Skip to content

Adds DateTime Extension Support #328

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Aug 15, 2025
Merged

Adds DateTime Extension Support #328

merged 7 commits into from
Aug 15, 2025

Conversation

muditchaudhary
Copy link
Contributor

@muditchaudhary muditchaudhary commented Aug 12, 2025
edited
Loading

Overview

Adds DateTime Extension Support (RFC 80)

Changes

  • Implements new com.cedarpolicy.value.DateTime class

    • Validates input dates against supported format specifications
    • Stores DateTime value in String representation

  • Integrates DateTime support in serialization layer

    • Extends ValueSerializer to handle DateTime serialization
    • Adds DateTime deserialization support in ValueDeserializer

  • Testing

    • Adds unit tests covering DateTime validation, serialization, and edge cases
    • Includes integration tests to verify end-to-end DateTime functionality

  • Updates CHANGELOG

Example Usage

Set<Entity> entities = new HashSet<>();
String principalId = "alice";
Map<String, Value> principalAttributes = new HashMap<>();
principalAttributes.put("DOB", new DateTime("2000-01-01"));
Set<EntityUID> principalParents = new HashSet<>();
Entity principal = new Entity(new EntityUID(principalType, principalId), principalAttributes, principalParents);
entities.add(principal);

String actionId = "view";
Map<String, Value> actionAttributes = new HashMap<>();
Set<EntityUID> actionParents = new HashSet<>();
Entity action = new Entity(new EntityUID(actionType, actionId), actionAttributes, actionParents);
entities.add(action);

String resourceId = "photo.jpg";
Map<String, Value> resourceAttributes = new HashMap<>();
Set<EntityUID> resourceParents = new HashSet<>();
var resource = new Entity(new EntityUID(resourceType, resourceId), resourceAttributes, resourceParents);
entities.add(resource);

String p = "permit(\n"
        + "principal==" + principal.getEUID().toString() + ",\n"
        + "action==" + action.getEUID().toString() + ",\n"
        + "resource==" + resource.getEUID().toString() + "\n"
        + ") when {principal.DOB > datetime(\"1999-01-01\")};";
                
final String policyId = "ID0";
Policy policy = new Policy(p, policyId);
Set<Policy> policies = new HashSet<>();
policies.add(policy);
PolicySet policySet = new PolicySet(policies);
Map<String, Value> currentContext = new HashMap<>();
AuthorizationRequest request = new AuthorizationRequest( principal, action, resource, currentContext);

@muditchaudhary
adds DateTime extension value
73fcd7c 
Signed-off-by: Mudit Chaudhary <[email protected]>
@muditchaudhary
adds serializer/deserializer for DateTime
2fb452f 
Signed-off-by: Mudit Chaudhary <[email protected]>
@muditchaudhary
adds DateTime tests
7474f1a 
Signed-off-by: Mudit Chaudhary <[email protected]>
@muditchaudhary
fixes nits
35eddf6 
Signed-off-by: Mudit Chaudhary <[email protected]>
@muditchaudhary
updates CHANGELOG
9648970 
Signed-off-by: Mudit Chaudhary <[email protected]>
@muditchaudhary muditchaudhary marked this pull request as ready for review August 12, 2025 18:43
muditchaudhary
muditchaudhary commented Aug 12, 2025
View reviewed changes
mark-creamer-amazon
mark-creamer-amazon reviewed Aug 13, 2025
View reviewed changes
CedarJava/src/main/java/com/cedarpolicy/value/DateTime.java
/** Convert DateTime to Cedar expr that can be used in a Cedar policy. */
@Override
public String toCedarExpr() {
return "datetime(\"" + dateTime + "\")";
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Worried about this being valid, but should be fine since dateTime is validated on construction, cannot be mutated externally since it's private and it's set once.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah. It's final and only assigned after validation so should be ok. This is what we do for IpAddress as well

mark-creamer-amazon
mark-creamer-amazon approved these changes Aug 14, 2025
View reviewed changes
Copy link
Contributor

@mark-creamer-amazon mark-creamer-amazon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lgtm

shaobo-he-aws
shaobo-he-aws approved these changes Aug 14, 2025
View reviewed changes
Copy link
Contributor

@shaobo-he-aws shaobo-he-aws left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@muditchaudhary muditchaudhary merged commit 33a23e9 into cedar-policy:main Aug 15, 2025
4 checks passed
@muditchaudhary muditchaudhary mentioned this pull request Oct 1, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shaobo-he-aws shaobo-he-aws shaobo-he-aws approved these changes

@mark-creamer-amazon mark-creamer-amazon mark-creamer-amazon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@muditchaudhary @shaobo-he-aws @mark-creamer-amazon