ValidatorSchema

cedar_policy_core::validator

Struct ValidatorSchema 

Source 
pub struct ValidatorSchema { /* private fields */ }
Expand description

Internal representation of the schema for use by the validator.

In this representation, all common types are fully expanded, and all entity type names are fully disambiguated (fully qualified).

Implementations§

Source§

impl ValidatorSchema

Source

pub fn new( entity_types: impl IntoIterator<Item = ValidatorEntityType>, action_ids: impl IntoIterator<Item = ValidatorActionId>, ) -> Self

Construct a new ValidatorSchema from a set of ValidatorEntityTypes and ValidatorActionIds

Source

pub fn principals(&self) -> impl Iterator<Item = &EntityType>

Returns an iterator over every entity type that can be a principal for any action in this schema

Source

pub fn resources(&self) -> impl Iterator<Item = &EntityType>

Returns an iterator over every entity type that can be a resource for any action in this schema

Source

pub fn principals_for_action( &self, action: &EntityUID, ) -> Option<impl Iterator<Item = &EntityType>>

Returns an iterator over every entity type that can be a principal for action in this schema

§Errors

Returns None if action is not found in the schema

Source

pub fn resources_for_action( &self, action: &EntityUID, ) -> Option<impl Iterator<Item = &EntityType>>

Returns an iterator over every entity type that can be a resource for action in this schema

§Errors

Returns None if action is not found in the schema

Source

pub fn actions_for_principal_and_resource<'a: 'b, 'b>( &'a self, principal_type: &'b EntityType, resource_type: &'b EntityType, ) -> impl Iterator<Item = &'a EntityUID> + 'b

Returns an iterator over the actions that apply to this principal and resource type, as specified by the appliesTo block for the action in this schema.

Source

pub fn unlinked_request_envs( &self, mode: ValidationMode, ) -> impl Iterator<Item = RequestEnv<'_>> + '_

Returns an iterator over every valid RequestEnv in the schema

Source

pub fn ancestors<'a>( &'a self, ty: &'a EntityType, ) -> Option<impl Iterator<Item = &'a EntityType> + 'a>

Returns an iterator over all the entity types that can be a parent of ty

§Errors

Returns None if the ty is not found in the schema

Source

pub fn action_groups(&self) -> impl Iterator<Item = &EntityUID>

Returns an iterator over all the action groups defined in this schema

Source

pub fn actions(&self) -> impl Iterator<Item = &EntityUID>

Returns an iterator over all actions defined in this schema

Source

pub fn empty() -> ValidatorSchema

Create a ValidatorSchema without any definitions (of entity types, common types, or actions).

Source

pub fn from_json_value(json: Value, extensions: &Extensions<'_>) -> Result<Self>

Construct a ValidatorSchema from a JSON value in the appropriate shape.

Source

pub fn from_json_str(json: &str, extensions: &Extensions<'_>) -> Result<Self>

Construct a ValidatorSchema from a string containing JSON in the appropriate shape.

Source

pub fn from_json_file( file: impl Read, extensions: &Extensions<'_>, ) -> Result<Self>

Construct a ValidatorSchema directly from a file containing JSON in the appropriate shape.

Source

pub fn from_cedarschema_file<'a>( r: impl Read, extensions: &'a Extensions<'a>, ) -> Result<(Self, impl Iterator<Item = SchemaWarning> + 'a), CedarSchemaError>

Construct a ValidatorSchema directly from a file containing the Cedar schema syntax.

Source

pub fn from_cedarschema_str<'a>( src: &str, extensions: &Extensions<'a>, ) -> Result<(Self, impl Iterator<Item = SchemaWarning> + 'a), CedarSchemaError>

Construct a ValidatorSchema from a string containing the Cedar schema syntax.

Source

pub fn from_schema_fragments( fragments: impl IntoIterator<Item = ValidatorSchemaFragment<ConditionalName, ConditionalName>>, extensions: &Extensions<'_>, ) -> Result<ValidatorSchema>

Construct a ValidatorSchema from some number of ValidatorSchemaFragments.

Source

pub fn get_action_id(&self, action_id: &EntityUID) -> Option<&ValidatorActionId>

Lookup the ValidatorActionId object in the schema with the given name.

Source

pub fn get_entity_type<'a>( &'a self, entity_type_id: &EntityType, ) -> Option<&'a ValidatorEntityType>

Lookup the ValidatorEntityType object in the schema with the given name.

Source

pub fn action_ids(&self) -> impl Iterator<Item = &ValidatorActionId>

An iterator over the ValidatorActionIds in the schema.

Source

pub fn entity_type_names(&self) -> impl Iterator<Item = &EntityType>

An iterator over the entity type names in the schema.

Source

pub fn entity_types(&self) -> impl Iterator<Item = &ValidatorEntityType>

An iterator over the ValidatorEntityTypes in the schema.

Source

pub fn context_type(&self, action: &EntityUID) -> Option<&Type>

Get the Type of context expected for the given action. This always returns a closed record type.

Returns None if the action is not in the schema.

Source

pub fn action_entities(&self) -> Result<Entities, EntitiesError>

Construct an Entity object for each action in the schema

Source§

impl ValidatorSchema

Source

pub fn from_deprecated_json_value( json: Value, extensions: &Extensions<'_>, ) -> Result<Self, SchemaError>

Construct a ValidatorSchema from a JSON value in the appropriate shape.

Source

pub fn from_deprecated_json_str( json: &str, extensions: &Extensions<'_>, ) -> Result<Self, SchemaError>

Construct a ValidatorSchema from a string containing JSON in the appropriate shape.

Source

pub fn from_deprecated_json_file( file: impl Read, extensions: &Extensions<'_>, ) -> Result<Self, SchemaError>

Construct a ValidatorSchema directly from a file containing JSON in the appropriate shape.

Trait Implementations§

Source§

impl Clone for ValidatorSchema

Source§

fn clone(&self) -> ValidatorSchema

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for ValidatorSchema

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl FromStr for ValidatorSchema

Construct ValidatorSchema from a string containing a schema formatted in the Cedar schema format.

Source§

type Err = CedarSchemaError

The associated error which can be returned from parsing.
Source§

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a string s to return a value of this type. Read more
Source§

impl RequestSchema for ValidatorSchema

Source§

fn validate_context<'a>( &self, context: &Context, action: &EntityUID, extensions: &Extensions<'a>, ) -> Result<(), RequestValidationError>

Validate a context against a schema for a specific action

Source§

fn validate_scope_variables( &self, principal: Option<&EntityUID>, action: Option<&EntityUID>, resource: Option<&EntityUID>, ) -> Result<(), RequestValidationError>

Validate entities against a schema for a specific action

Source§

type Error = RequestValidationError

Error type returned when a request fails validation
Source§

fn validate_request( &self, request: &Request, extensions: &Extensions<'_>, ) -> Result<(), Self::Error>

Validate the given request, returning Err if it fails validation
Source§

impl TryFrom<Fragment<RawName>> for ValidatorSchema

Source§

type Error = SchemaError

The type returned in the event of a conversion error.
Source§

fn try_from(frag: Fragment<RawName>) -> Result<ValidatorSchema>

Performs the conversion.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.