When we expect for example a string literal in cst-to-ast conversion, we require the expression is immediately a string literal without any surrounding parentheses. This is mostly fine, but leads to some confusing errors where we might claim that "attr" is not a valid attribute. We should update the error to specify that ("attr") isn't valid (but "attr" would be).
[jkastner@dev-dsk-jkastner-1a-3309db3b cedar]$ cargo -q run check-parse <<<'permit(principal, action, resource) when { principal has ("attr") };'
× failed to parse policy set
╰─▶ invalid attribute name: "attr"
╭────
1 │ permit(principal, action, resource) when { principal has ("attr") };
· ──────
╰────
help: attribute names can either be identifiers or string literals
[jkastner@dev-dsk-jkastner-1a-3309db3b cedar]$ cargo -q run check-parse <<<'permit(principal, action, resource) when { principal like ("*") };'
× failed to parse policy set
╰─▶ right hand side of a `like` expression must be a pattern literal, but got `"*"`
╭────
1 │ permit(principal, action, resource) when { principal like ("*") };
· ───
╰────
[jkastner@dev-dsk-jkastner-1a-3309db3b cedar]$ cargo -q run check-parse <<<'permit(principal, action, resource) when { {("attr"): 1} };'
× failed to parse policy set
╰─▶ invalid attribute name: "attr"
╭────
1 │ permit(principal, action, resource) when { {("attr"): 1} };
· ──────
╰────
help: attribute names can either be identifiers or string literals
[jkastner@dev-dsk-jkastner-1a-3309db3b cedar]$ cargo -q run check-parse <<<'permit(principal, action, resource) when { {(principal): 1} };'
× failed to parse policy set
╰─▶ invalid attribute name: principal
╭────
1 │ permit(principal, action, resource) when { {(principal): 1} };
· ─────────
╰────
help: attribute names can either be identifiers or string literals
[jkastner@dev-dsk-jkastner-1a-3309db3b cedar]$ cargo -q run check-parse <<<'permit(principal, action, resource) when { principal is (User) };'
× failed to parse policy set
╰─▶ invalid variable: User
╭────
1 │ permit(principal, action, resource) when { principal is (User) };
· ────
╰────
help: the valid Cedar variables are `principal`, `action`, `resource`, and `context`; did you mean to enclose `User` in quotes to make a string?
Describe alternatives you've considered
.
Additional context
No response
Is this something that you'd be interested in working on?
[ ] 👋 I may be able to implement this feature request
Category
Error message improvements
Describe the feature you'd like to request
When we expect for example a string literal in cst-to-ast conversion, we require the expression is immediately a string literal without any surrounding parentheses. This is mostly fine, but leads to some confusing errors where we might claim that
"attr"is not a valid attribute. We should update the error to specify that("attr")isn't valid (but"attr"would be).Describe alternatives you've considered
.
Additional context
No response
Is this something that you'd be interested in working on?