From edea3a70fb8522f41dcb1bdd2a7bf1acf99694ef Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 19:12:32 +0000 Subject: [PATCH 1/2] Update cedar-policy requirement from 3.3.0 to 4.0.0 Updates the requirements on [cedar-policy](https://github.com/cedar-policy/cedar) to permit the latest version. - [Release notes](https://github.com/cedar-policy/cedar/releases) - [Commits](https://github.com/cedar-policy/cedar/compare/v3.3.0...v4.0.0) --- updated-dependencies: - dependency-name: cedar-policy dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- saturn/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/saturn/Cargo.toml b/saturn/Cargo.toml index ce6c3416b..cd86c6448 100644 --- a/saturn/Cargo.toml +++ b/saturn/Cargo.toml @@ -13,4 +13,4 @@ tracing-subscriber = { workspace = true } thiserror = { workspace = true } itertools = "0.13.0" -cedar-policy = "3.3.0" +cedar-policy = "4.0.0" From cb906bf106e3db93136cb943bb74eada019efe8d Mon Sep 17 00:00:00 2001 From: "benjamin.747" Date: Wed, 18 Sep 2024 17:01:50 +0800 Subject: [PATCH 2/2] [saturn] upgrade cedar --- saturn/src/context.rs | 10 +++++----- saturn/src/lib.rs | 28 +++++++++++++++------------- 2 files changed, 20 insertions(+), 18 deletions(-) diff --git a/saturn/src/context.rs b/saturn/src/context.rs index c5bb0ab28..814e79fff 100644 --- a/saturn/src/context.rs +++ b/saturn/src/context.rs @@ -1,5 +1,5 @@ use cedar_policy::{ - Authorizer, Context, Decision, Diagnostics, HumanSchemaError, ParseErrors, PolicySet, + Authorizer, CedarSchemaError, Context, Decision, Diagnostics, ParseErrors, PolicySet, PolicySetError, Request, Schema, SchemaError, ValidationMode, Validator, }; use itertools::Itertools; @@ -24,7 +24,7 @@ pub enum ContextError { #[error("Error Parsing Json Schema: {0}")] JsonSchema(#[from] SchemaError), #[error("Error Parsing Human-readable Schema: {0}")] - CedarSchema(#[from] HumanSchemaError), + CedarSchema(#[from] CedarSchemaError), #[error("Error Parsing PolicySet: {0}")] Policy(#[from] ParseErrors), #[error("Error Processing PolicySet: {0}")] @@ -91,9 +91,9 @@ impl AppContext { ) -> Result<(), Error> { let es = self.entities.as_entities(&self.schema); let q = Request::new( - Some(principal.as_ref().clone().into()), - Some(action.as_ref().clone().into()), - Some(resource.as_ref().clone().into()), + principal.as_ref().clone().into(), + action.as_ref().clone().into(), + resource.as_ref().clone().into(), context, Some(&self.schema), ) diff --git a/saturn/src/lib.rs b/saturn/src/lib.rs index 695a69fb1..1d3d62713 100644 --- a/saturn/src/lib.rs +++ b/saturn/src/lib.rs @@ -5,7 +5,7 @@ mod util; #[cfg(test)] mod test { - use std::fs; + use std::{fs, sync::Once}; use cedar_policy::{Authorizer, Context, Entities, PolicySet, Request}; @@ -15,6 +15,16 @@ mod test { util::EntityUid, }; + static INIT: Once = Once::new(); + + fn init_tracing() { + INIT.call_once(|| { + tracing_subscriber::fmt() + .pretty() + .init(); + }); + } + #[test] fn test_without_entity() { const POLICY_SRC: &str = r#" @@ -25,14 +35,7 @@ mod test { let action = r#"Action::"view""#.parse().unwrap(); let alice = r#"User::"alice""#.parse().unwrap(); let file = r#"File::"93""#.parse().unwrap(); - let request = Request::new( - Some(alice), - Some(action), - Some(file), - Context::empty(), - None, - ) - .unwrap(); + let request = Request::new(alice, action, file, Context::empty(), None).unwrap(); let entities = Entities::empty(); let authorizer = Authorizer::new(); @@ -44,8 +47,7 @@ mod test { let action = r#"Action::"view""#.parse().unwrap(); let bob = r#"User::"bob""#.parse().unwrap(); let file = r#"File::"93""#.parse().unwrap(); - let request = - Request::new(Some(bob), Some(action), Some(file), Context::empty(), None).unwrap(); + let request = Request::new(bob, action, file, Context::empty(), None).unwrap(); let answer = authorizer.is_authorized(&request, &policy, &entities); @@ -59,7 +61,7 @@ mod test { #[test] fn test_project_path_policy() { - tracing_subscriber::fmt().pretty().init(); + init_tracing(); let entities_path = "./test/project/.mega.json"; let entities_file = fs::File::open(entities_path).unwrap(); let entities = serde_json::from_reader(entities_file).unwrap(); @@ -128,7 +130,7 @@ mod test { #[test] fn test_private_path_policy() { - tracing_subscriber::fmt().pretty().init(); + init_tracing(); let parent_entities_file = fs::File::open("./test/project/.mega.json").unwrap(); let parent_entities: EntityStore = serde_json::from_reader(parent_entities_file).unwrap();