From 7f045aced7b556f46911aafb0a23764577d84e82 Mon Sep 17 00:00:00 2001 From: mo khan Date: Fri, 4 Jul 2025 18:15:44 -0600 Subject: refactor: extract method to parse permission --- src/authorization/cedar_authorizer.rs | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/authorization/cedar_authorizer.rs b/src/authorization/cedar_authorizer.rs index 1780eddd..6f5b8e63 100644 --- a/src/authorization/cedar_authorizer.rs +++ b/src/authorization/cedar_authorizer.rs @@ -126,11 +126,7 @@ impl CedarAuthorizer { http_request: envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, ) -> Result> { let principal = self.principal_from(&http_request)?; - - // Create action entity - let action_id = EntityId::from_str("check")?; - let action_type = EntityTypeName::from_str("Action")?; - let action = EntityUid::from_type_name_and_id(action_type, action_id); + let permission = self.permission_from(&http_request)?; // Create resource entity let resource_id = EntityId::from_str("resource")?; @@ -138,7 +134,7 @@ impl CedarAuthorizer { let resource = EntityUid::from_type_name_and_id(resource_type, resource_id); let context = self.context_from(http_request); - CedarRequest::new(principal, action, resource, context?, None) + CedarRequest::new(principal, permission, resource, context?, None) .map_err(|e| Box::new(e) as Box) } @@ -152,6 +148,16 @@ impl CedarAuthorizer { Ok(principal) } + fn permission_from( + &self, + _http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, + ) -> Result> { + let action_id = EntityId::from_str("check")?; + let action_type = EntityTypeName::from_str("Action")?; + let action = EntityUid::from_type_name_and_id(action_type, action_id); + Ok(action) + } + fn context_from( &self, http_request: envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, -- cgit v1.2.3