diff options
Diffstat (limited to 'src/authorization')
| -rw-r--r-- | src/authorization/entities.rs | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/authorization/entities.rs b/src/authorization/entities.rs index c2e56bd7..a26cace2 100644 --- a/src/authorization/entities.rs +++ b/src/authorization/entities.rs @@ -3,6 +3,10 @@ use serde::Serialize; use std::collections::HashSet; // Cedar entity structures +// Note: We define custom types instead of using cedar_policy::Entity directly because: +// 1. Cedar's Entity type is for runtime use, not JSON serialization +// 2. These types ensure our JSON output matches Cedar's expected format exactly +// 3. The #[serde(rename)] attributes handle Cedar's specific field naming requirements #[derive(Debug, Serialize)] pub struct CedarEntity { pub uid: CedarUid, @@ -62,9 +66,7 @@ impl EntitiesRepository { }, }); - let members = self.api.get_project_members(project.id).await?; - - for member in members { + for member in self.api.get_project_members(project.id).await? { if member.state == "active" { entities.push(CedarEntity { uid: CedarUid { @@ -89,6 +91,13 @@ impl EntitiesRepository { Ok(entities) } + /// Validates that the entities can be parsed by Cedar + pub fn is_valid(entities: &[CedarEntity]) -> Result<(), Box<dyn std::error::Error>> { + let json = serde_json::to_string(entities)?; + cedar_policy::Entities::from_json_str(&json, None)?; + Ok(()) + } + fn fetch_hierarchy<'a>( &'a self, group_id: u64, |