Comments (4)
Implementing this in a backwards compatible manner requires #539
from cedar.
Updating this issue with some more rationale. The status quo is:
- Expression
User::"alice" == Action::"foo"
has typeFalse
(you can compare two entities of different types) - Expression
[1] == 1
is a type error (you cannot compare two non-entity values of different types), not typeFalse
The reason for (1) is to handle the cross-product correctly (e.g., when you could have two different principal types you have to allow expressions like User::"bob" == Admin::"boss"
), and the reason for (2) is to avoid the unsoundness of assuming two values of differing set types must be unequal (since the empty set []
can be given many possible Set<…>
types).
To users, this may appear a little strange. It might appear less strange if we adjusted the behavior to be that e1 == e2
has
- Type
False
whene1
ande2
have two different types and they are not bothSet<…>
types - Type
Bool
when they are both the sameSet<T>
type - Type-incorrect otherwise
This is more lenient and potentially a little easier to explain. A third option might be even better, but unfortunately will not work with analysis:
- Type
False
whene1
ande2
have two different types and they are not bothSet<…>
types - Type
Bool
otherwise
The reason it won't work is that logical comparisons are strongly typed, i.e., both arguments must have the same type (including the same type for set elements).
from cedar.
I think there is a way to support the third option in the logical encoding too. So, let's keep the third option on the table for now. We have to think some about the encoding idea to make sure it actually works.
from cedar.
I think there is a way to support the third option in the logical encoding too. So, let's keep the third option on the table for now. We have to think some about the encoding idea to make sure it actually works.
On further reflection, the approach I had in mind doesn’t work in general. It will work for simple cases, for example a == b
where the type of a
is Set<String>
and type of b
is Set<Decimal>
. In these situations, the encoding problem can be solved because there is only one way in which a
and b
can be equal: when they are both empty.
But with nested types, there are infinitely many ways for them to be equal, which means that we can’t enumerate them all. To see why, consider the situation where a
has type Set<{ name: String, stuff : Set<Bool>}>
and b
has type Set<{ name: String, stuff : Set<Int>}>
. Then a
and b
are equal if they are both empty, or they both consist of the same records of the form { name: …, stuff : []}
. There are infinitely many such possibilities (because the String type is unbounded).
So, the third option is infeasible to encode efficiently (i.e., without quantifiers or other undecidable features).
from cedar.
Related Issues (20)
- `unknown` extension function is allowed without enabling `partial-evaluation` feature
- Implement RFC 68: Entity Attribute Maps
- Implement RFC 70: Disallow shadowing definitions in the empty namespace HOT 1
- Make `Policy` and `Template` APIs consistent wrt annotations
- Some authorization errors do not have source locations attached
- Lossless schema fragments aren't lossless
- Add API to list entity literals in a policy
- API to substitute all occurences of an expr with another expr
- Add help messages for errors related to the Cedar schemas
- Various Schema APIs
- More restrictions on type shadowing / collisions HOT 2
- Performance regression testing
- Allow Introspection on RestrictedExpression
- Entity Manifest API Wrappers
- `api::ValidationResult` implements error but `diagnostics::ValidationResult` doesn't HOT 1
- CLI translate-schema command does not work in "json-to-cedar" direction HOT 3
- Converted JSON schemas use "EntityOrCommon" HOT 1
- CLI translate-schema in "json-to-cedar" direction fails if resourceTypes is omitted from action's appliesTo HOT 5
- Entity validation behaves incorrectly on record-typed attributes HOT 4
- Add convenience methods for the number of the Policies and Templates in a PolicySet
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cedar.