Struct cedar_policy_core::ast::Template

source · 
pub struct Template { /* private fields */ }
Expand description

Top level structure for a policy template. Contains both the AST for template, and the list of open slots in the template.

Note that this “template” may have no slots, in which case this Template represents a static policy

Implementations§

source§

impl Template

source

pub fn new( id: PolicyID, annotations: BTreeMap<Id, SmolStr>, effect: Effect, principal_constraint: PrincipalConstraint, action_constraint: ActionConstraint, resource_constraint: ResourceConstraint, non_head_constraint: Expr, ) -> Self

Construct a Template from its components

source

pub fn principal_constraint(&self) -> &PrincipalConstraint

Get the principal constraint on the body

source

pub fn action_constraint(&self) -> &ActionConstraint

Get the action constraint on the body

source

pub fn resource_constraint(&self) -> &ResourceConstraint

Get the resource constraint on the body

source

pub fn non_head_constraints(&self) -> &Expr

Get the non-head constraint on the body

source

pub fn id(&self) -> &PolicyID

Get the PolicyID of this template

source

pub fn new_id(&self, id: PolicyID) -> Self

Clone this Policy with a new ID

source

pub fn effect(&self) -> Effect

Get the Effect (Permit or Deny) of this template

source

pub fn annotation(&self, key: &Id) -> Option<&SmolStr>

Get data from an annotation.

source

pub fn annotations(&self) -> impl Iterator<Item = (&Id, &SmolStr)>

Get all annotation data.

source

pub fn condition(&self) -> Expr

Get the condition expression of this template.

This will be a conjunction of the template’s head constraints (on principal, resource, and action); the template’s “when” conditions; and the negation of each of the template’s “unless” conditions.

source

pub fn slots(&self) -> impl Iterator<Item = &SlotId>

List of open slots in this template

source

pub fn is_static(&self) -> bool

Check if this template is a static policy

Static policies can be linked without any slots, and all links will be identical.

source

pub fn check_binding( template: &Template, values: &HashMap<SlotId, EntityUID>, ) -> Result<(), LinkingError>

Ensure that every slot in the template is bound by values, and that no extra values are bound in values This upholds invariant (values total map)

Attempt to create a template-linked policy from this template. This will fail if values for all open slots are not given. new_instance_id is the PolicyId for the created template-linked policy.

Take a static policy and create a template and a template-linked policy for it. They will share the same ID

Trait Implementations§

source§

impl Clone for Template

source§

fn clone(&self) -> Template

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for Template

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<'de> Deserialize<'de> for Template

source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
source§

impl Display for Template

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl From<Template> for Policy

Convert AST to EST

source§

fn from(ast: Template) -> Policy

Converts to this type from the input type.
source§

impl From<Template> for TemplateBody

source§

fn from(val: Template) -> Self

Converts to this type from the input type.
source§

impl From<TemplateBody> for Template

source§

fn from(body: TemplateBody) -> Self

Converts to this type from the input type.
source§

impl Hash for Template

source§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
source§

impl PartialEq for Template

source§

fn eq(&self, other: &Template) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Serialize for Template

source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
source§

impl TryFrom<Template> for StaticPolicy

source§

type Error = UnexpectedSlotError

The type returned in the event of a conversion error.
source§

fn try_from(value: Template) -> Result<Self, Self::Error>

Performs the conversion.
source§

impl Eq for Template

source§

impl StructuralPartialEq for Template

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> CloneToUninit for T
where T: Clone,

source§

unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoEither for T

source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

impl<T> ToOwned for T
where T: Clone,

source§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T> ToSmolStr for T
where T: Display + ?Sized,

source§

fn to_smolstr(&self) -> SmolStr

source§

impl<T> ToString for T
where T: Display + ?Sized,

source§

default fn to_string(&self) -> String

Converts the given value to a String. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

source§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,