cedar_policy_validator/diagnostics/
validation_warnings.rs

1/*
2 * Copyright Cedar Contributors
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      https://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17//! Defines warnings returned by the validator.
18
19// Shorthand macro for setting the diagnostic severity to Warning.
20// We can use `#[diagnostic(severity(warning))]` once we don't need to use
21// `cedar_policy::impl_diagnostic_from_source_loc` anymore.
22macro_rules! impl_diagnostic_warning {
23    () => {
24        fn severity(&self) -> Option<miette::Severity> {
25            Some(miette::Severity::Warning)
26        }
27    };
28}
29
30use cedar_policy_core::{ast::PolicyID, impl_diagnostic_from_source_loc_opt_field, parser::Loc};
31use miette::Diagnostic;
32use thiserror::Error;
33
34/// Warning for strings containing mixed scripts
35#[derive(Debug, Clone, PartialEq, Error, Eq, Hash)]
36#[error("for policy `{policy_id}`, string `\"{string}\"` contains mixed scripts")]
37pub struct MixedScriptString {
38    /// Source location
39    pub source_loc: Option<Loc>,
40    /// Policy ID where the warning occurred
41    pub policy_id: PolicyID,
42    /// String containing mixed scripts
43    pub string: String,
44}
45
46impl Diagnostic for MixedScriptString {
47    impl_diagnostic_from_source_loc_opt_field!(source_loc);
48    impl_diagnostic_warning!();
49}
50
51/// Warning for strings containing BIDI control characters
52#[derive(Debug, Clone, PartialEq, Error, Eq, Hash)]
53#[error("for policy `{policy_id}`, string `\"{string}\"` contains BIDI control characters")]
54pub struct BidiCharsInString {
55    /// Source location
56    pub source_loc: Option<Loc>,
57    /// Policy ID where the warning occurred
58    pub policy_id: PolicyID,
59    /// String containing BIDI control characters
60    pub string: String,
61}
62
63impl Diagnostic for BidiCharsInString {
64    impl_diagnostic_from_source_loc_opt_field!(source_loc);
65    impl_diagnostic_warning!();
66}
67
68/// Warning for identifiers containing BIDI control characters
69#[derive(Debug, Clone, PartialEq, Error, Eq, Hash)]
70#[error("for policy `{policy_id}`, identifier `{id}` contains BIDI control characters")]
71pub struct BidiCharsInIdentifier {
72    /// Source location
73    pub source_loc: Option<Loc>,
74    /// Policy ID where the warning occurred
75    pub policy_id: PolicyID,
76    /// Identifier containing BIDI control characters
77    pub id: String,
78}
79
80impl Diagnostic for BidiCharsInIdentifier {
81    impl_diagnostic_from_source_loc_opt_field!(source_loc);
82    impl_diagnostic_warning!();
83}
84
85/// Warning for identifiers containing mixed scripts
86#[derive(Debug, Clone, PartialEq, Error, Eq, Hash)]
87#[error("for policy `{policy_id}`, identifier `{id}` contains mixed scripts")]
88pub struct MixedScriptIdentifier {
89    /// Source location
90    pub source_loc: Option<Loc>,
91    /// Policy ID where the warning occurred
92    pub policy_id: PolicyID,
93    /// Identifier containing mixed scripts
94    pub id: String,
95}
96impl Diagnostic for MixedScriptIdentifier {
97    impl_diagnostic_from_source_loc_opt_field!(source_loc);
98    impl_diagnostic_warning!();
99}
100
101/// Warning for identifiers containing confusable characters
102#[derive(Debug, Clone, PartialEq, Error, Eq, Hash)]
103#[error(
104    "for policy `{policy_id}`, identifier `{}` contains the character `{}` which is not a printable ASCII character and falls outside of the General Security Profile for Identifiers",
105    .id.escape_debug(),
106    .confusable_character.escape_debug()
107)]
108pub struct ConfusableIdentifier {
109    /// Source location
110    pub source_loc: Option<Loc>,
111    /// Policy ID where the warning occurred
112    pub policy_id: PolicyID,
113    /// Identifier containing confusable characters
114    pub id: String,
115    /// The specific character we're not happy about
116    pub confusable_character: char,
117}
118
119impl Diagnostic for ConfusableIdentifier {
120    impl_diagnostic_from_source_loc_opt_field!(source_loc);
121    impl_diagnostic_warning!();
122}
123
124/// Warning for policies that are impossible (evaluate to `false` for all valid requests)
125#[derive(Debug, Clone, PartialEq, Error, Eq, Hash)]
126#[error("for policy `{policy_id}`, policy is impossible: the policy expression evaluates to false for all valid requests")]
127pub struct ImpossiblePolicy {
128    /// Source location
129    pub source_loc: Option<Loc>,
130    /// Policy ID where the warning occurred
131    pub policy_id: PolicyID,
132}
133
134impl Diagnostic for ImpossiblePolicy {
135    impl_diagnostic_from_source_loc_opt_field!(source_loc);
136    impl_diagnostic_warning!();
137}