-
Notifications
You must be signed in to change notification settings - Fork 78
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(jans-cedarling): Policy Store: Parse Schema and Policies (#9575)
* feat(jans-cedarling): add PolicyStore and field schema. Also added decoding from json. Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * test(jans-cedarling): add unit tests to check `parse_cedar_schema` (deserialize cedar schema from json) Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * docs(jans-cedarling): add docs for PolicyStore Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * feat(jans-cedarling): add loading policy store based on config Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * feat(jans-cedarling): add loading policy store to Cedarling Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(jans-cedarling): rename LogType to LogTypeConfig Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(jans-cedarling): fix `log_init` example after updating config Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(jans-cedarling): add allow(dead_code) on schema Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(jans-cedarling): add copyright notice Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * docs(jans-cedarling): add README to init module Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * docs(jans-cedarling): add README to authz module Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(jans-cedarling): update message in ErrorLoadPolicyStore::MoreThanOnePolicy Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(jans-cedarling): add comments to Cedarling::new Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(jans-cedarling): remove unnecessary code Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * docs(jans-cedarling): in README removed `Cedarling bindings` section Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(jans-cedarling): move position of PolicyStoreMap to be first Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(jans-cedarling): refactor, move errors messages to the enum Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> --------- Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>
- Loading branch information
Showing
21 changed files
with
435 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| # Auth Engine | ||
|
|
||
| Part of Cedarling that main purpose is: | ||
|
|
||
| - evaluate if authorization is granted for *user* | ||
| - evaluate if authorization is granted for *client* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| # Init engine | ||
|
|
||
| Init engine is responsible for reading and loading entities on start of the application, like: | ||
|
|
||
| - read boostrap properties | ||
| - load Cedar Policies | ||
| - get keys for JWT validation |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,86 @@ | ||
| /* | ||
| * This software is available under the Apache-2.0 license. | ||
| * See https://www.apache.org/licenses/LICENSE-2.0.txt for full text. | ||
| * | ||
| * Copyright (c) 2024, Gluu, Inc. | ||
| */ | ||
|
|
||
| use base64::prelude::*; | ||
|
|
||
| #[derive(Debug, thiserror::Error)] | ||
| pub enum ParceCedarSchemaErrMsg { | ||
| #[error("unable to decode cedar policy schema base64")] | ||
| BASE64, | ||
| #[error("unable to decode cedar policy schema json")] | ||
| JSON, | ||
| } | ||
|
|
||
| /// A custom deserializer for Cedar's Schema. | ||
| // | ||
| // is used to deserialize field `schema` in `PolicyStore` | ||
| pub(crate) fn parse_cedar_schema<'de, D>(deserializer: D) -> Result<cedar_policy::Schema, D::Error> | ||
| where | ||
| D: serde::Deserializer<'de>, | ||
| { | ||
| let source = <String as serde::Deserialize>::deserialize(deserializer)?; | ||
| let decoded: Vec<u8> = BASE64_STANDARD.decode(source.as_str()).map_err(|err| { | ||
| serde::de::Error::custom(format!("{}: {}", ParceCedarSchemaErrMsg::BASE64, err,)) | ||
| })?; | ||
|
|
||
| let schema = cedar_policy::Schema::from_json_file(decoded.as_slice()).map_err(|err| { | ||
| serde::de::Error::custom(format!("{}: {}", ParceCedarSchemaErrMsg::JSON, err)) | ||
| })?; | ||
|
|
||
| Ok(schema) | ||
| } | ||
|
|
||
| #[cfg(test)] | ||
| mod tests { | ||
| use super::*; | ||
| use crate::models::policy_store::PolicyStoreMap; | ||
|
|
||
| #[test] | ||
| fn test_read_ok() { | ||
| static POLICY_STORE_RAW: &str = include_str!("test_files/policy-store_ok.json"); | ||
|
|
||
| let policy_result = serde_json::from_str::<PolicyStoreMap>(POLICY_STORE_RAW); | ||
| assert!(policy_result.is_ok()); | ||
| } | ||
|
|
||
| #[test] | ||
| fn test_read_base64_error() { | ||
| static POLICY_STORE_RAW: &str = | ||
| include_str!("test_files/policy-store_schema_err_base64.json"); | ||
|
|
||
| let policy_result = serde_json::from_str::<PolicyStoreMap>(POLICY_STORE_RAW); | ||
| assert!(policy_result | ||
| .unwrap_err() | ||
| .to_string() | ||
| .contains(&ParceCedarSchemaErrMsg::BASE64.to_string())); | ||
| } | ||
|
|
||
| #[test] | ||
| fn test_read_json_error() { | ||
| static POLICY_STORE_RAW: &str = | ||
| include_str!("test_files/policy-store_schema_err_json.json"); | ||
|
|
||
| let policy_result = serde_json::from_str::<PolicyStoreMap>(POLICY_STORE_RAW); | ||
| assert!(policy_result | ||
| .unwrap_err() | ||
| .to_string() | ||
| .contains(&ParceCedarSchemaErrMsg::JSON.to_string())); | ||
| } | ||
|
|
||
| #[test] | ||
| fn test_read_cedar_error() { | ||
| static POLICY_STORE_RAW: &str = | ||
| include_str!("test_files/policy-store_schema_err_cedar_mistake.json"); | ||
|
|
||
| let policy_result = serde_json::from_str::<PolicyStoreMap>(POLICY_STORE_RAW); | ||
| // in this scenario error message looks like: | ||
| // `unable to decode cedar policy schema json: failed to resolve type: User_TypeNotExist", line: 35, column: 1` | ||
| let err_msg = policy_result.unwrap_err().to_string(); | ||
| assert!(err_msg.contains(&ParceCedarSchemaErrMsg::JSON.to_string())); | ||
| assert!(err_msg.contains("failed to resolve type")); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,11 +1,14 @@ | ||
| /* | ||
| * This software is available under the Apache-2.0 license. | ||
| * This software is available under the Apache-2.0 license. | ||
| * See https://www.apache.org/licenses/LICENSE-2.0.txt for full text. | ||
| * | ||
| * Copyright (c) 2024, Gluu, Inc. | ||
| * Copyright (c) 2024, Gluu, Inc. | ||
| */ | ||
| //! # Init Engine | ||
| //! Part of Cedarling that main purpose is: | ||
| //! - read boostrap properties | ||
| //! - load Cedar Policies | ||
| //! - get keys for JWT validation | ||
| pub(crate) mod cedar_schema; | ||
| pub(crate) mod policy_store; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| /* | ||
| * This software is available under the Apache-2.0 license. | ||
| * See https://www.apache.org/licenses/LICENSE-2.0.txt for full text. | ||
| * | ||
| * Copyright (c) 2024, Gluu, Inc. | ||
| */ | ||
|
|
||
| use crate::models::policy_store::{PolicyStore, PolicyStoreMap}; | ||
| use crate::models::policy_store_config::{PolicyStoreConfig, PolicyStoreSource}; | ||
|
|
||
| /// Error cases for loading policy | ||
| #[derive(Debug, thiserror::Error)] | ||
| pub enum ErrorLoadPolicyStore { | ||
| #[error("{0}")] | ||
| JsonParce(#[from] serde_json::Error), | ||
| #[error("store policy is empty")] | ||
| PolicyEmpty, | ||
| #[error("the `store_key` is not specified and the count on policies more than 1")] | ||
| MoreThanOnePolicy, | ||
| #[error("could not found policy by id: {0}")] | ||
| FindPolicy(String), | ||
| } | ||
|
|
||
| /// Load policy store based on config | ||
| // | ||
| // Unit tests will be added when will be implemented other types of sources | ||
| pub(crate) fn load_policy_store( | ||
| config: PolicyStoreConfig, | ||
| ) -> Result<PolicyStore, ErrorLoadPolicyStore> { | ||
| let mut policy_store_map: PolicyStoreMap = match config.source { | ||
| PolicyStoreSource::Json(json_raw) => serde_json::from_str(json_raw.as_str())?, | ||
| }; | ||
|
|
||
| let policy: PolicyStore = match (config.store_id, policy_store_map.policy_stores.len()) { | ||
| (Some(store_id), _) => policy_store_map | ||
| .policy_stores | ||
| .remove(store_id.as_str()) | ||
| .ok_or(ErrorLoadPolicyStore::FindPolicy(store_id))?, | ||
| (None, 0) => { | ||
| return Err(ErrorLoadPolicyStore::PolicyEmpty); | ||
| }, | ||
| (None, 1) => { | ||
| // getting first element and we know it is save to use unwrap here, | ||
| // because we know that there is only one element in the map | ||
| policy_store_map | ||
| .policy_stores | ||
| .into_values() | ||
| .into_iter() | ||
| .next() | ||
| .unwrap() | ||
| }, | ||
| (None, 2..) => { | ||
| return Err(ErrorLoadPolicyStore::MoreThanOnePolicy); | ||
| }, | ||
| }; | ||
|
|
||
| Ok(policy) | ||
| } |
35 changes: 35 additions & 0 deletions
35
jans-cedarling/cedarling/src/init/test_files/policy-store_ok.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| { | ||
| "8b805e22fdd39f3dd33a13d9fb446d8e6314153ca997": { | ||
| "name": "gluustore", | ||
| "description": "gluu", | ||
| "policies": { | ||
| "840da5d85403f35ea76519ed1a18a33989f855bf1cf8": { | ||
| "description": "admin access", | ||
| "creation_date": "2024-09-20T17:22:39.996050", | ||
| "policy_content": "QGlkKCJhZG1pbiBhY2Nlc3MiKQpwZXJtaXQKKAogcHJpbmNpcGFsID09IEphbnM6OlJvbGU6OiJBZG1pbiIsCiBhY3Rpb24gaW4gW0phbnM6OkFjdGlvbjo6IkNvbXBhcmUiLEphbnM6OkFjdGlvbjo6IkV4ZWN1dGUiXSwKIHJlc291cmNlID09IEphbnM6OkFwcGxpY2F0aW9uOjoiQWRtaW4iCikKd2hlbgp7CiBKYW5zOjpBY2Nlc3NfdG9rZW46OiJhYmMiLnNjb3BlPT0iYWJjIiAmJiBKYW5zOjppZF90b2tlbjo6ImlkeHh4Ii5hbXI9PSJpZHh4eCIgIAp9Ow==" | ||
| }, | ||
| "b6313811924c9e67f898257cbf017674e08203779ae9": { | ||
| "description": "manager access", | ||
| "creation_date": "2024-09-20T18:11:26.442574", | ||
| "policy_content": "QGlkKCJtYW5hZ2VyIGFjY2VzcyIpCnBlcm1pdAooCiBwcmluY2lwYWwsCiBhY3Rpb24sCiByZXNvdXJjZQopCndoZW4KewogSmFuczo6QWNjZXNzX3Rva2VuOjoieHh4Ii5zY29wZT09Inh4eCIgfHwgSmFuczo6aWRfdG9rZW46OiJpZHh4eCIuYW1yPT0iaWR4eHgiICYmIGNvbnRleHQubmV0d29yay5pc0luUmFuZ2UoaXAoIjIyMi4yMjIuMjIyLjAvMjQiKSkgIAp9Ow==" | ||
| }, | ||
| "f2b38413cad977ab21616bd4a63c233548491cf25b72": { | ||
| "description": "manager access", | ||
| "creation_date": "2024-09-20T18:11:37.774401", | ||
| "policy_content": "QGlkKCJtYW5hZ2VyIGFjY2VzcyIpCnBlcm1pdAooCiBwcmluY2lwYWwsCiBhY3Rpb24sCiByZXNvdXJjZQopCndoZW4KewogSmFuczo6QWNjZXNzX3Rva2VuOjoieHh4Ii5zY29wZT09Inh4eCIgfHwgSmFuczo6aWRfdG9rZW46OiJpZHh4eCIuYW1yPT0iaWR4eHgiICYmIGNvbnRleHQubmV0d29yay5pc0luUmFuZ2UoaXAoIjIyMi4yMjIuMjIyLjAvMjQiKSkgIAp9Ow==" | ||
| }, | ||
| "fa6a3f46ab5f741e806deff0f81d0f848af37604500f": { | ||
| "description": "without condition", | ||
| "creation_date": "2024-09-22T18:18:35.801566", | ||
| "policy_content": "QGlkKCJ3aXRob3V0IGNvbmRpdGlvbiIpCnBlcm1pdAooCiBwcmluY2lwYWwgPT0gSmFuczo6Um9sZTo6IkFkbWluIiwKIGFjdGlvbiwKIHJlc291cmNlCikKOw==" | ||
| }, | ||
| "96deb02f8ce44c46d497d44dbfec80b3b6a64fe22994": { | ||
| "description": "forbid", | ||
| "creation_date": "2024-09-23T14:51:21.480763", | ||
| "policy_content": "QGlkKCJmb3JiaWQiKQpmb3JiaWQKKAogcHJpbmNpcGFsIGluIEphbnM6OlJvbGU6OiJBZG1pbiIsCiBhY3Rpb24gaW4gW0phbnM6OkFjdGlvbjo6IlNlYXJjaCIsSmFuczo6QWN0aW9uOjoiVGFnIl0sCiByZXNvdXJjZSBpbiBKYW5zOjpBcHBsaWNhdGlvbjo6IkFkbWluUG9ydGFsIgopCndoZW4KewogSmFuczo6QWNjZXNzX3Rva2VuOjoieHh4Ii5leHA+MTIzICYmIEphbnM6OkFjY2Vzc190b2tlbjo6ImFhYSIuZXhwPDMyMSB8fCBKYW5zOjpBY2Nlc3NfdG9rZW46OiJhYWEiLmlhdD49MTExICAKfTs=" | ||
| } | ||
| }, | ||
| "identity_source": {}, | ||
| "schema": "eyJKYW5zIjp7ImNvbW1vblR5cGVzIjp7IlVybCI6eyJ0eXBlIjoiUmVjb3JkIiwiYXR0cmlidXRlcyI6eyJob3N0Ijp7InR5cGUiOiJTdHJpbmcifSwicGF0aCI6eyJ0eXBlIjoiU3RyaW5nIn0sInByb3RvY29sIjp7InR5cGUiOiJTdHJpbmcifX19LCJDb250ZXh0Ijp7InR5cGUiOiJSZWNvcmQiLCJhdHRyaWJ1dGVzIjp7ImJyb3dzZXIiOnsidHlwZSI6IlN0cmluZyJ9LCJjdXJyZW50X3RpbWUiOnsidHlwZSI6IkxvbmcifSwiZGV2aWNlX2hlYWx0aCI6eyJ0eXBlIjoiU2V0IiwiZWxlbWVudCI6eyJ0eXBlIjoiU3RyaW5nIn19LCJmcmF1ZF9pbmRpY2F0b3JzIjp7InR5cGUiOiJTZXQiLCJlbGVtZW50Ijp7InR5cGUiOiJTdHJpbmcifX0sImdlb2xvY2F0aW9uIjp7InR5cGUiOiJTZXQiLCJlbGVtZW50Ijp7InR5cGUiOiJTdHJpbmcifX0sIm5ldHdvcmsiOnsidHlwZSI6IkV4dGVuc2lvbiIsIm5hbWUiOiJpcGFkZHIifSwibmV0d29ya190eXBlIjp7InR5cGUiOiJTdHJpbmcifSwib3BlcmF0aW5nX3N5c3RlbSI6eyJ0eXBlIjoiU3RyaW5nIn19fSwiZW1haWxfYWRkcmVzcyI6eyJ0eXBlIjoiUmVjb3JkIiwiYXR0cmlidXRlcyI6eyJkb21haW4iOnsidHlwZSI6IlN0cmluZyJ9LCJpZCI6eyJ0eXBlIjoiU3RyaW5nIn19fX0sImVudGl0eVR5cGVzIjp7IlVzZXJpbmZvX3Rva2VuIjp7InNoYXBlIjp7InR5cGUiOiJSZWNvcmQiLCJhdHRyaWJ1dGVzIjp7ImF1ZCI6eyJ0eXBlIjoiU3RyaW5nIn0sImJpcnRoZGF0ZSI6eyJ0eXBlIjoiU3RyaW5nIn0sImVtYWlsIjp7InR5cGUiOiJlbWFpbF9hZGRyZXNzIn0sImV4cCI6eyJ0eXBlIjoiTG9uZyJ9LCJpYXQiOnsidHlwZSI6IkxvbmcifSwiaXNzIjp7InR5cGUiOiJFbnRpdHkiLCJuYW1lIjoiVHJ1c3RlZElzc3VlciJ9LCJqdGkiOnsidHlwZSI6IlN0cmluZyJ9LCJuYW1lIjp7InR5cGUiOiJTdHJpbmcifSwicGhvbmVfbnVtYmVyIjp7InR5cGUiOiJTdHJpbmcifSwicm9sZSI6eyJ0eXBlIjoiU2V0IiwiZWxlbWVudCI6eyJ0eXBlIjoiU3RyaW5nIn19LCJzdWIiOnsidHlwZSI6IlN0cmluZyJ9fX19LCJBY2Nlc3NfdG9rZW4iOnsic2hhcGUiOnsidHlwZSI6IlJlY29yZCIsImF0dHJpYnV0ZXMiOnsiYXVkIjp7InR5cGUiOiJTdHJpbmcifSwiZXhwIjp7InR5cGUiOiJMb25nIn0sImlhdCI6eyJ0eXBlIjoiTG9uZyJ9LCJpc3MiOnsidHlwZSI6IkVudGl0eSIsIm5hbWUiOiJUcnVzdGVkSXNzdWVyIn0sImp0aSI6eyJ0eXBlIjoiU3RyaW5nIn0sIm5iZiI6eyJ0eXBlIjoiTG9uZyJ9LCJzY29wZSI6eyJ0eXBlIjoiU3RyaW5nIn19fX0sIkFwcGxpY2F0aW9uIjp7InNoYXBlIjp7InR5cGUiOiJSZWNvcmQiLCJhdHRyaWJ1dGVzIjp7ImNsaWVudCI6eyJ0eXBlIjoiRW50aXR5IiwibmFtZSI6IkNsaWVudCJ9LCJuYW1lIjp7InR5cGUiOiJTdHJpbmcifX19fSwiUm9sZSI6e30sIlRydXN0ZWRJc3N1ZXIiOnsic2hhcGUiOnsidHlwZSI6IlJlY29yZCIsImF0dHJpYnV0ZXMiOnsiaXNzdWVyX2VudGl0eV9pZCI6eyJ0eXBlIjoiVXJsIn19fX0sIkNsaWVudCI6eyJzaGFwZSI6eyJ0eXBlIjoiUmVjb3JkIiwiYXR0cmlidXRlcyI6eyJjbGllbnRfaWQiOnsidHlwZSI6IlN0cmluZyJ9LCJpc3MiOnsidHlwZSI6IkVudGl0eSIsIm5hbWUiOiJUcnVzdGVkSXNzdWVyIn19fX0sImlkX3Rva2VuIjp7InNoYXBlIjp7InR5cGUiOiJSZWNvcmQiLCJhdHRyaWJ1dGVzIjp7ImFjciI6eyJ0eXBlIjoiU2V0IiwiZWxlbWVudCI6eyJ0eXBlIjoiU3RyaW5nIn19LCJhbXIiOnsidHlwZSI6IlN0cmluZyJ9LCJhdWQiOnsidHlwZSI6IlN0cmluZyJ9LCJhenAiOnsidHlwZSI6IlN0cmluZyJ9LCJiaXJ0aGRhdGUiOnsidHlwZSI6IlN0cmluZyJ9LCJlbWFpbCI6eyJ0eXBlIjoiZW1haWxfYWRkcmVzcyJ9LCJleHAiOnsidHlwZSI6IkxvbmcifSwiaWF0Ijp7InR5cGUiOiJMb25nIn0sImlzcyI6eyJ0eXBlIjoiRW50aXR5IiwibmFtZSI6IlRydXN0ZWRJc3N1ZXIifSwianRpIjp7InR5cGUiOiJTdHJpbmcifSwibmFtZSI6eyJ0eXBlIjoiU3RyaW5nIn0sInBob25lX251bWJlciI6eyJ0eXBlIjoiU3RyaW5nIn0sInJvbGUiOnsidHlwZSI6IlNldCIsImVsZW1lbnQiOnsidHlwZSI6IlN0cmluZyJ9fSwic3ViIjp7InR5cGUiOiJTdHJpbmcifX19fSwiVXNlciI6eyJtZW1iZXJPZlR5cGVzIjpbIlJvbGUiXSwic2hhcGUiOnsidHlwZSI6IlJlY29yZCIsImF0dHJpYnV0ZXMiOnsiZW1haWwiOnsidHlwZSI6ImVtYWlsX2FkZHJlc3MifSwicGhvbmVfbnVtYmVyIjp7InR5cGUiOiJTdHJpbmcifSwicm9sZSI6eyJ0eXBlIjoiU2V0IiwiZWxlbWVudCI6eyJ0eXBlIjoiU3RyaW5nIn19LCJzdWIiOnsidHlwZSI6IlN0cmluZyJ9LCJ1c2VybmFtZSI6eyJ0eXBlIjoiU3RyaW5nIn19fX0sIkhUVFBfUmVxdWVzdCI6eyJzaGFwZSI6eyJ0eXBlIjoiUmVjb3JkIiwiYXR0cmlidXRlcyI6eyJhY2NlcHQiOnsidHlwZSI6IlNldCIsImVsZW1lbnQiOnsidHlwZSI6IlN0cmluZyJ9fSwiaGVhZGVyIjp7InR5cGUiOiJTZXQiLCJlbGVtZW50Ijp7InR5cGUiOiJTdHJpbmcifX0sInVybCI6eyJ0eXBlIjoiVXJsIn19fX19LCJhY3Rpb25zIjp7IkdFVCI6eyJhcHBsaWVzVG8iOnsicmVzb3VyY2VUeXBlcyI6WyJIVFRQX1JlcXVlc3QiXSwicHJpbmNpcGFsVHlwZXMiOlsiQ2xpZW50Il0sImNvbnRleHQiOnsidHlwZSI6IkNvbnRleHQifX19LCJERUxFVEUiOnsiYXBwbGllc1RvIjp7InJlc291cmNlVHlwZXMiOlsiSFRUUF9SZXF1ZXN0Il0sInByaW5jaXBhbFR5cGVzIjpbIkNsaWVudCJdLCJjb250ZXh0Ijp7InR5cGUiOiJDb250ZXh0In19fSwiUE9TVCI6eyJhcHBsaWVzVG8iOnsicmVzb3VyY2VUeXBlcyI6WyJIVFRQX1JlcXVlc3QiXSwicHJpbmNpcGFsVHlwZXMiOlsiQ2xpZW50Il0sImNvbnRleHQiOnsidHlwZSI6IkNvbnRleHQifX19LCJIRUFEIjp7ImFwcGxpZXNUbyI6eyJyZXNvdXJjZVR5cGVzIjpbIkhUVFBfUmVxdWVzdCJdLCJwcmluY2lwYWxUeXBlcyI6WyJDbGllbnQiXSwiY29udGV4dCI6eyJ0eXBlIjoiQ29udGV4dCJ9fX0sIlBVVCI6eyJhcHBsaWVzVG8iOnsicmVzb3VyY2VUeXBlcyI6WyJIVFRQX1JlcXVlc3QiXSwicHJpbmNpcGFsVHlwZXMiOlsiQ2xpZW50Il0sImNvbnRleHQiOnsidHlwZSI6IkNvbnRleHQifX19LCJQQVRDSCI6eyJhcHBsaWVzVG8iOnsicmVzb3VyY2VUeXBlcyI6WyJIVFRQX1JlcXVlc3QiXSwicHJpbmNpcGFsVHlwZXMiOlsiQ2xpZW50Il0sImNvbnRleHQiOnsidHlwZSI6IkNvbnRleHQifX19LCJBY2Nlc3MiOnsiYXBwbGllc1RvIjp7InJlc291cmNlVHlwZXMiOlsiQXBwbGljYXRpb24iXSwicHJpbmNpcGFsVHlwZXMiOlsiVXNlciIsIlJvbGUiXSwiY29udGV4dCI6eyJ0eXBlIjoiQ29udGV4dCJ9fX19fX0=" | ||
| } | ||
| } |
35 changes: 35 additions & 0 deletions
35
jans-cedarling/cedarling/src/init/test_files/policy-store_schema_err_base64.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| { | ||
| "8b805e22fdd39f3dd33a13d9fb446d8e6314153ca997": { | ||
| "name": "gluustore", | ||
| "description": "gluu", | ||
| "policies": { | ||
| "840da5d85403f35ea76519ed1a18a33989f855bf1cf8": { | ||
| "description": "admin access", | ||
| "creation_date": "2024-09-20T17:22:39.996050", | ||
| "policy_content": "QGlkKCJhZG1pbiBhY2Nlc3MiKQpwZXJtaXQKKAogcHJpbmNpcGFsID09IEphbnM6OlJvbGU6OiJBZG1pbiIsCiBhY3Rpb24gaW4gW0phbnM6OkFjdGlvbjo6IkNvbXBhcmUiLEphbnM6OkFjdGlvbjo6IkV4ZWN1dGUiXSwKIHJlc291cmNlID09IEphbnM6OkFwcGxpY2F0aW9uOjoiQWRtaW4iCikKd2hlbgp7CiBKYW5zOjpBY2Nlc3NfdG9rZW46OiJhYmMiLnNjb3BlPT0iYWJjIiAmJiBKYW5zOjppZF90b2tlbjo6ImlkeHh4Ii5hbXI9PSJpZHh4eCIgIAp9Ow==" | ||
| }, | ||
| "b6313811924c9e67f898257cbf017674e08203779ae9": { | ||
| "description": "manager access", | ||
| "creation_date": "2024-09-20T18:11:26.442574", | ||
| "policy_content": "QGlkKCJtYW5hZ2VyIGFjY2VzcyIpCnBlcm1pdAooCiBwcmluY2lwYWwsCiBhY3Rpb24sCiByZXNvdXJjZQopCndoZW4KewogSmFuczo6QWNjZXNzX3Rva2VuOjoieHh4Ii5zY29wZT09Inh4eCIgfHwgSmFuczo6aWRfdG9rZW46OiJpZHh4eCIuYW1yPT0iaWR4eHgiICYmIGNvbnRleHQubmV0d29yay5pc0luUmFuZ2UoaXAoIjIyMi4yMjIuMjIyLjAvMjQiKSkgIAp9Ow==" | ||
| }, | ||
| "f2b38413cad977ab21616bd4a63c233548491cf25b72": { | ||
| "description": "manager access", | ||
| "creation_date": "2024-09-20T18:11:37.774401", | ||
| "policy_content": "QGlkKCJtYW5hZ2VyIGFjY2VzcyIpCnBlcm1pdAooCiBwcmluY2lwYWwsCiBhY3Rpb24sCiByZXNvdXJjZQopCndoZW4KewogSmFuczo6QWNjZXNzX3Rva2VuOjoieHh4Ii5zY29wZT09Inh4eCIgfHwgSmFuczo6aWRfdG9rZW46OiJpZHh4eCIuYW1yPT0iaWR4eHgiICYmIGNvbnRleHQubmV0d29yay5pc0luUmFuZ2UoaXAoIjIyMi4yMjIuMjIyLjAvMjQiKSkgIAp9Ow==" | ||
| }, | ||
| "fa6a3f46ab5f741e806deff0f81d0f848af37604500f": { | ||
| "description": "without condition", | ||
| "creation_date": "2024-09-22T18:18:35.801566", | ||
| "policy_content": "QGlkKCJ3aXRob3V0IGNvbmRpdGlvbiIpCnBlcm1pdAooCiBwcmluY2lwYWwgPT0gSmFuczo6Um9sZTo6IkFkbWluIiwKIGFjdGlvbiwKIHJlc291cmNlCikKOw==" | ||
| }, | ||
| "96deb02f8ce44c46d497d44dbfec80b3b6a64fe22994": { | ||
| "description": "forbid", | ||
| "creation_date": "2024-09-23T14:51:21.480763", | ||
| "policy_content": "QGlkKCJmb3JiaWQiKQpmb3JiaWQKKAogcHJpbmNpcGFsIGluIEphbnM6OlJvbGU6OiJBZG1pbiIsCiBhY3Rpb24gaW4gW0phbnM6OkFjdGlvbjo6IlNlYXJjaCIsSmFuczo6QWN0aW9uOjoiVGFnIl0sCiByZXNvdXJjZSBpbiBKYW5zOjpBcHBsaWNhdGlvbjo6IkFkbWluUG9ydGFsIgopCndoZW4KewogSmFuczo6QWNjZXNzX3Rva2VuOjoieHh4Ii5leHA+MTIzICYmIEphbnM6OkFjY2Vzc190b2tlbjo6ImFhYSIuZXhwPDMyMSB8fCBKYW5zOjpBY2Nlc3NfdG9rZW46OiJhYWEiLmlhdD49MTExICAKfTs=" | ||
| } | ||
| }, | ||
| "identity_source": {}, | ||
| "schema": "ewogICJKYW...gfQp9" | ||
| } | ||
| } |
Oops, something went wrong.