forked from cedar-policy/cedar-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathannotation.go
47 lines (38 loc) · 1.43 KB
/
annotation.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package ast
import (
"github.com/cedar-policy/cedar-go/types"
"github.com/cedar-policy/cedar-go/x/exp/ast"
)
type Annotations ast.Annotations
func (a *Annotations) unwrap() *ast.Annotations {
return (*ast.Annotations)(a)
}
func wrapAnnotations(a *ast.Annotations) *Annotations {
return (*Annotations)(a)
}
// Annotation allows AST constructors to make policy in a similar shape to textual Cedar with
// annotations appearing before the actual policy scope:
//
// ast := Annotation("foo", "bar").
// Annotation("baz", "quux").
// Permit().
// PrincipalEq(superUser)
func Annotation(key types.Ident, value types.String) *Annotations {
return wrapAnnotations(ast.Annotation(key, value))
}
// Annotation adds an annotation. If a previous annotation exists with the same key, this builder will replace it.
func (a *Annotations) Annotation(key types.Ident, value types.String) *Annotations {
return wrapAnnotations(a.unwrap().Annotation(key, value))
}
// Permit begins a permit policy from the given annotations.
func (a *Annotations) Permit() *Policy {
return wrapPolicy(a.unwrap().Permit())
}
// Forbid begins a forbid policy from the given annotations.
func (a *Annotations) Forbid() *Policy {
return wrapPolicy(a.unwrap().Forbid())
}
// If a previous annotation exists with the same key, this builder will replace it.
func (p *Policy) Annotate(key types.Ident, value types.String) *Policy {
return wrapPolicy(p.unwrap().Annotate(key, value))
}