IDX-470: Change PolicySet.IsAuthorized to take an EntityGetter interface in place of an EntityMap

cedar-policy / cedar-go

Golang implementation of the Cedar Policy Language

Apache License 2.0

86 stars 9 forks source link

IDX-470: Change PolicySet.IsAuthorized to take an EntityGetter interface in place of an EntityMap #71

Open kjamieson-sdm opened 1 day ago

kjamieson-sdm commented 1 day ago

This changes the PolicySet IsAuthorized() method to take an EntityGetter interface instead of a concrete EntityMap instance, allowing alternative entity getter implementations to be passed to the authorization.

kjamieson-sdm commented 1 day ago

While very unlikely (IMO), this could technically be a breaking change if some existing caller is passing a map[EntityUID]Entity to IsAuthorized instead of a EntityMap.

If we think that risk is too great, we can fall back to the alternative of introducing some new IsAuthorized or Authorizer implementation under x/exp instead.