@cedar-policy/cedar-wasm 4.7.0 → 4.8.2

package/esm/cedar_wasm.d.ts

@@ -1,154 +1,69 @@
 /* tslint:disable */
 /* eslint-disable */
-export function getCedarSDKVersion(): string;
-export function getCedarVersion(): string;
-/**
- * Get valid request environment
- */
-export function getValidRequestEnvsPolicy(t: Policy, s: Schema): GetValidRequestEnvsResult;
-/**
- * Get valid request environment
- */
-export function getValidRequestEnvsTemplate(t: Template, s: Schema): GetValidRequestEnvsResult;
-/**
- * Stateful authorization using preparsed schemas and policy sets.
- *
- * This function works like [`is_authorized`] but retrieves schemas and policy sets
- * from thread-local cache instead of parsing them on each call.
- */
-export function statefulIsAuthorized(call: StatefulAuthorizationCall): AuthorizationAnswer;
-/**
- * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
- */
-export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
-/**
- * Preparse and cache a policy set in thread-local storage
- *
- * # Errors
- *
- * Will return `Err` if the input cannot be parsed. Side-effect free on error.
- */
-export function preparsePolicySet(pset_id: string, policies: PolicySet): CheckParseAnswer;
-/**
- * Preparse and cache a schema in thread-local storage
- *
- * # Errors
- *
- * Will return `Err` if the input cannot be parsed. Side-effect free on error.
- */
-export function preparseSchema(schema_name: string, schema: Schema): CheckParseAnswer;
-/**
- * Check whether a policy set successfully parses.
- */
-export function checkParsePolicySet(policies: PolicySet): CheckParseAnswer;
-/**
- * Check whether a context successfully parses.
- */
-export function checkParseContext(call: ContextParsingCall): CheckParseAnswer;
-/**
- * Check whether a schema successfully parses.
- */
-export function checkParseSchema(schema: Schema): CheckParseAnswer;
-/**
- * Check whether a set of entities successfully parses.
- */
-export function checkParseEntities(call: EntitiesParsingCall): CheckParseAnswer;
-/**
- * Takes a `PolicySet` represented as string and return the policies
- * and templates split into vecs and sorted by id.
- */
-export function policySetTextToParts(policyset_str: string): PolicySetTextToPartsAnswer;
-/**
- * Return the JSON representation of a template.
- */
-export function templateToJson(template: Template): PolicyToJsonAnswer;
-/**
- * Return the Cedar (textual) representation of a policy.
- */
-export function policyToText(policy: Policy): PolicyToTextAnswer;
-/**
- * Return the JSON representation of a schema.
- */
-export function schemaToJson(schema: Schema): SchemaToJsonAnswer;
-/**
- * Return the Cedar (textual) representation of a template.
- */
-export function templateToText(template: Template): PolicyToTextAnswer;
-/**
- * Return the JSON representation of a policy.
- */
-export function policyToJson(policy: Policy): PolicyToJsonAnswer;
-/**
- * Return the Cedar (textual) representation of a schema.
- */
-export function schemaToText(schema: Schema): SchemaToTextAnswer;
-/**
- * Get language version of Cedar
- */
-export function getCedarLangVersion(): string;
-/**
- * Apply the Cedar policy formatter to a policy set in the Cedar policy format
- */
-export function formatPolicies(call: FormattingCall): FormattingAnswer;
-/**
- * Parse a policy set and optionally validate it against a provided schema
- *
- * This is the basic validator interface, using [`ValidationCall`] and
- * [`ValidationAnswer`] types
- */
-export function validate(call: ValidationCall): ValidationAnswer;
 export type GetValidRequestEnvsResult = { type: "success"; principals: string[]; actions: string[]; resources: string[] } | { type: "failure"; error: string };
 
-export type PolicyId = string;
-
-export type SlotId = string;
-
-export type AuthorizationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; response: Response; warnings: DetailedError[] };
+export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
 
-export interface Response {
-    decision: Decision;
-    diagnostics: Diagnostics;
+export interface FormattingCall {
+    policyText: string;
+    lineWidth?: number;
+    indentWidth?: number;
 }
 
-export interface StatefulAuthorizationCall {
+export type ValidationMode = "strict";
+
+export interface AuthorizationCall {
     principal: EntityUid;
     action: EntityUid;
     resource: EntityUid;
     context: Context;
-    preparsedSchemaName?: string;
+    schema?: Schema;
     validateRequest?: boolean;
-    preparsedPolicySetId: string;
+    policies: PolicySet;
     entities: Entities;
 }
 
-export interface Diagnostics {
-    reason: PolicyId[];
-    errors: AuthorizationError[];
-}
+export type AuthorizationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; response: Response; warnings: DetailedError[] };
 
 export interface AuthorizationError {
     policyId: string;
     error: DetailedError;
 }
 
-export interface AuthorizationCall {
+export interface StatefulAuthorizationCall {
     principal: EntityUid;
     action: EntityUid;
     resource: EntityUid;
     context: Context;
-    schema?: Schema;
+    preparsedSchemaName?: string;
     validateRequest?: boolean;
-    policies: PolicySet;
+    preparsedPolicySetId: string;
     entities: Entities;
 }
 
-export type Entities = Array<EntityJson>;
+export interface Diagnostics {
+    reason: PolicyId[];
+    errors: AuthorizationError[];
+}
 
-export type Schema = string | SchemaJson<string>;
+export interface Response {
+    decision: Decision;
+    diagnostics: Diagnostics;
+}
 
-export type EntityUid = EntityUidJson;
+export interface DetailedError {
+    message: string;
+    help: string | null;
+    code: string | null;
+    url: string | null;
+    severity: Severity | null;
+    sourceLocations?: SourceLabel[];
+    related?: DetailedError[];
+}
 
-export type Severity = "advice" | "warning" | "error";
+export type StaticPolicySet = string | Policy[] | Record<PolicyId, Policy>;
+
+export type Entities = Array<EntityJson>;
 
 export interface PolicySet {
     staticPolicies?: StaticPolicySet;
@@ -156,8 +71,9 @@ export interface PolicySet {
     templateLinks?: TemplateLink[];
 }
 
-export interface SourceLabel extends SourceLocation {
-    label: string | null;
+export interface SourceLocation {
+    start: number;
+    end: number;
 }
 
 export interface TemplateLink {
@@ -166,34 +82,37 @@ export interface TemplateLink {
     values: Record<SlotId, EntityUid>;
 }
 
-export type Policy = string | PolicyJson;
+export type Severity = "advice" | "warning" | "error";
 
-export type StaticPolicySet = string | Policy[] | Record<PolicyId, Policy>;
+export type Schema = string | SchemaJson<string>;
 
 export type Context = Record<string, CedarValueJson>;
 
-export interface DetailedError {
-    message: string;
-    help: string | null;
-    code: string | null;
-    url: string | null;
-    severity: Severity | null;
-    sourceLocations?: SourceLabel[];
-    related?: DetailedError[];
+export type Policy = string | PolicyJson;
+
+export interface SourceLabel extends SourceLocation {
+    label: string | null;
 }
 
+export type EntityUid = EntityUidJson;
+
 export type Template = string | PolicyJson;
 
-export interface SourceLocation {
-    start: number;
-    end: number;
+export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
+
+export interface ValidationError {
+    policyId: string;
+    error: DetailedError;
 }
 
-export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
+export interface ValidationSettings {
+    mode: ValidationMode;
+}
 
-export interface EntitiesParsingCall {
-    entities: Entities;
-    schema?: Schema | null;
+export interface ValidationCall {
+    validationSettings?: ValidationSettings;
+    schema: Schema;
+    policies: PolicySet;
 }
 
 export interface ContextParsingCall {
@@ -202,42 +121,30 @@ export interface ContextParsingCall {
     action?: EntityUid | null;
 }
 
-export type PolicySetTextToPartsAnswer = { type: "success"; policies: string[]; policy_templates: string[] } | { type: "failure"; errors: DetailedError[] };
-
-export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
+export interface EntitiesParsingCall {
+    entities: Entities;
+    schema?: Schema | null;
+}
 
-export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
+export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
 
-export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
+export type PolicyId = string;
 
-export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
+export type SlotId = string;
 
-export type ValidationMode = "strict";
+export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
 
-export interface FormattingCall {
-    policyText: string;
-    lineWidth?: number;
-    indentWidth?: number;
-}
+export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
 
-export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
+export type PolicySetTextToPartsAnswer = { type: "success"; policies: string[]; policy_templates: string[] } | { type: "failure"; errors: DetailedError[] };
 
-export interface ValidationError {
-    policyId: string;
-    error: DetailedError;
-}
+export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
 
-export interface ValidationCall {
-    validationSettings?: ValidationSettings;
-    schema: Schema;
-    policies: PolicySet;
-}
+export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
 
-export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
+export type Annotation = SmolStr;
 
-export interface ValidationSettings {
-    mode: ValidationMode;
-}
+export type Annotations = Record<string, Annotation>;
 
 export interface EntityJson {
     uid: EntityUidJson;
@@ -246,28 +153,31 @@ export interface EntityJson {
     tags?: Record<string, CedarValueJson>;
 }
 
+export type Var = "principal" | "action" | "resource" | "context";
+
+export type Decision = "allow" | "deny";
+
 export type AnyId = SmolStr;
 
 export type UnreservedId = string;
 
-export type Effect = "permit" | "forbid";
-
-export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
+export type TypeVariant<N> = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: Type<N> } | ({ type: "Record" } & RecordType<N>) | { type: "Entity"; name: N } | { type: "EntityOrCommon"; name: N } | { type: "Extension"; name: UnreservedId };
 
-export type ResourceConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
+export type Type<N> = ({} & TypeVariant<N>) | { type: N };
 
-export interface PrincipalOrResourceIsConstraint {
-    entity_type: string;
-    in?: PrincipalOrResourceInConstraint;
+export interface RecordType<N> {
+    attributes: Record<SmolStr, TypeOfAttribute<N>>;
+    additionalAttributes?: boolean;
 }
 
-export type EqConstraint = { entity: EntityUidJson } | { slot: string };
-
-export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
+export type CommonTypeId = string;
 
-export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
+export type AttributesOrContext<N> = Type<N>;
 
-export type PrincipalOrResourceInConstraint = { entity: EntityUidJson } | { slot: string };
+export interface ActionEntityUID<N> {
+    id: SmolStr;
+    type?: N;
+}
 
 export interface ActionType<N> {
     attributes?: Record<SmolStr, CedarValueJson>;
@@ -276,25 +186,10 @@ export interface ActionType<N> {
     annotations?: Annotations;
 }
 
-export interface StandardEntityType<N> {
-    memberOfTypes?: N[];
-    shape?: AttributesOrContext<N>;
-    tags?: Type<N>;
-}
-
-export type AttributesOrContext<N> = Type<N>;
-
-export interface RecordType<N> {
-    attributes: Record<SmolStr, TypeOfAttribute<N>>;
-    additionalAttributes?: boolean;
-}
-
 export type SchemaJson<N> = Record<string, NamespaceDefinition<N>>;
 
 export type EntityTypeKind<N> = StandardEntityType<N> | { enum: NonEmpty<SmolStr> };
 
-export type CommonTypeId = string;
-
 export interface NamespaceDefinition<N> {
     commonTypes?: Record<CommonTypeId, CommonType<N>>;
     entityTypes: Record<UnreservedId, EntityType<N>>;
@@ -302,22 +197,38 @@ export interface NamespaceDefinition<N> {
     annotations?: Annotations;
 }
 
-export interface ActionEntityUID<N> {
-    id: SmolStr;
-    type?: N;
+export interface StandardEntityType<N> {
+    memberOfTypes?: N[];
+    shape?: AttributesOrContext<N>;
+    tags?: Type<N>;
 }
 
-export type Type<N> = ({} & TypeVariant<N>) | { type: N };
-
 export interface ApplySpec<N> {
     resourceTypes: N[];
     principalTypes: N[];
     context?: AttributesOrContext<N>;
 }
 
-export type TypeVariant<N> = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: Type<N> } | ({ type: "Record" } & RecordType<N>) | { type: "Entity"; name: N } | { type: "EntityOrCommon"; name: N } | { type: "Extension"; name: UnreservedId };
+export type Effect = "permit" | "forbid";
 
-export type Decision = "allow" | "deny";
+export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
+
+export interface PrincipalOrResourceIsConstraint {
+    entity_type: string;
+    in?: PrincipalOrResourceInConstraint;
+}
+
+export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
+
+export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
+
+export type PrincipalOrResourceInConstraint = { entity: EntityUidJson } | { slot: string };
+
+export type ResourceConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
+
+export type EqConstraint = { entity: EntityUidJson } | { slot: string };
+
+export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
 
 export interface PolicyJson {
     effect: Effect;
@@ -328,22 +239,14 @@ export interface PolicyJson {
     annotations?: Annotations;
 }
 
-export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
+export type ExtFuncCall = {} & Record<string, Array<Expr>>;
 
 export type Expr = ExprNoExt | ExtFuncCall;
 
 export type PatternElem = "Wildcard" | { Literal: SmolStr };
 
-export type ExtFuncCall = {} & Record<string, Array<Expr>>;
-
 export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { isEmpty: { arg: Expr } } | { getTag: { left: Expr; right: Expr } } | { hasTag: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
 
-export type Annotation = SmolStr;
-
-export type Annotations = Record<string, Annotation>;
-
-export type Var = "principal" | "action" | "resource" | "context";
-
 export interface TypeAndId {
     type: string;
     id: string;
@@ -351,10 +254,129 @@ export interface TypeAndId {
 
 export type CedarValueJson = { __entity: TypeAndId } | { __extn: FnAndArgs } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
 
+export type EntityUidJson = { __entity: TypeAndId } | TypeAndId;
+
 export type FnAndArgs = { fn: string; arg: CedarValueJson } | { fn: string; args: CedarValueJson[] };
 
-export type EntityUidJson = { __entity: TypeAndId } | TypeAndId;
 
+/**
+ * Check whether a context successfully parses.
+ */
+export function checkParseContext(call: ContextParsingCall): CheckParseAnswer;
+
+/**
+ * Check whether a set of entities successfully parses.
+ */
+export function checkParseEntities(call: EntitiesParsingCall): CheckParseAnswer;
+
+/**
+ * Check whether a policy set successfully parses.
+ */
+export function checkParsePolicySet(policies: PolicySet): CheckParseAnswer;
+
+/**
+ * Check whether a schema successfully parses.
+ */
+export function checkParseSchema(schema: Schema): CheckParseAnswer;
+
+/**
+ * Apply the Cedar policy formatter to a policy set in the Cedar policy format
+ */
+export function formatPolicies(call: FormattingCall): FormattingAnswer;
+
+/**
+ * Get language version of Cedar
+ */
+export function getCedarLangVersion(): string;
+
+export function getCedarSDKVersion(): string;
+
+export function getCedarVersion(): string;
+
+/**
+ * Get valid request environment
+ */
+export function getValidRequestEnvsPolicy(t: Policy, s: Schema): GetValidRequestEnvsResult;
+
+/**
+ * Get valid request environment
+ */
+export function getValidRequestEnvsTemplate(t: Template, s: Schema): GetValidRequestEnvsResult;
+
+/**
+ * Basic interface, using [`AuthorizationCall`] and [`AuthorizationAnswer`] types
+ */
+export function isAuthorized(call: AuthorizationCall): AuthorizationAnswer;
+
+/**
+ * Takes a `PolicySet` represented as string and return the policies
+ * and templates split into vecs and sorted by id.
+ */
+export function policySetTextToParts(policyset_str: string): PolicySetTextToPartsAnswer;
+
+/**
+ * Return the JSON representation of a policy.
+ */
+export function policyToJson(policy: Policy): PolicyToJsonAnswer;
+
+/**
+ * Return the Cedar (textual) representation of a policy.
+ */
+export function policyToText(policy: Policy): PolicyToTextAnswer;
+
+/**
+ * Preparse and cache a policy set in thread-local storage
+ *
+ * # Errors
+ *
+ * Will return `Err` if the input cannot be parsed. Side-effect free on error.
+ */
+export function preparsePolicySet(pset_id: string, policies: PolicySet): CheckParseAnswer;
+
+/**
+ * Preparse and cache a schema in thread-local storage
+ *
+ * # Errors
+ *
+ * Will return `Err` if the input cannot be parsed. Side-effect free on error.
+ */
+export function preparseSchema(schema_name: string, schema: Schema): CheckParseAnswer;
+
+/**
+ * Return the JSON representation of a schema.
+ */
+export function schemaToJson(schema: Schema): SchemaToJsonAnswer;
+
+/**
+ * Return the Cedar (textual) representation of a schema.
+ */
+export function schemaToText(schema: Schema): SchemaToTextAnswer;
+
+/**
+ * Stateful authorization using preparsed schemas and policy sets.
+ *
+ * This function works like [`is_authorized`] but retrieves schemas and policy sets
+ * from thread-local cache instead of parsing them on each call.
+ */
+export function statefulIsAuthorized(call: StatefulAuthorizationCall): AuthorizationAnswer;
+
+/**
+ * Return the JSON representation of a template.
+ */
+export function templateToJson(template: Template): PolicyToJsonAnswer;
+
+/**
+ * Return the Cedar (textual) representation of a template.
+ */
+export function templateToText(template: Template): PolicyToTextAnswer;
+
+/**
+ * Parse a policy set and optionally validate it against a provided schema
+ *
+ * This is the basic validator interface, using [`ValidationCall`] and
+ * [`ValidationAnswer`] types
+ */
+export function validate(call: ValidationCall): ValidationAnswer;
 type SmolStr = string;
 export type TypeOfAttribute<N> = Type<N> & { required?: boolean };
 export type CommonType<N> = Type<N> & { annotations?: Annotations };