mirror of
https://github.com/larksuite/cli.git
synced 2026-07-06 00:06:28 +08:00
* feat(platform): support multiple policy rules per plugin
Extend the command policy framework from single-Rule to multi-Rule
semantics. A plugin (or policy.yml) may now contribute several scoped
Rules; the engine combines them with OR -- a command is allowed when it
satisfies every axis of at least one rule. This lets one integration
apply different risk ceilings and identity restrictions to different
command groups.
The cross-plugin fail-closed boundary is preserved: two distinct plugins
both calling Restrict still aborts startup (multiple_restrict_plugins).
Single-Rule behaviour is fully backward compatible -- the rejection
reason_code / rule_name / envelope shape are byte-for-byte unchanged;
multi-rule rejection surfaces the aggregate reason_code no_matching_rule.
- engine: New keeps single-rule compat, add NewSet for OR over rules
- resolver: dedupe by owner (one plugin may contribute many rules),
return []*Rule; yaml gains a top-level rules: list
- registrar/builder/staging: Restrict may be called more than once;
retire the double_restrict error
- config policy show / config plugins show: emit a rules array
- inventory: PluginEntry.Rules is now a slice (fixes last-rule-wins
overwrite when a plugin contributes multiple rules)
* fix(platform): clone rules in Builder.Restrict and inventory snapshot
Address review feedback. Builder.Restrict stored the caller's *Rule
directly, so reusing and mutating one Rule object across multiple
Restrict calls collapsed entries to the last mutation; clone the rule and
its slices on append, mirroring the staging registrar.
BuildInventory likewise reused the source Allow/Deny/Identities slices;
copy them when building the RuleView snapshot instead of relying on
cloneInventory downstream.
Add a regression test: reusing and mutating one Rule across two Restrict
calls now yields two independent rules.
* fix(platform): skip yaml when a plugin owns policy; reject empty rules list
Two policy-config robustness fixes from review:
- A malformed ~/.lark-cli/policy.yml could abort a plugin-governed
binary. applyUserPolicyPruning read yaml before resolving, and
build.go fail-closes on any policy error when a plugin is present.
Plugin rules shadow yaml anyway, so skip reading yaml entirely when a
plugin contributed rules -- an unrelated broken file on the user's
machine can no longer lock the CLI.
- A present-but-empty "rules: []" collapsed to a single all-zero Rule
that allows every annotated command ("looks like policy, enforces
almost nothing"). yaml.Parse now distinguishes absent from
present-but-empty (Rules is a pointer) and rejects the empty list.
Add regression tests for both.
136 lines
5.1 KiB
Go
136 lines
5.1 KiB
Go
// Copyright (c) 2026 Lark Technologies Pte. Ltd.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
// Package yaml parses one or more Rules from yaml bytes. It is kept
|
|
// separate from the public extension/platform package so that platform
|
|
// stays free of yaml library dependencies -- plugins constructing a Rule
|
|
// in Go code never import yaml, only the file loader does.
|
|
//
|
|
// This package does **structural** parsing only (yaml syntax + unknown-field
|
|
// rejection). Semantic validation (valid MaxRisk enum, valid identity
|
|
// values, valid doublestar glob syntax) is centralised in
|
|
// internal/cmdpolicy.ValidateRule so a single contract is enforced regardless
|
|
// of whether the Rule came from yaml or from Plugin.Restrict.
|
|
package yaml
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
|
|
gopkgyaml "gopkg.in/yaml.v3"
|
|
|
|
"github.com/larksuite/cli/extension/platform"
|
|
)
|
|
|
|
// ruleSchema is the internal yaml-tagged shape of one rule. Mirrors
|
|
// platform.Rule but lives here so the public Rule has no yaml tag baggage.
|
|
type ruleSchema struct {
|
|
Name string `yaml:"name"`
|
|
Description string `yaml:"description,omitempty"`
|
|
Allow []string `yaml:"allow,omitempty"`
|
|
Deny []string `yaml:"deny,omitempty"`
|
|
MaxRisk string `yaml:"max_risk,omitempty"`
|
|
Identities []string `yaml:"identities,omitempty"`
|
|
AllowUnannotated bool `yaml:"allow_unannotated,omitempty"`
|
|
}
|
|
|
|
// fileSchema is the top-level document shape. Two mutually-exclusive
|
|
// layouts are accepted:
|
|
//
|
|
// - a single rule written with flat top-level fields (the historical
|
|
// layout; the inlined ruleSchema), or
|
|
// - a "rules:" list of rule objects (multi-rule layout).
|
|
//
|
|
// Mixing the two (flat fields AND a rules: list in the same file) is a
|
|
// configuration error -- Parse rejects it rather than guessing intent.
|
|
//
|
|
// Rules is a pointer so Parse can tell "rules: key absent" (nil) apart
|
|
// from "rules: present but empty" (non-nil, len 0). The latter is a
|
|
// foot-gun -- a config generator that renders an empty list would
|
|
// otherwise yield a single all-zero Rule that lets every annotated
|
|
// command through -- so Parse rejects it outright.
|
|
type fileSchema struct {
|
|
ruleSchema `yaml:",inline"`
|
|
Rules *[]ruleSchema `yaml:"rules,omitempty"`
|
|
}
|
|
|
|
// isZero reports whether every field is its zero value. Used to detect
|
|
// the flat-fields-plus-rules: mixing error.
|
|
func (s ruleSchema) isZero() bool {
|
|
return s.Name == "" && s.Description == "" &&
|
|
len(s.Allow) == 0 && len(s.Deny) == 0 &&
|
|
s.MaxRisk == "" && len(s.Identities) == 0 && !s.AllowUnannotated
|
|
}
|
|
|
|
func (s ruleSchema) toRule() *platform.Rule {
|
|
// Leave Identities nil when absent (omitempty-style), matching how the
|
|
// Allow/Deny slices arrive nil from yaml. A zero-length but non-nil
|
|
// slice is behaviourally identical to the engine but trips
|
|
// reflect.DeepEqual in tests and reads as "explicitly empty".
|
|
var idents []platform.Identity
|
|
if len(s.Identities) > 0 {
|
|
idents = make([]platform.Identity, len(s.Identities))
|
|
for i, id := range s.Identities {
|
|
idents[i] = platform.Identity(id)
|
|
}
|
|
}
|
|
return &platform.Rule{
|
|
Name: s.Name,
|
|
Description: s.Description,
|
|
Allow: s.Allow,
|
|
Deny: s.Deny,
|
|
MaxRisk: platform.Risk(s.MaxRisk),
|
|
Identities: idents,
|
|
AllowUnannotated: s.AllowUnannotated,
|
|
}
|
|
}
|
|
|
|
// Parse decodes yaml bytes into one or more *platform.Rule. Unknown fields
|
|
// are rejected so an old binary cannot silently ignore new schema additions
|
|
// (forward-compat safeguard).
|
|
//
|
|
// The result always has at least one element: a flat-fields document
|
|
// yields a single rule (possibly an all-zero "no restriction" rule), and a
|
|
// "rules:" list yields one rule per entry.
|
|
//
|
|
// Semantic validation (MaxRisk taxonomy, identity values, glob syntax) is
|
|
// the caller's responsibility -- run each result through
|
|
// internal/cmdpolicy.ValidateRule before handing it to the engine.
|
|
func Parse(data []byte) ([]*platform.Rule, error) {
|
|
var s fileSchema
|
|
dec := gopkgyaml.NewDecoder(bytesReader(data))
|
|
dec.KnownFields(true)
|
|
if err := dec.Decode(&s); err != nil {
|
|
return nil, fmt.Errorf("parse policy yaml: %w", err)
|
|
}
|
|
|
|
// Reject multi-document input: yaml.v3 only decodes one document
|
|
// per call, so a stray "---" followed by another document would
|
|
// silently drop the trailing rule.
|
|
var extra fileSchema
|
|
if err := dec.Decode(&extra); !errors.Is(err, io.EOF) {
|
|
if err == nil {
|
|
return nil, fmt.Errorf("parse policy yaml: multiple YAML documents are not allowed")
|
|
}
|
|
return nil, fmt.Errorf("parse policy yaml: %w", err)
|
|
}
|
|
|
|
if s.Rules != nil {
|
|
if len(*s.Rules) == 0 {
|
|
return nil, fmt.Errorf("parse policy yaml: 'rules:' is present but empty; remove the key, or list at least one rule")
|
|
}
|
|
if !s.ruleSchema.isZero() {
|
|
return nil, fmt.Errorf("parse policy yaml: top-level rule fields cannot be combined with a 'rules:' list; move every rule under 'rules:'")
|
|
}
|
|
out := make([]*platform.Rule, 0, len(*s.Rules))
|
|
for _, rs := range *s.Rules {
|
|
out = append(out, rs.toRule())
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
// Backward-compatible single top-level rule (flat fields).
|
|
return []*platform.Rule{s.ruleSchema.toRule()}, nil
|
|
}
|