forked from cedar-policy/cedar-go
-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathtest.cedarschema
More file actions
82 lines (82 loc) · 2.61 KB
/
test.cedarschema
File metadata and controls
82 lines (82 loc) · 2.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
// Test case to make sure that all types of Cedar elements are parseable
// and that the formatter doesn't mess anything up.
@annotation("namespace") // inline annotation comment
// comment between annotation and namespace
namespace PhotoFlash { // inline namespace comment
@annotation("entity")
// Comment explaining entities User and User2
// it's a two line comment
entity User, User2 in UserGroup = {
"department": String,
"jobLevel": Long,
} tags String;
entity UserGroup; // inline comment entity
entity Album in Album = { // inline comment rec type
"account": Account,
// record attribute comment
"private": Bool, // record inline comment
// footer comment rec type
// multiple lines
}; // footer comment entity
entity Account {
"admins"?: Set<User>, // attribute comment
"owner": User,
};
entity Empty {
};
entity Photo in [Album, PhotoFlassh::Other::Album] = {
"account": Account,
"private": Bool,
};
entity PhotoFormat enum ["jpg", "gif", "png"];
entity AccountType enum ["user"];
// annotation header comment
@annotation("type")
@in // keywords are valid identifiers
// type header comment
type LongAlias = Long; // type footer comment
@annotation1("action")
@annotation2 // inline annotation comment
// action header comment
action "uploadPhoto" appliesTo { // inline action comment
// principal comment before
principal: User, // principal comment inline
// resource comment before
// multi line
resource: [Album, Photo], // resource comment inline
// context comment before
context: { // context comment inline
@annotation("attrDecl1")
"authenticated": Bool,
@annotation("attrDecl2")
"photo": {
"file_size": LongAlias,
"file_type": String,
},
}, // context comment after
// remaining comments
}; // action footer comment
action "read"; // action footer comment 1-line
action "all";
action "viewPhoto", viewPhoto2 in ["read", PhotoFlash::Action::all] appliesTo {
principal: User,
resource: Photo,
context: { // opener comment
// Attribute comment (line 1)
// Attribute comment (line 2)
"authenticated": Bool, // attribute comment inline
}, // context comment
};
type authenticatedContext = {
"authenticated": Bool,
appliesTo: String, // keywords are valid identifiers
};
action "listAlbums" in "read" appliesTo {
principal: User,
resource: Account,
context: authenticatedContext,
};
// Remainder comment block
// should also be kept around
} // Footer comment on namespace
// Tailing comments after namespace