From c1a1fd5b258c9670c66afc1142a5598ed12e02b6 Mon Sep 17 00:00:00 2001 From: Felix Zheng Date: Wed, 17 Jul 2024 17:14:52 -0400 Subject: [PATCH 1/3] Add support for cedar-policy-formatter Signed-off-by: Felix Zheng --- .../formatter/PolicyFormatter.java | 17 +++++++ .../com/cedarpolicy/PolicyFormatterTests.java | 50 +++++++++++++++++++ CedarJavaFFI/Cargo.toml | 5 ++ CedarJavaFFI/src/interface.rs | 29 +++++++++++ 4 files changed, 101 insertions(+) create mode 100644 CedarJava/src/main/java/com/cedarpolicy/formatter/PolicyFormatter.java create mode 100644 CedarJava/src/test/java/com/cedarpolicy/PolicyFormatterTests.java diff --git a/CedarJava/src/main/java/com/cedarpolicy/formatter/PolicyFormatter.java b/CedarJava/src/main/java/com/cedarpolicy/formatter/PolicyFormatter.java new file mode 100644 index 00000000..afd3ae41 --- /dev/null +++ b/CedarJava/src/main/java/com/cedarpolicy/formatter/PolicyFormatter.java @@ -0,0 +1,17 @@ +package com.cedarpolicy.formatter; + +import com.cedarpolicy.loader.LibraryLoader; +import com.cedarpolicy.model.exception.InternalException; + +public final class PolicyFormatter { + + static { + LibraryLoader.loadLibrary(); + } + + private PolicyFormatter() { + } + + public static native String policiesStrToPretty(String policies) + throws InternalException, NullPointerException; +} diff --git a/CedarJava/src/test/java/com/cedarpolicy/PolicyFormatterTests.java b/CedarJava/src/test/java/com/cedarpolicy/PolicyFormatterTests.java new file mode 100644 index 00000000..edd8543a --- /dev/null +++ b/CedarJava/src/test/java/com/cedarpolicy/PolicyFormatterTests.java @@ -0,0 +1,50 @@ +package com.cedarpolicy; + +import com.cedarpolicy.formatter.PolicyFormatter; +import com.cedarpolicy.model.exception.InternalException; +import org.junit.jupiter.api.Test; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; + +public class PolicyFormatterTests { + + @Test + public void testPoliciesStrToPretty() throws Exception { + String unformattedCedarPolicy = """ + permit( + principal, + action + == Action::"update", + resource + ) when {resource.owner == principal};"""; + + String formattedCedarPolicy = """ + permit ( + principal, + action == Action::"update", + resource + ) + when { resource.owner == principal };"""; + + assertEquals(formattedCedarPolicy, PolicyFormatter.policiesStrToPretty(unformattedCedarPolicy)); + } + + @Test + public void testPoliciesStrToPrettyInvalidCedarPolicy() { + String invalidCedarPolicy = """ + pppermit( + principal == User::"alice", + action == Action::"update", + resource == Photo::"VacationPhoto94.jpg" + );"""; + + assertThrows(InternalException.class, + () -> PolicyFormatter.policiesStrToPretty(invalidCedarPolicy)); + } + + @Test + public void testPoliciesStrToPrettyNullSafety() { + assertThrows(NullPointerException.class, () -> PolicyFormatter.policiesStrToPretty(null)); + } +} diff --git a/CedarJavaFFI/Cargo.toml b/CedarJavaFFI/Cargo.toml index 5e4f3c81..ed21ccde 100644 --- a/CedarJavaFFI/Cargo.toml +++ b/CedarJavaFFI/Cargo.toml @@ -32,3 +32,8 @@ crate_type = ["cdylib"] version = "4.0.0" git = "https://github.com/cedar-policy/cedar" branch = "main" + +[dependencies.cedar-policy-formatter] +version = "4.0.0" +git = "https://github.com/cedar-policy/cedar" +branch = "main" diff --git a/CedarJavaFFI/src/interface.rs b/CedarJavaFFI/src/interface.rs index c5b8de9a..3d062f9d 100644 --- a/CedarJavaFFI/src/interface.rs +++ b/CedarJavaFFI/src/interface.rs @@ -20,6 +20,7 @@ use cedar_policy::{ ffi::{is_authorized_json_str, validate_json_str}, EntityUid, Policy, PolicySet, Schema, Template, }; +use cedar_policy_formatter::{policies_str_to_pretty, Config}; use jni::{ objects::{JClass, JObject, JString, JValueGen, JValueOwned}, sys::{jstring, jvalue}, @@ -460,3 +461,31 @@ fn get_euid_repr_internal<'a>( Ok(jstring.into()) } } + +#[jni_fn("com.cedarpolicy.formatter.PolicyFormatter")] +pub fn policiesStrToPretty<'a>( + mut env: JNIEnv<'a>, + _: JClass, + policies_jstr: JString<'a>, +) -> jvalue { + match policies_str_to_pretty_internal(&mut env, policies_jstr) { + Ok(v) => v.as_jni(), + Err(e) => jni_failed(&mut env, e.as_ref()), + } +} + +fn policies_str_to_pretty_internal<'a>( + env: &mut JNIEnv<'a>, + policies_jstr: JString<'a>, +) -> Result> { + if policies_jstr.is_null() { + raise_npe(env) + } else { + let config = Config::default(); + let policies_str = String::from(env.get_string(&policies_jstr)?); + match policies_str_to_pretty(&policies_str, &config) { + Ok(formatted_policies) => Ok(env.new_string(formatted_policies)?.into()), + Err(e) => Err(e.into()), + } + } +} From d3cd49ebda4fc9b6ebcf02d669c519bcecc70304 Mon Sep 17 00:00:00 2001 From: Felix Zheng Date: Wed, 17 Jul 2024 18:53:33 -0400 Subject: [PATCH 2/3] Fix CI Signed-off-by: Felix Zheng --- configure_ci_build.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/configure_ci_build.sh b/configure_ci_build.sh index 38782f52..aedc99ce 100644 --- a/configure_ci_build.sh +++ b/configure_ci_build.sh @@ -3,8 +3,14 @@ cargo_file=CedarJavaFFI/Cargo.toml -sed -i -e '/\[dependencies.cedar-policy/,+4d' $cargo_file +sed -i -e '/\[dependencies.cedar-policy\]/,+4d' $cargo_file echo "" >> $cargo_file echo "[dependencies.cedar-policy]" >> $cargo_file echo "path = \"../cedar/cedar-policy\"" >> $cargo_file + +sed -i -e '/\[dependencies.cedar-policy-formatter\]/,+4d' $cargo_file + +echo "" >> $cargo_file +echo "[dependencies.cedar-policy-formatter]" >> $cargo_file +echo "path = \"../cedar/cedar-policy-formatter\"" >> $cargo_file \ No newline at end of file From 422b93dc3c5ec27e5c2b88f67ac93e738f1b422b Mon Sep 17 00:00:00 2001 From: Felix Zheng Date: Thu, 18 Jul 2024 13:01:12 -0400 Subject: [PATCH 3/3] Update tests to use resources Signed-off-by: Felix Zheng --- .../com/cedarpolicy/PolicyFormatterTests.java | 36 +++++++------------ .../src/test/resources/formatted_policy.cedar | 6 ++++ .../test/resources/unformatted_policy.cedar | 6 ++++ configure_ci_build.sh | 2 +- 4 files changed, 26 insertions(+), 24 deletions(-) create mode 100644 CedarJava/src/test/resources/formatted_policy.cedar create mode 100644 CedarJava/src/test/resources/unformatted_policy.cedar diff --git a/CedarJava/src/test/java/com/cedarpolicy/PolicyFormatterTests.java b/CedarJava/src/test/java/com/cedarpolicy/PolicyFormatterTests.java index edd8543a..abac4d1e 100644 --- a/CedarJava/src/test/java/com/cedarpolicy/PolicyFormatterTests.java +++ b/CedarJava/src/test/java/com/cedarpolicy/PolicyFormatterTests.java @@ -2,6 +2,8 @@ import com.cedarpolicy.formatter.PolicyFormatter; import com.cedarpolicy.model.exception.InternalException; +import java.nio.file.Files; +import java.nio.file.Path; import org.junit.jupiter.api.Test; import static org.junit.jupiter.api.Assertions.assertEquals; @@ -9,38 +11,26 @@ public class PolicyFormatterTests { + private static final String TEST_RESOURCES_DIR = "src/test/resources/"; + @Test public void testPoliciesStrToPretty() throws Exception { - String unformattedCedarPolicy = """ - permit( - principal, - action - == Action::"update", - resource - ) when {resource.owner == principal};"""; - - String formattedCedarPolicy = """ - permit ( - principal, - action == Action::"update", - resource - ) - when { resource.owner == principal };"""; + String unformattedCedarPolicy = Files.readString( + Path.of(TEST_RESOURCES_DIR + "unformatted_policy.cedar")); + + String formattedCedarPolicy = Files.readString( + Path.of(TEST_RESOURCES_DIR + "formatted_policy.cedar")); assertEquals(formattedCedarPolicy, PolicyFormatter.policiesStrToPretty(unformattedCedarPolicy)); } @Test - public void testPoliciesStrToPrettyInvalidCedarPolicy() { - String invalidCedarPolicy = """ - pppermit( - principal == User::"alice", - action == Action::"update", - resource == Photo::"VacationPhoto94.jpg" - );"""; + public void testPoliciesStrToPrettyMalformedCedarPolicy() throws Exception { + String malformedCedarPolicy = Files.readString( + Path.of(TEST_RESOURCES_DIR + "malformed_policy_set.cedar")); assertThrows(InternalException.class, - () -> PolicyFormatter.policiesStrToPretty(invalidCedarPolicy)); + () -> PolicyFormatter.policiesStrToPretty(malformedCedarPolicy)); } @Test diff --git a/CedarJava/src/test/resources/formatted_policy.cedar b/CedarJava/src/test/resources/formatted_policy.cedar new file mode 100644 index 00000000..181564b4 --- /dev/null +++ b/CedarJava/src/test/resources/formatted_policy.cedar @@ -0,0 +1,6 @@ +permit ( + principal, + action == Action::"update", + resource +) +when { resource.owner == principal }; \ No newline at end of file diff --git a/CedarJava/src/test/resources/unformatted_policy.cedar b/CedarJava/src/test/resources/unformatted_policy.cedar new file mode 100644 index 00000000..35121ebb --- /dev/null +++ b/CedarJava/src/test/resources/unformatted_policy.cedar @@ -0,0 +1,6 @@ +permit( + principal, + action + == Action::"update", + resource +) when {resource.owner == principal}; \ No newline at end of file diff --git a/configure_ci_build.sh b/configure_ci_build.sh index aedc99ce..f9d6d06a 100644 --- a/configure_ci_build.sh +++ b/configure_ci_build.sh @@ -13,4 +13,4 @@ sed -i -e '/\[dependencies.cedar-policy-formatter\]/,+4d' $cargo_file echo "" >> $cargo_file echo "[dependencies.cedar-policy-formatter]" >> $cargo_file -echo "path = \"../cedar/cedar-policy-formatter\"" >> $cargo_file \ No newline at end of file +echo "path = \"../cedar/cedar-policy-formatter\"" >> $cargo_file