From 45df4d0d9b577fecee798d672695fe24ff57fb1b Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 15 Jul 2025 16:37:08 -0600 Subject: feat: migrate from Cedar to SpiceDB authorization system This is a major architectural change that replaces the Cedar policy-based authorization system with SpiceDB's relation-based authorization. Key changes: - Migrate from Rust to Go implementation - Replace Cedar policies with SpiceDB schema and relationships - Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks - Update build system and dependencies for Go ecosystem - Maintain Envoy integration for external authorization This change enables more flexible permission modeling through SpiceDB's Google Zanzibar inspired relation-based system, supporting complex hierarchical permissions that were difficult to express in Cedar. Breaking change: Existing Cedar policies and Rust-based configuration will no longer work and need to be migrated to SpiceDB schema. --- vendor/writeable/src/testing.rs | 78 ----------------------------------------- 1 file changed, 78 deletions(-) delete mode 100644 vendor/writeable/src/testing.rs (limited to 'vendor/writeable/src/testing.rs') diff --git a/vendor/writeable/src/testing.rs b/vendor/writeable/src/testing.rs deleted file mode 100644 index 078ea9e2..00000000 --- a/vendor/writeable/src/testing.rs +++ /dev/null @@ -1,78 +0,0 @@ -// This file is part of ICU4X. For terms of use, please see the file -// called LICENSE at the top level of the ICU4X source tree -// (online at: https://github.com/unicode-org/icu4x/blob/main/LICENSE ). - -use crate::*; -use alloc::string::String; -use alloc::vec::Vec; - -pub(crate) struct TestWriter { - pub(crate) string: String, - pub(crate) parts: Vec<(usize, usize, Part)>, -} - -impl TestWriter { - pub(crate) fn finish(mut self) -> (String, Vec<(usize, usize, Part)>) { - // Sort by first open and last closed - self.parts - .sort_unstable_by_key(|(begin, end, _)| (*begin, end.wrapping_neg())); - (self.string, self.parts) - } -} - -impl fmt::Write for TestWriter { - fn write_str(&mut self, s: &str) -> fmt::Result { - self.string.write_str(s) - } - fn write_char(&mut self, c: char) -> fmt::Result { - self.string.write_char(c) - } -} - -impl PartsWrite for TestWriter { - type SubPartsWrite = Self; - fn with_part( - &mut self, - part: Part, - mut f: impl FnMut(&mut Self::SubPartsWrite) -> fmt::Result, - ) -> fmt::Result { - let start = self.string.len(); - f(self)?; - let end = self.string.len(); - if start < end { - self.parts.push((start, end, part)); - } - Ok(()) - } -} - -#[allow(clippy::type_complexity)] -pub fn writeable_to_parts_for_test( - writeable: &W, -) -> (String, Vec<(usize, usize, Part)>) { - let mut writer = TestWriter { - string: alloc::string::String::new(), - parts: Vec::new(), - }; - #[allow(clippy::expect_used)] // for test code - writeable - .write_to_parts(&mut writer) - .expect("String writer infallible"); - writer.finish() -} - -#[allow(clippy::type_complexity)] -pub fn try_writeable_to_parts_for_test( - writeable: &W, -) -> (String, Vec<(usize, usize, Part)>, Option) { - let mut writer = TestWriter { - string: alloc::string::String::new(), - parts: Vec::new(), - }; - #[allow(clippy::expect_used)] // for test code - let result = writeable - .try_write_to_parts(&mut writer) - .expect("String writer infallible"); - let (actual_str, actual_parts) = writer.finish(); - (actual_str, actual_parts, result.err()) -} -- cgit v1.2.3