{"id":15674140,"url":"https://github.com/iann0036/polai","last_synced_at":"2025-10-17T04:34:29.453Z","repository":{"id":178474297,"uuid":"586419714","full_name":"iann0036/polai","owner":"iann0036","description":"A Cedar policy language lexer, parser \u0026 evaluator","archived":false,"fork":false,"pushed_at":"2023-07-03T23:17:45.000Z","size":221,"stargazers_count":15,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-05-06T22:54:33.495Z","etag":null,"topics":["aws","aws-verified-permissions","cedar"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/iann0036.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-01-08T04:01:35.000Z","updated_at":"2024-09-28T13:24:51.000Z","dependencies_parsed_at":"2023-07-20T09:46:15.753Z","dependency_job_id":null,"html_url":"https://github.com/iann0036/polai","commit_stats":null,"previous_names":["iann0036/polai"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iann0036%2Fpolai","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iann0036%2Fpolai/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iann0036%2Fpolai/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iann0036%2Fpolai/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/iann0036","download_url":"https://codeload.github.com/iann0036/polai/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252782478,"owners_count":21803382,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-verified-permissions","cedar"],"created_at":"2024-10-03T15:43:40.378Z","updated_at":"2025-10-17T04:34:24.422Z","avatar_url":"https://github.com/iann0036.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# polai\n\n\u003e **Warning**\n\u003e This project is experimental and is not recommended for use\n\n## Foreword\n\nThis project was an experimental project to understand the complexity of the [Cedar policy language](https://www.cedarpolicy.com/). The project is incomplete and doesn't feature the automated reasoning guarantees that the official engine has. For use in a production context, consume the official engine [directly](https://github.com/cedar-policy/cedar) or via one of the [bindings](https://github.com/cedar-policy/cedar-awesome#language-and-platform-integrations).\n\n\u003chr /\u003e\n\n[![GoDoc](https://godoc.org/github.com/iann0036/polai?status.svg)](https://godoc.org/github.com/iann0036/polai)\n\nA [Cedar](https://www.cedarpolicy.com/) policy language lexer, parser \u0026 evaluator.\n\n## Installation\n\n```sh\ngo get github.com/iann0036/polai\n```\n\nPlease add `-u` flag to update in the future.\n\n## Usage\n\n### Basic Usage\n\n```go\npackage main\n\nimport (\n    \"fmt\"\n    \"strings\"\n\n    \"github.com/iann0036/polai\"\n)\n\nfunc main() {\n    e := polai.NewEvaluator(strings.NewReader(`\n    permit (\n        principal,\n        action,\n        resource == Folder::\"My Folder\"\n    ) when {\n        context.ssl == true\n    };`))\n\n    result, _ := e.Evaluate(`User::\"alice\"`, `Action::\"listFiles\"`, `Folder::\"My Folder\"`, `{\n        \"ssl\": true\n    }`)\n\n    if result {\n        fmt.Println(\"Authorized\")\n    } else {\n        fmt.Println(\"Not Authorized\")\n    }\n}\n```\n\n### Advanced Options\n\n```go\npackage main\n\nimport (\n    \"fmt\"\n    \"strings\"\n\n    \"github.com/iann0036/polai\"\n)\n\nfunc main() {\n    e := polai.NewEvaluator(strings.NewReader(`\n    permit (\n        principal,\n        action,\n        resource == Folder::\"My Folder\"\n    ) when {\n        if context.ssl == true \u0026\u0026 principal.hasTraining\n        then true\n        else principal.invalidproperty\n    };`))\n\n    e.AllowShortCircuiting = true // evaluation will fail when set to false\n\n    e.SetEntities(strings.NewReader(`\n    [\n        {\n            \"uid\": \"User::\\\"alice\\\"\",\n            \"attrs\": {\n                \"hasTraining\": true\n            }\n        },\n        {\n            \"uid\": \"User::\\\"kate\\\"\",\n            \"attrs\": {\n                \"hasTraining\": false\n            }\n        }\n    ]`))\n\n    result, _ := e.Evaluate(`User::\"alice\"`, `Action::\"listFiles\"`, `Folder::\"My Folder\"`, `{\n        \"ssl\": true\n    }`)\n\n    if result {\n        fmt.Println(\"Authorized\")\n    } else {\n        fmt.Println(\"Not Authorized\")\n    }\n}\n```\n\n## Features\n\n- [x] Policy language interpreter\n- [x] Basic permit and forbid evaluation logic\n- [x] Equality / inequality operator within `principal`, `action`, and `resource` within the scope block\n- [x] Inheritance (`in`) within scope block\n- [x] Basic set (`in`) for `action` within scope block\n- [x] Basic when and unless evaluation logic\n- [x] Logical operators for basic types (string, long, boolean) within condition block\n- [x] Entity store interpreter\n- [x] Inheritance (`in`) within condition block\n- [x] Entity attributes evaluation\n- [x] IP and Decimal extensions\n- [x] Context object\n- [x] Set operations\n- [x] `has` operation\n- [x] Logical not `!` operation\n- [x] `like` operator\n- [x] if-then-else ternary\n- [x] Enforce `Action::` namespace for actions\n- [x] `\u0026\u0026` and `||` short-circuiting\n- [x] `if-then-else` short-circuiting\n- [x] Embedded `if-then-else`\n- [ ] 4x limit on unary\n- [ ] Syntactic constraint on multiply operator\n- [ ] Anonymous records / sets\n- [ ] `__entity` / `__extn` syntax in context / entities\n- [ ] Policy templates\n\n## License\n\nThis project is under MIT license. See the [LICENSE](LICENSE) file for the full license text.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fiann0036%2Fpolai","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fiann0036%2Fpolai","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fiann0036%2Fpolai/lists"}