cedar policy format
|
|
38
|
+
* @param {FormattingCall} call
|
|
39
|
+
* @returns {FormattingAnswer}
|
|
32
40
|
*/
|
|
33
|
-
export function
|
|
41
|
+
export function formatPolicies(call: FormattingCall): FormattingAnswer;
|
|
34
42
|
/**
|
|
35
|
-
*
|
|
36
|
-
* @param {
|
|
37
|
-
* @
|
|
38
|
-
* @returns {CheckParseResult}
|
|
43
|
+
* Return the Cedar (textual) representation of a policy.
|
|
44
|
+
* @param {Policy} policy
|
|
45
|
+
* @returns {PolicyToTextAnswer}
|
|
39
46
|
*/
|
|
40
|
-
export function
|
|
47
|
+
export function policyToText(policy: Policy): PolicyToTextAnswer;
|
|
41
48
|
/**
|
|
42
|
-
*
|
|
43
|
-
* @param {
|
|
44
|
-
* @
|
|
45
|
-
* @returns {FormattingResult}
|
|
49
|
+
* Return the Cedar (textual) representation of a template.
|
|
50
|
+
* @param {Template} template
|
|
51
|
+
* @returns {PolicyToTextAnswer}
|
|
46
52
|
*/
|
|
47
|
-
export function
|
|
53
|
+
export function templateToText(template: Template): PolicyToTextAnswer;
|
|
48
54
|
/**
|
|
49
|
-
*
|
|
50
|
-
* @
|
|
55
|
+
* Return the JSON representation of a policy.
|
|
56
|
+
* @param {Policy} policy
|
|
57
|
+
* @returns {PolicyToJsonAnswer}
|
|
51
58
|
*/
|
|
52
|
-
export function
|
|
59
|
+
export function policyToJson(policy: Policy): PolicyToJsonAnswer;
|
|
53
60
|
/**
|
|
54
|
-
*
|
|
61
|
+
* Return the JSON representation of a template.
|
|
62
|
+
* @param {Template} template
|
|
63
|
+
* @returns {PolicyToJsonAnswer}
|
|
55
64
|
*/
|
|
56
|
-
export function
|
|
65
|
+
export function templateToJson(template: Template): PolicyToJsonAnswer;
|
|
57
66
|
/**
|
|
58
|
-
*
|
|
59
|
-
* @
|
|
67
|
+
* Return the Cedar (textual) representation of a schema.
|
|
68
|
+
* @param {Schema} schema
|
|
69
|
+
* @returns {SchemaToTextAnswer}
|
|
60
70
|
*/
|
|
61
|
-
export function
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
71
|
+
export function schemaToText(schema: Schema): SchemaToTextAnswer;
|
|
72
|
+
/**
|
|
73
|
+
* Return the JSON representation of a schema.
|
|
74
|
+
* @param {Schema} schema
|
|
75
|
+
* @returns {SchemaToJsonAnswer}
|
|
76
|
+
*/
|
|
77
|
+
export function schemaToJson(schema: Schema): SchemaToJsonAnswer;
|
|
78
|
+
/**
|
|
79
|
+
* Check whether a policy set successfully parses.
|
|
80
|
+
* @param {PolicySet} policies
|
|
81
|
+
* @returns {CheckParseAnswer}
|
|
82
|
+
*/
|
|
83
|
+
export function checkParsePolicySet(policies: PolicySet): CheckParseAnswer;
|
|
84
|
+
/**
|
|
85
|
+
* Check whether a schema successfully parses.
|
|
86
|
+
* @param {Schema} schema
|
|
87
|
+
* @returns {CheckParseAnswer}
|
|
88
|
+
*/
|
|
89
|
+
export function checkParseSchema(schema: Schema): CheckParseAnswer;
|
|
90
|
+
/**
|
|
91
|
+
* Check whether a set of entities successfully parses.
|
|
92
|
+
* @param {EntitiesParsingCall} call
|
|
93
|
+
* @returns {CheckParseAnswer}
|
|
94
|
+
*/
|
|
95
|
+
export function checkParseEntities(call: EntitiesParsingCall): CheckParseAnswer;
|
|
96
|
+
/**
|
|
97
|
+
* Check whether a context successfully parses.
|
|
98
|
+
* @param {ContextParsingCall} call
|
|
99
|
+
* @returns {CheckParseAnswer}
|
|
100
|
+
*/
|
|
101
|
+
export function checkParseContext(call: ContextParsingCall): CheckParseAnswer;
|
|
102
|
+
export type GetValidRequestEnvsResult = { type: "success"; principals: string[]; actions: string[]; resources: string[] } | { type: "failure"; error: string };
|
|
67
103
|
|
|
68
|
-
export type
|
|
104
|
+
export type SlotId = string;
|
|
69
105
|
|
|
70
|
-
export type
|
|
106
|
+
export type PolicyId = string;
|
|
71
107
|
|
|
72
|
-
export
|
|
108
|
+
export interface Response {
|
|
109
|
+
decision: Decision;
|
|
110
|
+
diagnostics: Diagnostics;
|
|
111
|
+
}
|
|
73
112
|
|
|
74
|
-
export
|
|
113
|
+
export interface Diagnostics {
|
|
114
|
+
reason: PolicyId[];
|
|
115
|
+
errors: AuthorizationError[];
|
|
116
|
+
}
|
|
75
117
|
|
|
76
|
-
export interface
|
|
77
|
-
policyId:
|
|
118
|
+
export interface AuthorizationError {
|
|
119
|
+
policyId: string;
|
|
78
120
|
error: DetailedError;
|
|
79
121
|
}
|
|
80
122
|
|
|
81
|
-
export type
|
|
123
|
+
export type AuthorizationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; response: Response; warnings: DetailedError[] };
|
|
82
124
|
|
|
83
|
-
export interface
|
|
84
|
-
|
|
125
|
+
export interface AuthorizationCall {
|
|
126
|
+
principal: EntityUid;
|
|
127
|
+
action: EntityUid;
|
|
128
|
+
resource: EntityUid;
|
|
129
|
+
context: Context;
|
|
130
|
+
schema?: Schema;
|
|
131
|
+
validateRequest?: boolean;
|
|
132
|
+
policies: PolicySet;
|
|
133
|
+
entities: Entities;
|
|
85
134
|
}
|
|
86
135
|
|
|
87
136
|
export interface ValidationCall {
|
|
88
137
|
validationSettings?: ValidationSettings;
|
|
89
138
|
schema: Schema;
|
|
90
|
-
policySet: PolicySet;
|
|
91
|
-
}
|
|
92
|
-
|
|
93
|
-
export interface RecvdSlice {
|
|
94
139
|
policies: PolicySet;
|
|
95
|
-
entities: Array<EntityJson>;
|
|
96
|
-
templates?: Record<string, string> | null;
|
|
97
|
-
templateInstantiations: TemplateLink[] | null;
|
|
98
140
|
}
|
|
99
141
|
|
|
100
|
-
export
|
|
101
|
-
|
|
102
|
-
export interface TemplateLink {
|
|
103
|
-
templateId: string;
|
|
104
|
-
resultPolicyId: string;
|
|
105
|
-
instantiations: Links;
|
|
142
|
+
export interface ValidationSettings {
|
|
143
|
+
mode: ValidationMode;
|
|
106
144
|
}
|
|
107
145
|
|
|
108
|
-
export interface
|
|
109
|
-
|
|
110
|
-
|
|
146
|
+
export interface ValidationError {
|
|
147
|
+
policyId: string;
|
|
148
|
+
error: DetailedError;
|
|
111
149
|
}
|
|
112
150
|
|
|
113
|
-
export
|
|
114
|
-
|
|
115
|
-
|
|
151
|
+
export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
|
|
152
|
+
|
|
153
|
+
export type Schema = string | SchemaJson<string>;
|
|
154
|
+
|
|
155
|
+
export interface PolicySet {
|
|
156
|
+
staticPolicies?: StaticPolicySet;
|
|
157
|
+
templates?: Record<PolicyId, Template>;
|
|
158
|
+
templateLinks?: TemplateLink[];
|
|
116
159
|
}
|
|
117
160
|
|
|
118
|
-
export interface
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
context: Record<string, CedarValueJson>;
|
|
123
|
-
schema?: Schema;
|
|
124
|
-
enableRequestValidation?: boolean;
|
|
125
|
-
slice: RecvdSlice;
|
|
161
|
+
export interface TemplateLink {
|
|
162
|
+
templateId: PolicyId;
|
|
163
|
+
newId: PolicyId;
|
|
164
|
+
values: Record<SlotId, EntityUid>;
|
|
126
165
|
}
|
|
127
166
|
|
|
128
|
-
export type
|
|
167
|
+
export type StaticPolicySet = string | Policy[] | Record<PolicyId, Policy>;
|
|
129
168
|
|
|
130
|
-
export
|
|
131
|
-
policyId: SmolStr;
|
|
132
|
-
error: DetailedError;
|
|
133
|
-
}
|
|
169
|
+
export type Template = string | PolicyJson;
|
|
134
170
|
|
|
135
|
-
export
|
|
136
|
-
reason: Set<String>;
|
|
137
|
-
errors: AuthorizationError[];
|
|
138
|
-
}
|
|
171
|
+
export type Policy = string | PolicyJson;
|
|
139
172
|
|
|
140
|
-
export
|
|
141
|
-
decision: Decision;
|
|
142
|
-
diagnostics: Diagnostics;
|
|
143
|
-
}
|
|
173
|
+
export type Entities = Array<EntityJson>;
|
|
144
174
|
|
|
145
|
-
export type
|
|
175
|
+
export type Context = Record<string, CedarValueJson>;
|
|
146
176
|
|
|
147
|
-
export type
|
|
177
|
+
export type EntityUid = EntityUidJson;
|
|
148
178
|
|
|
149
179
|
export interface SourceLocation {
|
|
150
180
|
start: number;
|
|
@@ -167,41 +197,114 @@ export interface DetailedError {
|
|
|
167
197
|
related?: DetailedError[];
|
|
168
198
|
}
|
|
169
199
|
|
|
170
|
-
export type
|
|
200
|
+
export type ValidationMode = "strict";
|
|
201
|
+
|
|
202
|
+
export interface FormattingCall {
|
|
203
|
+
policyText: string;
|
|
204
|
+
lineWidth?: number;
|
|
205
|
+
indentWidth?: number;
|
|
206
|
+
}
|
|
207
|
+
|
|
208
|
+
export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
|
|
209
|
+
|
|
210
|
+
export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
|
|
171
211
|
|
|
172
|
-
export type
|
|
212
|
+
export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
|
|
173
213
|
|
|
174
|
-
export
|
|
214
|
+
export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
|
|
215
|
+
|
|
216
|
+
export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
|
|
217
|
+
|
|
218
|
+
export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
|
|
219
|
+
|
|
220
|
+
export interface EntitiesParsingCall {
|
|
221
|
+
entities: Entities;
|
|
222
|
+
schema?: Schema | null;
|
|
223
|
+
}
|
|
224
|
+
|
|
225
|
+
export interface ContextParsingCall {
|
|
226
|
+
context: Context;
|
|
227
|
+
schema?: Schema | null;
|
|
228
|
+
action?: EntityUid | null;
|
|
229
|
+
}
|
|
230
|
+
|
|
231
|
+
export type RecordAttributeType<N> = { required?: boolean } & Type<N>;
|
|
232
|
+
|
|
233
|
+
export type EntityAttributeType<N> = { required?: boolean } & EntityAttributeTypeInternal<N>;
|
|
234
|
+
|
|
235
|
+
export type EntityAttributeTypeInternal<N> = { Type: Type<N> } | { EAMap: { value_type: Type<N> } };
|
|
236
|
+
|
|
237
|
+
export type TypeVariant<N> = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: Type<N> } | ({ type: "Record" } & RecordType<RecordAttributeType<N>>) | { type: "Entity"; name: N } | { type: "EntityOrCommon"; name: N } | { type: "Extension"; name: UnreservedId };
|
|
238
|
+
|
|
239
|
+
export interface RecordType<V> {
|
|
240
|
+
attributes: Record<SmolStr, V>;
|
|
241
|
+
additionalAttributes?: boolean;
|
|
242
|
+
}
|
|
243
|
+
|
|
244
|
+
export type Type<N> = TypeVariant<N> | { type: N };
|
|
245
|
+
|
|
246
|
+
export interface ActionEntityUID<N> {
|
|
175
247
|
id: SmolStr;
|
|
176
|
-
type?:
|
|
248
|
+
type?: N;
|
|
177
249
|
}
|
|
178
250
|
|
|
179
|
-
export interface ApplySpec {
|
|
180
|
-
resourceTypes
|
|
181
|
-
principalTypes
|
|
182
|
-
context?:
|
|
251
|
+
export interface ApplySpec<N> {
|
|
252
|
+
resourceTypes: N[];
|
|
253
|
+
principalTypes: N[];
|
|
254
|
+
context?: RecordOrContextAttributes<N>;
|
|
183
255
|
}
|
|
184
256
|
|
|
185
|
-
export interface ActionType {
|
|
257
|
+
export interface ActionType<N> {
|
|
186
258
|
attributes?: Record<SmolStr, CedarValueJson>;
|
|
187
|
-
appliesTo?: ApplySpec
|
|
188
|
-
memberOf?: ActionEntityUID[];
|
|
259
|
+
appliesTo?: ApplySpec<N>;
|
|
260
|
+
memberOf?: ActionEntityUID<N>[];
|
|
261
|
+
}
|
|
262
|
+
|
|
263
|
+
export interface EntityAttributesInternal<N> extends RecordType<EntityAttributeType<N>> {
|
|
264
|
+
type: "Record";
|
|
265
|
+
}
|
|
266
|
+
|
|
267
|
+
export type EntityAttributes<N> = RecordOrContextAttributes<N> | EntityAttributesInternal<N>;
|
|
268
|
+
|
|
269
|
+
export type RecordOrContextAttributes<N> = Type<N>;
|
|
270
|
+
|
|
271
|
+
export interface EntityType<N> {
|
|
272
|
+
memberOfTypes?: N[];
|
|
273
|
+
shape?: EntityAttributes<N>;
|
|
189
274
|
}
|
|
190
275
|
|
|
191
|
-
export
|
|
276
|
+
export interface NamespaceDefinition<N> {
|
|
277
|
+
commonTypes?: Record<CommonTypeId, Type<N>>;
|
|
278
|
+
entityTypes: Record<UnreservedId, EntityType<N>>;
|
|
279
|
+
actions: Record<SmolStr, ActionType<N>>;
|
|
280
|
+
}
|
|
281
|
+
|
|
282
|
+
export type CommonTypeId = string;
|
|
283
|
+
|
|
284
|
+
export type SchemaJson<N> = Record<string, NamespaceDefinition<N>>;
|
|
285
|
+
|
|
286
|
+
export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
|
|
192
287
|
|
|
193
|
-
export interface
|
|
194
|
-
|
|
195
|
-
|
|
288
|
+
export interface PolicyJson {
|
|
289
|
+
effect: Effect;
|
|
290
|
+
principal: PrincipalConstraint;
|
|
291
|
+
action: ActionConstraint;
|
|
292
|
+
resource: ResourceConstraint;
|
|
293
|
+
conditions: Clause[];
|
|
294
|
+
annotations?: Record<string, string>;
|
|
196
295
|
}
|
|
197
296
|
|
|
198
|
-
export
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
297
|
+
export type Decision = "allow" | "deny";
|
|
298
|
+
|
|
299
|
+
export interface EntityJson {
|
|
300
|
+
uid: EntityUidJson;
|
|
301
|
+
attrs: Record<string, CedarValueJson>;
|
|
302
|
+
parents: EntityUidJson[];
|
|
202
303
|
}
|
|
203
304
|
|
|
204
|
-
export type
|
|
305
|
+
export type UnreservedId = string;
|
|
306
|
+
|
|
307
|
+
export type Var = "principal" | "action" | "resource" | "context";
|
|
205
308
|
|
|
206
309
|
export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
|
|
207
310
|
|
|
@@ -220,7 +323,7 @@ export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | (
|
|
|
220
323
|
|
|
221
324
|
export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
|
|
222
325
|
|
|
223
|
-
export type EntityUidJson = {
|
|
326
|
+
export type EntityUidJson = { __entity: TypeAndId } | TypeAndId;
|
|
224
327
|
|
|
225
328
|
export interface FnAndArg {
|
|
226
329
|
fn: string;
|
|
@@ -232,39 +335,16 @@ export interface TypeAndId {
|
|
|
232
335
|
id: string;
|
|
233
336
|
}
|
|
234
337
|
|
|
235
|
-
export type CedarValueJson = {
|
|
236
|
-
|
|
237
|
-
export type Effect = "permit" | "forbid";
|
|
238
|
-
|
|
239
|
-
export type Var = "principal" | "action" | "resource" | "context";
|
|
240
|
-
|
|
241
|
-
export interface EntityJson {
|
|
242
|
-
uid: EntityUidJson;
|
|
243
|
-
attrs: Record<string, CedarValueJson>;
|
|
244
|
-
parents: EntityUidJson[];
|
|
245
|
-
}
|
|
246
|
-
|
|
247
|
-
export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
|
|
248
|
-
|
|
249
|
-
export interface Policy {
|
|
250
|
-
effect: Effect;
|
|
251
|
-
principal: PrincipalConstraint;
|
|
252
|
-
action: ActionConstraint;
|
|
253
|
-
resource: ResourceConstraint;
|
|
254
|
-
conditions: Clause[];
|
|
255
|
-
annotations?: Record<string, string>;
|
|
256
|
-
}
|
|
338
|
+
export type CedarValueJson = { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
|
|
257
339
|
|
|
258
340
|
export type ExtFuncCall = {} & Record<string, Array<Expr>>;
|
|
259
341
|
|
|
260
|
-
export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | {
|
|
342
|
+
export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
|
|
343
|
+
|
|
344
|
+
export type PatternElem = "Wildcard" | { Literal: SmolStr };
|
|
261
345
|
|
|
262
346
|
export type Expr = ExprNoExt | ExtFuncCall;
|
|
263
347
|
|
|
264
|
-
export type
|
|
348
|
+
export type Effect = "permit" | "forbid";
|
|
265
349
|
|
|
266
350
|
type SmolStr = string;
|
|
267
|
-
type Name = string;
|
|
268
|
-
type Id = string;
|
|
269
|
-
export type TypeOfAttribute = SchemaType & { required?: boolean };
|
|
270
|
-
export type Context = Record<string, CedarValueJson>;
|