From 45df4d0d9b577fecee798d672695fe24ff57fb1b Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Tue, 15 Jul 2025 16:37:08 -0600
Subject: feat: migrate from Cedar to SpiceDB authorization system

This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.

Key changes:

- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization

This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.

Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.
---
 vendor/hyper/src/rt/timer.rs | 127 -------------------------------------------
 1 file changed, 127 deletions(-)
 delete mode 100644 vendor/hyper/src/rt/timer.rs

(limited to 'vendor/hyper/src/rt/timer.rs')

diff --git a/vendor/hyper/src/rt/timer.rs b/vendor/hyper/src/rt/timer.rs
deleted file mode 100644
index c6a6f1db..00000000
--- a/vendor/hyper/src/rt/timer.rs
+++ /dev/null
@@ -1,127 +0,0 @@
-//! Provides a timer trait with timer-like functions
-//!
-//! Example using tokio timer:
-//! ```rust
-//! use std::{
-//!     future::Future,
-//!     pin::Pin,
-//!     task::{Context, Poll},
-//!     time::{Duration, Instant},
-//! };
-//!
-//! use pin_project_lite::pin_project;
-//! use hyper::rt::{Timer, Sleep};
-//!
-//! #[derive(Clone, Debug)]
-//! pub struct TokioTimer;
-//!
-//! impl Timer for TokioTimer {
-//!     fn sleep(&self, duration: Duration) -> Pin<Box<dyn Sleep>> {
-//!         Box::pin(TokioSleep {
-//!             inner: tokio::time::sleep(duration),
-//!         })
-//!     }
-//!
-//!     fn sleep_until(&self, deadline: Instant) -> Pin<Box<dyn Sleep>> {
-//!         Box::pin(TokioSleep {
-//!             inner: tokio::time::sleep_until(deadline.into()),
-//!         })
-//!     }
-//!
-//!     fn reset(&self, sleep: &mut Pin<Box<dyn Sleep>>, new_deadline: Instant) {
-//!         if let Some(sleep) = sleep.as_mut().downcast_mut_pin::<TokioSleep>() {
-//!             sleep.reset(new_deadline.into())
-//!         }
-//!     }
-//! }
-//!
-//! pin_project! {
-//!     pub(crate) struct TokioSleep {
-//!         #[pin]
-//!         pub(crate) inner: tokio::time::Sleep,
-//!     }
-//! }
-//!
-//! impl Future for TokioSleep {
-//!     type Output = ();
-//!
-//!     fn poll(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
-//!         self.project().inner.poll(cx)
-//!     }
-//! }
-//!
-//! impl Sleep for TokioSleep {}
-//!
-//! impl TokioSleep {
-//!     pub fn reset(self: Pin<&mut Self>, deadline: Instant) {
-//!         self.project().inner.as_mut().reset(deadline.into());
-//!     }
-//! }
-//! ```
-
-use std::{
-    any::TypeId,
-    future::Future,
-    pin::Pin,
-    time::{Duration, Instant},
-};
-
-/// A timer which provides timer-like functions.
-pub trait Timer {
-    /// Return a future that resolves in `duration` time.
-    fn sleep(&self, duration: Duration) -> Pin<Box<dyn Sleep>>;
-
-    /// Return a future that resolves at `deadline`.
-    fn sleep_until(&self, deadline: Instant) -> Pin<Box<dyn Sleep>>;
-
-    /// Reset a future to resolve at `new_deadline` instead.
-    fn reset(&self, sleep: &mut Pin<Box<dyn Sleep>>, new_deadline: Instant) {
-        *sleep = self.sleep_until(new_deadline);
-    }
-}
-
-/// A future returned by a `Timer`.
-pub trait Sleep: Send + Sync + Future<Output = ()> {
-    #[doc(hidden)]
-    /// This method is private and can not be implemented by downstream crate
-    fn __type_id(&self, _: private::Sealed) -> TypeId
-    where
-        Self: 'static,
-    {
-        TypeId::of::<Self>()
-    }
-}
-
-impl dyn Sleep {
-    //! This is a re-implementation of downcast methods from std::any::Any
-
-    /// Check whether the type is the same as `T`
-    pub fn is<T>(&self) -> bool
-    where
-        T: Sleep + 'static,
-    {
-        self.__type_id(private::Sealed {}) == TypeId::of::<T>()
-    }
-
-    /// Downcast a pinned &mut Sleep object to its original type
-    pub fn downcast_mut_pin<T>(self: Pin<&mut Self>) -> Option<Pin<&mut T>>
-    where
-        T: Sleep + 'static,
-    {
-        if self.is::<T>() {
-            unsafe {
-                let inner = Pin::into_inner_unchecked(self);
-                Some(Pin::new_unchecked(
-                    &mut *(&mut *inner as *mut dyn Sleep as *mut T),
-                ))
-            }
-        } else {
-            None
-        }
-    }
-}
-
-mod private {
-    #![allow(missing_debug_implementations)]
-    pub struct Sealed {}
-}
-- 
cgit v1.2.3