From f05f51c36d22045a1eb05aa8eb44e40523da3410 Mon Sep 17 00:00:00 2001
From: John Kastner <jkastner@amazon.com>
Date: Tue, 13 Feb 2024 21:56:33 +0000
Subject: [PATCH 1/3] Reinstate Guava dependency

This fixes an error caused by conflicting merges. A PR added new code
which depended on Guava while another deleted the dependency.
The commit adds the dependency rather than updating the code to not
require the dependency because my understanding is that Guava immutable
sets provide better guarantees than Java unmodifiable collections.
Specifically, if a reference is kept to the set used to construct an
unmodifiable set, then any mutation to that set is reflected in the
unmodifiable set. The Guava immutable set creates a copy.
---
 CedarJava/build.gradle                              |  1 +
 .../cedarpolicy/model/AuthorizationResponse.java    | 13 +++++++------
 .../model/slice/TemplateInstantiation.java          |  4 ++--
 3 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/CedarJava/build.gradle b/CedarJava/build.gradle
index 65de46e7..b03d2bc9 100644
--- a/CedarJava/build.gradle
+++ b/CedarJava/build.gradle
@@ -74,6 +74,7 @@ dependencies {
     testImplementation 'org.slf4j:slf4j-simple:2.0.12'
     testImplementation 'org.junit.jupiter:junit-jupiter-api:5.10.2'
     testImplementation 'net.jqwik:jqwik:1.8.2'
+    implementation 'com.google.guava:guava:33.0.0-jre'
 }
 
 test {
diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationResponse.java b/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationResponse.java
index ba69a29d..be7bd15f 100644
--- a/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationResponse.java
+++ b/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationResponse.java
@@ -19,9 +19,10 @@
 import com.fasterxml.jackson.annotation.JsonCreator;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
-import java.util.Collections;
 import java.util.List;
 import java.util.Set;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
 
 /**
  * The result of processing an AuthorizationRequest. The answer to the request is contained in the
@@ -53,10 +54,10 @@ public static class Diagnostics {
          * Set of policyID's that caused the decision. For example, when a policy evaluates to Deny,
          * all deny policies that evaluated to True will appear in Reasons.
          */
-        private Set<String> reason;
+        private ImmutableSet<String> reason;
 
         /** Set of errors and warnings returned by Cedar. */
-        private List<String> errors;
+        private ImmutableList<String> errors;
 
         /**
          * Read the reasons and errors from a JSON object.
@@ -68,8 +69,8 @@ public static class Diagnostics {
         public Diagnostics(
                 @JsonProperty("reason") Set<String> reason,
                 @JsonProperty("errors") List<String> errors) {
-            this.errors = Collections.unmodifiableList(errors);
-            this.reason = Collections.unmodifiableSet(reason);
+            this.errors = ImmutableList.copyOf(errors);
+            this.reason = ImmutableSet.copyOf(reason);
         }
 
         /**
@@ -155,7 +156,7 @@ public Set<String> getReasons() {
      *
      * @return list with errors that happened for a given Request
      */
-    public List<String> getErrors() {
+    public java.util.List<String> getErrors() {
         return diagnostics.errors;
     }
 
diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/slice/TemplateInstantiation.java b/CedarJava/src/main/java/com/cedarpolicy/model/slice/TemplateInstantiation.java
index aa0f4735..ed31afaa 100644
--- a/CedarJava/src/main/java/com/cedarpolicy/model/slice/TemplateInstantiation.java
+++ b/CedarJava/src/main/java/com/cedarpolicy/model/slice/TemplateInstantiation.java
@@ -18,8 +18,8 @@
 
 import com.fasterxml.jackson.annotation.JsonCreator;
 import com.fasterxml.jackson.annotation.JsonProperty;
-import java.util.Collections;
 import java.util.List;
+import com.google.common.collect.ImmutableList;
 
 /** Template instantiation. */
 public class TemplateInstantiation {
@@ -46,7 +46,7 @@ public TemplateInstantiation(
             @JsonProperty("instantiations") List<Instantiation> instantiations) {
         this.templateId = templateId;
         this.resultPolicyId = resultPolicyId;
-        this.instantiations = Collections.unmodifiableList(instantiations);
+        this.instantiations = ImmutableList.copyOf(instantiations);
     }
 
     /** Get the template ID. */

From 0d347de803d62943919419719fe9eac49ccfff5a Mon Sep 17 00:00:00 2001
From: John Kastner <jkastner@amazon.com>
Date: Tue, 13 Feb 2024 22:09:03 +0000
Subject: [PATCH 2/3] tweak

---
 .../main/java/com/cedarpolicy/model/AuthorizationResponse.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationResponse.java b/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationResponse.java
index be7bd15f..925d2cf3 100644
--- a/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationResponse.java
+++ b/CedarJava/src/main/java/com/cedarpolicy/model/AuthorizationResponse.java
@@ -156,7 +156,7 @@ public Set<String> getReasons() {
      *
      * @return list with errors that happened for a given Request
      */
-    public java.util.List<String> getErrors() {
+    public List<String> getErrors() {
         return diagnostics.errors;
     }
 

From da71bf6833a2b738379874498db5506226eae436 Mon Sep 17 00:00:00 2001
From: John Kastner <jkastner@amazon.com>
Date: Tue, 13 Feb 2024 22:26:37 +0000
Subject: [PATCH 3/3] fix

---
 CedarJava/build.gradle | 2 +-
 CedarJava/config.sh    | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/CedarJava/build.gradle b/CedarJava/build.gradle
index b03d2bc9..b4e3afcd 100644
--- a/CedarJava/build.gradle
+++ b/CedarJava/build.gradle
@@ -70,11 +70,11 @@ dependencies {
     implementation 'com.fasterxml.jackson.core:jackson-databind:2.16.1'
     implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.16.1'
     implementation 'org.slf4j:slf4j-api:2.0.12'
+    implementation 'com.google.guava:guava:33.0.0-jre'
     compileOnly 'com.github.spotbugs:spotbugs-annotations:4.8.3'
     testImplementation 'org.slf4j:slf4j-simple:2.0.12'
     testImplementation 'org.junit.jupiter:junit-jupiter-api:5.10.2'
     testImplementation 'net.jqwik:jqwik:1.8.2'
-    implementation 'com.google.guava:guava:33.0.0-jre'
 }
 
 test {
diff --git a/CedarJava/config.sh b/CedarJava/config.sh
index 41cde92b..54ac158c 100755
--- a/CedarJava/config.sh
+++ b/CedarJava/config.sh
@@ -14,7 +14,7 @@ if [ "$(uname)" == "Darwin" ]; then
 else
     ffi_lib_str="    environment 'CEDAR_JAVA_FFI_LIB', '"$parent_dir"/CedarJavaFFI/target/debug/libcedar_java_ffi.so'"
 fi
-sed "85s;.*;$ffi_lib_str;" "build.gradle" > new_build.gradle
+sed "83s;.*;$ffi_lib_str;" "build.gradle" > new_build.gradle
 mv new_build.gradle build.gradle
 
 # In CI, we need to pull the latest cedar-policy to match the latest cedar-integration-tests
@@ -23,7 +23,7 @@ mv new_build.gradle build.gradle
 # If you call this script with `run_int_tests`, we assume you have `cedar` checkout out in the `cedar-java` dir
 if [ "$#" -ne 0 ] && [ "$1" == "run_int_tests" ]; then
     integration_tests_str="    environment 'CEDAR_INTEGRATION_TESTS_ROOT', '"$parent_dir"/cedar/cedar-integration-tests'"
-    sed "84s;.*;$integration_tests_str;" "build.gradle" > new_build.gradle
+    sed "82s;.*;$integration_tests_str;" "build.gradle" > new_build.gradle
     mv new_build.gradle build.gradle
 
     export MUST_RUN_CEDAR_INTEGRATION_TESTS=1