Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🌟 Community Feature Challenge: Cedar Language and Agent 🌟 #10

Closed
gemanor opened this issue Oct 28, 2024 · 7 comments
Closed

🌟 Community Feature Challenge: Cedar Language and Agent 🌟 #10

gemanor opened this issue Oct 28, 2024 · 7 comments

Comments

@gemanor
Copy link
Collaborator

gemanor commented Oct 28, 2024

Ever wanted to make Cedar modeling easier? Do you have a cool idea for making entity schema better? This is one of our 10 community feature challenges, and we want your input on how we can enhance the Permit CLI in the area of authorization with the Cedar language and its agent. This is a space for you to share your ideas on what would make this part of the CLI even better!

How to Participate

  • Submit Your Proposal: Comment below with your detailed feature idea. Be sure to explain how it would work and why it would be valuable for users.
  • Vote for Your Favorites: Show support for your favorite ideas by upvoting them. Your votes will help us identify the most impactful proposals.
  • Win a Bounty: The idea with the most upvotes will be selected, and we’ll put a bounty on it! This means that you (or another contributor) could bring this feature to life and earn a reward.

Why Join In?

  • Shape the Future: Your input will directly influence Permit CLI’s growth.
  • Community Recognition: Contributing ideas or supporting others’ ideas lets you stand out as a valuable community member.
  • Collaborative Ownership: Together, we’ll build a CLI that truly reflects the community’s needs and creativity.

What’s Next?

We’ll keep this challenge open for proposals and upvotes until November 10th, 2024. Once the top idea is chosen, we’ll update this issue with details on the bounty and the next steps for development.

Thank you for helping us make the Permit CLI even better. We can’t wait to see what you come up with! 🌟

@gemanor
Copy link
Collaborator Author

gemanor commented Oct 28, 2024

/bounty 200

Copy link

algora-pbc bot commented Oct 28, 2024

💎 $200 bounty • Permit.io

Steps to solve:

  1. Start working: Comment /attempt #10 with your implementation plan
  2. Submit work: Create a pull request including /claim #10 in the PR body to claim the bounty
  3. Receive payment: 100% of the bounty is received 2-5 days post-reward. Make sure you are eligible for payouts

Thank you for contributing to permitio/permit-cli!

Add a bountyShare on socials

Attempt Started (GMT+0) Solution
🟢 @lota02 Oct 29, 2024, 6:33:29 PM WIP
🟢 @theedigerati Dec 20, 2024, 6:21:49 PM WIP

@lota02
Copy link

lota02 commented Oct 29, 2024

/attempt #10
Proposal: Cedar Schema Generator and Validator
Description: Implement a schema generator and validator tool within the Permit CLI for the Cedar language, simplifying the creation and validation of entity schemas.

How It Works:

  • Schema Generator: Users can run a command like permit cedar generate to automatically generate a basic schema template for entities, including predefined fields and data types based on best practices. Users can customize the template further as needed.
  • Schema Validator: Introduce a command (permit cedar validate ) that checks the syntax and structure of Cedar schemas, ensuring they adhere to best practices and highlight any potential errors before deployment.

BENEFITS
This feature would significantly reduce the complexity of modeling entities in Cedar, making it easier for users to create valid schemas quickly. It improves overall productivity and helps maintain consistency across authorization policies.

@gemanor
Copy link
Collaborator Author

gemanor commented Nov 24, 2024

Hey, @lota02, your proposal sounds good. Please provide practical implementation plan, design review, and timeline, so I'll be able to assign you to the issue.

@gemanor
Copy link
Collaborator Author

gemanor commented Dec 13, 2024

Closing as there's no answer from @lota02

@gemanor gemanor closed this as completed Dec 13, 2024
@theedigerati
Copy link

theedigerati commented Dec 20, 2024

/attempt #10

Proposal: Manage Cedar Schema, Policies and Authorization checks.
Description: Cedar-Agent is an HTTP server that provides endpoints for integration with Cedar, building CLI commands to implement Cedar features through Cedar-agent would be a useful addition to Permit-cli's capabilities. Under the hood, these commands will make HTTP requests to Cedar-agent similar to the PDP implementation that currently exists.

Features to build Commands for:

  • Policy : Create, retrieve update and delete policies.
  • Schema: Manage custom schemas that define the shape of entities and actions. Cedar-Agent will validate all policies against this schema.
  • Data Store : Store and manage application data to be authorised by Cedar policies in authorization checks.
  • Authorization Checks: Perform authorization checks on stored data using predefined policies.

Other Features:

  • Cedar-agent config: Manage configuration data for Cedar & Cedar-agent e.g server url, api version
  • Ping Cedar-agent: Test Cedar-agent connectivity with ICMP ping messages.
  • View Cedar docs: Open a web browser to view Cedar documentation.

Benefits:

These features make it easier for users to directly interact with Cedar through Permit-cli, hence improving the usability of Cedar as a Policy-engine for applications and making this CLI better.

@theedigerati
Copy link

theedigerati commented Dec 21, 2024

Implementation Plan

  • Create command folder for the Policy-engine -cedar. All commands under this implementation will begin with:
    permit-cli cedar
  • Create command folders for features with nested actions -> policy, schema, data, config. Each folder will have subcommand files like create.tsx, retrieve.tsx, update.tsx etc...
    Initialize command files for others -> authorize.tsx, ping.tsx, docs.tsx.
  • Implement logic & components for all commands. Every command will have its own options/flags and arguments when needed. On every feature command, process HTTP request and return response or error as necessary.
  • Add global options for cedar subcommands e.g --server_url, --api_version, --auth_token. This options will be available on every cedar command to provide custom values when needed.
  • Add e2e tests for all commands

Commands

cedar policy - Manage all Cedar Policies

$ permit-cli cedar policy [command] [options]
  • list - List all policies
  • retrieve - Get a single policy
  • create - Create a policy
  • update - Update a policy
  • bulk-update - Update multiple policies

cedar schema - Manage Schema store for entity & data validation

$ permit-cli cedar schema [command] [options]
  • show - Show the current schema
  • set - Set the schema
  • delete - Delete the schema

cedar data - Manage application data (entities)

$ permit-cli cedar data [command] [options]
  • show - Show the current data
  • set - Set the data
  • delete - Delete the data

cedar config - Manage Cedar-agent server details

$ permit-cli cedar config [command] [options]
  • list - List all details that have been set
  • set - Set one or more config values
  • unset - Unset one or more config values

cedar authorize - Authorize application data using saved policies

$ permit-cli cedar authorize [options]

cedar ping - Test Cedar-agent connectivity with ICMP ping messages

$ permit-cli cedar ping [options]

cedar docs - Open a web browser to view Cedar documentation.

$ permit-cli cedar docs [options]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants