JSON schema parser does not error on unknown extension type #875
Description
Before opening, please confirm:
- I have searched for duplicate or closed issues.
- I have read the guide for submitting bug reports.
- I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
Bug Category
Schemas and Validation
Describe the bug
The following JSON schema file parses without error
{
"": {
"entityTypes": {
"User": {
"shape": {
"type": "Record",
"attributes": {
"a": {"type": "Extension", "name": "ip_ddr"}
}
}
}
},
"actions": {
"view": {
"appliesTo": {
"principalTypes": [
"User"
]
}
}
}
}
}If we try to use this to validate a policy like permit(principal, action, resource); we don't see any schema parsing errors.
Validating a policy that uses the attribute will show an error because the ip_ddr type doesn't have methods
× policy set validation failed
╰─▶ unexpected type: expected ipaddr but saw ip_ddr
╭─[2:3]
1 │ permit (principal, action, resource) when {
2 │ principal.a.isInRange(ip("1.1.1.1"))
· ────────────────────────────────────
3 │ };
We can convert it to the Cedar Schema format without error. The resulting schema is correctly rejected by the natural schema parser.
entity User = {"a": __cedar::ip_ddr};
action "view" appliesTo {
principal: [User],
context: {}
};
Expected behavior
.
Reproduction steps
.
Code Snippet
// Put your code below this line.Log output
// Put your output below this line
Additional configuration
No response
Operating System
No response
Additional information and screenshots
No response