update for cedar#1452 (#532)

Signed-off-by: Craig Disselkoen <cdiss@amazon.com>

Author: cdisselkoen

cedar-drt/Cargo.toml

@@ -8,9 +8,9 @@ publish = false
 env_logger = "0.10"
 log = "0.4"
 libfuzzer-sys = "0.4"
-cedar-policy = { path = "../cedar/cedar-policy", version = "4.*" }
-cedar-policy-core = { path = "../cedar/cedar-policy-core", version = "4.*", features = ["arbitrary", "protobufs", "datetime"] }
-cedar-policy-validator = { path = "../cedar/cedar-policy-validator", version = "4.*", features = ["arbitrary", "protobufs", "datetime"] }
+cedar-policy = { path = "../cedar/cedar-policy", version = "4.*", features = ["protobufs"] }
+cedar-policy-core = { path = "../cedar/cedar-policy-core", version = "4.*", features = ["arbitrary", "datetime"] }
+cedar-policy-validator = { path = "../cedar/cedar-policy-validator", version = "4.*", features = ["arbitrary", "datetime"] }
 cedar-policy-formatter = { path = "../cedar/cedar-policy-formatter", version = "4.*" }
 cedar-testing = { path = "../cedar/cedar-testing", version = "4.*" }
 lean-sys = { version = "0.0.7", features = ["small_allocator"], default-features = false }

cedar-drt/build.rs

@@ -33,16 +33,12 @@ fn main() {
     println!("cargo:rerun-if-changed={LEAN_BUILD_DIR}");
 
     let mut config = prost_build::Config::new();
-    config.extern_path(".cedar_policy_core", "::cedar_policy_core::ast::proto");
-    config.extern_path(".cedar_policy_validator", "::cedar_policy_validator::proto");
+    config.extern_path(".cedar_policy_core", "::cedar_policy::proto::models");
+    config.extern_path(".cedar_policy_validator", "::cedar_policy::proto::models");
     config
         .compile_protos(
             &["./protobuf_schema/Messages.proto"],
-            &[
-                "./protobuf_schema",
-                "../cedar/cedar-policy-core/protobuf_schema",
-                "../cedar/cedar-policy-validator/protobuf_schema",
-            ],
+            &["./protobuf_schema", "../cedar/cedar-policy/protobuf_schema"],
         )
         .unwrap();
 }

cedar-drt/fuzz/Cargo.toml

@@ -15,8 +15,8 @@ serde = { version = "1.0", feature = ["derive"] }
 serde_json = "1.0"
 cedar-drt = { version = "4.0.0", path = ".." }
 cedar-policy = { path = "../../cedar/cedar-policy", version = "4.*", features = ["protobufs"] }
-cedar-policy-core = { path = "../../cedar/cedar-policy-core", version = "4.*", features = ["arbitrary", "protobufs", "datetime"] }
-cedar-policy-validator = { path = "../../cedar/cedar-policy-validator", version = "4.*", features = ["arbitrary", "entity-manifest", "protobufs", "datetime"] }
+cedar-policy-core = { path = "../../cedar/cedar-policy-core", version = "4.*", features = ["arbitrary", "datetime"] }
+cedar-policy-validator = { path = "../../cedar/cedar-policy-validator", version = "4.*", features = ["arbitrary", "entity-manifest", "datetime"] }
 cedar-policy-formatter = { path = "../../cedar/cedar-policy-formatter", version = "4.*" }
 cedar-testing = { path = "../../cedar/cedar-testing", version = "4.*" }
 cedar-policy-generators = { path = "../../cedar-policy-generators", version = "4.*" }

cedar-drt/fuzz/fuzz_targets/protobuf-roundtrip.rs

@@ -24,6 +24,7 @@ use crate::arbitrary::Arbitrary;
 use crate::arbitrary::Unstructured;
 use cedar_drt::{AuthorizationRequestMsg, OwnedAuthorizationRequestMsg};
 use cedar_drt_inner::{fuzz_target, schemas::Equiv};
+use cedar_policy::proto;
 use cedar_policy_core::{
     ast, entities::Entities, entities::NoEntitiesSchema, entities::TCComputation,
     extensions::Extensions,
@@ -147,13 +148,13 @@ fn roundtrip_authz_request_msg(auth_request: AuthorizationRequestMsg) {
 
 fn roundtrip_schema(schema: cedar_policy_validator::ValidatorSchema) {
     // AST -> Protobuf bytes
-    let schema_proto = cedar_policy_validator::proto::ValidatorSchema::from(&schema);
+    let schema_proto = proto::models::ValidatorSchema::from(&schema);
 
     // Protobuf -> Bytes
     let buf = schema_proto.encode_to_vec();
 
     // Bytes -> Protobuf
-    let roundtripped_proto = cedar_policy_validator::proto::ValidatorSchema::decode(&buf[..])
+    let roundtripped_proto = proto::models::ValidatorSchema::decode(&buf[..])
         .expect("Failed to deserialize Schema from proto");
 
     // Protobuf -> AST

cedar-drt/fuzz/src/lib.rs

@@ -445,13 +445,15 @@ fn test_run_auth_test() {
     .unwrap();
     let entity_view = Entity::new_with_attr_partial_value(
         EntityUID::with_eid_and_type("Action", "view").unwrap(),
-        std::collections::HashMap::new(),
+        [],
         std::collections::HashSet::new(),
+        [],
     );
     let entity_vacation = Entity::new_with_attr_partial_value(
         EntityUID::with_eid_and_type("Photo", "vacation").unwrap(),
-        std::collections::HashMap::new(),
+        [],
         std::collections::HashSet::new(),
+        [],
     );
     let entities = Entities::from_entities(
         vec![entity_alice, entity_view, entity_vacation],

cedar-drt/fuzz/src/schemas.rs

@@ -575,8 +575,12 @@ fn either_empty<N>(spec: &json_schema::ApplySpec<N>) -> bool {
 impl Equiv for cedar_policy_validator::ValidatorSchema {
     fn equiv(lhs: &Self, rhs: &Self) -> Result<(), String> {
         Equiv::equiv(
-            &lhs.entity_types().collect::<HashMap<_, _>>(),
-            &rhs.entity_types().collect::<HashMap<_, _>>(),
+            &lhs.entity_types()
+                .map(|et| (et.name(), et))
+                .collect::<HashMap<_, _>>(),
+            &rhs.entity_types()
+                .map(|et| (et.name(), et))
+                .collect::<HashMap<_, _>>(),
         )
         .map_err(|e| format!("entity attributes are not equivalent: {e}"))?;
         Equiv::equiv(

cedar-drt/protobuf_schema/Messages.proto

@@ -1,7 +1,7 @@
 syntax = "proto3";
 package cedar_drt;
-import "AST.proto";
-import "Validator.proto";
+import "core.proto";
+import "validator.proto";
 
 message AuthorizationRequestMsg {
     cedar_policy_core.Request request = 1;

cedar-drt/src/definitional_request_types.rs

@@ -35,9 +35,11 @@ pub struct AuthorizationRequestMsg<'a> {
 impl From<&AuthorizationRequestMsg<'_>> for proto::AuthorizationRequestMsg {
     fn from(v: &AuthorizationRequestMsg<'_>) -> Self {
         Self {
-            request: Some(ast::proto::Request::from(v.request)),
-            policies: Some(ast::proto::LiteralPolicySet::from(v.policies)),
-            entities: Some(ast::proto::Entities::from(v.entities)),
+            request: Some(cedar_policy::proto::models::Request::from(v.request)),
+            policies: Some(cedar_policy::proto::models::LiteralPolicySet::from(
+                v.policies,
+            )),
+            entities: Some(cedar_policy::proto::models::Entities::from(v.entities)),
         }
     }
 }
@@ -72,11 +74,11 @@ pub struct ValidationRequestMsg<'a> {
 impl From<&ValidationRequestMsg<'_>> for proto::ValidationRequestMsg {
     fn from(v: &ValidationRequestMsg<'_>) -> Self {
         Self {
-            schema: Some(cedar_policy_validator::proto::ValidatorSchema::from(
-                v.schema,
+            schema: Some(cedar_policy::proto::models::ValidatorSchema::from(v.schema)),
+            policies: Some(cedar_policy::proto::models::LiteralPolicySet::from(
+                v.policies,
             )),
-            policies: Some(ast::proto::LiteralPolicySet::from(v.policies)),
-            mode: cedar_policy_validator::proto::ValidationMode::from(&v.mode).into(),
+            mode: cedar_policy::proto::models::ValidationMode::from(&v.mode).into(),
         }
     }
 }

cedar-lean/UnitTest/CedarProto-test-data/generate-protodata/Cargo.toml

@@ -8,8 +8,9 @@ edition = "2021"
 repository = "https://github.com/cedar-policy/cedar-spec"
 
 [dependencies]
-cedar-policy-core = { git = "https://github.com/cedar-policy/cedar", version = "*", features = ["protobufs"] }
-cedar-policy-validator = { git = "https://github.com/cedar-policy/cedar", version = "*", features = ["protobufs"] }
+cedar-policy-core = { git = "https://github.com/cedar-policy/cedar", version = "*" }
+cedar-policy-validator = { git = "https://github.com/cedar-policy/cedar", version = "*" }
+cedar-policy = { git = "https://github.com/cedar-policy/cedar", version = "*", features = ["protobufs"] }
 miette = { version = "7.1.0", features = ["fancy"] }
 prost = "0.13"
 

cedar-lean/UnitTest/CedarProto-test-data/generate-protodata/src/main.rs

@@ -4,6 +4,7 @@ use cedar_policy_core::{
     parser::{parse_policy, parse_policy_or_template, parse_policyset, Loc},
 };
 use cedar_policy_validator::types as validator_types;
+use cedar_policy::proto;
 use prost::Message;
 use std::collections::{BTreeMap, HashMap, HashSet};
 use std::path::{Path, PathBuf};
@@ -18,7 +19,7 @@ fn output_dir() -> PathBuf {
 #[track_caller]
 fn encode_expr(path: impl AsRef<Path>, e: &str) {
     let expr: ast::Expr = e.parse().unwrap();
-    let proto: ast::proto::Expr = (&expr).into();
+    let proto: proto::models::Expr = (&expr).into();
     let encoded = proto.encode_to_vec();
     std::fs::write(output_dir().join(path.as_ref()), encoded).unwrap();
 }
@@ -27,56 +28,56 @@ fn encode_expr(path: impl AsRef<Path>, e: &str) {
 #[track_caller]
 fn encode_policy_as_template(path: impl AsRef<Path>, p: &str) {
     let policy: ast::Template = parse_policy_or_template(None, p).unwrap().into();
-    let proto: ast::proto::TemplateBody = (&policy).into();
+    let proto: proto::models::TemplateBody = (&policy).into();
     let encoded = proto.encode_to_vec();
     std::fs::write(output_dir().join(path.as_ref()), encoded).unwrap();
 }
 
 #[track_caller]
 fn encode_policyset(path: impl AsRef<Path>, ps: &ast::PolicySet) {
-    let proto: ast::proto::LiteralPolicySet = ps.into();
+    let proto: proto::models::LiteralPolicySet = ps.into();
     let encoded = proto.encode_to_vec();
     std::fs::write(output_dir().join(path.as_ref()), encoded).unwrap();
 }
 
 #[track_caller]
 fn encode_request(path: impl AsRef<Path>, r: &ast::Request) {
-    let proto: ast::proto::Request = r.into();
+    let proto: proto::models::Request = r.into();
     let encoded = proto.encode_to_vec();
     std::fs::write(output_dir().join(path.as_ref()), encoded).unwrap();
 }
 
 #[track_caller]
 fn encode_entity(path: impl AsRef<Path>, e: &ast::Entity) {
-    let proto: ast::proto::Entity = e.into();
+    let proto: proto::models::Entity = e.into();
     let encoded = proto.encode_to_vec();
     std::fs::write(output_dir().join(path.as_ref()), encoded).unwrap();
 }
 
 #[track_caller]
 fn encode_entities(path: impl AsRef<Path>, es: &entities::Entities) {
-    let proto: ast::proto::Entities = es.into();
+    let proto: proto::models::Entities = es.into();
     let encoded = proto.encode_to_vec();
     std::fs::write(output_dir().join(path.as_ref()), encoded).unwrap();
 }
 
 #[track_caller]
 fn encode_val_type(path: impl AsRef<Path>, ty: &validator_types::Type) {
-    let proto: cedar_policy_validator::proto::Type = ty.into();
+    let proto: proto::models::Type = ty.into();
     let encoded = proto.encode_to_vec();
     std::fs::write(output_dir().join(path.as_ref()), encoded).unwrap();
 }
 
 #[track_caller]
 fn encode_schema(path: impl AsRef<Path>, s: &str) {
-    let (schema, warnings) = cedar_policy_validator::ValidatorSchema::from_cedarschema_str(
+    let (schema, warnings) = proto::models::ValidatorSchema::from_cedarschema_str(
         s,
         &Extensions::all_available(),
     )
     .map_err(|e| format!("{:?}", miette::Report::new(e)))
     .unwrap();
     assert_eq!(warnings.count(), 0);
-    let proto: cedar_policy_validator::proto::ValidatorSchema = (&schema).into();
+    let proto: proto::models::ValidatorSchema = (&schema).into();
     let encoded = proto.encode_to_vec();
     std::fs::write(output_dir().join(path.as_ref()), encoded).unwrap();
 }