A random question thought we currently use Typescript to gen

Question

A random question thought we currently use Typescript to generate strongly typed permission strings When authoring policies is there a way to make those strings available to Cerbos Is JSON Schema the best direction there

Steve High (NTWRK) · Answer

I have an example in Go that does just that I imagine the typescript variant wouldnt be too much different since the implementation is just bitmasks

Steve High (NTWRK) · Answer

i d be happy to share that if you d like

Ryan Killeen · Answer

Happy to take a look at anything you re willing to share

Ryan Killeen · Answer

< Steve High NTWRK > I m seeing now that Principal schemas are really only used to validate requests have you found a way to make them useful in editing of policies

Ryan Killeen · Answer

Essentially I have an attribute on the principal that can be one or more strongly typed strings in a union and I d love to make that available to people writing policies Not sure if that s feasible atm Some way to extend the available policy schema would go a long way

Charith (Cerbos) · Answer

That s an interesting idea The difficult bit here is that during policy editing the principal resource attributes are not really YAML fields that can be described with a schema They are part of the CEL expression which is essentially a string as far as any editor is concerned We do want to be able to validate those expressions too but it ll probably take us a little while longer to come up with a good enough solution that works for everybody