v0.5.0-rc.9 - 2024-12-25
Bug Fixes
Broken deno runtime secret injection (#946)
- Bumps to 0.5.0-rc.9
- Fixes bug with deno secret injection
Migration notes
- The change comes with new or modified tests
- Hard-to-understand functions have explanatory comments
- End-user documentation is updated to reflect the change
Features
(gate,sdk) New policy spec (#937) - BREAKING: new policy spec (#937)
Migration notes
- Replaced true, false, and null to ALLOW, DENY and PASS.
Composition rules:
- On traversal order:
ALLOW: allow parent and all its children (ignore inner policies)DENY: deny parent and all its children (ignore inner policies)PASS: pass through parent and evaluate each children (no-op,
equivalent to no policies)
- On a single type (a.with_policy(X).with_policy(Y)):
ALLOW and DENY compose the same as true and false with the AND gate,
PASS does not participate.
ALLOW& P = PDENY& P =DENY(e.g. DENY & ALLOW = DENY)PASS& P = P (does not participate)
- The change comes with new or modified tests
- Hard-to-understand functions have explanatory comments
- End-user documentation is updated to reflect the change
Summary by CodeRabbit
Release Notes
-
New Features
-
Enhanced documentation for Metatype's mental model, including clearer
policy definitions and a comparison table with classical models. -
Introduction of a comprehensive tutorial on building a Metatype API,
covering setup, CRUD operations, and security practices. -
Bug Fixes
-
Updated policy logic to return explicit 'ALLOW' or 'DENY' strings
instead of boolean values across various components. -
Documentation
-
Improved clarity and detail in documentation for policies and core
concepts.- Added new sections for policy composition rules and traversal order.
-
Refactor
-
Streamlined policy management and evaluation logic across multiple
files, enhancing clarity and maintainability. -
Tests
-
Added tests for new policy functionalities and updated existing tests
to reflect changes in policy handling.