Enum cedar_policy_core::parser::err::ToASTError

#[non_exhaustive]
pub enum ToASTError {
    DuplicateTemplateId(PolicyID),
    DuplicatePolicyId(PolicyID),
    UnexpectedTemplate {
        slot: Slot,
    },
    BadAnnotations,
    SlotsInConditionClause {
        slot: Slot,
        clausetype: &'static str,
    },
    MissingScopeConstraint(Var),
    ExtraHeadConstraints(VariableDef),
    ReservedIdentifier(Ident),
    InvalidIdentifier(String),
    InvalidEffect(Ident),
    InvalidCondition(Ident),
    InvalidScopeConstraintVariable(Ident),
    InvalidMethodName(String),
    IncorrectVariable {
        expected: Var,
        got: Var,
    },
    InvalidConstraintOperator(RelOp),
    InvalidScopeEqualityRHS,
    InvalidActionType(EntityUID),
    EmptyClause(Option<Ident>),
    AnnotationInvariantViolation,
    MembershipInvariantViolation,
    InvalidString(String),
    ArbitraryVariable(SmolStr),
    InvalidAttribute(SmolStr),
    InvalidAttributesInRecordLiteral,
    PathAsAttribute(String),
    FunctionCallOnMethod(Id),
    InvalidPattern(String),
    WrongNode {
        expected: &'static str,
        got: String,
        suggestion: Option<String>,
    },
    AmbiguousOperators,
    UnsupportedDivision,
    UnsupportedModulo,
    NonConstantMultiplication,
    IntegerLiteralTooLarge(u64),
    UnaryOpLimit(UnaryOp),
    VariableCall(Var),
    NoMethods(Name, Id),
    NotAFunction(Name),
    UnsupportedEntityLiterals,
    ExpressionCall,
    InvalidAccess(Name, SmolStr),
    InvalidIndex(Name, SmolStr),
    NonStringIndex,
    DuplicateKeyInRecordLiteral {
        key: SmolStr,
    },
    TypeConstraints,
    InvalidPath,
    NonNormalizedString {
        kind: &'static str,
        src: String,
        normalized_src: String,
    },
    MissingNodeData,
    HasNonLiteralRHS,
    InvalidExpression(Name),
    WrongArity {
        name: &'static str,
        expected: usize,
        got: usize,
    },
    Unescape(UnescapeError),
    RefCreation(RefCreationError),
    InvalidIs(InvalidIsError),
}

Errors in the CST -> AST transform, mostly well-formedness issues.

Variants (Non-exhaustive)

Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

DuplicateTemplateId(PolicyID)

Returned when we attempt to parse a template with a conflicting id

DuplicatePolicyId(PolicyID)

Returned when we attempt to parse a policy with a conflicting id

UnexpectedTemplate

Fields

slot: Slot

Slot that was found (which is not valid in a static policy)

Returned when a template is encountered but a static policy is expected

BadAnnotations

Returned when we attempt to parse a policy with malformed or conflicting annotations

SlotsInConditionClause

Fields

slot: Slot

Slot that was found in a when/unless clause

clausetype: &'static str

Clause type, e.g. “when” or “unless”

Returned when a policy contains template slots in a when/unless clause. This is not currently supported. See RFC 3

MissingScopeConstraint(Var)

Returned when a policy is missing one of the 3 required scope clauses. (principal, action, and resource)

ExtraHeadConstraints(VariableDef)

Returned when a policy has an extra scope clause. This is not valid syntax

ReservedIdentifier(Ident)

Returned when a policy uses a reserved keyword as an identifier.

InvalidIdentifier(String)

Returned when a policy contains an invalid identifier. This error is not currently returned, but is here for future-proofing. See cst::Ident::Invalid

InvalidEffect(Ident)

Returned when a policy uses a effect keyword beyond permit or forbid

InvalidCondition(Ident)

Returned when a policy uses a condition keyword beyond when or unless

InvalidScopeConstraintVariable(Ident)

Returned when a policy uses a variable in the scope beyond principal, action, or resource

InvalidMethodName(String)

Returned when a policy contains an invalid method name

IncorrectVariable

Fields

expected: Var

The variable that is expected in this clause

got: Var

The variable that was present in this clause

Returned when a policy scope clause contains the wrong variable. (principal must be in the first clause, etc…)

InvalidConstraintOperator(RelOp)

Returned when a policy scope clauses uses an operator beyond == or in.

InvalidScopeEqualityRHS

Returned when the right hand side of == in a policy scope clause is not a single Entity UID or a template slot. This is valid in Cedar conditions, but not in the Scope

InvalidActionType(EntityUID)

Returned when an Entity UID used as an action does not have the type Action

EmptyClause(Option<Ident>)

Returned when a condition clause is empty

AnnotationInvariantViolation

Returned when the internal invariant around annotation info has been violated

MembershipInvariantViolation

Returned when membership chains do not resolve to an expression, violating an internal invariant

InvalidString(String)

Returned for a non-parse-able string literal

ArbitraryVariable(SmolStr)

Returned for attempting to use an arbitrary variable name. Cedar does not support arbitrary variables.

InvalidAttribute(SmolStr)

Returned for attempting to use an invalid attribute name

InvalidAttributesInRecordLiteral

Returned for attempting to use an invalid attribute name in a record name

PathAsAttribute(String)

Returned for attempting to use an attribute with a namespace

FunctionCallOnMethod(Id)

Returned when a policy attempts to call a method function-style

InvalidPattern(String)

Returned when the right hand side of a like expression is not a constant pattern literal

WrongNode

Fields

expected: &'static str

What the expected AST node kind was

got: String

What AST node was present in the policy source

suggestion: Option<String>

Optional free-form text with a suggestion for how to fix the problem

Returned when an unexpected node is in the policy scope clause

AmbiguousOperators

Returned when a policy contains ambiguous ordering of operators. This can be resolved by using parenthesis to make order explicit

UnsupportedDivision

Returned when a policy uses the division operator (/), which is not supported

UnsupportedModulo

Returned when a policy uses the remainder/modulo operator (%), which is not supported

NonConstantMultiplication

Returned when a policy attempts to multiply by a non-constant integer

IntegerLiteralTooLarge(u64)

Returned when a policy contains an integer literal that is out of range

UnaryOpLimit(UnaryOp)

Returned when a unary operator is chained more than 4 times in a row

VariableCall(Var)

Returned when a variable is called as a function, which is not allowed. Functions are not first class values in Cedar

NoMethods(Name, Id)

Returned when a policy attempts to call a method on a value that has no methods

NotAFunction(Name)

Returned when a policy attempts to call a function that does not exist

UnsupportedEntityLiterals

Returned when a policy attempts to write an entity literal

ExpressionCall

Returned when an expression is the target of a function call. Functions are not first class values in Cedar

InvalidAccess(Name, SmolStr)

Returned when a policy attempts to access the fields of a value with no fields

InvalidIndex(Name, SmolStr)

Returned when a policy attempts to index on a fields of a value with no fields

NonStringIndex

Returned when the contents of an indexing expression is not a string literal

DuplicateKeyInRecordLiteral

Fields

key: SmolStr

The key that appeared two or more times

Returned when the same key appears two or more times in a single record literal

TypeConstraints

Returned when a user attempts to use type-constraint : syntax. This syntax was not adopted, but is can be used to write type constraints in the policy scope.

InvalidPath

Returned when a policy uses a path in an invalid context

NonNormalizedString

Fields

kind: &'static str

The kind of string we are expecting

src: String

The source string passed in

normalized_src: String

The normalized form of the string

Returned when a string needs to be fully normalized

MissingNodeData

Returned when a CST node is empty

HasNonLiteralRHS

Returned when the right hand side of a has expression is neither a field name or a string literal

InvalidExpression(Name)

Returned when a CST expression is invalid

WrongArity

Fields

name: &'static str

Name of the function being called

expected: usize

The expected number of arguments

got: usize

The number of arguments present in source

Returned when a function has wrong arity

Unescape(UnescapeError)

Returned when a string contains invalid escapes

RefCreation(RefCreationError)

Returns when a policy scope has incorrect EntityUIDs/Template Slots

InvalidIs(InvalidIsError)

Returned when an is appears in an invalid position in the policy scope

Implementations

impl ToASTError

pub fn wrong_node( expected: &'static str, got: impl Into<String>, suggestion: Option<impl Into<String>> ) -> Self

Constructor for the ToASTError::WrongNode error

pub fn wrong_arity(name: &'static str, expected: usize, got: usize) -> Self

Constructor for the ToASTError::WrongArity error

Trait Implementations

impl Clone for ToASTError

fn clone(&self) -> ToASTError

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for ToASTError

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Diagnostic for ToASTError

fn code<'a>(&'a self) -> Option<Box<dyn Display + 'a>>

Unique diagnostic code that can be used to look up more information about this Diagnostic. Ideally also globally unique, and documented in the toplevel crate’s documentation for easy searching. Rust path format (foo::bar::baz) is recommended, but more classic codes like E0123 or enums will work just fine.

fn severity(&self) -> Option<Severity>

Diagnostic severity. This may be used by ReportHandlers to change the display format of this diagnostic.

fn help<'a>(&'a self) -> Option<Box<dyn Display + 'a>>

Additional help text related to this Diagnostic. Do you have any advice for the poor soul who’s just run into this issue?

fn url<'a>(&'a self) -> Option<Box<dyn Display + 'a>>

URL to visit for a more detailed explanation/help about this Diagnostic.

fn source_code(&self) -> Option<&dyn SourceCode>

Source code to apply this Diagnostic’s Diagnostic::labels to.

fn labels(&self) -> Option<Box<dyn Iterator<Item = LabeledSpan> + '_>>

Labels to apply to this Diagnostic’s Diagnostic::source_code

fn related<'a>( &'a self ) -> Option<Box<dyn Iterator<Item = &'a dyn Diagnostic> + 'a>>

Additional related Diagnostics.

fn diagnostic_source(&self) -> Option<&dyn Diagnostic>

The cause of the error.

impl Display for ToASTError

fn fmt(&self, __formatter: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Error for ToASTError

fn source(&self) -> Option<&(dyn Error + 'static)>

The lower-level source of this error, if any.

fn description(&self) -> &str

👎Deprecated since 1.42.0: use the Display impl or to_string()

fn cause(&self) -> Option<&dyn Error>

👎Deprecated since 1.33.0: replaced by Error::source, which can support downcasting

fn provide<'a>(&'a self, request: &mut Request<'a>)

🔬This is a nightly-only experimental API. (error_generic_member_access)

Provides type based access to context intended for error reports.

impl From<InvalidIsError> for ToASTError

fn from(source: InvalidIsError) -> Self

Converts to this type from the input type.

impl From<RefCreationError> for ToASTError

fn from(source: RefCreationError) -> Self

Converts to this type from the input type.

impl From<ToASTError> for ParseError

fn from(source: ToASTError) -> Self

Converts to this type from the input type.

impl PartialEq for ToASTError

fn eq(&self, other: &ToASTError) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Eq for ToASTError

impl StructuralEq for ToASTError

impl StructuralPartialEq for ToASTError