cedar-policy · patjakdev · Oct 1, 2024 · Oct 1, 2024
diff --git a/authorize.go b/authorize.go
@@ -19,13 +19,13 @@ const (
 // IsAuthorized uses the combination of the PolicySet and Entities to determine
 // if the given Request to determine Decision and Diagnostic.
 func (p PolicySet) IsAuthorized(entityMap Entities, req Request) (Decision, Diagnostic) {
-	c := eval.InitEnv(&eval.Env{
+	env := eval.Env{
 		Entities:  entityMap,
 		Principal: req.Principal,
 		Action:    req.Action,
 		Resource:  req.Resource,
 		Context:   req.Context,
-	})
+	}
 	var diag Diagnostic
 	var forbids []DiagnosticReason
 	var permits []DiagnosticReason
@@ -35,7 +35,7 @@ func (p PolicySet) IsAuthorized(entityMap Entities, req Request) (Decision, Diag
 	// - For permit, all permits must be run to collect annotations
 	// - For forbid, forbids must be run to collect annotations
 	for id, po := range p.policies {
-		result, err := po.eval.Eval(c)
+		result, err := po.eval.Eval(env)
 		if err != nil {
 			diag.Errors = append(diag.Errors, DiagnosticError{PolicyID: id, Position: po.Position(), Message: err.Error()})
 			continue

diff --git a/internal/eval/compile.go b/internal/eval/compile.go
@@ -11,7 +11,7 @@ type BoolEvaler struct {
 	eval Evaler
 }
 
-func (e *BoolEvaler) Eval(env *Env) (types.Boolean, error) {
+func (e *BoolEvaler) Eval(env Env) (types.Boolean, error) {
 	v, err := e.eval.Eval(env)
 	if err != nil {
 		return false, err

diff --git a/internal/eval/compile_test.go b/internal/eval/compile_test.go
@@ -12,7 +12,7 @@ import (
 func TestCompile(t *testing.T) {
 	t.Parallel()
 	e := Compile(ast.Permit())
-	res, err := e.Eval(nil)
+	res, err := e.Eval(Env{})
 	testutil.OK(t, err)
 	testutil.Equals(t, res, types.True)
 }
@@ -22,7 +22,7 @@ func TestBoolEvaler(t *testing.T) {
 	t.Run("Happy", func(t *testing.T) {
 		t.Parallel()
 		b := BoolEvaler{eval: newLiteralEval(types.True)}
-		v, err := b.Eval(nil)
+		v, err := b.Eval(Env{})
 		testutil.OK(t, err)
 		testutil.Equals(t, v, true)
 	})
@@ -31,15 +31,15 @@ func TestBoolEvaler(t *testing.T) {
 		t.Parallel()
 		errWant := fmt.Errorf("error")
 		b := BoolEvaler{eval: newErrorEval(errWant)}
-		v, err := b.Eval(nil)
+		v, err := b.Eval(Env{})
 		testutil.ErrorIs(t, err, errWant)
 		testutil.Equals(t, v, false)
 	})
 
 	t.Run("NonBool", func(t *testing.T) {
 		t.Parallel()
 		b := BoolEvaler{eval: newLiteralEval(types.String("bad"))}
-		v, err := b.Eval(nil)
+		v, err := b.Eval(Env{})
 		testutil.ErrorIs(t, err, ErrType)
 		testutil.Equals(t, v, false)
 	})

diff --git a/internal/eval/convert_test.go b/internal/eval/convert_test.go
@@ -350,12 +350,12 @@ func TestToEval(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 			e := toEval(tt.in.AsIsNode())
-			out, err := e.Eval(InitEnv(&Env{
+			out, err := e.Eval(Env{
 				Principal: types.NewEntityUID("Actor", "principal"),
 				Action:    types.NewEntityUID("Action", "test"),
 				Resource:  types.NewEntityUID("Resource", "database"),
 				Context:   types.Record{},
-			}))
+			})
 			tt.err(t, err)
 			testutil.Equals(t, out, tt.out)
 		})