@cedar-policy/cedar-wasm 4.8.2 → 4.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/esm/cedar_wasm.d.ts +155 -143
  2. package/esm/cedar_wasm.js +5 -1
  3. package/esm/cedar_wasm_bg.js +139 -128
  4. package/esm/cedar_wasm_bg.wasm +0 -0
  5. package/esm/cedar_wasm_bg.wasm.d.ts +7 -6
  6. package/esm/package.json +5 -1
  7. package/nodejs/cedar_wasm.d.ts +155 -143
  8. package/nodejs/cedar_wasm.js +158 -139
  9. package/nodejs/cedar_wasm_bg.wasm +0 -0
  10. package/nodejs/cedar_wasm_bg.wasm.d.ts +7 -6
  11. package/nodejs/package.json +5 -1
  12. package/package.json +5 -1
  13. package/web/cedar_wasm.d.ts +200 -187
  14. package/web/cedar_wasm.js +187 -166
  15. package/web/cedar_wasm_bg.wasm +0 -0
  16. package/web/cedar_wasm_bg.wasm.d.ts +7 -6
  17. package/web/package.json +5 -1
package/esm/cedar_wasm.d.ts CHANGED
@@ -1,16 +1,22 @@
1
1
  /* tslint:disable */
2
2
  /* eslint-disable */
3
- export type GetValidRequestEnvsResult = { type: "success"; principals: string[]; actions: string[]; resources: string[] } | { type: "failure"; error: string };
4
-
5
- export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
3
+ export interface ActionEntityUID<N> {
4
+ id: SmolStr;
5
+ type?: N;
6
+ }
6
7
 
7
- export interface FormattingCall {
8
- policyText: string;
9
- lineWidth?: number;
10
- indentWidth?: number;
8
+ export interface ActionType<N> {
9
+ attributes?: Record<SmolStr, CedarValueJson>;
10
+ appliesTo?: ApplySpec<N>;
11
+ memberOf?: ActionEntityUID<N>[];
12
+ annotations?: Annotations;
11
13
  }
12
14
 
13
- export type ValidationMode = "strict";
15
+ export interface ApplySpec<N> {
16
+ resourceTypes: N[];
17
+ principalTypes: N[];
18
+ context?: AttributesOrContext<N>;
19
+ }
14
20
 
15
21
  export interface AuthorizationCall {
16
22
  principal: EntityUid;
@@ -23,32 +29,15 @@ export interface AuthorizationCall {
23
29
  entities: Entities;
24
30
  }
25
31
 
26
- export type AuthorizationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; response: Response; warnings: DetailedError[] };
27
-
28
32
  export interface AuthorizationError {
29
33
  policyId: string;
30
34
  error: DetailedError;
31
35
  }
32
36
 
33
- export interface StatefulAuthorizationCall {
34
- principal: EntityUid;
35
- action: EntityUid;
36
- resource: EntityUid;
37
+ export interface ContextParsingCall {
37
38
  context: Context;
38
- preparsedSchemaName?: string;
39
- validateRequest?: boolean;
40
- preparsedPolicySetId: string;
41
- entities: Entities;
42
- }
43
-
44
- export interface Diagnostics {
45
- reason: PolicyId[];
46
- errors: AuthorizationError[];
47
- }
48
-
49
- export interface Response {
50
- decision: Decision;
51
- diagnostics: Diagnostics;
39
+ schema?: Schema | null;
40
+ action?: EntityUid | null;
52
41
  }
53
42
 
54
43
  export interface DetailedError {
@@ -61,9 +50,44 @@ export interface DetailedError {
61
50
  related?: DetailedError[];
62
51
  }
63
52
 
64
- export type StaticPolicySet = string | Policy[] | Record<PolicyId, Policy>;
53
+ export interface Diagnostics {
54
+ reason: PolicyId[];
55
+ errors: AuthorizationError[];
56
+ }
65
57
 
66
- export type Entities = Array<EntityJson>;
58
+ export interface EntitiesParsingCall {
59
+ entities: Entities;
60
+ schema?: Schema | null;
61
+ }
62
+
63
+ export interface EntityJson {
64
+ uid: EntityUidJson;
65
+ attrs: Record<string, CedarValueJson>;
66
+ parents: EntityUidJson[];
67
+ tags?: Record<string, CedarValueJson>;
68
+ }
69
+
70
+ export interface FormattingCall {
71
+ policyText: string;
72
+ lineWidth?: number;
73
+ indentWidth?: number;
74
+ }
75
+
76
+ export interface NamespaceDefinition<N> {
77
+ commonTypes?: Record<CommonTypeId, CommonType<N>>;
78
+ entityTypes: Record<UnreservedId, EntityType<N>>;
79
+ actions: Record<SmolStr, ActionType<N>>;
80
+ annotations?: Annotations;
81
+ }
82
+
83
+ export interface PolicyJson {
84
+ effect: Effect;
85
+ principal: PrincipalConstraint;
86
+ action: ActionConstraint;
87
+ resource: ResourceConstraint;
88
+ conditions: Clause[];
89
+ annotations?: Annotations;
90
+ }
67
91
 
68
92
  export interface PolicySet {
69
93
  staticPolicies?: StaticPolicySet;
@@ -71,42 +95,56 @@ export interface PolicySet {
71
95
  templateLinks?: TemplateLink[];
72
96
  }
73
97
 
74
- export interface SourceLocation {
75
- start: number;
76
- end: number;
98
+ export interface PrincipalOrResourceIsConstraint {
99
+ entity_type: string;
100
+ in?: PrincipalOrResourceInConstraint;
77
101
  }
78
102
 
79
- export interface TemplateLink {
80
- templateId: PolicyId;
81
- newId: PolicyId;
82
- values: Record<SlotId, EntityUid>;
103
+ export interface RecordType<N> {
104
+ attributes: Record<SmolStr, TypeOfAttribute<N>>;
105
+ additionalAttributes?: boolean;
83
106
  }
84
107
 
85
- export type Severity = "advice" | "warning" | "error";
86
-
87
- export type Schema = string | SchemaJson<string>;
88
-
89
- export type Context = Record<string, CedarValueJson>;
90
-
91
- export type Policy = string | PolicyJson;
108
+ export interface Response {
109
+ decision: Decision;
110
+ diagnostics: Diagnostics;
111
+ }
92
112
 
93
113
  export interface SourceLabel extends SourceLocation {
94
114
  label: string | null;
95
115
  }
96
116
 
97
- export type EntityUid = EntityUidJson;
117
+ export interface SourceLocation {
118
+ start: number;
119
+ end: number;
120
+ }
98
121
 
99
- export type Template = string | PolicyJson;
122
+ export interface StandardEntityType<N> {
123
+ memberOfTypes?: N[];
124
+ shape?: AttributesOrContext<N>;
125
+ tags?: Type<N>;
126
+ }
100
127
 
101
- export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
128
+ export interface StatefulAuthorizationCall {
129
+ principal: EntityUid;
130
+ action: EntityUid;
131
+ resource: EntityUid;
132
+ context: Context;
133
+ preparsedSchemaName?: string;
134
+ validateRequest?: boolean;
135
+ preparsedPolicySetId: string;
136
+ entities: Entities;
137
+ }
102
138
 
103
- export interface ValidationError {
104
- policyId: string;
105
- error: DetailedError;
139
+ export interface TemplateLink {
140
+ templateId: PolicyId;
141
+ newId: PolicyId;
142
+ values: Record<SlotId, EntityUid>;
106
143
  }
107
144
 
108
- export interface ValidationSettings {
109
- mode: ValidationMode;
145
+ export interface TypeAndId {
146
+ type: string;
147
+ id: string;
110
148
  }
111
149
 
112
150
  export interface ValidationCall {
@@ -115,148 +153,112 @@ export interface ValidationCall {
115
153
  policies: PolicySet;
116
154
  }
117
155
 
118
- export interface ContextParsingCall {
119
- context: Context;
120
- schema?: Schema | null;
121
- action?: EntityUid | null;
156
+ export interface ValidationError {
157
+ policyId: string;
158
+ error: DetailedError;
122
159
  }
123
160
 
124
- export interface EntitiesParsingCall {
125
- entities: Entities;
126
- schema?: Schema | null;
161
+ export interface ValidationSettings {
162
+ mode: ValidationMode;
127
163
  }
128
164
 
129
- export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
165
+ export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
130
166
 
131
- export type PolicyId = string;
167
+ export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
132
168
 
133
- export type SlotId = string;
169
+ export type Annotation = SmolStr;
134
170
 
135
- export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
171
+ export type Annotations = Record<string, Annotation>;
136
172
 
137
- export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
173
+ export type AnyId = SmolStr;
138
174
 
139
- export type PolicySetTextToPartsAnswer = { type: "success"; policies: string[]; policy_templates: string[] } | { type: "failure"; errors: DetailedError[] };
175
+ export type AttributesOrContext<N> = Type<N>;
140
176
 
141
- export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
177
+ export type AuthorizationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; response: Response; warnings: DetailedError[] };
142
178
 
143
- export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
179
+ export type CedarValueJson = { __entity: TypeAndId } | { __extn: FnAndArgs } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
144
180
 
145
- export type Annotation = SmolStr;
181
+ export type CheckParseAnswer = { type: "success" } | { type: "failure"; errors: DetailedError[] };
146
182
 
147
- export type Annotations = Record<string, Annotation>;
183
+ export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
148
184
 
149
- export interface EntityJson {
150
- uid: EntityUidJson;
151
- attrs: Record<string, CedarValueJson>;
152
- parents: EntityUidJson[];
153
- tags?: Record<string, CedarValueJson>;
154
- }
185
+ export type CommonTypeId = string;
155
186
 
156
- export type Var = "principal" | "action" | "resource" | "context";
187
+ export type Context = Record<string, CedarValueJson>;
157
188
 
158
189
  export type Decision = "allow" | "deny";
159
190
 
160
- export type AnyId = SmolStr;
191
+ export type Effect = "permit" | "forbid";
161
192
 
162
- export type UnreservedId = string;
193
+ export type Entities = Array<EntityJson>;
163
194
 
164
- export type TypeVariant<N> = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: Type<N> } | ({ type: "Record" } & RecordType<N>) | { type: "Entity"; name: N } | { type: "EntityOrCommon"; name: N } | { type: "Extension"; name: UnreservedId };
195
+ export type EntityTypeKind<N> = StandardEntityType<N> | { enum: NonEmpty<SmolStr> };
165
196
 
166
- export type Type<N> = ({} & TypeVariant<N>) | { type: N };
197
+ export type EntityUid = EntityUidJson;
167
198
 
168
- export interface RecordType<N> {
169
- attributes: Record<SmolStr, TypeOfAttribute<N>>;
170
- additionalAttributes?: boolean;
171
- }
199
+ export type EntityUidJson = { __entity: TypeAndId } | TypeAndId;
172
200
 
173
- export type CommonTypeId = string;
201
+ export type EqConstraint = { entity: EntityUidJson } | { slot: string };
174
202
 
175
- export type AttributesOrContext<N> = Type<N>;
203
+ export type Expr = ExprNoExt | ExtFuncCall;
176
204
 
177
- export interface ActionEntityUID<N> {
178
- id: SmolStr;
179
- type?: N;
180
- }
205
+ export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { isEmpty: { arg: Expr } } | { getTag: { left: Expr; right: Expr } } | { hasTag: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
181
206
 
182
- export interface ActionType<N> {
183
- attributes?: Record<SmolStr, CedarValueJson>;
184
- appliesTo?: ApplySpec<N>;
185
- memberOf?: ActionEntityUID<N>[];
186
- annotations?: Annotations;
187
- }
207
+ export type ExtFuncCall = {} & Record<string, Array<Expr>>;
188
208
 
189
- export type SchemaJson<N> = Record<string, NamespaceDefinition<N>>;
209
+ export type FnAndArgs = { fn: string; arg: CedarValueJson } | { fn: string; args: CedarValueJson[] };
190
210
 
191
- export type EntityTypeKind<N> = StandardEntityType<N> | { enum: NonEmpty<SmolStr> };
211
+ export type FormattingAnswer = { type: "failure"; errors: DetailedError[] } | { type: "success"; formatted_policy: string };
192
212
 
193
- export interface NamespaceDefinition<N> {
194
- commonTypes?: Record<CommonTypeId, CommonType<N>>;
195
- entityTypes: Record<UnreservedId, EntityType<N>>;
196
- actions: Record<SmolStr, ActionType<N>>;
197
- annotations?: Annotations;
198
- }
213
+ export type GetValidRequestEnvsResult = { type: "success"; principals: string[]; actions: string[]; resources: string[] } | { type: "failure"; error: string };
199
214
 
200
- export interface StandardEntityType<N> {
201
- memberOfTypes?: N[];
202
- shape?: AttributesOrContext<N>;
203
- tags?: Type<N>;
204
- }
215
+ export type PatternElem = "Wildcard" | { Literal: SmolStr };
205
216
 
206
- export interface ApplySpec<N> {
207
- resourceTypes: N[];
208
- principalTypes: N[];
209
- context?: AttributesOrContext<N>;
210
- }
217
+ export type Policy = string | PolicyJson;
211
218
 
212
- export type Effect = "permit" | "forbid";
219
+ export type PolicyId = string;
213
220
 
214
- export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
221
+ export type PolicySetTextToPartsAnswer = { type: "success"; policies: string[]; policy_templates: string[] } | { type: "failure"; errors: DetailedError[] };
215
222
 
216
- export interface PrincipalOrResourceIsConstraint {
217
- entity_type: string;
218
- in?: PrincipalOrResourceInConstraint;
219
- }
223
+ export type PolicyToJsonAnswer = { type: "success"; json: PolicyJson } | { type: "failure"; errors: DetailedError[] };
220
224
 
221
- export type ActionConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & ActionInConstraint);
225
+ export type PolicyToTextAnswer = { type: "success"; text: string } | { type: "failure"; errors: DetailedError[] };
222
226
 
223
- export type ActionInConstraint = { entity: EntityUidJson } | { entities: EntityUidJson[] };
227
+ export type PrincipalConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
224
228
 
225
229
  export type PrincipalOrResourceInConstraint = { entity: EntityUidJson } | { slot: string };
226
230
 
227
231
  export type ResourceConstraint = { op: "All" } | ({ op: "==" } & EqConstraint) | ({ op: "in" } & PrincipalOrResourceInConstraint) | ({ op: "is" } & PrincipalOrResourceIsConstraint);
228
232
 
229
- export type EqConstraint = { entity: EntityUidJson } | { slot: string };
233
+ export type Schema = string | SchemaJson<string>;
230
234
 
231
- export type Clause = { kind: "when"; body: Expr } | { kind: "unless"; body: Expr };
235
+ export type SchemaJson<N> = Record<string, NamespaceDefinition<N>>;
232
236
 
233
- export interface PolicyJson {
234
- effect: Effect;
235
- principal: PrincipalConstraint;
236
- action: ActionConstraint;
237
- resource: ResourceConstraint;
238
- conditions: Clause[];
239
- annotations?: Annotations;
240
- }
237
+ export type SchemaToJsonAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
241
238
 
242
- export type ExtFuncCall = {} & Record<string, Array<Expr>>;
239
+ export type SchemaToJsonWithResolvedTypesAnswer = { type: "success"; json: SchemaJson<string>; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
243
240
 
244
- export type Expr = ExprNoExt | ExtFuncCall;
241
+ export type SchemaToTextAnswer = { type: "success"; text: string; warnings: DetailedError[] } | { type: "failure"; errors: DetailedError[] };
245
242
 
246
- export type PatternElem = "Wildcard" | { Literal: SmolStr };
243
+ export type Severity = "advice" | "warning" | "error";
247
244
 
248
- export type ExprNoExt = { Value: CedarValueJson } | { Var: Var } | { Slot: string } | { "!": { arg: Expr } } | { neg: { arg: Expr } } | { "==": { left: Expr; right: Expr } } | { "!=": { left: Expr; right: Expr } } | { in: { left: Expr; right: Expr } } | { "<": { left: Expr; right: Expr } } | { "<=": { left: Expr; right: Expr } } | { ">": { left: Expr; right: Expr } } | { ">=": { left: Expr; right: Expr } } | { "&&": { left: Expr; right: Expr } } | { "||": { left: Expr; right: Expr } } | { "+": { left: Expr; right: Expr } } | { "-": { left: Expr; right: Expr } } | { "*": { left: Expr; right: Expr } } | { contains: { left: Expr; right: Expr } } | { containsAll: { left: Expr; right: Expr } } | { containsAny: { left: Expr; right: Expr } } | { isEmpty: { arg: Expr } } | { getTag: { left: Expr; right: Expr } } | { hasTag: { left: Expr; right: Expr } } | { ".": { left: Expr; attr: SmolStr } } | { has: { left: Expr; attr: SmolStr } } | { like: { left: Expr; pattern: PatternElem[] } } | { is: { left: Expr; entity_type: SmolStr; in?: Expr } } | { "if-then-else": { if: Expr; then: Expr; else: Expr } } | { Set: Expr[] } | { Record: Record<string, Expr> };
245
+ export type SlotId = string;
249
246
 
250
- export interface TypeAndId {
251
- type: string;
252
- id: string;
253
- }
247
+ export type StaticPolicySet = string | Policy[] | Record<PolicyId, Policy>;
254
248
 
255
- export type CedarValueJson = { __entity: TypeAndId } | { __extn: FnAndArgs } | boolean | number | string | CedarValueJson[] | { [key: string]: CedarValueJson } | null;
249
+ export type Template = string | PolicyJson;
256
250
 
257
- export type EntityUidJson = { __entity: TypeAndId } | TypeAndId;
251
+ export type Type<N> = ({} & TypeVariant<N>) | { type: N };
258
252
 
259
- export type FnAndArgs = { fn: string; arg: CedarValueJson } | { fn: string; args: CedarValueJson[] };
253
+ export type TypeVariant<N> = { type: "String" } | { type: "Long" } | { type: "Boolean" } | { type: "Set"; element: Type<N> } | ({ type: "Record" } & RecordType<N>) | { type: "Entity"; name: N } | { type: "EntityOrCommon"; name: N } | { type: "Extension"; name: UnreservedId };
254
+
255
+ export type UnreservedId = string;
256
+
257
+ export type ValidationAnswer = { type: "failure"; errors: DetailedError[]; warnings: DetailedError[] } | { type: "success"; validationErrors: ValidationError[]; validationWarnings: ValidationError[]; otherWarnings: DetailedError[] };
258
+
259
+ export type ValidationMode = "strict";
260
+
261
+ export type Var = "principal" | "action" | "resource" | "context";
260
262
 
261
263
 
262
264
  /**
@@ -347,6 +349,16 @@ export function preparseSchema(schema_name: string, schema: Schema): CheckParseA
347
349
  */
348
350
  export function schemaToJson(schema: Schema): SchemaToJsonAnswer;
349
351
 
352
+ /**
353
+ * Convert a Cedar schema string to JSON format with resolved types.
354
+ *
355
+ * This function resolves ambiguous "`EntityOrCommon`" types to their specific
356
+ * Entity or `CommonType` classifications using the schema's type definitions.
357
+ * This is primarily meant to be used when working with schemas programmatically,
358
+ * for example when creating a schema building UI.
359
+ */
360
+ export function schemaToJsonWithResolvedTypes(schema_str: string): SchemaToJsonWithResolvedTypesAnswer;
361
+
350
362
  /**
351
363
  * Return the Cedar (textual) representation of a schema.
352
364
  */
package/esm/cedar_wasm.js CHANGED
@@ -1,5 +1,9 @@
1
+ /* @ts-self-types="./cedar_wasm.d.ts" */
2
+
1
3
  import * as wasm from "./cedar_wasm_bg.wasm";
2
- export * from "./cedar_wasm_bg.js";
3
4
  import { __wbg_set_wasm } from "./cedar_wasm_bg.js";
4
5
  __wbg_set_wasm(wasm);
5
6
  wasm.__wbindgen_start();
7
+ export {
8
+ checkParseContext, checkParseEntities, checkParsePolicySet, checkParseSchema, formatPolicies, getCedarLangVersion, getCedarSDKVersion, getCedarVersion, getValidRequestEnvsPolicy, getValidRequestEnvsTemplate, isAuthorized, policySetTextToParts, policyToJson, policyToText, preparsePolicySet, preparseSchema, schemaToJson, schemaToJsonWithResolvedTypes, schemaToText, statefulIsAuthorized, templateToJson, templateToText, validate
9
+ } from "./cedar_wasm_bg.js";