Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Schema Support #2

Open
tpaulus opened this issue Mar 8, 2024 · 1 comment
Open

Schema Support #2

tpaulus opened this issue Mar 8, 2024 · 1 comment

Comments

@tpaulus
Copy link

tpaulus commented Mar 8, 2024

cedar-go does not have parity, as noted in the README, with cedar-rust with regard to loading and including the schema in authorization requests. It would be nice to see cedar-go have support for this, as it enables additional use cases, such as the one below.

Use Case:
In order to express Action Hierarchy, where a Role contains one or more actions, a cedar schema needs to be loaded and used in the evaluation of policies. For example, the following schema allows policies to permit the SuperAdmin action, and have the PARC reference BillingAdmin and the outcome be Allow.

{
  "Role": {
    "entityTypes": {},
    "actions": {
      "SuperAdmin": {
        "appliesTo": {
          "principalTypes": [],
          "resourceTypes": []
        }
      },
      "MinimalAccountAccess": {
        "memberOf": [
          {
            "id": "SuperAdmin"
          }
        ],
        "appliesTo": {
          "principalTypes": [],
          "resourceTypes": []
        }
      },
      "Admin": {
        "memberOf": [
          {
            "id": "SuperAdmin"
          }
        ],
        "appliesTo": {
          "principalTypes": [],
          "resourceTypes": []
        }
      },
      "AdminReadOnly": {
        "memberOf": [
          {
            "id": "Admin"
          }
        ],
        "appliesTo": {
          "principalTypes": [],
          "resourceTypes": []
        }
      },
      "BillingAdmin": {
        "memberOf": [
          {
            "id": "Admin"
          }
        ],
        "appliesTo": {
          "principalTypes": [],
          "resourceTypes": []
        }
      },
      "BillingAdminReadOnly": {
        "memberOf": [
          {
            "id": "BillingAdmin"
          },
          {
            "id": "AdminReadOnly"
          }
        ],
        "appliesTo": {
          "principalTypes": [],
          "resourceTypes": []
        }
      }
    }
  }
}
@jmccarthy
Copy link
Collaborator

Hi @tpaulus - we'll leave this issue open and update it once we know more about the timeline for Schema support

@caiorcferreira caiorcferreira mentioned this issue Jun 18, 2024
Closed
masp added a commit to masp/cedar-go that referenced this issue Feb 5, 2025
@masp
schema: support parsing and formatting of Cedar schema
933a047 
This commit creates a new package github.com/cedar-policy/cedar-go/schema and a few children
packages such as ast and token for parsing the human-readable and JSON Cedar schema formats.

This commit includes:
- Parsing human-readable schema format
- Marshalling and unmarshalling JSON schema format
- Pretty-printing human-readable schema format

This commit does NOT include:
- Schema validation beyond parsing errors
- Validation in policy evaluation using the schema
- Full schema compatibility with Rust implementation (missing tags)

Related to: cedar-policy#2
masp added a commit to masp/cedar-go that referenced this issue Feb 7, 2025
@masp
schema: support parsing and formatting of Cedar schema
ba82f46 
This commit creates a new package github.com/cedar-policy/cedar-go/schema and a few children
packages such as ast and token for parsing the human-readable and JSON Cedar schema formats.

This commit includes:
- Parsing human-readable schema format
- Marshalling and unmarshalling JSON schema format
- Pretty-printing human-readable schema format

This commit does NOT include:
- Schema validation beyond parsing errors
- Validation in policy evaluation using the schema
- Full schema compatibility with Rust implementation (missing tags)

Related to: cedar-policy#2
masp added a commit to masp/cedar-go that referenced this issue Feb 8, 2025
@masp
schema: support parsing and formatting of Cedar schema
a0e5892 
This commit creates a new package github.com/cedar-policy/cedar-go/schema and a few children
packages such as ast and token for parsing the human-readable and JSON Cedar schema formats.

This commit includes:
- Parsing human-readable schema format
- Marshalling and unmarshalling JSON schema format
- Pretty-printing human-readable schema format

This commit does NOT include:
- Schema validation beyond parsing errors
- Validation in policy evaluation using the schema
- Full schema compatibility with Rust implementation (missing tags)

Related to: cedar-policy#2
@masp masp mentioned this issue Feb 8, 2025
Open
masp added a commit to masp/cedar-go that referenced this issue Feb 11, 2025
@masp
schema: support parsing and formatting of Cedar schema
6e43cbf 
This commit creates a new package github.com/cedar-policy/cedar-go/schema and a few children
packages such as ast and token for parsing the human-readable and JSON Cedar schema formats.

This commit includes:
- Parsing human-readable schema format
- Marshalling and unmarshalling JSON schema format
- Pretty-printing human-readable schema format

This commit does NOT include:
- Schema validation beyond parsing errors
- Validation in policy evaluation using the schema
- Full schema compatibility with Rust implementation (missing tags)

Related to: cedar-policy#2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jmccarthy @tpaulus