@highflame/policy 2.0.1 → 2.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/entity-metadata-types.gen.d.ts +17 -0
- package/dist/entity-metadata-types.gen.d.ts.map +1 -0
- package/dist/entity-metadata-types.gen.js +3 -0
- package/dist/entity-metadata-types.gen.js.map +1 -0
- package/dist/index.d.ts +4 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +4 -1
- package/dist/index.js.map +1 -1
- package/dist/overwatch-entities.gen.d.ts +12 -0
- package/dist/overwatch-entities.gen.d.ts.map +1 -0
- package/dist/overwatch-entities.gen.js +38 -0
- package/dist/overwatch-entities.gen.js.map +1 -0
- package/dist/palisade-entities.gen.d.ts +12 -0
- package/dist/palisade-entities.gen.d.ts.map +1 -0
- package/dist/palisade-entities.gen.js +46 -0
- package/dist/palisade-entities.gen.js.map +1 -0
- package/dist/studio-ui.test.js +90 -1
- package/dist/studio-ui.test.js.map +1 -1
- package/dist/types.d.ts +4 -1
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +4 -1
- package/dist/types.js.map +1 -1
- package/package.json +1 -1
- package/src/entity-metadata-types.gen.ts +19 -0
- package/src/index.ts +12 -1
- package/src/overwatch-entities.gen.ts +41 -0
- package/src/palisade-entities.gen.ts +49 -0
- package/src/studio-ui.test.ts +107 -0
- package/src/types.ts +12 -1
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Entity metadata for a service, extracted from Cedar schema appliesTo blocks.
|
|
3
|
+
* Used by Studio UI to populate dropdowns in policy editor.
|
|
4
|
+
*/
|
|
5
|
+
export interface ServiceEntityMetadata {
|
|
6
|
+
readonly principals: readonly string[];
|
|
7
|
+
readonly resources: readonly string[];
|
|
8
|
+
readonly actions: readonly string[];
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Entity metadata for a specific action.
|
|
12
|
+
*/
|
|
13
|
+
export interface ActionEntityMetadata {
|
|
14
|
+
readonly principals: readonly string[];
|
|
15
|
+
readonly resources: readonly string[];
|
|
16
|
+
}
|
|
17
|
+
//# sourceMappingURL=entity-metadata-types.gen.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entity-metadata-types.gen.d.ts","sourceRoot":"","sources":["../src/entity-metadata-types.gen.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,UAAU,EAAE,SAAS,MAAM,EAAE,CAAC;IACvC,QAAQ,CAAC,SAAS,EAAE,SAAS,MAAM,EAAE,CAAC;IACtC,QAAQ,CAAC,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,UAAU,EAAE,SAAS,MAAM,EAAE,CAAC;IACvC,QAAQ,CAAC,SAAS,EAAE,SAAS,MAAM,EAAE,CAAC;CACvC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entity-metadata-types.gen.js","sourceRoot":"","sources":["../src/entity-metadata-types.gen.ts"],"names":[],"mappings":"AAAA,2DAA2D"}
|
package/dist/index.d.ts
CHANGED
|
@@ -6,8 +6,11 @@ export * from './engine.js';
|
|
|
6
6
|
export * from './builder.js';
|
|
7
7
|
export * from './parser.js';
|
|
8
8
|
export * from './errors.js';
|
|
9
|
-
export { OVERWATCH_SCHEMA,
|
|
9
|
+
export { OVERWATCH_SCHEMA, OVERWATCH_CONTEXT, PALISADE_SCHEMA, PALISADE_CONTEXT, } from './service-schemas.gen.js';
|
|
10
10
|
export type { ContextAttribute, ActionContext, ServiceContext, } from './service-schemas.gen.js';
|
|
11
11
|
export { OverwatchContextKey } from './overwatch-context.gen.js';
|
|
12
12
|
export { PalisadeContextKey } from './palisade-context.gen.js';
|
|
13
|
+
export { OVERWATCH_ENTITIES, OVERWATCH_ACTION_ENTITIES, } from './overwatch-entities.gen.js';
|
|
14
|
+
export { PALISADE_ENTITIES, PALISADE_ACTION_ENTITIES, } from './palisade-entities.gen.js';
|
|
15
|
+
export type { ServiceEntityMetadata, ActionEntityMetadata } from './entity-metadata-types.gen.js';
|
|
13
16
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAMA,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAGhC,cAAc,aAAa,CAAC;AAC5B,cAAc,cAAc,CAAC;AAC7B,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAG5B,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAMA,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAGhC,cAAc,aAAa,CAAC;AAC5B,cAAc,cAAc,CAAC;AAC7B,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAG5B,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,eAAe,EACf,gBAAgB,GACjB,MAAM,0BAA0B,CAAC;AAClC,YAAY,EACV,gBAAgB,EAChB,aAAa,EACb,cAAc,GACf,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAG/D,OAAO,EACL,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iBAAiB,EACjB,wBAAwB,GACzB,MAAM,4BAA4B,CAAC;AACpC,YAAY,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -13,8 +13,11 @@ export * from './builder.js';
|
|
|
13
13
|
export * from './parser.js';
|
|
14
14
|
export * from './errors.js';
|
|
15
15
|
// Service-specific schemas and context (inlined)
|
|
16
|
-
export { OVERWATCH_SCHEMA,
|
|
16
|
+
export { OVERWATCH_SCHEMA, OVERWATCH_CONTEXT, PALISADE_SCHEMA, PALISADE_CONTEXT, } from './service-schemas.gen.js';
|
|
17
17
|
// Service-specific context key enums
|
|
18
18
|
export { OverwatchContextKey } from './overwatch-context.gen.js';
|
|
19
19
|
export { PalisadeContextKey } from './palisade-context.gen.js';
|
|
20
|
+
// Service-specific entity metadata (for UI - principals, resources, actions)
|
|
21
|
+
export { OVERWATCH_ENTITIES, OVERWATCH_ACTION_ENTITIES, } from './overwatch-entities.gen.js';
|
|
22
|
+
export { PALISADE_ENTITIES, PALISADE_ACTION_ENTITIES, } from './palisade-entities.gen.js';
|
|
20
23
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,uCAAuC;AACvC,EAAE;AACF,sEAAsE;AACtE,oEAAoE;AAEpE,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAEhC,0CAA0C;AAC1C,cAAc,aAAa,CAAC;AAC5B,cAAc,cAAc,CAAC;AAC7B,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAE5B,iDAAiD;AACjD,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,uCAAuC;AACvC,EAAE;AACF,sEAAsE;AACtE,oEAAoE;AAEpE,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAEhC,0CAA0C;AAC1C,cAAc,aAAa,CAAC;AAC5B,cAAc,cAAc,CAAC;AAC7B,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAE5B,iDAAiD;AACjD,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,eAAe,EACf,gBAAgB,GACjB,MAAM,0BAA0B,CAAC;AAOlC,qCAAqC;AACrC,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAE/D,6EAA6E;AAC7E,OAAO,EACL,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iBAAiB,EACjB,wBAAwB,GACzB,MAAM,4BAA4B,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { ServiceEntityMetadata, ActionEntityMetadata } from './entity-metadata-types.gen.js';
|
|
2
|
+
/**
|
|
3
|
+
* Overwatch entity metadata for UI components.
|
|
4
|
+
* Extracted from Cedar schema appliesTo blocks.
|
|
5
|
+
*/
|
|
6
|
+
export declare const OVERWATCH_ENTITIES: ServiceEntityMetadata;
|
|
7
|
+
/**
|
|
8
|
+
* Per-action entity mapping for Overwatch.
|
|
9
|
+
* Maps action names to their valid principals and resources.
|
|
10
|
+
*/
|
|
11
|
+
export declare const OVERWATCH_ACTION_ENTITIES: Record<string, ActionEntityMetadata>;
|
|
12
|
+
//# sourceMappingURL=overwatch-entities.gen.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"overwatch-entities.gen.d.ts","sourceRoot":"","sources":["../src/overwatch-entities.gen.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAElG;;;GAGG;AACH,eAAO,MAAM,kBAAkB,EAAE,qBAIvB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB,EAAE,MAAM,CAAC,MAAM,EAAE,oBAAoB,CAqBjE,CAAC"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
// Code generated by highflame-policy-codegen. DO NOT EDIT.
|
|
2
|
+
// Source: schemas/overwatch/schema.cedarschema
|
|
3
|
+
/**
|
|
4
|
+
* Overwatch entity metadata for UI components.
|
|
5
|
+
* Extracted from Cedar schema appliesTo blocks.
|
|
6
|
+
*/
|
|
7
|
+
export const OVERWATCH_ENTITIES = {
|
|
8
|
+
principals: ['Agent', 'User'],
|
|
9
|
+
resources: ['FilePath', 'LlmPrompt', 'Server', 'Tool'],
|
|
10
|
+
actions: ['call_tool', 'connect_server', 'process_prompt', 'read_file', 'write_file'],
|
|
11
|
+
};
|
|
12
|
+
/**
|
|
13
|
+
* Per-action entity mapping for Overwatch.
|
|
14
|
+
* Maps action names to their valid principals and resources.
|
|
15
|
+
*/
|
|
16
|
+
export const OVERWATCH_ACTION_ENTITIES = {
|
|
17
|
+
'call_tool': {
|
|
18
|
+
principals: ['User', 'Agent'],
|
|
19
|
+
resources: ['Tool', 'FilePath'],
|
|
20
|
+
},
|
|
21
|
+
'connect_server': {
|
|
22
|
+
principals: ['User', 'Agent'],
|
|
23
|
+
resources: ['Server'],
|
|
24
|
+
},
|
|
25
|
+
'process_prompt': {
|
|
26
|
+
principals: ['User', 'Agent'],
|
|
27
|
+
resources: ['LlmPrompt'],
|
|
28
|
+
},
|
|
29
|
+
'read_file': {
|
|
30
|
+
principals: ['User', 'Agent'],
|
|
31
|
+
resources: ['FilePath'],
|
|
32
|
+
},
|
|
33
|
+
'write_file': {
|
|
34
|
+
principals: ['User', 'Agent'],
|
|
35
|
+
resources: ['FilePath'],
|
|
36
|
+
},
|
|
37
|
+
};
|
|
38
|
+
//# sourceMappingURL=overwatch-entities.gen.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"overwatch-entities.gen.js","sourceRoot":"","sources":["../src/overwatch-entities.gen.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,+CAA+C;AAI/C;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAA0B;IACvD,UAAU,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;IAC7B,SAAS,EAAE,CAAC,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,CAAC;IACtD,OAAO,EAAE,CAAC,WAAW,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,WAAW,EAAE,YAAY,CAAC;CAC7E,CAAC;AAEX;;;GAGG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAyC;IAC7E,WAAW,EAAE;QACX,UAAU,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7B,SAAS,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;KAChC;IACD,gBAAgB,EAAE;QAChB,UAAU,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7B,SAAS,EAAE,CAAC,QAAQ,CAAC;KACtB;IACD,gBAAgB,EAAE;QAChB,UAAU,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7B,SAAS,EAAE,CAAC,WAAW,CAAC;KACzB;IACD,WAAW,EAAE;QACX,UAAU,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7B,SAAS,EAAE,CAAC,UAAU,CAAC;KACxB;IACD,YAAY,EAAE;QACZ,UAAU,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7B,SAAS,EAAE,CAAC,UAAU,CAAC;KACxB;CACO,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { ServiceEntityMetadata, ActionEntityMetadata } from './entity-metadata-types.gen.js';
|
|
2
|
+
/**
|
|
3
|
+
* Palisade entity metadata for UI components.
|
|
4
|
+
* Extracted from Cedar schema appliesTo blocks.
|
|
5
|
+
*/
|
|
6
|
+
export declare const PALISADE_ENTITIES: ServiceEntityMetadata;
|
|
7
|
+
/**
|
|
8
|
+
* Per-action entity mapping for Palisade.
|
|
9
|
+
* Maps action names to their valid principals and resources.
|
|
10
|
+
*/
|
|
11
|
+
export declare const PALISADE_ACTION_ENTITIES: Record<string, ActionEntityMetadata>;
|
|
12
|
+
//# sourceMappingURL=palisade-entities.gen.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"palisade-entities.gen.d.ts","sourceRoot":"","sources":["../src/palisade-entities.gen.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAElG;;;GAGG;AACH,eAAO,MAAM,iBAAiB,EAAE,qBAItB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,wBAAwB,EAAE,MAAM,CAAC,MAAM,EAAE,oBAAoB,CA6BhE,CAAC"}
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
// Code generated by highflame-policy-codegen. DO NOT EDIT.
|
|
2
|
+
// Source: schemas/palisade/schema.cedarschema
|
|
3
|
+
/**
|
|
4
|
+
* Palisade entity metadata for UI components.
|
|
5
|
+
* Extracted from Cedar schema appliesTo blocks.
|
|
6
|
+
*/
|
|
7
|
+
export const PALISADE_ENTITIES = {
|
|
8
|
+
principals: ['Scanner'],
|
|
9
|
+
resources: ['Artifact', 'Package'],
|
|
10
|
+
actions: ['deploy_model', 'load_model', 'quarantine_artifact', 'scan_artifact', 'scan_package', 'validate_integrity', 'validate_provenance'],
|
|
11
|
+
};
|
|
12
|
+
/**
|
|
13
|
+
* Per-action entity mapping for Palisade.
|
|
14
|
+
* Maps action names to their valid principals and resources.
|
|
15
|
+
*/
|
|
16
|
+
export const PALISADE_ACTION_ENTITIES = {
|
|
17
|
+
'deploy_model': {
|
|
18
|
+
principals: ['Scanner'],
|
|
19
|
+
resources: ['Artifact'],
|
|
20
|
+
},
|
|
21
|
+
'load_model': {
|
|
22
|
+
principals: ['Scanner'],
|
|
23
|
+
resources: ['Artifact'],
|
|
24
|
+
},
|
|
25
|
+
'quarantine_artifact': {
|
|
26
|
+
principals: ['Scanner'],
|
|
27
|
+
resources: ['Artifact'],
|
|
28
|
+
},
|
|
29
|
+
'scan_artifact': {
|
|
30
|
+
principals: ['Scanner'],
|
|
31
|
+
resources: ['Artifact'],
|
|
32
|
+
},
|
|
33
|
+
'scan_package': {
|
|
34
|
+
principals: ['Scanner'],
|
|
35
|
+
resources: ['Package'],
|
|
36
|
+
},
|
|
37
|
+
'validate_integrity': {
|
|
38
|
+
principals: ['Scanner'],
|
|
39
|
+
resources: ['Artifact'],
|
|
40
|
+
},
|
|
41
|
+
'validate_provenance': {
|
|
42
|
+
principals: ['Scanner'],
|
|
43
|
+
resources: ['Artifact'],
|
|
44
|
+
},
|
|
45
|
+
};
|
|
46
|
+
//# sourceMappingURL=palisade-entities.gen.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"palisade-entities.gen.js","sourceRoot":"","sources":["../src/palisade-entities.gen.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,8CAA8C;AAI9C;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAA0B;IACtD,UAAU,EAAE,CAAC,SAAS,CAAC;IACvB,SAAS,EAAE,CAAC,UAAU,EAAE,SAAS,CAAC;IAClC,OAAO,EAAE,CAAC,cAAc,EAAE,YAAY,EAAE,qBAAqB,EAAE,eAAe,EAAE,cAAc,EAAE,oBAAoB,EAAE,qBAAqB,CAAC;CACpI,CAAC;AAEX;;;GAGG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAyC;IAC5E,cAAc,EAAE;QACd,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,SAAS,EAAE,CAAC,UAAU,CAAC;KACxB;IACD,YAAY,EAAE;QACZ,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,SAAS,EAAE,CAAC,UAAU,CAAC;KACxB;IACD,qBAAqB,EAAE;QACrB,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,SAAS,EAAE,CAAC,UAAU,CAAC;KACxB;IACD,eAAe,EAAE;QACf,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,SAAS,EAAE,CAAC,UAAU,CAAC;KACxB;IACD,cAAc,EAAE;QACd,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB;IACD,oBAAoB,EAAE;QACpB,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,SAAS,EAAE,CAAC,UAAU,CAAC;KACxB;IACD,qBAAqB,EAAE;QACrB,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,SAAS,EAAE,CAAC,UAAU,CAAC;KACxB;CACO,CAAC"}
|
package/dist/studio-ui.test.js
CHANGED
|
@@ -6,7 +6,9 @@
|
|
|
6
6
|
*/
|
|
7
7
|
import { describe, it, expect } from 'vitest';
|
|
8
8
|
// Browser-safe imports (simulating '@highflame/policy/types')
|
|
9
|
-
import { PolicyBuilder, OVERWATCH_SCHEMA, PALISADE_SCHEMA, OVERWATCH_CONTEXT, OverwatchContextKey, PalisadeContextKey,
|
|
9
|
+
import { PolicyBuilder, OVERWATCH_SCHEMA, PALISADE_SCHEMA, OVERWATCH_CONTEXT, OverwatchContextKey, PalisadeContextKey,
|
|
10
|
+
// Entity metadata for UI dropdowns
|
|
11
|
+
OVERWATCH_ENTITIES, OVERWATCH_ACTION_ENTITIES, PALISADE_ENTITIES, PALISADE_ACTION_ENTITIES, } from './types.js';
|
|
10
12
|
// Node.js only imports (for API routes)
|
|
11
13
|
import { PolicyEngine, PolicyValidator, newEntityUID, newEntity, } from './index.js';
|
|
12
14
|
describe('Studio UI Integration Tests', () => {
|
|
@@ -161,5 +163,92 @@ describe('Studio UI Integration Tests', () => {
|
|
|
161
163
|
});
|
|
162
164
|
expect(decision.effect).toBe('Deny');
|
|
163
165
|
});
|
|
166
|
+
/**
|
|
167
|
+
* Test 4: Entity Metadata for UI Dropdowns - Overwatch
|
|
168
|
+
*
|
|
169
|
+
* Studio UI needs to know which entity types can be principals,
|
|
170
|
+
* which can be resources, and what actions are available.
|
|
171
|
+
* This data is extracted from Cedar schema appliesTo blocks.
|
|
172
|
+
*/
|
|
173
|
+
it('should provide correct entity metadata for Overwatch UI dropdowns', () => {
|
|
174
|
+
// Verify ServiceEntityMetadata structure
|
|
175
|
+
expect(OVERWATCH_ENTITIES.principals).toBeDefined();
|
|
176
|
+
expect(OVERWATCH_ENTITIES.resources).toBeDefined();
|
|
177
|
+
expect(OVERWATCH_ENTITIES.actions).toBeDefined();
|
|
178
|
+
// Overwatch principals should include User and Agent
|
|
179
|
+
expect(OVERWATCH_ENTITIES.principals).toContain('Agent');
|
|
180
|
+
expect(OVERWATCH_ENTITIES.principals).toContain('User');
|
|
181
|
+
expect(OVERWATCH_ENTITIES.principals).toHaveLength(2);
|
|
182
|
+
// Overwatch resources should include all resource types
|
|
183
|
+
expect(OVERWATCH_ENTITIES.resources).toContain('FilePath');
|
|
184
|
+
expect(OVERWATCH_ENTITIES.resources).toContain('LlmPrompt');
|
|
185
|
+
expect(OVERWATCH_ENTITIES.resources).toContain('Server');
|
|
186
|
+
expect(OVERWATCH_ENTITIES.resources).toContain('Tool');
|
|
187
|
+
expect(OVERWATCH_ENTITIES.resources).toHaveLength(4);
|
|
188
|
+
// Overwatch actions should match schema
|
|
189
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('call_tool');
|
|
190
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('connect_server');
|
|
191
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('process_prompt');
|
|
192
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('read_file');
|
|
193
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('write_file');
|
|
194
|
+
expect(OVERWATCH_ENTITIES.actions).toHaveLength(5);
|
|
195
|
+
});
|
|
196
|
+
/**
|
|
197
|
+
* Test 5: Per-Action Entity Mapping - Overwatch
|
|
198
|
+
*
|
|
199
|
+
* Studio UI needs to filter dropdowns based on selected action.
|
|
200
|
+
* Each action has specific valid principals and resources.
|
|
201
|
+
*/
|
|
202
|
+
it('should provide per-action entity mapping for Overwatch', () => {
|
|
203
|
+
// call_tool action should have correct principals and resources
|
|
204
|
+
const callTool = OVERWATCH_ACTION_ENTITIES['call_tool'];
|
|
205
|
+
expect(callTool).toBeDefined();
|
|
206
|
+
expect(callTool.principals).toContain('User');
|
|
207
|
+
expect(callTool.principals).toContain('Agent');
|
|
208
|
+
expect(callTool.resources).toContain('Tool');
|
|
209
|
+
expect(callTool.resources).toContain('FilePath');
|
|
210
|
+
// connect_server action should only apply to Server resource
|
|
211
|
+
const connectServer = OVERWATCH_ACTION_ENTITIES['connect_server'];
|
|
212
|
+
expect(connectServer).toBeDefined();
|
|
213
|
+
expect(connectServer.principals).toContain('User');
|
|
214
|
+
expect(connectServer.principals).toContain('Agent');
|
|
215
|
+
expect(connectServer.resources).toContain('Server');
|
|
216
|
+
expect(connectServer.resources).not.toContain('Tool');
|
|
217
|
+
// process_prompt action should only apply to LlmPrompt resource
|
|
218
|
+
const processPrompt = OVERWATCH_ACTION_ENTITIES['process_prompt'];
|
|
219
|
+
expect(processPrompt).toBeDefined();
|
|
220
|
+
expect(processPrompt.resources).toContain('LlmPrompt');
|
|
221
|
+
expect(processPrompt.resources).not.toContain('Tool');
|
|
222
|
+
// read_file and write_file should apply to FilePath resource
|
|
223
|
+
const readFile = OVERWATCH_ACTION_ENTITIES['read_file'];
|
|
224
|
+
const writeFile = OVERWATCH_ACTION_ENTITIES['write_file'];
|
|
225
|
+
expect(readFile.resources).toContain('FilePath');
|
|
226
|
+
expect(writeFile.resources).toContain('FilePath');
|
|
227
|
+
});
|
|
228
|
+
/**
|
|
229
|
+
* Test 6: Entity Metadata for Palisade
|
|
230
|
+
*
|
|
231
|
+
* Verify Palisade service also has correct entity metadata.
|
|
232
|
+
*/
|
|
233
|
+
it('should provide correct entity metadata for Palisade UI dropdowns', () => {
|
|
234
|
+
// Palisade has Scanner as principal
|
|
235
|
+
expect(PALISADE_ENTITIES.principals).toContain('Scanner');
|
|
236
|
+
// Palisade resources include Artifact and Package
|
|
237
|
+
expect(PALISADE_ENTITIES.resources).toContain('Artifact');
|
|
238
|
+
expect(PALISADE_ENTITIES.resources).toContain('Package');
|
|
239
|
+
// Palisade actions
|
|
240
|
+
expect(PALISADE_ENTITIES.actions).toContain('load_model');
|
|
241
|
+
expect(PALISADE_ENTITIES.actions).toContain('scan_artifact');
|
|
242
|
+
expect(PALISADE_ENTITIES.actions).toContain('quarantine_artifact');
|
|
243
|
+
// Per-action mapping - load_model applies to Artifact
|
|
244
|
+
const loadModel = PALISADE_ACTION_ENTITIES['load_model'];
|
|
245
|
+
expect(loadModel).toBeDefined();
|
|
246
|
+
expect(loadModel.principals).toContain('Scanner');
|
|
247
|
+
expect(loadModel.resources).toContain('Artifact');
|
|
248
|
+
// scan_package applies to Package resource
|
|
249
|
+
const scanPackage = PALISADE_ACTION_ENTITIES['scan_package'];
|
|
250
|
+
expect(scanPackage).toBeDefined();
|
|
251
|
+
expect(scanPackage.resources).toContain('Package');
|
|
252
|
+
});
|
|
164
253
|
});
|
|
165
254
|
//# sourceMappingURL=studio-ui.test.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"studio-ui.test.js","sourceRoot":"","sources":["../src/studio-ui.test.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAE9C,8DAA8D;AAC9D,OAAO,EAGL,aAAa,EACb,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EAEjB,mBAAmB,EACnB,kBAAkB,
|
|
1
|
+
{"version":3,"file":"studio-ui.test.js","sourceRoot":"","sources":["../src/studio-ui.test.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAE9C,8DAA8D;AAC9D,OAAO,EAGL,aAAa,EACb,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EAEjB,mBAAmB,EACnB,kBAAkB;AAClB,mCAAmC;AACnC,kBAAkB,EAClB,yBAAyB,EACzB,iBAAiB,EACjB,wBAAwB,GAKzB,MAAM,YAAY,CAAC;AAEpB,wCAAwC;AACxC,OAAO,EACL,YAAY,EACZ,eAAe,EACf,YAAY,EACZ,SAAS,GACV,MAAM,YAAY,CAAC;AAEpB,QAAQ,CAAC,6BAA6B,EAAE,GAAG,EAAE;IAC3C;;;;;OAKG;IACH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,6CAA6C;QAC7C,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE;aAClC,aAAa,CAAC,MAAM,CAAC;aACrB,MAAM,CAAC,WAAW,CAAC;aACnB,YAAY,CAAC,MAAM,CAAC;aACpB,KAAK,EAAE,CAAC;QAEX,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAEnC,oDAAoD;QACpD,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,+BAA+B,CAAC,CAAC;QAC7D,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAE,qBAAqB;IAC9E,CAAC,CAAC,CAAC;IAEH;;;;;OAKG;IACH,EAAE,CAAC,4DAA4D,EAAE,GAAG,EAAE;QACpE,4BAA4B;QAC5B,MAAM,CAAC,OAAO,gBAAgB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/C,MAAM,CAAC,gBAAgB,CAAC,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;QAC1D,MAAM,CAAC,OAAO,eAAe,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;QAExD,kDAAkD;QAClD,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAE5D,sDAAsD;QACtD,MAAM,cAAc,GAAG,iBAAiB,CAAC,OAAO,CAAC,IAAI,CACnD,CAAC,CAAgB,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,WAAW,CAC7C,CAAC;QACF,MAAM,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,cAAe,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAErE,+DAA+D;QAC/D,MAAM,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACvD,MAAM,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC7D,MAAM,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACrD,MAAM,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH;;;;;;;OAOG;IACH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,yCAAyC;QACzC,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE;aAClC,aAAa,CAAC,iBAAiB,CAAC;aAChC,MAAM,CAAC,gCAAgC,CAAC;aACxC,YAAY,CAAC,iBAAiB,CAAC;aAC/B,OAAO,CAAC,0BAA0B,CAAC;aACnC,KAAK,EAAE,CAAC;QAEX,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QACnC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;QAE/C,8CAA8C;QAC9C,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,gBAAgB,CAAC,CAAC;QACxD,MAAM,gBAAgB,GAAG,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QACvD,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE1C,6CAA6C;QAC7C,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAC9D,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAE/B,MAAM,QAAQ,GAAG;YACf,SAAS,CAAC,iBAAiB,EAAE,YAAY,EAAE,EAAE,SAAS,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC;YAChG,SAAS,CAAC,iBAAiB,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC;SAClF,CAAC;QAEF,mDAAmD;QACnD,MAAM,WAAW,GAAG;YAClB,OAAO,EAAE,QAAQ;YACjB,MAAM,EAAE,YAAY;YACpB,KAAK,EAAE,YAAY;YACnB,UAAU,EAAE,kBAAkB;YAC9B,SAAS,EAAE,OAAO;YAClB,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,OAAO;YACjB,IAAI,EAAE,YAAY;YAClB,GAAG,EAAE,YAAY;YACjB,cAAc,EAAE,YAAY;YAC5B,gBAAgB,EAAE,KAAK;YACvB,iBAAiB,EAAE,EAAE;YACrB,YAAY,EAAE,EAAE;YAChB,YAAY,EAAE,EAAE;YAChB,mBAAmB,EAAE,CAAC;YACtB,gBAAgB,EAAE,KAAK;YACvB,gBAAgB,EAAE,EAAE;SACrB,CAAC;QAEF,qCAAqC;QACrC,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC;YACpC,SAAS,EAAE,YAAY,CAAC,iBAAiB,EAAE,YAAY,CAAC;YACxD,MAAM,EAAE,gCAAgC;YACxC,QAAQ,EAAE,YAAY,CAAC,iBAAiB,EAAE,OAAO,CAAC;YAClD,OAAO,EAAE,EAAE,GAAG,WAAW,EAAE,YAAY,EAAE,CAAC,EAAE;YAC5C,QAAQ;SACT,CAAC,CAAC;QACH,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAE3C,0DAA0D;QAC1D,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC;YACnC,SAAS,EAAE,YAAY,CAAC,iBAAiB,EAAE,YAAY,CAAC;YACxD,MAAM,EAAE,gCAAgC;YACxC,QAAQ,EAAE,YAAY,CAAC,iBAAiB,EAAE,OAAO,CAAC;YAClD,OAAO,EAAE,EAAE,GAAG,WAAW,EAAE,YAAY,EAAE,EAAE,EAAE;YAC7C,QAAQ;SACT,CAAC,CAAC;QACH,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH;;;;OAIG;IACH,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;QAC5D,uDAAuD;QACvD,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE;aAClC,aAAa,CAAC,mBAAmB,CAAC;aAClC,MAAM,CAAC,gCAAgC,CAAC;aACxC,YAAY,CAAC,oBAAoB,CAAC;aAClC,OAAO,CAAC,gCAAgC,CAAC;aACzC,KAAK,EAAE,CAAC;QAEX,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QAEnC,mBAAmB;QACnB,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,eAAe,CAAC,CAAC;QACvD,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEvD,mBAAmB;QACnB,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC,CAAC;QAC7D,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAE/B,MAAM,QAAQ,GAAG;YACf,SAAS,CAAC,mBAAmB,EAAE,UAAU,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;YAClE,SAAS,CAAC,oBAAoB,EAAE,WAAW,EAAE;gBAC3C,eAAe,EAAE,QAAQ;gBACzB,IAAI,EAAE,YAAY;gBAClB,MAAM,EAAE,KAAK;gBACb,MAAM,EAAE,UAAU;aACnB,CAAC;SACH,CAAC;QAEF,gCAAgC;QAChC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;YAC/B,SAAS,EAAE,YAAY,CAAC,mBAAmB,EAAE,UAAU,CAAC;YACxD,MAAM,EAAE,gCAAgC;YACxC,QAAQ,EAAE,YAAY,CAAC,oBAAoB,EAAE,WAAW,CAAC;YACzD,OAAO,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;YACjC,QAAQ;SACT,CAAC,CAAC;QACH,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH;;;;;;OAMG;IACH,EAAE,CAAC,mEAAmE,EAAE,GAAG,EAAE;QAC3E,yCAAyC;QACzC,MAAM,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QACnD,MAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QAEjD,qDAAqD;QACrD,MAAM,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACzD,MAAM,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACxD,MAAM,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAEtD,wDAAwD;QACxD,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC3D,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC5D,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACzD,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACvD,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAErD,wCAAwC;QACxC,MAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC1D,MAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAC/D,MAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAC/D,MAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC1D,MAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QAC3D,MAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH;;;;;OAKG;IACH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;QAChE,gEAAgE;QAChE,MAAM,QAAQ,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;QACxD,MAAM,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/B,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC/C,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC7C,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAEjD,6DAA6D;QAC7D,MAAM,aAAa,GAAG,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;QAClE,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAAC;QACpC,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACnD,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACpD,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACpD,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAEtD,gEAAgE;QAChE,MAAM,aAAa,GAAG,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;QAClE,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAAC;QACpC,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QACvD,MAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAEtD,6DAA6D;QAC7D,MAAM,QAAQ,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;QACxD,MAAM,SAAS,GAAG,yBAAyB,CAAC,YAAY,CAAC,CAAC;QAC1D,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QACjD,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH;;;;OAIG;IACH,EAAE,CAAC,kEAAkE,EAAE,GAAG,EAAE;QAC1E,oCAAoC;QACpC,MAAM,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE1D,kDAAkD;QAClD,MAAM,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC1D,MAAM,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAEzD,mBAAmB;QACnB,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QAC1D,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;QAEnE,sDAAsD;QACtD,MAAM,SAAS,GAAG,wBAAwB,CAAC,YAAY,CAAC,CAAC;QACzD,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QAChC,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAClD,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAElD,2CAA2C;QAC3C,MAAM,WAAW,GAAG,wBAAwB,CAAC,cAAc,CAAC,CAAC;QAC7D,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;QAClC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -4,8 +4,11 @@ export * from './context.gen.js';
|
|
|
4
4
|
export * from './schema.gen.js';
|
|
5
5
|
export * from './builder.js';
|
|
6
6
|
export * from './errors.js';
|
|
7
|
-
export { OVERWATCH_SCHEMA,
|
|
7
|
+
export { OVERWATCH_SCHEMA, OVERWATCH_CONTEXT, PALISADE_SCHEMA, PALISADE_CONTEXT, } from './service-schemas.gen.js';
|
|
8
8
|
export type { ContextAttribute, ActionContext, ServiceContext, } from './service-schemas.gen.js';
|
|
9
9
|
export { OverwatchContextKey } from './overwatch-context.gen.js';
|
|
10
10
|
export { PalisadeContextKey } from './palisade-context.gen.js';
|
|
11
|
+
export { OVERWATCH_ENTITIES, OVERWATCH_ACTION_ENTITIES, } from './overwatch-entities.gen.js';
|
|
12
|
+
export { PALISADE_ENTITIES, PALISADE_ACTION_ENTITIES, } from './palisade-entities.gen.js';
|
|
13
|
+
export type { ServiceEntityMetadata, ActionEntityMetadata } from './entity-metadata-types.gen.js';
|
|
11
14
|
//# sourceMappingURL=types.d.ts.map
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAQA,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAGhC,cAAc,cAAc,CAAC;AAG7B,cAAc,aAAa,CAAC;AAG5B,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAQA,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAGhC,cAAc,cAAc,CAAC;AAG7B,cAAc,aAAa,CAAC;AAG5B,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,eAAe,EACf,gBAAgB,GACjB,MAAM,0BAA0B,CAAC;AAClC,YAAY,EACV,gBAAgB,EAChB,aAAa,EACb,cAAc,GACf,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAG/D,OAAO,EACL,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iBAAiB,EACjB,wBAAwB,GACzB,MAAM,4BAA4B,CAAC;AACpC,YAAY,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC"}
|
package/dist/types.js
CHANGED
|
@@ -14,8 +14,11 @@ export * from './builder.js';
|
|
|
14
14
|
// Error types - works in browser (no WASM dependency)
|
|
15
15
|
export * from './errors.js';
|
|
16
16
|
// Service-specific schemas and context (inlined, browser-safe)
|
|
17
|
-
export { OVERWATCH_SCHEMA,
|
|
17
|
+
export { OVERWATCH_SCHEMA, OVERWATCH_CONTEXT, PALISADE_SCHEMA, PALISADE_CONTEXT, } from './service-schemas.gen.js';
|
|
18
18
|
// Service-specific context key enums
|
|
19
19
|
export { OverwatchContextKey } from './overwatch-context.gen.js';
|
|
20
20
|
export { PalisadeContextKey } from './palisade-context.gen.js';
|
|
21
|
+
// Service-specific entity metadata (for UI - principals, resources, actions)
|
|
22
|
+
export { OVERWATCH_ENTITIES, OVERWATCH_ACTION_ENTITIES, } from './overwatch-entities.gen.js';
|
|
23
|
+
export { PALISADE_ENTITIES, PALISADE_ACTION_ENTITIES, } from './palisade-entities.gen.js';
|
|
21
24
|
//# sourceMappingURL=types.js.map
|
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,uCAAuC;AACvC,EAAE;AACF,6CAA6C;AAC7C,gDAAgD;AAChD,yEAAyE;AAEzE,gDAAgD;AAChD,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAEhC,wDAAwD;AACxD,cAAc,cAAc,CAAC;AAE7B,sDAAsD;AACtD,cAAc,aAAa,CAAC;AAE5B,+DAA+D;AAC/D,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,uCAAuC;AACvC,EAAE;AACF,6CAA6C;AAC7C,gDAAgD;AAChD,yEAAyE;AAEzE,gDAAgD;AAChD,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AACjC,cAAc,kBAAkB,CAAC;AACjC,cAAc,iBAAiB,CAAC;AAEhC,wDAAwD;AACxD,cAAc,cAAc,CAAC;AAE7B,sDAAsD;AACtD,cAAc,aAAa,CAAC;AAE5B,+DAA+D;AAC/D,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,eAAe,EACf,gBAAgB,GACjB,MAAM,0BAA0B,CAAC;AAOlC,qCAAqC;AACrC,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAE/D,6EAA6E;AAC7E,OAAO,EACL,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iBAAiB,EACjB,wBAAwB,GACzB,MAAM,4BAA4B,CAAC"}
|
package/package.json
CHANGED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
// Code generated by highflame-policy-codegen. DO NOT EDIT.
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* Entity metadata for a service, extracted from Cedar schema appliesTo blocks.
|
|
5
|
+
* Used by Studio UI to populate dropdowns in policy editor.
|
|
6
|
+
*/
|
|
7
|
+
export interface ServiceEntityMetadata {
|
|
8
|
+
readonly principals: readonly string[];
|
|
9
|
+
readonly resources: readonly string[];
|
|
10
|
+
readonly actions: readonly string[];
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
/**
|
|
14
|
+
* Entity metadata for a specific action.
|
|
15
|
+
*/
|
|
16
|
+
export interface ActionEntityMetadata {
|
|
17
|
+
readonly principals: readonly string[];
|
|
18
|
+
readonly resources: readonly string[];
|
|
19
|
+
}
|
package/src/index.ts
CHANGED
|
@@ -18,8 +18,8 @@ export * from './errors.js';
|
|
|
18
18
|
// Service-specific schemas and context (inlined)
|
|
19
19
|
export {
|
|
20
20
|
OVERWATCH_SCHEMA,
|
|
21
|
-
PALISADE_SCHEMA,
|
|
22
21
|
OVERWATCH_CONTEXT,
|
|
22
|
+
PALISADE_SCHEMA,
|
|
23
23
|
PALISADE_CONTEXT,
|
|
24
24
|
} from './service-schemas.gen.js';
|
|
25
25
|
export type {
|
|
@@ -31,3 +31,14 @@ export type {
|
|
|
31
31
|
// Service-specific context key enums
|
|
32
32
|
export { OverwatchContextKey } from './overwatch-context.gen.js';
|
|
33
33
|
export { PalisadeContextKey } from './palisade-context.gen.js';
|
|
34
|
+
|
|
35
|
+
// Service-specific entity metadata (for UI - principals, resources, actions)
|
|
36
|
+
export {
|
|
37
|
+
OVERWATCH_ENTITIES,
|
|
38
|
+
OVERWATCH_ACTION_ENTITIES,
|
|
39
|
+
} from './overwatch-entities.gen.js';
|
|
40
|
+
export {
|
|
41
|
+
PALISADE_ENTITIES,
|
|
42
|
+
PALISADE_ACTION_ENTITIES,
|
|
43
|
+
} from './palisade-entities.gen.js';
|
|
44
|
+
export type { ServiceEntityMetadata, ActionEntityMetadata } from './entity-metadata-types.gen.js';
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
// Code generated by highflame-policy-codegen. DO NOT EDIT.
|
|
2
|
+
// Source: schemas/overwatch/schema.cedarschema
|
|
3
|
+
|
|
4
|
+
import type { ServiceEntityMetadata, ActionEntityMetadata } from './entity-metadata-types.gen.js';
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* Overwatch entity metadata for UI components.
|
|
8
|
+
* Extracted from Cedar schema appliesTo blocks.
|
|
9
|
+
*/
|
|
10
|
+
export const OVERWATCH_ENTITIES: ServiceEntityMetadata = {
|
|
11
|
+
principals: ['Agent', 'User'],
|
|
12
|
+
resources: ['FilePath', 'LlmPrompt', 'Server', 'Tool'],
|
|
13
|
+
actions: ['call_tool', 'connect_server', 'process_prompt', 'read_file', 'write_file'],
|
|
14
|
+
} as const;
|
|
15
|
+
|
|
16
|
+
/**
|
|
17
|
+
* Per-action entity mapping for Overwatch.
|
|
18
|
+
* Maps action names to their valid principals and resources.
|
|
19
|
+
*/
|
|
20
|
+
export const OVERWATCH_ACTION_ENTITIES: Record<string, ActionEntityMetadata> = {
|
|
21
|
+
'call_tool': {
|
|
22
|
+
principals: ['User', 'Agent'],
|
|
23
|
+
resources: ['Tool', 'FilePath'],
|
|
24
|
+
},
|
|
25
|
+
'connect_server': {
|
|
26
|
+
principals: ['User', 'Agent'],
|
|
27
|
+
resources: ['Server'],
|
|
28
|
+
},
|
|
29
|
+
'process_prompt': {
|
|
30
|
+
principals: ['User', 'Agent'],
|
|
31
|
+
resources: ['LlmPrompt'],
|
|
32
|
+
},
|
|
33
|
+
'read_file': {
|
|
34
|
+
principals: ['User', 'Agent'],
|
|
35
|
+
resources: ['FilePath'],
|
|
36
|
+
},
|
|
37
|
+
'write_file': {
|
|
38
|
+
principals: ['User', 'Agent'],
|
|
39
|
+
resources: ['FilePath'],
|
|
40
|
+
},
|
|
41
|
+
} as const;
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
// Code generated by highflame-policy-codegen. DO NOT EDIT.
|
|
2
|
+
// Source: schemas/palisade/schema.cedarschema
|
|
3
|
+
|
|
4
|
+
import type { ServiceEntityMetadata, ActionEntityMetadata } from './entity-metadata-types.gen.js';
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* Palisade entity metadata for UI components.
|
|
8
|
+
* Extracted from Cedar schema appliesTo blocks.
|
|
9
|
+
*/
|
|
10
|
+
export const PALISADE_ENTITIES: ServiceEntityMetadata = {
|
|
11
|
+
principals: ['Scanner'],
|
|
12
|
+
resources: ['Artifact', 'Package'],
|
|
13
|
+
actions: ['deploy_model', 'load_model', 'quarantine_artifact', 'scan_artifact', 'scan_package', 'validate_integrity', 'validate_provenance'],
|
|
14
|
+
} as const;
|
|
15
|
+
|
|
16
|
+
/**
|
|
17
|
+
* Per-action entity mapping for Palisade.
|
|
18
|
+
* Maps action names to their valid principals and resources.
|
|
19
|
+
*/
|
|
20
|
+
export const PALISADE_ACTION_ENTITIES: Record<string, ActionEntityMetadata> = {
|
|
21
|
+
'deploy_model': {
|
|
22
|
+
principals: ['Scanner'],
|
|
23
|
+
resources: ['Artifact'],
|
|
24
|
+
},
|
|
25
|
+
'load_model': {
|
|
26
|
+
principals: ['Scanner'],
|
|
27
|
+
resources: ['Artifact'],
|
|
28
|
+
},
|
|
29
|
+
'quarantine_artifact': {
|
|
30
|
+
principals: ['Scanner'],
|
|
31
|
+
resources: ['Artifact'],
|
|
32
|
+
},
|
|
33
|
+
'scan_artifact': {
|
|
34
|
+
principals: ['Scanner'],
|
|
35
|
+
resources: ['Artifact'],
|
|
36
|
+
},
|
|
37
|
+
'scan_package': {
|
|
38
|
+
principals: ['Scanner'],
|
|
39
|
+
resources: ['Package'],
|
|
40
|
+
},
|
|
41
|
+
'validate_integrity': {
|
|
42
|
+
principals: ['Scanner'],
|
|
43
|
+
resources: ['Artifact'],
|
|
44
|
+
},
|
|
45
|
+
'validate_provenance': {
|
|
46
|
+
principals: ['Scanner'],
|
|
47
|
+
resources: ['Artifact'],
|
|
48
|
+
},
|
|
49
|
+
} as const;
|
package/src/studio-ui.test.ts
CHANGED
|
@@ -18,8 +18,15 @@ import {
|
|
|
18
18
|
PALISADE_CONTEXT,
|
|
19
19
|
OverwatchContextKey,
|
|
20
20
|
PalisadeContextKey,
|
|
21
|
+
// Entity metadata for UI dropdowns
|
|
22
|
+
OVERWATCH_ENTITIES,
|
|
23
|
+
OVERWATCH_ACTION_ENTITIES,
|
|
24
|
+
PALISADE_ENTITIES,
|
|
25
|
+
PALISADE_ACTION_ENTITIES,
|
|
21
26
|
type ServiceContext,
|
|
22
27
|
type ActionContext,
|
|
28
|
+
type ServiceEntityMetadata,
|
|
29
|
+
type ActionEntityMetadata,
|
|
23
30
|
} from './types.js';
|
|
24
31
|
|
|
25
32
|
// Node.js only imports (for API routes)
|
|
@@ -204,4 +211,104 @@ describe('Studio UI Integration Tests', () => {
|
|
|
204
211
|
});
|
|
205
212
|
expect(decision.effect).toBe('Deny');
|
|
206
213
|
});
|
|
214
|
+
|
|
215
|
+
/**
|
|
216
|
+
* Test 4: Entity Metadata for UI Dropdowns - Overwatch
|
|
217
|
+
*
|
|
218
|
+
* Studio UI needs to know which entity types can be principals,
|
|
219
|
+
* which can be resources, and what actions are available.
|
|
220
|
+
* This data is extracted from Cedar schema appliesTo blocks.
|
|
221
|
+
*/
|
|
222
|
+
it('should provide correct entity metadata for Overwatch UI dropdowns', () => {
|
|
223
|
+
// Verify ServiceEntityMetadata structure
|
|
224
|
+
expect(OVERWATCH_ENTITIES.principals).toBeDefined();
|
|
225
|
+
expect(OVERWATCH_ENTITIES.resources).toBeDefined();
|
|
226
|
+
expect(OVERWATCH_ENTITIES.actions).toBeDefined();
|
|
227
|
+
|
|
228
|
+
// Overwatch principals should include User and Agent
|
|
229
|
+
expect(OVERWATCH_ENTITIES.principals).toContain('Agent');
|
|
230
|
+
expect(OVERWATCH_ENTITIES.principals).toContain('User');
|
|
231
|
+
expect(OVERWATCH_ENTITIES.principals).toHaveLength(2);
|
|
232
|
+
|
|
233
|
+
// Overwatch resources should include all resource types
|
|
234
|
+
expect(OVERWATCH_ENTITIES.resources).toContain('FilePath');
|
|
235
|
+
expect(OVERWATCH_ENTITIES.resources).toContain('LlmPrompt');
|
|
236
|
+
expect(OVERWATCH_ENTITIES.resources).toContain('Server');
|
|
237
|
+
expect(OVERWATCH_ENTITIES.resources).toContain('Tool');
|
|
238
|
+
expect(OVERWATCH_ENTITIES.resources).toHaveLength(4);
|
|
239
|
+
|
|
240
|
+
// Overwatch actions should match schema
|
|
241
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('call_tool');
|
|
242
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('connect_server');
|
|
243
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('process_prompt');
|
|
244
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('read_file');
|
|
245
|
+
expect(OVERWATCH_ENTITIES.actions).toContain('write_file');
|
|
246
|
+
expect(OVERWATCH_ENTITIES.actions).toHaveLength(5);
|
|
247
|
+
});
|
|
248
|
+
|
|
249
|
+
/**
|
|
250
|
+
* Test 5: Per-Action Entity Mapping - Overwatch
|
|
251
|
+
*
|
|
252
|
+
* Studio UI needs to filter dropdowns based on selected action.
|
|
253
|
+
* Each action has specific valid principals and resources.
|
|
254
|
+
*/
|
|
255
|
+
it('should provide per-action entity mapping for Overwatch', () => {
|
|
256
|
+
// call_tool action should have correct principals and resources
|
|
257
|
+
const callTool = OVERWATCH_ACTION_ENTITIES['call_tool'];
|
|
258
|
+
expect(callTool).toBeDefined();
|
|
259
|
+
expect(callTool.principals).toContain('User');
|
|
260
|
+
expect(callTool.principals).toContain('Agent');
|
|
261
|
+
expect(callTool.resources).toContain('Tool');
|
|
262
|
+
expect(callTool.resources).toContain('FilePath');
|
|
263
|
+
|
|
264
|
+
// connect_server action should only apply to Server resource
|
|
265
|
+
const connectServer = OVERWATCH_ACTION_ENTITIES['connect_server'];
|
|
266
|
+
expect(connectServer).toBeDefined();
|
|
267
|
+
expect(connectServer.principals).toContain('User');
|
|
268
|
+
expect(connectServer.principals).toContain('Agent');
|
|
269
|
+
expect(connectServer.resources).toContain('Server');
|
|
270
|
+
expect(connectServer.resources).not.toContain('Tool');
|
|
271
|
+
|
|
272
|
+
// process_prompt action should only apply to LlmPrompt resource
|
|
273
|
+
const processPrompt = OVERWATCH_ACTION_ENTITIES['process_prompt'];
|
|
274
|
+
expect(processPrompt).toBeDefined();
|
|
275
|
+
expect(processPrompt.resources).toContain('LlmPrompt');
|
|
276
|
+
expect(processPrompt.resources).not.toContain('Tool');
|
|
277
|
+
|
|
278
|
+
// read_file and write_file should apply to FilePath resource
|
|
279
|
+
const readFile = OVERWATCH_ACTION_ENTITIES['read_file'];
|
|
280
|
+
const writeFile = OVERWATCH_ACTION_ENTITIES['write_file'];
|
|
281
|
+
expect(readFile.resources).toContain('FilePath');
|
|
282
|
+
expect(writeFile.resources).toContain('FilePath');
|
|
283
|
+
});
|
|
284
|
+
|
|
285
|
+
/**
|
|
286
|
+
* Test 6: Entity Metadata for Palisade
|
|
287
|
+
*
|
|
288
|
+
* Verify Palisade service also has correct entity metadata.
|
|
289
|
+
*/
|
|
290
|
+
it('should provide correct entity metadata for Palisade UI dropdowns', () => {
|
|
291
|
+
// Palisade has Scanner as principal
|
|
292
|
+
expect(PALISADE_ENTITIES.principals).toContain('Scanner');
|
|
293
|
+
|
|
294
|
+
// Palisade resources include Artifact and Package
|
|
295
|
+
expect(PALISADE_ENTITIES.resources).toContain('Artifact');
|
|
296
|
+
expect(PALISADE_ENTITIES.resources).toContain('Package');
|
|
297
|
+
|
|
298
|
+
// Palisade actions
|
|
299
|
+
expect(PALISADE_ENTITIES.actions).toContain('load_model');
|
|
300
|
+
expect(PALISADE_ENTITIES.actions).toContain('scan_artifact');
|
|
301
|
+
expect(PALISADE_ENTITIES.actions).toContain('quarantine_artifact');
|
|
302
|
+
|
|
303
|
+
// Per-action mapping - load_model applies to Artifact
|
|
304
|
+
const loadModel = PALISADE_ACTION_ENTITIES['load_model'];
|
|
305
|
+
expect(loadModel).toBeDefined();
|
|
306
|
+
expect(loadModel.principals).toContain('Scanner');
|
|
307
|
+
expect(loadModel.resources).toContain('Artifact');
|
|
308
|
+
|
|
309
|
+
// scan_package applies to Package resource
|
|
310
|
+
const scanPackage = PALISADE_ACTION_ENTITIES['scan_package'];
|
|
311
|
+
expect(scanPackage).toBeDefined();
|
|
312
|
+
expect(scanPackage.resources).toContain('Package');
|
|
313
|
+
});
|
|
207
314
|
});
|
package/src/types.ts
CHANGED
|
@@ -20,8 +20,8 @@ export * from './errors.js';
|
|
|
20
20
|
// Service-specific schemas and context (inlined, browser-safe)
|
|
21
21
|
export {
|
|
22
22
|
OVERWATCH_SCHEMA,
|
|
23
|
-
PALISADE_SCHEMA,
|
|
24
23
|
OVERWATCH_CONTEXT,
|
|
24
|
+
PALISADE_SCHEMA,
|
|
25
25
|
PALISADE_CONTEXT,
|
|
26
26
|
} from './service-schemas.gen.js';
|
|
27
27
|
export type {
|
|
@@ -33,3 +33,14 @@ export type {
|
|
|
33
33
|
// Service-specific context key enums
|
|
34
34
|
export { OverwatchContextKey } from './overwatch-context.gen.js';
|
|
35
35
|
export { PalisadeContextKey } from './palisade-context.gen.js';
|
|
36
|
+
|
|
37
|
+
// Service-specific entity metadata (for UI - principals, resources, actions)
|
|
38
|
+
export {
|
|
39
|
+
OVERWATCH_ENTITIES,
|
|
40
|
+
OVERWATCH_ACTION_ENTITIES,
|
|
41
|
+
} from './overwatch-entities.gen.js';
|
|
42
|
+
export {
|
|
43
|
+
PALISADE_ENTITIES,
|
|
44
|
+
PALISADE_ACTION_ENTITIES,
|
|
45
|
+
} from './palisade-entities.gen.js';
|
|
46
|
+
export type { ServiceEntityMetadata, ActionEntityMetadata } from './entity-metadata-types.gen.js';
|