complete public apu

Author: B-Lorentz

cedar-policy-core/src/ast/request.rs

@@ -120,6 +120,10 @@ impl EntityUIDEntry {
         }
     }
 
+    pub fn unknown_of_type(ty: EntityType, loc: Option<Loc>) -> Self {
+        Self::UnknownOfType { ty, loc }
+    }
+
     /// Get the UID of the entry, or `None` if it is unknown (partial evaluation)
     pub fn uid(&self) -> Option<&EntityUID> {
         match self {
@@ -128,6 +132,7 @@ impl EntityUIDEntry {
         }
     }
 
+    /// Get the type of the entry, or `None` if it is unknown (partial evaluation with no type annotation)
     pub fn get_type(&self) -> Option<&EntityType> {
         match self {
             Self::Known { euid, .. } => Some(euid.entity_type()),

cedar-policy/src/api.rs

@@ -3601,6 +3601,17 @@ impl<S> RequestBuilder<S> {
         }
     }
 
+    /// Set the principal to be unknown, which is known to belong a certain entity type.
+    ///
+    /// Currently, this is used only to in 'is' expressions in the policy.
+    #[must_use]
+    pub fn some_principal_of_type(self, principal_type: ast::EntityType) -> Self {
+        Self {
+            principal: ast::EntityUIDEntry::unknown_of_type(principal_type, None),
+            ..self
+        }
+    }
+
     /// Set the action.
     ///
     /// Note that you can create the `EntityUid` using `.parse()` on any
@@ -3625,6 +3636,17 @@ impl<S> RequestBuilder<S> {
         }
     }
 
+    /// Set the resource to be unknown, which is known to belong a certain entity type.
+    ///
+    /// Currently, this is used only to in 'is' expressions in the policy.
+    #[must_use]
+    pub fn some_resource_of_type(self, resource_type: ast::EntityType) -> Self {
+        Self {
+            resource: ast::EntityUIDEntry::unknown_of_type(resource_type, None),
+            ..self
+        }
+    }
+
     /// Set the context.
     #[must_use]
     pub fn context(self, context: Context) -> Self {