@cedar-policy/cedar-wasm 4.4.0 → 4.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/esm/cedar_wasm.d.ts +100 -93
  2. package/esm/cedar_wasm_bg.js +31 -18
  3. package/esm/cedar_wasm_bg.wasm +0 -0
  4. package/esm/cedar_wasm_bg.wasm.d.ts +3 -2
  5. package/esm/package.json +1 -1
  6. package/nodejs/cedar_wasm.d.ts +100 -93
  7. package/nodejs/cedar_wasm.js +31 -18
  8. package/nodejs/cedar_wasm_bg.wasm +0 -0
  9. package/nodejs/cedar_wasm_bg.wasm.d.ts +3 -2
  10. package/nodejs/package.json +1 -1
  11. package/package.json +1 -1
  12. package/web/cedar_wasm.d.ts +103 -95
  13. package/web/cedar_wasm.js +31 -18
  14. package/web/cedar_wasm_bg.wasm +0 -0
  15. package/web/cedar_wasm_bg.wasm.d.ts +3 -2
  16. package/web/package.json +1 -1
package/esm/cedar_wasm.d.ts CHANGED
@@ -11,9 +11,12 @@ export function getValidRequestEnvsPolicy(t: Policy, s: Schema): GetValidRequest
11
11
  export function getCedarVersion(): string;
12
12
  export function getCedarSDKVersion(): string;
13
13
  /**
14
- * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
14
+ * Parse a policy set and optionally validate it against a provided schema
15
+ *
16
+ * This is the basic validator interface, using [`ValidationCall`] and
17
+ * [`ValidationAnswer`] types
15
18
  */
16
- export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
19
+ export function validate(call: ValidationCall): ValidationAnswer;
17
20
  /**
18
21
  * Check whether a policy set successfully parses.
19
22
  */
@@ -30,17 +33,19 @@ export function checkParseEntities(call: EntitiesParsingCall): CheckParseAnswer;
30
33
  * Check whether a context successfully parses.
31
34
  */
32
35
  export function checkParseContext(call: ContextParsingCall): CheckParseAnswer;
33
- /**
34
- * Parse a policy set and optionally validate it against a provided schema
35
- *
36
- * This is the basic validator interface, using [`ValidationCall`] and
37
- * [`ValidationAnswer`] types
38
- */
39
- export function validate(call: ValidationCall): ValidationAnswer;
40
36
  /**
41
37
  * Apply the Cedar policy formatter to a policy set in the Cedar policy format
42
38
  */
43
39
  export function formatPolicies(call: FormattingCall): FormattingAnswer;
40
+ /**
41
+ * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
42
+ */
43
+ export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
44
+ /**
45
+ * Takes a PolicySet represented as string and return the policies
46
+ * and templates split into vecs and sorted by id.
47
+ */
48
+ export function policySetTextToParts(policyset_str: string): PolicySetTextToPartsAnswer;
44
49
  /**
45
50
  * Return the Cedar (textual) representation of a policy.
46
51
  */
@@ -71,6 +76,44 @@ export function schemaToJson(schema: Schema): SchemaToJsonAnswer;
71
76
  export function getCedarLangVersion(): string;
72
77
  export type GetValidRequestEnvsResult = { type: "success"; principals: string[]; actions: string[]; resources: string[] } | { type: "failure"; error: string };
73
78
 
79
+ export interface ValidationCall {
80
+ validationSettings?: ValidationSettings;
81
+ schema: Schema;
82
+ policies: PolicySet;
83
+ }
84
+
85
+ export interface ValidationSettings {
86
+ mode: ValidationMode;
87
+ }
88
+
89
+ export interface ValidationError {
90
+ policyId: string;
91
+ error: DetailedError;
92
+ }
93
+
94
+ export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
95
+
96
+ export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
97
+
98
+ export interface EntitiesParsingCall {
99
+ entities: Entities;
100
+ schema?: Schema | null;
101
+ }
102
+
103
+ export interface ContextParsingCall {
104
+ context: Context;
105
+ schema?: Schema | null;
106
+ action?: EntityUid | null;
107
+ }
108
+
109
+ export interface FormattingCall {
110
+ policyText: string;
111
+ lineWidth?: number;
112
+ indentWidth?: number;
113
+ }
114
+
115
+ export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
116
+
74
117
  export interface Response {
75
118
  decision: Decision;
76
119
  diagnostics: Diagnostics;
@@ -99,22 +142,15 @@ export interface AuthorizationCall {
99
142
  entities: Entities;
100
143
  }
101
144
 
102
- export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
145
+ export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
103
146
 
104
- export interface EntitiesParsingCall {
105
- entities: Entities;
106
- schema?: Schema | null;
107
- }
147
+ export type PolicySetTextToPartsAnswer = { type: "success"; policies: string[]; policy_templates: string[] } | { type: "failure"; errors: DetailedError[] };
108
148
 
109
- export interface ContextParsingCall {
110
- context: Context;
111
- schema?: Schema | null;
112
- action?: EntityUid | null;
113
- }
149
+ export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
114
150
 
115
- export type SlotId = string;
151
+ export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
116
152
 
117
- export type PolicyId = string;
153
+ export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
118
154
 
119
155
  export type Schema = string | SchemaJson<string>;
120
156
 
@@ -163,40 +199,45 @@ export interface DetailedError {
163
199
  related?: DetailedError[];
164
200
  }
165
201
 
166
- export interface ValidationCall {
167
- validationSettings?: ValidationSettings;
168
- schema: Schema;
169
- policies: PolicySet;
170
- }
202
+ export type SlotId = string;
171
203
 
172
- export interface ValidationSettings {
173
- mode: ValidationMode;
174
- }
204
+ export type PolicyId = string;
175
205
 
176
- export interface ValidationError {
177
- policyId: string;
178
- error: DetailedError;
179
- }
206
+ export type ValidationMode = "strict";
180
207
 
181
- export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
208
+ export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
182
209
 
183
- export interface FormattingCall {
184
- policyText: string;
185
- lineWidth?: number;
186
- indentWidth?: number;
210
+ export interface PrincipalOrResourceIsConstraint {
211
+ entity_type: string;
212
+ in?: PrincipalOrResourceInConstraint;
187
213
  }
188
214
 
189
- export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
215
+ export type PrincipalOrResourceInConstraint = { entity: EntityUidJson } | { slot: string };
190
216
 
191
- export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
217
+ export type EqConstraint = { entity: EntityUidJson } | { slot: string };
192
218
 
193
- export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
219
+ export type ResourceConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
194
220
 
195
- export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
221
+ export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
196
222
 
197
- export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
223
+ export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
198
224
 
199
- export type ValidationMode = "strict";
225
+ export type Effect = "permit" | "forbid";
226
+
227
+ export interface EntityJson {
228
+ uid: EntityUidJson;
229
+ attrs: Record<string, CedarValueJson>;
230
+ parents: EntityUidJson[];
231
+ tags?: Record<string, CedarValueJson>;
232
+ }
233
+
234
+ export type ExtFuncCall = {} & Record<string, Array<Expr>>;
235
+
236
+ export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { isEmpty: { arg: Expr } } | { getTag: { left: Expr; right: Expr } } | { hasTag: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
237
+
238
+ export type PatternElem = "Wildcard" | { Literal: SmolStr };
239
+
240
+ export type Expr = ExprNoExt | ExtFuncCall;
200
241
 
201
242
  export type TypeVariant<N> = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: Type<N> } | ({ type: "Record" } & RecordType<N>) | { type: "Entity"; name: N } | { type: "EntityOrCommon"; name: N } | { type: "Extension"; name: UnreservedId };
202
243
 
@@ -246,40 +287,14 @@ export type CommonTypeId = string;
246
287
 
247
288
  export type SchemaJson<N> = Record<string, NamespaceDefinition<N>>;
248
289
 
249
- export type Var = "principal" | "action" | "resource" | "context";
250
-
251
- export interface EntityJson {
252
- uid: EntityUidJson;
253
- attrs: Record<string, CedarValueJson>;
254
- parents: EntityUidJson[];
255
- tags?: Record<string, CedarValueJson>;
256
- }
257
-
258
- export type Decision = "allow" | "deny";
259
-
260
- export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
261
-
262
- export interface PolicyJson {
263
- effect: Effect;
264
- principal: PrincipalConstraint;
265
- action: ActionConstraint;
266
- resource: ResourceConstraint;
267
- conditions: Clause[];
268
- annotations?: Annotations;
269
- }
270
-
271
- export type ExtFuncCall = {} & Record<string, Array<Expr>>;
272
-
273
- export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { isEmpty: { arg: Expr } } | { getTag: { left: Expr; right: Expr } } | { hasTag: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
274
-
275
- export type PatternElem = "Wildcard" | { Literal: SmolStr };
276
-
277
- export type Expr = ExprNoExt | ExtFuncCall;
278
-
279
290
  export type AnyId = SmolStr;
280
291
 
281
292
  export type UnreservedId = string;
282
293
 
294
+ export type Annotations = Record<string, Annotation>;
295
+
296
+ export type Annotation = SmolStr;
297
+
283
298
  export type EntityUidJson = { __entity: TypeAndId } | TypeAndId;
284
299
 
285
300
  export interface FnAndArg {
@@ -294,28 +309,20 @@ export interface TypeAndId {
294
309
 
295
310
  export type CedarValueJson = { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
296
311
 
297
- export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
298
-
299
- export interface PrincipalOrResourceIsConstraint {
300
- entity_type: string;
301
- in?: PrincipalOrResourceInConstraint;
302
- }
303
-
304
- export type PrincipalOrResourceInConstraint = { entity: EntityUidJson } | { slot: string };
305
-
306
- export type EqConstraint = { entity: EntityUidJson } | { slot: string };
307
-
308
- export type ResourceConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
309
-
310
- export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
311
-
312
- export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
312
+ export type Var = "principal" | "action" | "resource" | "context";
313
313
 
314
- export type Effect = "permit" | "forbid";
314
+ export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
315
315
 
316
- export type Annotations = Record<string, Annotation>;
316
+ export interface PolicyJson {
317
+ effect: Effect;
318
+ principal: PrincipalConstraint;
319
+ action: ActionConstraint;
320
+ resource: ResourceConstraint;
321
+ conditions: Clause[];
322
+ annotations?: Annotations;
323
+ }
317
324
 
318
- export type Annotation = SmolStr;
325
+ export type Decision = "allow" | "deny";
319
326
 
320
327
  type SmolStr = string;
321
328
  export type TypeOfAttribute<N> = Type<N> & { required?: boolean };
package/esm/cedar_wasm_bg.js CHANGED
@@ -164,12 +164,15 @@ export function getCedarSDKVersion() {
164
164
  }
165
165
 
166
166
  /**
167
- * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
168
- * @param {AuthorizationCall} call
169
- * @returns {AuthorizationAnswer}
167
+ * Parse a policy set and optionally validate it against a provided schema
168
+ *
169
+ * This is the basic validator interface, using [`ValidationCall`] and
170
+ * [`ValidationAnswer`] types
171
+ * @param {ValidationCall} call
172
+ * @returns {ValidationAnswer}
170
173
  */
171
- export function isAuthorized(call) {
172
- const ret = wasm.isAuthorized(call);
174
+ export function validate(call) {
175
+ const ret = wasm.validate(call);
173
176
  return ret;
174
177
  }
175
178
 
@@ -213,19 +216,6 @@ export function checkParseContext(call) {
213
216
  return ret;
214
217
  }
215
218
 
216
- /**
217
- * Parse a policy set and optionally validate it against a provided schema
218
- *
219
- * This is the basic validator interface, using [`ValidationCall`] and
220
- * [`ValidationAnswer`] types
221
- * @param {ValidationCall} call
222
- * @returns {ValidationAnswer}
223
- */
224
- export function validate(call) {
225
- const ret = wasm.validate(call);
226
- return ret;
227
- }
228
-
229
219
  /**
230
220
  * Apply the Cedar policy formatter to a policy set in the Cedar policy format
231
221
  * @param {FormattingCall} call
@@ -236,6 +226,29 @@ export function formatPolicies(call) {
236
226
  return ret;
237
227
  }
238
228
 
229
+ /**
230
+ * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
231
+ * @param {AuthorizationCall} call
232
+ * @returns {AuthorizationAnswer}
233
+ */
234
+ export function isAuthorized(call) {
235
+ const ret = wasm.isAuthorized(call);
236
+ return ret;
237
+ }
238
+
239
+ /**
240
+ * Takes a PolicySet represented as string and return the policies
241
+ * and templates split into vecs and sorted by id.
242
+ * @param {string} policyset_str
243
+ * @returns {PolicySetTextToPartsAnswer}
244
+ */
245
+ export function policySetTextToParts(policyset_str) {
246
+ const ptr0 = passStringToWasm0(policyset_str, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
247
+ const len0 = WASM_VECTOR_LEN;
248
+ const ret = wasm.policySetTextToParts(ptr0, len0);
249
+ return ret;
250
+ }
251
+
239
252
  /**
240
253
  * Return the Cedar (textual) representation of a policy.
241
254
  * @param {Policy} policy
package/esm/cedar_wasm_bg.wasm CHANGED
Binary file
package/esm/cedar_wasm_bg.wasm.d.ts CHANGED
@@ -5,13 +5,14 @@ export const getValidRequestEnvsTemplate: (a: any, b: any) => any;
5
5
  export const getValidRequestEnvsPolicy: (a: any, b: any) => any;
6
6
  export const getCedarSDKVersion: () => [number, number];
7
7
  export const getCedarVersion: () => [number, number];
8
- export const isAuthorized: (a: any) => any;
8
+ export const validate: (a: any) => any;
9
9
  export const checkParsePolicySet: (a: any) => any;
10
10
  export const checkParseSchema: (a: any) => any;
11
11
  export const checkParseEntities: (a: any) => any;
12
12
  export const checkParseContext: (a: any) => any;
13
- export const validate: (a: any) => any;
14
13
  export const formatPolicies: (a: any) => any;
14
+ export const isAuthorized: (a: any) => any;
15
+ export const policySetTextToParts: (a: number, b: number) => any;
15
16
  export const policyToText: (a: any) => any;
16
17
  export const templateToText: (a: any) => any;
17
18
  export const policyToJson: (a: any) => any;
package/esm/package.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "@cedar-policy/cedar-wasm",
3
3
  "type": "module",
4
4
  "description": "Wasm bindings and typescript types for Cedar lib",
5
- "version": "4.4.0",
5
+ "version": "4.5.0",
6
6
  "license": "Apache-2.0",
7
7
  "files": [
8
8
  "cedar_wasm_bg.wasm",
package/nodejs/cedar_wasm.d.ts CHANGED
@@ -11,9 +11,12 @@ export function getValidRequestEnvsPolicy(t: Policy, s: Schema): GetValidRequest
11
11
  export function getCedarVersion(): string;
12
12
  export function getCedarSDKVersion(): string;
13
13
  /**
14
- * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
14
+ * Parse a policy set and optionally validate it against a provided schema
15
+ *
16
+ * This is the basic validator interface, using [`ValidationCall`] and
17
+ * [`ValidationAnswer`] types
15
18
  */
16
- export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
19
+ export function validate(call: ValidationCall): ValidationAnswer;
17
20
  /**
18
21
  * Check whether a policy set successfully parses.
19
22
  */
@@ -30,17 +33,19 @@ export function checkParseEntities(call: EntitiesParsingCall): CheckParseAnswer;
30
33
  * Check whether a context successfully parses.
31
34
  */
32
35
  export function checkParseContext(call: ContextParsingCall): CheckParseAnswer;
33
- /**
34
- * Parse a policy set and optionally validate it against a provided schema
35
- *
36
- * This is the basic validator interface, using [`ValidationCall`] and
37
- * [`ValidationAnswer`] types
38
- */
39
- export function validate(call: ValidationCall): ValidationAnswer;
40
36
  /**
41
37
  * Apply the Cedar policy formatter to a policy set in the Cedar policy format
42
38
  */
43
39
  export function formatPolicies(call: FormattingCall): FormattingAnswer;
40
+ /**
41
+ * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
42
+ */
43
+ export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
44
+ /**
45
+ * Takes a PolicySet represented as string and return the policies
46
+ * and templates split into vecs and sorted by id.
47
+ */
48
+ export function policySetTextToParts(policyset_str: string): PolicySetTextToPartsAnswer;
44
49
  /**
45
50
  * Return the Cedar (textual) representation of a policy.
46
51
  */
@@ -71,6 +76,44 @@ export function schemaToJson(schema: Schema): SchemaToJsonAnswer;
71
76
  export function getCedarLangVersion(): string;
72
77
  export type GetValidRequestEnvsResult = { type: "success"; principals: string[]; actions: string[]; resources: string[] } | { type: "failure"; error: string };
73
78
 
79
+ export interface ValidationCall {
80
+ validationSettings?: ValidationSettings;
81
+ schema: Schema;
82
+ policies: PolicySet;
83
+ }
84
+
85
+ export interface ValidationSettings {
86
+ mode: ValidationMode;
87
+ }
88
+
89
+ export interface ValidationError {
90
+ policyId: string;
91
+ error: DetailedError;
92
+ }
93
+
94
+ export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
95
+
96
+ export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
97
+
98
+ export interface EntitiesParsingCall {
99
+ entities: Entities;
100
+ schema?: Schema | null;
101
+ }
102
+
103
+ export interface ContextParsingCall {
104
+ context: Context;
105
+ schema?: Schema | null;
106
+ action?: EntityUid | null;
107
+ }
108
+
109
+ export interface FormattingCall {
110
+ policyText: string;
111
+ lineWidth?: number;
112
+ indentWidth?: number;
113
+ }
114
+
115
+ export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
116
+
74
117
  export interface Response {
75
118
  decision: Decision;
76
119
  diagnostics: Diagnostics;
@@ -99,22 +142,15 @@ export interface AuthorizationCall {
99
142
  entities: Entities;
100
143
  }
101
144
 
102
- export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
145
+ export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
103
146
 
104
- export interface EntitiesParsingCall {
105
- entities: Entities;
106
- schema?: Schema | null;
107
- }
147
+ export type PolicySetTextToPartsAnswer = { type: "success"; policies: string[]; policy_templates: string[] } | { type: "failure"; errors: DetailedError[] };
108
148
 
109
- export interface ContextParsingCall {
110
- context: Context;
111
- schema?: Schema | null;
112
- action?: EntityUid | null;
113
- }
149
+ export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
114
150
 
115
- export type SlotId = string;
151
+ export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
116
152
 
117
- export type PolicyId = string;
153
+ export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
118
154
 
119
155
  export type Schema = string | SchemaJson<string>;
120
156
 
@@ -163,40 +199,45 @@ export interface DetailedError {
163
199
  related?: DetailedError[];
164
200
  }
165
201
 
166
- export interface ValidationCall {
167
- validationSettings?: ValidationSettings;
168
- schema: Schema;
169
- policies: PolicySet;
170
- }
202
+ export type SlotId = string;
171
203
 
172
- export interface ValidationSettings {
173
- mode: ValidationMode;
174
- }
204
+ export type PolicyId = string;
175
205
 
176
- export interface ValidationError {
177
- policyId: string;
178
- error: DetailedError;
179
- }
206
+ export type ValidationMode = "strict";
180
207
 
181
- export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
208
+ export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
182
209
 
183
- export interface FormattingCall {
184
- policyText: string;
185
- lineWidth?: number;
186
- indentWidth?: number;
210
+ export interface PrincipalOrResourceIsConstraint {
211
+ entity_type: string;
212
+ in?: PrincipalOrResourceInConstraint;
187
213
  }
188
214
 
189
- export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
215
+ export type PrincipalOrResourceInConstraint = { entity: EntityUidJson } | { slot: string };
190
216
 
191
- export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
217
+ export type EqConstraint = { entity: EntityUidJson } | { slot: string };
192
218
 
193
- export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
219
+ export type ResourceConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
194
220
 
195
- export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
221
+ export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
196
222
 
197
- export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
223
+ export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
198
224
 
199
- export type ValidationMode = "strict";
225
+ export type Effect = "permit" | "forbid";
226
+
227
+ export interface EntityJson {
228
+ uid: EntityUidJson;
229
+ attrs: Record<string, CedarValueJson>;
230
+ parents: EntityUidJson[];
231
+ tags?: Record<string, CedarValueJson>;
232
+ }
233
+
234
+ export type ExtFuncCall = {} & Record<string, Array<Expr>>;
235
+
236
+ export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { isEmpty: { arg: Expr } } | { getTag: { left: Expr; right: Expr } } | { hasTag: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
237
+
238
+ export type PatternElem = "Wildcard" | { Literal: SmolStr };
239
+
240
+ export type Expr = ExprNoExt | ExtFuncCall;
200
241
 
201
242
  export type TypeVariant<N> = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: Type<N> } | ({ type: "Record" } & RecordType<N>) | { type: "Entity"; name: N } | { type: "EntityOrCommon"; name: N } | { type: "Extension"; name: UnreservedId };
202
243
 
@@ -246,40 +287,14 @@ export type CommonTypeId = string;
246
287
 
247
288
  export type SchemaJson<N> = Record<string, NamespaceDefinition<N>>;
248
289
 
249
- export type Var = "principal" | "action" | "resource" | "context";
250
-
251
- export interface EntityJson {
252
- uid: EntityUidJson;
253
- attrs: Record<string, CedarValueJson>;
254
- parents: EntityUidJson[];
255
- tags?: Record<string, CedarValueJson>;
256
- }
257
-
258
- export type Decision = "allow" | "deny";
259
-
260
- export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
261
-
262
- export interface PolicyJson {
263
- effect: Effect;
264
- principal: PrincipalConstraint;
265
- action: ActionConstraint;
266
- resource: ResourceConstraint;
267
- conditions: Clause[];
268
- annotations?: Annotations;
269
- }
270
-
271
- export type ExtFuncCall = {} & Record<string, Array<Expr>>;
272
-
273
- export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { isEmpty: { arg: Expr } } | { getTag: { left: Expr; right: Expr } } | { hasTag: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
274
-
275
- export type PatternElem = "Wildcard" | { Literal: SmolStr };
276
-
277
- export type Expr = ExprNoExt | ExtFuncCall;
278
-
279
290
  export type AnyId = SmolStr;
280
291
 
281
292
  export type UnreservedId = string;
282
293
 
294
+ export type Annotations = Record<string, Annotation>;
295
+
296
+ export type Annotation = SmolStr;
297
+
283
298
  export type EntityUidJson = { __entity: TypeAndId } | TypeAndId;
284
299
 
285
300
  export interface FnAndArg {
@@ -294,28 +309,20 @@ export interface TypeAndId {
294
309
 
295
310
  export type CedarValueJson = { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
296
311
 
297
- export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
298
-
299
- export interface PrincipalOrResourceIsConstraint {
300
- entity_type: string;
301
- in?: PrincipalOrResourceInConstraint;
302
- }
303
-
304
- export type PrincipalOrResourceInConstraint = { entity: EntityUidJson } | { slot: string };
305
-
306
- export type EqConstraint = { entity: EntityUidJson } | { slot: string };
307
-
308
- export type ResourceConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
309
-
310
- export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
311
-
312
- export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
312
+ export type Var = "principal" | "action" | "resource" | "context";
313
313
 
314
- export type Effect = "permit" | "forbid";
314
+ export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
315
315
 
316
- export type Annotations = Record<string, Annotation>;
316
+ export interface PolicyJson {
317
+ effect: Effect;
318
+ principal: PrincipalConstraint;
319
+ action: ActionConstraint;
320
+ resource: ResourceConstraint;
321
+ conditions: Clause[];
322
+ annotations?: Annotations;
323
+ }
317
324
 
318
- export type Annotation = SmolStr;
325
+ export type Decision = "allow" | "deny";
319
326
 
320
327
  type SmolStr = string;
321
328
  export type TypeOfAttribute<N> = Type<N> & { required?: boolean };
package/nodejs/cedar_wasm.js CHANGED
@@ -160,12 +160,15 @@ module.exports.getCedarSDKVersion = function() {
160
160
  };
161
161
 
162
162
  /**
163
- * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
164
- * @param {AuthorizationCall} call
165
- * @returns {AuthorizationAnswer}
163
+ * Parse a policy set and optionally validate it against a provided schema
164
+ *
165
+ * This is the basic validator interface, using [`ValidationCall`] and
166
+ * [`ValidationAnswer`] types
167
+ * @param {ValidationCall} call
168
+ * @returns {ValidationAnswer}
166
169
  */
167
- module.exports.isAuthorized = function(call) {
168
- const ret = wasm.isAuthorized(call);
170
+ module.exports.validate = function(call) {
171
+ const ret = wasm.validate(call);
169
172
  return ret;
170
173
  };
171
174
 
@@ -209,19 +212,6 @@ module.exports.checkParseContext = function(call) {
209
212
  return ret;
210
213
  };
211
214
 
212
- /**
213
- * Parse a policy set and optionally validate it against a provided schema
214
- *
215
- * This is the basic validator interface, using [`ValidationCall`] and
216
- * [`ValidationAnswer`] types
217
- * @param {ValidationCall} call
218
- * @returns {ValidationAnswer}
219
- */
220
- module.exports.validate = function(call) {
221
- const ret = wasm.validate(call);
222
- return ret;
223
- };
224
-
225
215
  /**
226
216
  * Apply the Cedar policy formatter to a policy set in the Cedar policy format
227
217
  * @param {FormattingCall} call
@@ -232,6 +222,29 @@ module.exports.formatPolicies = function(call) {
232
222
  return ret;
233
223
  };
234
224
 
225
+ /**
226
+ * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
227
+ * @param {AuthorizationCall} call
228
+ * @returns {AuthorizationAnswer}
229
+ */
230
+ module.exports.isAuthorized = function(call) {
231
+ const ret = wasm.isAuthorized(call);
232
+ return ret;
233
+ };
234
+
235
+ /**
236
+ * Takes a PolicySet represented as string and return the policies
237
+ * and templates split into vecs and sorted by id.
238
+ * @param {string} policyset_str
239
+ * @returns {PolicySetTextToPartsAnswer}
240
+ */
241
+ module.exports.policySetTextToParts = function(policyset_str) {
242
+ const ptr0 = passStringToWasm0(policyset_str, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
243
+ const len0 = WASM_VECTOR_LEN;
244
+ const ret = wasm.policySetTextToParts(ptr0, len0);
245
+ return ret;
246
+ };
247
+
235
248
  /**
236
249
  * Return the Cedar (textual) representation of a policy.
237
250
  * @param {Policy} policy
package/nodejs/cedar_wasm_bg.wasm CHANGED
Binary file
package/nodejs/cedar_wasm_bg.wasm.d.ts CHANGED
@@ -5,13 +5,14 @@ export const getValidRequestEnvsTemplate: (a: any, b: any) => any;
5
5
  export const getValidRequestEnvsPolicy: (a: any, b: any) => any;
6
6
  export const getCedarSDKVersion: () => [number, number];
7
7
  export const getCedarVersion: () => [number, number];
8
- export const isAuthorized: (a: any) => any;
8
+ export const validate: (a: any) => any;
9
9
  export const checkParsePolicySet: (a: any) => any;
10
10
  export const checkParseSchema: (a: any) => any;
11
11
  export const checkParseEntities: (a: any) => any;
12
12
  export const checkParseContext: (a: any) => any;
13
- export const validate: (a: any) => any;
14
13
  export const formatPolicies: (a: any) => any;
14
+ export const isAuthorized: (a: any) => any;
15
+ export const policySetTextToParts: (a: number, b: number) => any;
15
16
  export const policyToText: (a: any) => any;
16
17
  export const templateToText: (a: any) => any;
17
18
  export const policyToJson: (a: any) => any;
package/nodejs/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@cedar-policy/cedar-wasm",
3
3
  "description": "Wasm bindings and typescript types for Cedar lib",
4
- "version": "4.4.0",
4
+ "version": "4.5.0",
5
5
  "license": "Apache-2.0",
6
6
  "files": [
7
7
  "cedar_wasm_bg.wasm",
package/package.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "@cedar-policy/cedar-wasm",
3
3
  "type": "module",
4
4
  "description": "Wasm bindings and typescript types for Cedar lib",
5
- "version": "4.4.0",
5
+ "version": "4.5.0",
6
6
  "license": "Apache-2.0",
7
7
  "files": [
8
8
  "esm/package.json",
package/web/cedar_wasm.d.ts CHANGED
@@ -11,9 +11,12 @@ export function getValidRequestEnvsPolicy(t: Policy, s: Schema): GetValidRequest
11
11
  export function getCedarVersion(): string;
12
12
  export function getCedarSDKVersion(): string;
13
13
  /**
14
- * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
14
+ * Parse a policy set and optionally validate it against a provided schema
15
+ *
16
+ * This is the basic validator interface, using [`ValidationCall`] and
17
+ * [`ValidationAnswer`] types
15
18
  */
16
- export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
19
+ export function validate(call: ValidationCall): ValidationAnswer;
17
20
  /**
18
21
  * Check whether a policy set successfully parses.
19
22
  */
@@ -30,17 +33,19 @@ export function checkParseEntities(call: EntitiesParsingCall): CheckParseAnswer;
30
33
  * Check whether a context successfully parses.
31
34
  */
32
35
  export function checkParseContext(call: ContextParsingCall): CheckParseAnswer;
33
- /**
34
- * Parse a policy set and optionally validate it against a provided schema
35
- *
36
- * This is the basic validator interface, using [`ValidationCall`] and
37
- * [`ValidationAnswer`] types
38
- */
39
- export function validate(call: ValidationCall): ValidationAnswer;
40
36
  /**
41
37
  * Apply the Cedar policy formatter to a policy set in the Cedar policy format
42
38
  */
43
39
  export function formatPolicies(call: FormattingCall): FormattingAnswer;
40
+ /**
41
+ * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
42
+ */
43
+ export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
44
+ /**
45
+ * Takes a PolicySet represented as string and return the policies
46
+ * and templates split into vecs and sorted by id.
47
+ */
48
+ export function policySetTextToParts(policyset_str: string): PolicySetTextToPartsAnswer;
44
49
  /**
45
50
  * Return the Cedar (textual) representation of a policy.
46
51
  */
@@ -71,6 +76,44 @@ export function schemaToJson(schema: Schema): SchemaToJsonAnswer;
71
76
  export function getCedarLangVersion(): string;
72
77
  export type GetValidRequestEnvsResult = { type: "success"; principals: string[]; actions: string[]; resources: string[] } | { type: "failure"; error: string };
73
78
 
79
+ export interface ValidationCall {
80
+ validationSettings?: ValidationSettings;
81
+ schema: Schema;
82
+ policies: PolicySet;
83
+ }
84
+
85
+ export interface ValidationSettings {
86
+ mode: ValidationMode;
87
+ }
88
+
89
+ export interface ValidationError {
90
+ policyId: string;
91
+ error: DetailedError;
92
+ }
93
+
94
+ export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
95
+
96
+ export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
97
+
98
+ export interface EntitiesParsingCall {
99
+ entities: Entities;
100
+ schema?: Schema | null;
101
+ }
102
+
103
+ export interface ContextParsingCall {
104
+ context: Context;
105
+ schema?: Schema | null;
106
+ action?: EntityUid | null;
107
+ }
108
+
109
+ export interface FormattingCall {
110
+ policyText: string;
111
+ lineWidth?: number;
112
+ indentWidth?: number;
113
+ }
114
+
115
+ export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
116
+
74
117
  export interface Response {
75
118
  decision: Decision;
76
119
  diagnostics: Diagnostics;
@@ -99,22 +142,15 @@ export interface AuthorizationCall {
99
142
  entities: Entities;
100
143
  }
101
144
 
102
- export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
145
+ export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
103
146
 
104
- export interface EntitiesParsingCall {
105
- entities: Entities;
106
- schema?: Schema | null;
107
- }
147
+ export type PolicySetTextToPartsAnswer = { type: "success"; policies: string[]; policy_templates: string[] } | { type: "failure"; errors: DetailedError[] };
108
148
 
109
- export interface ContextParsingCall {
110
- context: Context;
111
- schema?: Schema | null;
112
- action?: EntityUid | null;
113
- }
149
+ export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
114
150
 
115
- export type SlotId = string;
151
+ export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
116
152
 
117
- export type PolicyId = string;
153
+ export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
118
154
 
119
155
  export type Schema = string | SchemaJson<string>;
120
156
 
@@ -163,40 +199,45 @@ export interface DetailedError {
163
199
  related?: DetailedError[];
164
200
  }
165
201
 
166
- export interface ValidationCall {
167
- validationSettings?: ValidationSettings;
168
- schema: Schema;
169
- policies: PolicySet;
170
- }
202
+ export type SlotId = string;
171
203
 
172
- export interface ValidationSettings {
173
- mode: ValidationMode;
174
- }
204
+ export type PolicyId = string;
175
205
 
176
- export interface ValidationError {
177
- policyId: string;
178
- error: DetailedError;
179
- }
206
+ export type ValidationMode = "strict";
180
207
 
181
- export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
208
+ export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
182
209
 
183
- export interface FormattingCall {
184
- policyText: string;
185
- lineWidth?: number;
186
- indentWidth?: number;
210
+ export interface PrincipalOrResourceIsConstraint {
211
+ entity_type: string;
212
+ in?: PrincipalOrResourceInConstraint;
187
213
  }
188
214
 
189
- export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
215
+ export type PrincipalOrResourceInConstraint = { entity: EntityUidJson } | { slot: string };
190
216
 
191
- export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
217
+ export type EqConstraint = { entity: EntityUidJson } | { slot: string };
192
218
 
193
- export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
219
+ export type ResourceConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
194
220
 
195
- export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
221
+ export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
196
222
 
197
- export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
223
+ export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
198
224
 
199
- export type ValidationMode = "strict";
225
+ export type Effect = "permit" | "forbid";
226
+
227
+ export interface EntityJson {
228
+ uid: EntityUidJson;
229
+ attrs: Record<string, CedarValueJson>;
230
+ parents: EntityUidJson[];
231
+ tags?: Record<string, CedarValueJson>;
232
+ }
233
+
234
+ export type ExtFuncCall = {} & Record<string, Array<Expr>>;
235
+
236
+ export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { isEmpty: { arg: Expr } } | { getTag: { left: Expr; right: Expr } } | { hasTag: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
237
+
238
+ export type PatternElem = "Wildcard" | { Literal: SmolStr };
239
+
240
+ export type Expr = ExprNoExt | ExtFuncCall;
200
241
 
201
242
  export type TypeVariant<N> = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: Type<N> } | ({ type: "Record" } & RecordType<N>) | { type: "Entity"; name: N } | { type: "EntityOrCommon"; name: N } | { type: "Extension"; name: UnreservedId };
202
243
 
@@ -246,40 +287,14 @@ export type CommonTypeId = string;
246
287
 
247
288
  export type SchemaJson<N> = Record<string, NamespaceDefinition<N>>;
248
289
 
249
- export type Var = "principal" | "action" | "resource" | "context";
250
-
251
- export interface EntityJson {
252
- uid: EntityUidJson;
253
- attrs: Record<string, CedarValueJson>;
254
- parents: EntityUidJson[];
255
- tags?: Record<string, CedarValueJson>;
256
- }
257
-
258
- export type Decision = "allow" | "deny";
259
-
260
- export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
261
-
262
- export interface PolicyJson {
263
- effect: Effect;
264
- principal: PrincipalConstraint;
265
- action: ActionConstraint;
266
- resource: ResourceConstraint;
267
- conditions: Clause[];
268
- annotations?: Annotations;
269
- }
270
-
271
- export type ExtFuncCall = {} & Record<string, Array<Expr>>;
272
-
273
- export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { isEmpty: { arg: Expr } } | { getTag: { left: Expr; right: Expr } } | { hasTag: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
274
-
275
- export type PatternElem = "Wildcard" | { Literal: SmolStr };
276
-
277
- export type Expr = ExprNoExt | ExtFuncCall;
278
-
279
290
  export type AnyId = SmolStr;
280
291
 
281
292
  export type UnreservedId = string;
282
293
 
294
+ export type Annotations = Record<string, Annotation>;
295
+
296
+ export type Annotation = SmolStr;
297
+
283
298
  export type EntityUidJson = { __entity: TypeAndId } | TypeAndId;
284
299
 
285
300
  export interface FnAndArg {
@@ -294,28 +309,20 @@ export interface TypeAndId {
294
309
 
295
310
  export type CedarValueJson = { __entity: TypeAndId } | { __extn: FnAndArg } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
296
311
 
297
- export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
298
-
299
- export interface PrincipalOrResourceIsConstraint {
300
- entity_type: string;
301
- in?: PrincipalOrResourceInConstraint;
302
- }
303
-
304
- export type PrincipalOrResourceInConstraint = { entity: EntityUidJson } | { slot: string };
305
-
306
- export type EqConstraint = { entity: EntityUidJson } | { slot: string };
307
-
308
- export type ResourceConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
309
-
310
- export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
311
-
312
- export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
312
+ export type Var = "principal" | "action" | "resource" | "context";
313
313
 
314
- export type Effect = "permit" | "forbid";
314
+ export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
315
315
 
316
- export type Annotations = Record<string, Annotation>;
316
+ export interface PolicyJson {
317
+ effect: Effect;
318
+ principal: PrincipalConstraint;
319
+ action: ActionConstraint;
320
+ resource: ResourceConstraint;
321
+ conditions: Clause[];
322
+ annotations?: Annotations;
323
+ }
317
324
 
318
- export type Annotation = SmolStr;
325
+ export type Decision = "allow" | "deny";
319
326
 
320
327
 
321
328
  export type InitInput = RequestInfo | URL | Response | BufferSource | WebAssembly.Module;
@@ -326,13 +333,14 @@ export interface InitOutput {
326
333
  readonly getValidRequestEnvsPolicy: (a: any, b: any) => any;
327
334
  readonly getCedarSDKVersion: () => [number, number];
328
335
  readonly getCedarVersion: () => [number, number];
329
- readonly isAuthorized: (a: any) => any;
336
+ readonly validate: (a: any) => any;
330
337
  readonly checkParsePolicySet: (a: any) => any;
331
338
  readonly checkParseSchema: (a: any) => any;
332
339
  readonly checkParseEntities: (a: any) => any;
333
340
  readonly checkParseContext: (a: any) => any;
334
- readonly validate: (a: any) => any;
335
341
  readonly formatPolicies: (a: any) => any;
342
+ readonly isAuthorized: (a: any) => any;
343
+ readonly policySetTextToParts: (a: number, b: number) => any;
336
344
  readonly policyToText: (a: any) => any;
337
345
  readonly templateToText: (a: any) => any;
338
346
  readonly policyToJson: (a: any) => any;
package/web/cedar_wasm.js CHANGED
@@ -156,12 +156,15 @@ export function getCedarSDKVersion() {
156
156
  }
157
157
 
158
158
  /**
159
- * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
160
- * @param {AuthorizationCall} call
161
- * @returns {AuthorizationAnswer}
159
+ * Parse a policy set and optionally validate it against a provided schema
160
+ *
161
+ * This is the basic validator interface, using [`ValidationCall`] and
162
+ * [`ValidationAnswer`] types
163
+ * @param {ValidationCall} call
164
+ * @returns {ValidationAnswer}
162
165
  */
163
- export function isAuthorized(call) {
164
- const ret = wasm.isAuthorized(call);
166
+ export function validate(call) {
167
+ const ret = wasm.validate(call);
165
168
  return ret;
166
169
  }
167
170
 
@@ -205,19 +208,6 @@ export function checkParseContext(call) {
205
208
  return ret;
206
209
  }
207
210
 
208
- /**
209
- * Parse a policy set and optionally validate it against a provided schema
210
- *
211
- * This is the basic validator interface, using [`ValidationCall`] and
212
- * [`ValidationAnswer`] types
213
- * @param {ValidationCall} call
214
- * @returns {ValidationAnswer}
215
- */
216
- export function validate(call) {
217
- const ret = wasm.validate(call);
218
- return ret;
219
- }
220
-
221
211
  /**
222
212
  * Apply the Cedar policy formatter to a policy set in the Cedar policy format
223
213
  * @param {FormattingCall} call
@@ -228,6 +218,29 @@ export function formatPolicies(call) {
228
218
  return ret;
229
219
  }
230
220
 
221
+ /**
222
+ * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
223
+ * @param {AuthorizationCall} call
224
+ * @returns {AuthorizationAnswer}
225
+ */
226
+ export function isAuthorized(call) {
227
+ const ret = wasm.isAuthorized(call);
228
+ return ret;
229
+ }
230
+
231
+ /**
232
+ * Takes a PolicySet represented as string and return the policies
233
+ * and templates split into vecs and sorted by id.
234
+ * @param {string} policyset_str
235
+ * @returns {PolicySetTextToPartsAnswer}
236
+ */
237
+ export function policySetTextToParts(policyset_str) {
238
+ const ptr0 = passStringToWasm0(policyset_str, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
239
+ const len0 = WASM_VECTOR_LEN;
240
+ const ret = wasm.policySetTextToParts(ptr0, len0);
241
+ return ret;
242
+ }
243
+
231
244
  /**
232
245
  * Return the Cedar (textual) representation of a policy.
233
246
  * @param {Policy} policy
package/web/cedar_wasm_bg.wasm CHANGED
Binary file
package/web/cedar_wasm_bg.wasm.d.ts CHANGED
@@ -5,13 +5,14 @@ export const getValidRequestEnvsTemplate: (a: any, b: any) => any;
5
5
  export const getValidRequestEnvsPolicy: (a: any, b: any) => any;
6
6
  export const getCedarSDKVersion: () => [number, number];
7
7
  export const getCedarVersion: () => [number, number];
8
- export const isAuthorized: (a: any) => any;
8
+ export const validate: (a: any) => any;
9
9
  export const checkParsePolicySet: (a: any) => any;
10
10
  export const checkParseSchema: (a: any) => any;
11
11
  export const checkParseEntities: (a: any) => any;
12
12
  export const checkParseContext: (a: any) => any;
13
- export const validate: (a: any) => any;
14
13
  export const formatPolicies: (a: any) => any;
14
+ export const isAuthorized: (a: any) => any;
15
+ export const policySetTextToParts: (a: number, b: number) => any;
15
16
  export const policyToText: (a: any) => any;
16
17
  export const templateToText: (a: any) => any;
17
18
  export const policyToJson: (a: any) => any;
package/web/package.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "@cedar-policy/cedar-wasm",
3
3
  "type": "module",
4
4
  "description": "Wasm bindings and typescript types for Cedar lib",
5
- "version": "4.4.0",
5
+ "version": "4.5.0",
6
6
  "license": "Apache-2.0",
7
7
  "files": [
8
8
  "cedar_wasm_bg.wasm",