diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-04 18:22:27 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-04 18:22:27 -0600 |
| commit | 0ba8f6c8ecaa366afbb90fcddbc58fcd395fd03d (patch) | |
| tree | 9e5083e22ea1b11640e6aef2b26c54e6c775ddbf | |
| parent | 7f045aced7b556f46911aafb0a23764577d84e82 (diff) | |
refactor: inline variables
| -rw-r--r-- | src/authorization/cedar_authorizer.rs | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/src/authorization/cedar_authorizer.rs b/src/authorization/cedar_authorizer.rs index 6f5b8e63..f90e8d8b 100644 --- a/src/authorization/cedar_authorizer.rs +++ b/src/authorization/cedar_authorizer.rs @@ -127,13 +127,9 @@ impl CedarAuthorizer { ) -> Result<CedarRequest, Box<dyn std::error::Error>> { let principal = self.principal_from(&http_request)?; let permission = self.permission_from(&http_request)?; - - // Create resource entity - let resource_id = EntityId::from_str("resource")?; - let resource_type = EntityTypeName::from_str("Resource")?; - let resource = EntityUid::from_type_name_and_id(resource_type, resource_id); - + let resource = self.resource_from(&http_request)?; let context = self.context_from(http_request); + CedarRequest::new(principal, permission, resource, context?, None) .map_err(|e| Box::new(e) as Box<dyn std::error::Error>) } @@ -142,20 +138,30 @@ impl CedarAuthorizer { &self, _http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, ) -> Result<cedar_policy::EntityUid, Box<dyn std::error::Error>> { - let principal_id = EntityId::from_str("client")?; - let principal_type = EntityTypeName::from_str("User")?; - let principal = EntityUid::from_type_name_and_id(principal_type, principal_id); - Ok(principal) + Ok(EntityUid::from_type_name_and_id( + EntityTypeName::from_str("User")?, + EntityId::from_str("client")?, + )) } fn permission_from( &self, _http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, ) -> Result<cedar_policy::EntityUid, Box<dyn std::error::Error>> { - let action_id = EntityId::from_str("check")?; - let action_type = EntityTypeName::from_str("Action")?; - let action = EntityUid::from_type_name_and_id(action_type, action_id); - Ok(action) + Ok(EntityUid::from_type_name_and_id( + EntityTypeName::from_str("Action")?, + EntityId::from_str("check")?, + )) + } + + fn resource_from( + &self, + _http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, + ) -> Result<cedar_policy::EntityUid, Box<dyn std::error::Error>> { + Ok(EntityUid::from_type_name_and_id( + EntityTypeName::from_str("Resource")?, + EntityId::from_str("resource")?, + )) } fn context_from( |