cedar_policy

Struct PolicySet

Source
pub struct PolicySet { /* private fields */ }
Expand description

Represents a set of Policys

Implementations§

Source§

impl PolicySet

Source

pub fn from_json_str(src: impl AsRef<str>) -> Result<Self, PolicySetError>

Deserialize the PolicySet from a JSON string

Source

pub fn from_json_value(src: Value) -> Result<Self, PolicySetError>

Deserialize the PolicySet from a JSON value

Source

pub fn from_json_file(r: impl Read) -> Result<Self, PolicySetError>

Deserialize the PolicySet from a JSON reader

Source

pub fn to_json(self) -> Result<Value, PolicySetError>

Serialize the PolicySet as a JSON value

Source

pub fn new() -> Self

Create a fresh empty PolicySet

Source

pub fn from_policies( policies: impl IntoIterator<Item = Policy>, ) -> Result<Self, PolicySetError>

Create a PolicySet from the given policies

Source

pub fn add(&mut self, policy: Policy) -> Result<(), PolicySetError>

Add an static policy to the PolicySet. To add a template instance, use link instead. This function will return an error (and not modify the PolicySet) if a template-linked policy is passed in.

Source

pub fn remove_static( &mut self, policy_id: PolicyId, ) -> Result<Policy, PolicySetError>

Remove a static Policy from the PolicySet.

This will error if the policy is not a static policy.

Source

pub fn add_template(&mut self, template: Template) -> Result<(), PolicySetError>

Add a Template to the PolicySet

Source

pub fn remove_template( &mut self, template_id: PolicyId, ) -> Result<Template, PolicySetError>

Remove a Template from the PolicySet.

This will error if any policy is linked to the template. This will error if policy_id is not a template.

Source

pub fn get_linked_policies( &self, template_id: PolicyId, ) -> Result<impl Iterator<Item = &PolicyId>, PolicySetError>

Get policies linked to a Template in the PolicySet. If any policy is linked to the template, this will error

Source

pub fn policies(&self) -> impl Iterator<Item = &Policy>

Iterate over all the Policys in the PolicySet.

This will include both static and template-linked policies.

Source

pub fn templates(&self) -> impl Iterator<Item = &Template>

Iterate over the Template’s in the PolicySet.

Source

pub fn template(&self, id: &PolicyId) -> Option<&Template>

Get a Template by its PolicyId

Source

pub fn policy(&self, id: &PolicyId) -> Option<&Policy>

Get a Policy by its PolicyId

Source

pub fn annotation(&self, id: &PolicyId, key: impl AsRef<str>) -> Option<&str>

Extract annotation data from a Policy by its PolicyId and annotation key. If the annotation is present without an explicit value (e.g., @annotation), then this function returns Some(""). It returns None only when the annotation is not present.

Source

pub fn template_annotation( &self, id: &PolicyId, key: impl AsRef<str>, ) -> Option<&str>

Extract annotation data from a Template by its PolicyId and annotation key. If the annotation is present without an explicit value (e.g., @annotation), then this function returns Some(""). It returns None only when the annotation is not present.

Source

pub fn is_empty(&self) -> bool

Returns true iff the PolicySet is empty

Source

pub fn num_of_policies(&self) -> usize

Returns the number of Policys in the PolicySet.

This will include both static and template-linked policies.

Source

pub fn num_of_templates(&self) -> usize

Returns the number of Templates in the PolicySet.

Attempt to link a template and add the new template-linked policy to the policy set. If link fails, the PolicySet is not modified. Failure can happen for three reasons

  1. The map passed in vals may not match the slots in the template
  2. The new_id may conflict w/ a policy that already exists in the set
  3. template_id does not correspond to a template. Either the id is not in the policy set, or it is in the policy set but is either a linked or static policy rather than a template
Source

pub fn unknown_entities(&self) -> HashSet<EntityUid>

Available on crate feature partial-eval only.

Get all the unknown entities from the policy set

This feature is experimental. For more information see https://github.com/cedar-policy/rfcs/blob/main/README.md#experimental-features

Unlink a template-linked policy from the policy set. Returns the policy that was unlinked.

Trait Implementations§

Source§

impl Clone for PolicySet

Source§

fn clone(&self) -> PolicySet

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for PolicySet

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for PolicySet

Source§

fn default() -> PolicySet

Returns the “default value” for a type. Read more
Source§

impl Display for PolicySet

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl FromStr for PolicySet

Source§

fn from_str(policies: &str) -> Result<Self, Self::Err>

Create a policy set from multiple statements.

Policy ids will default to “policy*” with numbers from 0. If you load more policies, do not use the default id, or there will be conflicts.

See Policy for more.

Source§

type Err = ParseErrors

The associated error which can be returned from parsing.
Source§

impl PartialEq for PolicySet

Source§

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Eq for PolicySet

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToSmolStr for T
where T: Display + ?Sized,

Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

default fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.