v3.1.1

Release 3.1.1, available on crates.io

Fixed

• ValidationResult methods validation_errors and validation_warnings, along with
  confusable_string_checker, now return iterators with static lifetimes instead of
  custom lifetimes, fixing build for latest nightly Rust. (#712)
• Validation for the in operator to no longer reports an error when comparing actions
  in different namespaces. (#704, resolving #642)

Full Changelog: v3.1.0...v3.1.1

v3.1.0

Release 3.1.0, available on crates.io

Added

• Implementation of the human-readable schema format proposed in
  RFC 24.
  New public APIs SchemaFragment::from_*_natural,
  SchemaFragment::as_natural, and Schema::from_*_natural (#557)
• PolicyId::new() (#587, resolving #551)
• EntityId::new() (#583, resolving #553)
• AsRef<str> implementation for PolicyId (#504, resolving #503)
• Policy::template_links() to retrieve the linked values for a
  template-linked policy (#515, resolving #489)
• AuthorizationError::id() to get the id of the policy associated with an
  authorization error (#589)
• For the partial-eval experimental feature: added
  Authorizer::evaluate_policies_partial() (#593, resolving #474)
• For the partial-eval experimental feature: added
  json_is_authorized_partial() (#571, resolving #570)

Changed

• Better integration with miette for various error types. If you have
  previously been just using the Display trait to get the error message from a
  Cedar error type, you may want to consider also examining other data provided
  by the miette::Diagnostic trait, for instance .help().
  Alternately, you can use miette and its fancy feature to format the error
  and all associated information in a pretty human-readable format or as JSON.
  For more details, see miette's
  documentation. (#477)
• Cedar reserved words like if, has, and true are now allowed as policy
  annotation keys. (#634, resolving #623)
• Add hints suggesting how to fix some type errors. (#513)
• The ValidationResult returned from Validator::validate now has a static
  lifetime, allowing it to be used in more contexts. The lifetime parameter
  will be removed in a future major version. (#512)
• Improve parse error around invalid is expressions. (#491, resolving #409)
• Improve parse error message when a policy includes an invalid template slot.
  The error now identifies that the policy used an invalid slot and suggests using
  one of the valid slots. (#487, resolving #451)
• Improve parse error messages to more reliably notice that a function or
  method does exist when it is called with an incorrect number of arguments or
  using the wrong call style. (#482)
• Include source spans on more parse error messages. (#471, resolving #465)
• Include source spans on more evaluation error messages. (#582)
• Changed error message on SchemaError::UndeclaredCommonTypes to report
  fully qualified type names. (#652, resolving #580)
• For the partial-eval experimental feature: make the return values of
  RequestBuilder's principal, action, resource, context and
  schema functions #[must_use]. (#502)
• For the partial-eval experimental feature: make RequestBuilder::schema
  return a RequestBuilder<&Schema> so the RequestBuilder<&Schema>::build
  method checks the request against the schema provided and the
  RequestBuilder<UnsetSchema>::build method becomes infallible. (#591,
  resolving #559)
• For the permissive-validate experimental feature: X in [] is typed False
  for all X, including unspecified X. (#615)

Fixed

• Action entities in the store will pass schema-based validation without requiring
  the transitive closure to be pre-computed. (#581, resolving #285)
• Variables qualified by a namespace with a single element are correctly
  rejected. E.g., foo::principal is an error and is not parsed as
  principal. Variables qualified by a namespace of any size comprised entirely
  of Cedar keywords are correctly rejected. E.g., if::then::else::principal is
  an error. (#594 and #597)
• The entity type tested for by an is expression may be an identifier shared
  with a builtin variable. E.g., ... is principal and ... is action are now
  accepted by the Cedar parser. (#595, resolving #558)
• Policies containing the literal i64::MIN can now be properly converted to
  the JSON policy format. (#601, resolving #596)
• Policy::to_json does not error on policies containing special identifiers
  such as principal, then, and true. (#628, resolving #604)
• Template::from_json errors when there are slots in template conditions.
  (#626, resolving #606)

Full Changelog: v3.0.1...v3.1.0

v2.4.4

Release 2.4.4, available on crates.io

Cedar Language Version: 2.1.3

Changed

• Calling add_template with a PolicyId that is an existing link will now error. (#671, backport of #456)

Fixed

• Updated PolicySet::link to not mutate internal state when failing to link a static
  policy. With this fix it is possible to create a link with a policy id
  after previously failing to create that link with the same id from a static
  policy. (#669, backport of #412)
• Action entities in the store will pass schema-based validation without requiring
  the transitive closure to be pre-computed. (#688, backport of #581)
• Policies containing the literal i64::MIN can now be properly converted to the JSON policy format. (#672, backport of #601)
• Template::from_json errors when there are slots in template conditions. (#672, backport of #626)
• Policy::to_json does not error on policies containing special identifiers such as principal, then, and true. (#672, backport of #628)

Full Changelog: v2.4.3...v2.4.4

v3.0.1

This release is available on crates.io.

What's Changed

• A bugfix involving create an empty Context object when stack space is low

Full changelog: here

v2.4.3

Release 2.4.3, available on crates.io

v3.0.0

Release 3.0.0, available on crates.io

Cedar Language Version: 3.0.0

Added

• Marked the Template::from_json and Template::to_json apis as public (#458)
• New APIs to Entities to make it easy to add a collection of entities to an
  existing Entities structure. (#276)
• Export the cedar_policy_core::evaluator::{EvaluationError, EvaluationErrorKind} and
  cedar_policy_core::authorizer::AuthorizationError error types. (#260, #271)
• ParseError::primary_source_span to get the primary source span locating an
  error. (#324)
• Experimental API PolicySet::unknown_entities to collect unknown entity UIDs
  from a PartialResponse. (#353, resolving #321)
• PolicySet::remove_static, PolicySet::remove_template and
  PolicySet::unlink to remove policies from the policy set. (#337, resolving #328)
• PolicySet::get_linked_policies to get the policies linked to a Template. (#337)
• ValidationResult::validation_warnings to access non-fatal warnings returned
  by the validator and ValidationResult::validation_passed_without_warnings.
  The main validation entry point now checks for warnings previously only
  available through confusable_string_checker. (#404)
• The is operation as described in
  RFC 5.
  (#396)
• Entity::new_no_attrs() which provides an infallible constructor for Entity
  in the case that there are no attributes. (See changes to Entity::new()
  below.) (#430)
• RestrictedExpression::new_entity_uid() (#442, resolving #350)

Changed

• Rename cedar_policy_core::est::EstToAstError to
  cedar_policy_core::est::FromJsonError. (#197)
• Rename cedar_policy_core::entities::JsonDeserializationError::ExtensionsError
  to cedar_policy_core::entities::JsonDeserializationError::ExtensionFunctionLookup.
  (#360)
• Rename variants in SchemaError. (#231)
• SchemaError has a new variant corresponding to errors evaluating action
  attributes. (#430)
• Diagnostics::errors() now returns an iterator over AuthorizationErrors.
  (#260)
• Response::new() now expects a Vec<AuthorizationError> as its third
  argument. (#260)
• Implement RFC 19,
  making validation slightly more strict, but more explainable. (#282)
• Implement RFC 20,
  disallowing duplicate keys in record values (including record literals in
  policies, request context, and records in entity attributes). (#375)
• Entities::from_*() methods now automatically add action entities present in
  the schema to the constructed Entities, if a schema is provided. (#360)
• Entities::from_*() methods now validate the entities against the schema,
  if a schema is provided. (#360)
• Entities::from_entities() and Entities::add_entities() now take an
  optional schema argument. (#360)
• Request::new() now takes an optional schema argument, and validates the request
  against that schema. To signal validation errors, it now returns a Result.
  (#393, resolving #191)
• Change the semantics of equality for IP ranges. For example,
  ip("192.168.0.1/24") == ip("192.168.0.3/24") was previously true and is now
  false. The behavior of equality on single IP addresses is unchanged, and so is
  the behavior of .isInRange(). (#348)
• Standardize on duplicates being errors instead of last-write-wins in the
  JSON-based APIs in the frontend module. This also means some error types
  have changed. (#365, #448)
• Entity::new() now eagerly evaluates entity attributes, leading to
  performance improvements (particularly when entity data is reused across
  multiple is_authorized calls). As a result, it returns Result, because
  attribute evaluation can fail. (#430)
• Entities::from_json_*() also now eagerly evaluates entity attributes, and as
  a result returns errors when attribute evaluation fails. (#430)
• Entity::attr() now returns errors in many fewer cases (because the attribute
  is stored in already-evaluated form), and its error type has changed. (#430)
• Context::from_*() methods also now eagerly evaluate the Context, and as
  a result return errors when evaluation fails. (#430)
• <EntityId as FromStr>::Error is now Infallible instead of ParseErrors.
  (#372)
• Improve the Display impls for Policy and PolicySet, and add a Display
  impl for Template. The displayed representations now more closely match the
  original input, whether the input was in string or JSON form. (#167, resolving
  #125)
• ValidationWarning::location and ValidationWarning::to_kind_and_location
  now return &SourceLocation<'a> instead of &'a PolicyID, matching
  ValidationError::location. (#405)
• ValidationWarningKind is now non_exhaustive, allowing future warnings to
  be added without a breaking change. (#404)
• Improve schema parsing error messages when a cycle exists in the action
  hierarchy to includes an action which is part of the cycle (#436, resolving
  #416).

Fixed

• Evaluation order of operand to > and >=. They now evaluate left to right,
  matching all other operators. This affects what error is reported when there is
  an evaluation error in both operands, but does not otherwise change the result
  of evaluation. (#402, resolving #112)
• Updated PolicySet::link to not mutate internal state when failing to link a static
  policy. With this fix it is possible to create a link with a policy id
  after previously failing to create that link with the same id from a static
  policy. (#412)
• Fixed schema-based parsing of entity data that includes unknowns (for the
  partial-eval experimental feature). (#419, resolving #418)

Removed

• Removed __expr escape from Cedar JSON formats, which has been deprecated
  since Cedar 1.2. (#333)
• Move ValidationMode::Permissive behind an experimental feature flag.
  To continue using this feature you must enable the permissive-validate
  feature flag. (#428)

v2.4.2

Release 2.4.2, available on crates.io

Cedar Language Version: 2.1.2

Changed

• Fixed bug (#370) related to how the validator handles template-linked policies

Full Changelog: v2.4.1...v2.4.2

v2.4.1

Release 2.4.1, available on crates.io

Cedar Language Version: 2.1.1

Added

• New experimental API to construct queries with Unknown fields for partial evaluation.

Changed

• Improved validation error messages for access to undeclared attributes and unsafe access to optional attributes to report the target of the access (fix #175).
• EntityUid's impl of FromStr is no longer marked as deprecated.
• Fixed #299, condition of if not being partial evaluated.
• Update the behavior of Request::principal(), Request::action(), and Request::resource() to return None if the entities are unspecified (i.e., constructed by passing None to Request::new()).

Full Changelog: v2.4.0...v2.4.1

v2.4.0

Release 2.4.0, available on crates.io

Cedar Language Version: 2.1.1

Added

• New methods exported for EntityTypeName.
  • basename to get the basename (without namespaces).
  • namespace_components to get the namespace as an iterator over its components.
  • namespace to get the namespace as a single string.

Changed

• Some error types now carry more information about the error, with error
  messages updated appropriately. For instance, added list of attributes that do
  exist to the RecordAttrDoesNotExist error message.
• Improved error messages for some schema type parsing errors.
  • When an entity type shape or action context is declared with type other than
    Record, the error message will indicated the affected entity type or action.
• Improved a variety of other error messages
• Increased precision for validating records. Previously,
  permit(principal, action, resource) when {{"foo": 5} has bar}; would validate.
  Now it will not, since we know {"foo": 5} has bar is False, and the
  validator will return an error for a policy that can never fire.
• Removed deprecated __expr escapes from integration tests.

Full Changelog: v2.3.3...v2.4.0

v.2.3.3

Release 2.3.3, available on crates.io

What's Changed

Added

• Re-export cedar_policy_core::entities::EntitiesError.
• Fixed bug (#150) around implicit namespaces for actions in memberOf lists in
  schemas. An action without an explicit namespace in a memberOf now
  correctly uses the default namespace.

Changed

• Improved error messages and documentation for some errors raised during
  policy parsing, validation, and evaluation.
• More precise "expected tokens" lists in some parse errors.

Full Changelog: v2.3.2...v2.3.3