refactor: combine cedar policies and add tests

author: mo khan <mo@mokhan.ca> 2025-04-02 13:32:22 -0600
committer: mo khan <mo@mokhan.ca> 2025-04-02 13:32:22 -0600
commit: 894e270ab5a15de2b664cc6f4ee6fd8369985f75 (patch)
tree: d778e426fcd1666dd35d978215434103e78acee8 /pkg/rpc/ability_service.go
parent: 2a37de4a34552feac221771278236fb23f8e83c0 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/pkg/rpc/ability_service.go b/pkg/rpc/ability_service.go
index bf299da9..18327d52 100644
--- a/pkg/rpc/ability_service.go
+++ b/pkg/rpc/ability_service.go
@@ -4,6 +4,7 @@ import (
 	context "context"
 
 	"github.com/cedar-policy/cedar-go"
+	"gitlab.com/mokhax/spike/pkg/gid"
 	"gitlab.com/mokhax/spike/pkg/policies"
 )
 
@@ -17,9 +18,9 @@ func NewAbilityService() *AbilityService {
 
 func (h *AbilityService) Allowed(ctx context.Context, req *AllowRequest) (*AllowReply, error) {
 	ok := policies.Allowed(cedar.Request{
-		Principal: cedar.NewEntityUID("User", cedar.String(req.Subject)),
-		Action:    cedar.NewEntityUID("Action", cedar.String(req.Permission)),
-		Resource:  cedar.NewEntityUID("Album", cedar.String(req.Resource)),
+		Principal: gid.NewEntityUID(req.Subject),
+		Action:    cedar.NewEntityUID("Permission", cedar.String(req.Permission)),
+		Resource:  gid.NewEntityUID(req.Resource),
 		Context:   cedar.NewRecord(cedar.RecordMap{}),
 	})
 	return &AllowReply{Result: ok}, nil
author	mo khan <mo@mokhan.ca>	2025-04-02 13:32:22 -0600
committer	mo khan <mo@mokhan.ca>	2025-04-02 13:32:22 -0600
commit	894e270ab5a15de2b664cc6f4ee6fd8369985f75 (patch)
tree	d778e426fcd1666dd35d978215434103e78acee8 /pkg/rpc/ability_service.go
parent	2a37de4a34552feac221771278236fb23f8e83c0 (diff)