Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lean: Specify authz response includes ids of erroring policies #206

Merged
merged 11 commits into from
Jan 31, 2024
Merged

Lean: Specify authz response includes ids of erroring policies #206

merged 11 commits into from
Jan 31, 2024

Conversation

cdisselkoen
Copy link
Contributor

Description of changes:

The main change is at Spec/Response.lean and Spec/Authorizer.lean. isAuthorized now reports the set of ids of policies which encountered an error.

I created Thm/SlicingDefs.lean to hold the definition of "sound policy slice" (which was previously inlined everywhere). Importantly, I adjusted this definition to include that all sliced-out policies evaluate without errors.

This required substantial changes to proofs. I hesitate to call this proof repair -- really, it imposed an entire new proof obligation for the slicing results (in Thm/Slicing.lean): we have to prove that with scope-based policy slicing, all sliced-out policies evaluate without errors.

When possible, I added general-purpose lemmas to Data/List.lean, Data/Set.lean, etc rather than just inlining them where needed.

This is my first nontrivial Lean PR, suggestions and style corrections are very welcome. :)

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@cdisselkoen cdisselkoen requested a review from emina January 29, 2024 20:52
emina
emina reviewed Jan 30, 2024
View reviewed changes
Copy link
Contributor

@emina emina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice first Lean PR :))

Left some comments on code style and one suggestion for making the model shorter. (If it's too hard to use the shorter model because it breaks too many proofs, please ignore, and we can address it in a separate PR.)

The main piece of style feedback is to get rid of the separate SlicingDefs file and merging its sole definition back into Slicing. The merged structure fits better with how Lean projects organize code (more in the comments).

khieta
khieta approved these changes Jan 31, 2024
View reviewed changes
Copy link
Contributor

@khieta khieta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! Left some small comments, but approving as-is.

@cdisselkoen cdisselkoen merged commit 812cc9b into main Jan 31, 2024
3 checks passed
@cdisselkoen cdisselkoen deleted the cdisselkoen/lean-errors branch January 31, 2024 19:54
This was referenced Feb 1, 2024
Merged
Closed
@khieta khieta mentioned this pull request Feb 12, 2024
Closed
2 tasks
@andrewmwells-amazon andrewmwells-amazon mentioned this pull request May 9, 2024
Closed
@cdisselkoen cdisselkoen mentioned this pull request Jul 30, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emina emina emina approved these changes

@khieta khieta khieta approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cdisselkoen @emina @khieta