Crate cedar_policy_validator

Validator for Cedar policies

Modules

• cedar_schema
  The Cedar syntax for schemas
• json_schema
  Structures defining the JSON syntax for Cedar schemas
• request_validation_errors
  Errors related to validation
• schema_errors
  Error subtypes for SchemaError
• typecheck
  Implements typechecking for Cedar policies. Typechecking is done using the Typechecker struct by calling the typecheck_policy method given a policy.
• types
  Defines the type structure for typechecking and various utilities for constructing and manipulating types.
• validation_errors
  Defines errors returned by the validator.
• validation_warnings
  Defines warnings returned by the validator.

Structs

• AllDefs
  Holds the sets of all entity type, common type, and action definitions (fully-qualified names) in all fragments.
• CedarSchemaParseError
  Error parsing a Cedar-syntax schema
• ConditionalName
  A name which may refer to many possible different fully-qualified names, depending on which of them are declared (in any schema fragment)
• ContextSchema
  Struct which carries enough information that it can impl Core’s ContextSchema.
• CoreSchema
  Struct which carries enough information that it can (efficiently) impl Core’s Schema
• EntityTypeDescription
  Struct which carries enough information that it can impl Core’s EntityTypeDescription
• RawName
  A newtype which indicates that the contained InternalName may not yet be fully-qualified.
• ValidationResult
  Contains the result of policy validation. The result includes the list of issues found by validation and whether validation succeeds or fails. Validation succeeds if there are no fatal errors. There may still be non-fatal warnings present when validation passes.
• Validator
  Structure containing the context needed for policy validation. This is currently only the EntityTypes and ActionTypes from a single schema.
• ValidatorActionId
  Contains information about actions used by the validator. The contents of the struct are the same as the schema entity type structure, but the member_of relation is reversed to instead be descendants.
• ValidatorEntityType
  Contains entity type information for use by the validator. The contents of the struct are the same as the schema entity type structure, but the member_of relation is reversed to instead be descendants.
• ValidatorNamespaceDef
  A single namespace definition from the schema JSON or Cedar syntax, processed into a form which is closer to that used by the validator. The processing includes detection of some errors, for example, parse errors in entity/common type names or entity/common types which are declared multiple times.
• ValidatorSchema
  Internal representation of the schema for use by the validator.
• ValidatorSchemaFragment
  A ValidatorSchemaFragment consists of any number (even 0) of ValidatorNamespaceDefs.

Enums

• ActionBehavior
  Configurable validator behaviors regarding actions
• CedarSchemaError
  Error creating a schema from the Cedar syntax
• ReferenceType
  Describes whether a reference can resolve to a common-type name, an entity-type name, or both
• RequestValidationError
  Error when the request does not conform to the schema.
• SchemaError
  Error when constructing a schema
• ValidationError
  An error generated by the validator when it finds a potential problem in a policy. The error contains a enumeration that specifies the kind of problem, and provides details specific to that kind of problem. The error also records where the problem was encountered.
• ValidationMode
  Used to select how a policy will be validated.
• ValidationWarning
  Represents the different kinds of validation warnings and information specific to that warning.

Functions

• confusable_string_checks
  Perform identifier and string safety checks.
• context_schema_for_action
  Since different Actions have different schemas for Context, you must specify the Action in order to get a ContextSchema.

Type Aliases

• Result
  Convenience alias