Category
Cedar language features
Describe the feature you'd like to request
Currently, if the entities JSON file contains two or more entries with the same UID, all but one will be silently dropped. We should instead error out in this case.
This is potentially a breaking change: Cedar users could have stored entity JSON data which contains duplicates, and this change would mean that their stored and previously-valid JSON data is no longer valid. This could also break a Cedar user whose entity slicing algorithm is fetching entities from some database and not being too careful to avoid fetching the same entity twice. Thus, the change should target Cedar 3.0. However, I do think the change is worth making for Cedar 3.0, to avoid the papercuts possible when silently dropping duplicate entities.
We should also do a thorough audit of our schema JSON, entities JSON, and policy JSON formats to ensure there are no other places that duplicate [entities, entity type declarations, action declarations, attribute declarations, etc] are silently dropped. Cedar 3.0 should be uniform in rejecting duplicate declarations.
Describe the solution you'd like
JSON parsing should fail when encountering duplicates of the above kinds.
Describe alternatives you've considered
We could do nothing; dropping duplicate entries is the expected behavior in many JSON parsers, particularly in JSON maps. In this case though, I think the error is likely to be more helpful than the dropping-duplicates behavior.
We could add a flag to JSON parsing functions allowing the user to select between the two behaviors. But that adds complexity to our APIs and in this case I think it's better for Cedar to be opinionated.
Additional context
No response
Is this something that you'd be interested in working on?
Category
Cedar language features
Describe the feature you'd like to request
Currently, if the entities JSON file contains two or more entries with the same UID, all but one will be silently dropped. We should instead error out in this case.
This is potentially a breaking change: Cedar users could have stored entity JSON data which contains duplicates, and this change would mean that their stored and previously-valid JSON data is no longer valid. This could also break a Cedar user whose entity slicing algorithm is fetching entities from some database and not being too careful to avoid fetching the same entity twice. Thus, the change should target Cedar 3.0. However, I do think the change is worth making for Cedar 3.0, to avoid the papercuts possible when silently dropping duplicate entities.
We should also do a thorough audit of our schema JSON, entities JSON, and policy JSON formats to ensure there are no other places that duplicate [entities, entity type declarations, action declarations, attribute declarations, etc] are silently dropped. Cedar 3.0 should be uniform in rejecting duplicate declarations.
Describe the solution you'd like
JSON parsing should fail when encountering duplicates of the above kinds.
Describe alternatives you've considered
We could do nothing; dropping duplicate entries is the expected behavior in many JSON parsers, particularly in JSON maps. In this case though, I think the error is likely to be more helpful than the dropping-duplicates behavior.
We could add a flag to JSON parsing functions allowing the user to select between the two behaviors. But that adds complexity to our APIs and in this case I think it's better for Cedar to be opinionated.
Additional context
No response
Is this something that you'd be interested in working on?