From c99cf52f3824efe00a64ec7198ae47ca1e330ae2 Mon Sep 17 00:00:00 2001 From: Craig Disselkoen Date: Thu, 14 Nov 2024 17:38:51 +0000 Subject: [PATCH 1/4] add clone to more types Signed-off-by: Craig Disselkoen --- cedar-policy-core/src/authorizer.rs | 1 + cedar-policy-validator/src/lib.rs | 2 +- cedar-policy-validator/src/schema.rs | 2 +- .../src/schema/namespace_def.rs | 12 +++++------ cedar-policy/src/api.rs | 20 +++++++++---------- 5 files changed, 19 insertions(+), 18 deletions(-) diff --git a/cedar-policy-core/src/authorizer.rs b/cedar-policy-core/src/authorizer.rs index 25204b6ce..fd62b22c6 100644 --- a/cedar-policy-core/src/authorizer.rs +++ b/cedar-policy-core/src/authorizer.rs @@ -40,6 +40,7 @@ pub use partial_response::ErrorState; pub use partial_response::PartialResponse; /// Authorizer +#[derive(Clone)] pub struct Authorizer { /// Cedar `Extension`s which will be used during requests to this `Authorizer` extensions: &'static Extensions<'static>, diff --git a/cedar-policy-validator/src/lib.rs b/cedar-policy-validator/src/lib.rs index b9845d20b..4218420e9 100644 --- a/cedar-policy-validator/src/lib.rs +++ b/cedar-policy-validator/src/lib.rs @@ -128,7 +128,7 @@ impl From<&proto::ValidationMode> for ValidationMode { /// Structure containing the context needed for policy validation. This is /// currently only the `EntityType`s and `ActionType`s from a single schema. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct Validator { schema: ValidatorSchema, } diff --git a/cedar-policy-validator/src/schema.rs b/cedar-policy-validator/src/schema.rs index bebbd0952..baebbe1af 100644 --- a/cedar-policy-validator/src/schema.rs +++ b/cedar-policy-validator/src/schema.rs @@ -76,7 +76,7 @@ pub enum ActionBehavior { /// A `ValidatorSchemaFragment` consists of any number (even 0) of /// `ValidatorNamespaceDef`s. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct ValidatorSchemaFragment(Vec>); impl TryInto> diff --git a/cedar-policy-validator/src/schema/namespace_def.rs b/cedar-policy-validator/src/schema/namespace_def.rs index d4908d52b..d75173a9c 100644 --- a/cedar-policy-validator/src/schema/namespace_def.rs +++ b/cedar-policy-validator/src/schema/namespace_def.rs @@ -66,7 +66,7 @@ use crate::{ /// /// `A` is like `N`, but `A` governs typenames in `appliesTo` fields, while /// `N` governs all other type references. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct ValidatorNamespaceDef { /// The (fully-qualified) name of the namespace this is a definition of, or /// `None` if this is a definition for the empty namespace. @@ -266,7 +266,7 @@ impl ValidatorNamespaceDef { /// [`json_schema::Type`]s (values in the map), entity/common type references may or /// may not be fully qualified yet, depending on `N`; see notes on /// [`json_schema::Type`]. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct CommonTypeDefs { pub(super) defs: HashMap>, } @@ -371,7 +371,7 @@ impl CommonTypeDefs { /// different schema fragment). /// /// All [`EntityType`] keys in this map are declared in this schema fragment. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct EntityTypesDef { pub(super) defs: HashMap>, } @@ -440,7 +440,7 @@ impl EntityTypesDef { /// reference undeclared entity/common types. Furthermore, entity/common type /// references in `parents`, `attributes`, and `tags` may or may not be fully /// qualified yet, depending on `N`. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct EntityTypeFragment { /// Description of the attribute types for this entity type. /// @@ -562,7 +562,7 @@ impl EntityTypeFragment { /// types. All action entities are required to use a single `Action` entity /// type. However, the action entity type may be namespaced, so an action entity /// may have a fully qualified entity type `My::Namespace::Action`. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct ActionsDef { pub(super) actions: HashMap>, } @@ -636,7 +636,7 @@ impl ActionsDef { /// /// `A` is used for typenames in `applies_to`, and `N` is used for all other /// type references. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct ActionFragment { /// The type of the context record for this action. This may contain /// references to common types which have not yet been resolved/inlined diff --git a/cedar-policy/src/api.rs b/cedar-policy/src/api.rs index 0844387e4..bf64978f7 100644 --- a/cedar-policy/src/api.rs +++ b/cedar-policy/src/api.rs @@ -763,7 +763,7 @@ impl IntoIterator for Entities { /// Authorizer object, which provides responses to authorization queries #[repr(transparent)] -#[derive(Debug, RefCast)] +#[derive(Debug, Clone, RefCast)] pub struct Authorizer(authorizer::Authorizer); impl Default for Authorizer { @@ -1237,7 +1237,7 @@ impl From for cedar_policy_validator::ValidationMode { /// Validator object, which provides policy validation and typechecking. #[repr(transparent)] -#[derive(Debug, RefCast)] +#[derive(Debug, Clone, RefCast)] pub struct Validator(cedar_policy_validator::Validator); impl Validator { @@ -1281,7 +1281,7 @@ impl Validator { /// Contains all the type information used to construct a `Schema` that can be /// used to validate a policy. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct SchemaFragment { value: cedar_policy_validator::ValidatorSchemaFragment< cedar_policy_validator::ConditionalName, @@ -1640,7 +1640,7 @@ impl Schema { /// The result includes the list of issues found by validation and whether validation succeeds or fails. /// Validation succeeds if there are no fatal errors. There may still be /// non-fatal warnings present when validation passes. -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct ValidationResult { validation_errors: Vec, validation_warnings: Vec, @@ -3399,7 +3399,7 @@ impl FromStr for RestrictedExpression { /// for partial evaluation. #[doc = include_str!("../experimental_warning.md")] #[cfg(feature = "partial-eval")] -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct RequestBuilder { principal: ast::EntityUIDEntry, action: ast::EntityUIDEntry, @@ -3412,7 +3412,7 @@ pub struct RequestBuilder { /// A marker type that indicates [`Schema`] is not set for a request #[doc = include_str!("../experimental_warning.md")] #[cfg(feature = "partial-eval")] -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct UnsetSchema; #[cfg(feature = "partial-eval")] @@ -3525,7 +3525,7 @@ impl RequestBuilder<&Schema> { /// It represents an authorization request asking the question, "Can this /// principal take this action on this resource in this context?" #[repr(transparent)] -#[derive(Debug, RefCast)] +#[derive(Debug, Clone, RefCast)] pub struct Request(pub(crate) ast::Request); impl Request { @@ -3860,7 +3860,7 @@ impl std::fmt::Display for Context { } /// Result of Evaluation -#[derive(Debug, PartialEq, Eq, PartialOrd, Ord)] +#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)] pub enum EvalResult { /// Boolean value Bool(bool), @@ -3880,7 +3880,7 @@ pub enum EvalResult { } /// Sets of Cedar values -#[derive(Debug, Eq, PartialEq, PartialOrd, Ord)] +#[derive(Debug, Clone, Eq, PartialEq, PartialOrd, Ord)] pub struct Set(BTreeSet); impl Set { @@ -3906,7 +3906,7 @@ impl Set { } /// A record of Cedar values -#[derive(Debug, Eq, PartialEq, PartialOrd, Ord)] +#[derive(Debug, Clone, Eq, PartialEq, PartialOrd, Ord)] pub struct Record(BTreeMap); impl Record { From d1bff0b7ceaeff7626b9d082dc11f42888e74f83 Mon Sep 17 00:00:00 2001 From: Craig Disselkoen Date: Thu, 14 Nov 2024 13:13:17 -0500 Subject: [PATCH 2/4] Update cedar-policy/src/api.rs Signed-off-by: Craig Disselkoen Co-authored-by: John Kastner <130772734+john-h-kastner-aws@users.noreply.github.com> --- cedar-policy/src/api.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cedar-policy/src/api.rs b/cedar-policy/src/api.rs index bf64978f7..3ddb7eff3 100644 --- a/cedar-policy/src/api.rs +++ b/cedar-policy/src/api.rs @@ -3412,7 +3412,7 @@ pub struct RequestBuilder { /// A marker type that indicates [`Schema`] is not set for a request #[doc = include_str!("../experimental_warning.md")] #[cfg(feature = "partial-eval")] -#[derive(Debug, Clone)] +#[derive(Debug, Clone, Copy)] pub struct UnsetSchema; #[cfg(feature = "partial-eval")] From 01c3f05572543186977f7055f141be98867355b0 Mon Sep 17 00:00:00 2001 From: Craig Disselkoen Date: Thu, 14 Nov 2024 13:13:39 -0500 Subject: [PATCH 3/4] Update cedar-policy-core/src/authorizer.rs Signed-off-by: Craig Disselkoen Co-authored-by: John Kastner <130772734+john-h-kastner-aws@users.noreply.github.com> --- cedar-policy-core/src/authorizer.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cedar-policy-core/src/authorizer.rs b/cedar-policy-core/src/authorizer.rs index fd62b22c6..5e9d34030 100644 --- a/cedar-policy-core/src/authorizer.rs +++ b/cedar-policy-core/src/authorizer.rs @@ -40,7 +40,7 @@ pub use partial_response::ErrorState; pub use partial_response::PartialResponse; /// Authorizer -#[derive(Clone)] +#[derive(Debug, Clone)] pub struct Authorizer { /// Cedar `Extension`s which will be used during requests to this `Authorizer` extensions: &'static Extensions<'static>, From ad771aa5808bd00464b0b3371469542a4a4fc62f Mon Sep 17 00:00:00 2001 From: Craig Disselkoen Date: Thu, 14 Nov 2024 18:22:26 +0000 Subject: [PATCH 4/4] revert revert Signed-off-by: Craig Disselkoen --- cedar-policy-core/src/authorizer.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cedar-policy-core/src/authorizer.rs b/cedar-policy-core/src/authorizer.rs index 5e9d34030..73c3a528f 100644 --- a/cedar-policy-core/src/authorizer.rs +++ b/cedar-policy-core/src/authorizer.rs @@ -40,7 +40,7 @@ pub use partial_response::ErrorState; pub use partial_response::PartialResponse; /// Authorizer -#[derive(Debug, Clone)] +#[derive(Clone)] // `Debug` implemented manually below pub struct Authorizer { /// Cedar `Extension`s which will be used during requests to this `Authorizer` extensions: &'static Extensions<'static>,