add extension_list example

fix the json format for empty list

enable csharp build

support 'all' options in data

change name to support windows name convention

add C# .net4.6.2 example

new policy and data files according to design review

add default data file

sync with the agent code

remove comment line

address review comments

simplify the dispose() code

updated comments about thread-safe

create a nuget spec

correct the nuget name

add policy version to default data

rename policy engine and bump nuspec version

Add python tests for regorus (#4)

* Add pytest

* Update pytest

restructure .NET binding (#5)

Update test-csharp.yml

the test needs to change into the right dotnet directory.

clean up

.github/workflows/test-csharp.yml

@@ -19,8 +19,8 @@ jobs:
 
       - name: Build
         run: dotnet build
-        working-directory: ./bindings/csharp
+        working-directory: ./bindings/csharp/net8.0
 
       - name: Run
         run: LD_LIBRARY_PATH=. dotnet run
-        working-directory: ./bindings/csharp
+        working-directory: ./bindings/csharp/net8.0

.gitignore

@@ -1,6 +1,8 @@
 # Generated by Cargo
 # will have compiled files and executables
 /target/
+**/wheels/
+**/__pycache__/
 
 # Remove Cargo.lock from gitignore if creating an executable, leave it for libraries
 # More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html

bindings/csharp/net40/Program.cs

@@ -0,0 +1,56 @@
+using System;
+using System.Text;
+
+using System.Diagnostics;
+using Microsoft.WindowsAzure.Regorus.IaaS;
+
+namespace regoregorus_test
+{
+    class Program
+    {
+        static void Main(string[] args)
+        {
+            long nanosecPerTick = (1000L * 1000L * 1000L) / Stopwatch.Frequency;
+            var w = new Stopwatch();
+            w.Restart();
+
+            var engine = new RegorusPolicyEngine();
+
+            w.Stop();
+            var newEngineTicks = w.ElapsedTicks;
+
+
+            w.Restart();
+
+            // Load policies and data.
+            engine.AddPolicyFromFile("../../../examples/extension_list/agent_extension_policy.rego");
+            engine.AddDataFromJsonFile("../../../examples/extension_list/agent-extension-data-allow-only.json");
+
+
+            w.Stop();
+            var loadPoliciesTicks = w.ElapsedTicks;
+
+
+            w.Restart();
+
+            // Set input and eval query.
+            engine.SetInputFromJsonFile("../../../examples/extension_list/agent-extension-input.json");
+            var results = engine.EvalQuery("data.agent_extension_policy.extensions_to_download=x");
+            Console.WriteLine("Download query test: \n {0}", results);
+
+            results = engine.EvalQuery("data.agent_extension_policy.extensions_validated");
+
+            Console.WriteLine("Signing validation test: \n {0}", results);
+
+            engine.Dispose();
+
+            w.Stop();
+            var evalTicks = w.ElapsedTicks;
+
+            Console.WriteLine("Engine creation took {0} msecs", (newEngineTicks * nanosecPerTick) / (1000.0 * 1000.0));
+            Console.WriteLine("Load policies and data took {0} msecs", (loadPoliciesTicks * nanosecPerTick) / (1000.0 * 1000.0));
+            Console.WriteLine("EvalQuery and print results took {0} msecs", (evalTicks * nanosecPerTick) / (1000.0 * 1000.0));
+        }
+    }
+}
+

bindings/csharp/net40/README

@@ -0,0 +1,4 @@
+The Regorus C# binding library can be built via command "dotnet build". We can use the Regorus C# binding library built from this 
+directory to create a Nuget. This Nuget will contain the Regorus C# binding library with definitions that 
+work for .NET framework 4.0 (net40) and above. Note the Nuget can only be created after the binding library has been built.
+RegorusCsharp-Lib-x64.nuspec is built for x64 architecture. 

bindings/csharp/net40/Regorus.cs

@@ -0,0 +1,203 @@
+//-----------------------------------------------------------------------
+// <copyright file="Regorus.cs" company="Microsoft">
+//    Copyright (c)2012 Microsoft. All rights reserved.
+// </copyright>
+// <summary>
+//    Contains code for the Regorus Policy Engine base class for C# and
+// .NET4.6 bindings. Currently this base class is not thread-safe. Make 
+// sure we use it in a signle-threaded environment or add additional 
+// protection when using it. 
+// </summary>
+//-----------------------------------------------------------------------
+
+
+using System;
+using System.Text;
+using System.IO;
+using System.Threading;
+
+namespace Microsoft.WindowsAzure.Regorus.IaaS
+{
+
+	public class RegorusPolicyEngine : ICloneable, IDisposable
+	{
+	unsafe private RegorusFFI.RegorusEngine* E;
+
+	public RegorusPolicyEngine()
+	{
+		unsafe
+	    {
+		E = RegorusFFI.API.regorus_engine_new();
+	    }
+	}
+
+
+	public void Dispose()
+	{
+		unsafe
+		{
+			if (E != null)
+			{
+				RegorusFFI.API.regorus_engine_drop(E);
+				// to avoid Dispose() being called multiple times by mistake.
+				E = null;
+			}
+
+		}
+
+	}
+
+	public object Clone()
+	{
+	    var clone = (RegorusPolicyEngine)this.MemberwiseClone();
+	    unsafe
+	    {
+		clone.E = RegorusFFI.API.regorus_engine_clone(E);
+	    }
+	    return clone;
+
+	}
+
+	public void AddPolicy(string path, string rego)
+	{
+	    var pathBytes = Encoding.UTF8.GetBytes(path);
+	    var regoBytes = Encoding.UTF8.GetBytes(rego);
+
+	    unsafe
+	    {
+		fixed (byte* pathPtr = pathBytes)
+		{
+		    fixed(byte* regoPtr = regoBytes)
+		    {
+			CheckAndDropResult(RegorusFFI.API.regorus_engine_add_policy(E, pathPtr, regoPtr));
+		    }
+		}		
+	    }
+	}
+
+	public void AddPolicyFromFile(string path)
+	{
+	    var pathBytes = Encoding.UTF8.GetBytes(path);
+
+	    unsafe
+	    {
+		fixed (byte* pathPtr = pathBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_add_policy_from_file(E, pathPtr));
+		}		
+	    }
+	}
+
+	public void AddPolicyFromPath(string path)
+	{
+		if (!Directory.Exists(path))
+		{
+			return;
+		}
+
+		string[] regoFiles = Directory.GetFiles(path, "*.rego", SearchOption.AllDirectories);
+		foreach (string file in regoFiles)
+		{
+			AddPolicyFromFile(file);
+		}
+	}
+
+	public void AddDataJson(string data)
+	{
+	    var dataBytes = Encoding.UTF8.GetBytes(data);
+
+	    unsafe
+	    {
+		fixed (byte* dataPtr = dataBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_add_data_json(E, dataPtr));
+
+		}		
+	    }
+	}
+
+	public void AddDataFromJsonFile(string path)
+	{
+	    var pathBytes = Encoding.UTF8.GetBytes(path);
+
+	    unsafe
+	    {
+		fixed (byte* pathPtr = pathBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_add_data_from_json_file(E, pathPtr));
+
+		}		
+	    }
+	}
+
+	public void SetInputJson(string input)
+	{
+	    var inputBytes = Encoding.UTF8.GetBytes(input);
+
+	    unsafe
+	    {
+		fixed (byte* inputPtr = inputBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_set_input_json(E, inputPtr));
+
+		}		
+	    }
+	}
+
+	public void SetInputFromJsonFile(string path)
+	{
+	    var pathBytes = Encoding.UTF8.GetBytes(path);
+
+	    unsafe
+	    {
+		fixed (byte* pathPtr = pathBytes)
+		{
+		    CheckAndDropResult(RegorusFFI.API.regorus_engine_set_input_from_json_file(E, pathPtr));
+
+		}		
+	    }
+	}
+
+	public string EvalQuery(string query)
+	{
+	    var queryBytes = Encoding.UTF8.GetBytes(query);
+
+	    var resultJson = "";
+	    unsafe
+	    {
+		fixed (byte* queryPtr = queryBytes)
+		{
+		    var result = RegorusFFI.API.regorus_engine_eval_query(E, queryPtr);
+		    if (result.status == RegorusFFI.RegorusStatus.RegorusStatusOk) {
+			if (result.output != null) {
+			    resultJson = System.Runtime.InteropServices.Marshal.PtrToStringAnsi((IntPtr)result.output);
+			}
+			RegorusFFI.API.regorus_result_drop(result);
+		    } else {
+			CheckAndDropResult(result);
+		    }
+
+		}		
+	    }
+	    if (resultJson != null) {
+		return resultJson;
+	    } else {
+		return "";
+	    }
+	}
+
+	void CheckAndDropResult(RegorusFFI.RegorusResult result)
+	{
+	    if (result.status != RegorusFFI.RegorusStatus.RegorusStatusOk) {
+		unsafe {
+		    var message = System.Runtime.InteropServices.Marshal.PtrToStringAnsi((IntPtr)result.error_message);
+		    var ex = new Exception(message);
+		    RegorusFFI.API.regorus_result_drop(result);
+		    throw ex;
+		}
+	    }
+	    RegorusFFI.API.regorus_result_drop(result);		    
+	}
+
+    }
+}

bindings/csharp/net40/RegorusCsharp-Lib-x64.nuspec

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<package>
+  <metadata>
+    <id>RegorusCsharp-Lib-x64</id>
+    <version>0.0.3</version>
+    <title>RegorusCsharp-Lib-x64</title>
+    <authors>[email protected]</authors>
+    <owners>[email protected]</owners>
+    <projectUrl>https://www.microsoft.com</projectUrl>
+    <requireLicenseAcceptance>false</requireLicenseAcceptance>
+    <description>Regorus C# library for x64</description>
+    <releaseNotes>remove Regorus.cs from Nuget</releaseNotes>
+    <copyright>Copyright (C) Microsoft Corp</copyright>
+    <summary></summary>
+  </metadata>
+  <files>
+    <file src="RegorusFFI.g.cs" target="RegorusFFI.g.cs"/>
+    <file src="regorus_ffi.dll" target="lib\regorusc.dll" />
+    <file src="README" target="README" />
+  </files>
+</package>

bindings/csharp/net40/regorus-test.csproj

@@ -0,0 +1,25 @@
+<Project Sdk="Microsoft.NET.Sdk" InitialTargets="BuildRegorusFFI"> 
+
+  <Target Name="BuildRegorusFFI">
+    <Exec Command="cargo build -r --manifest-path ../../ffi/Cargo.toml" />
+    <Copy SourceFiles="../../ffi/RegorusFFI.g.cs" DestinationFolder="." />
+    <ItemGroup>
+        <RegorusDylib Include="..\..\..\target\release\*regorus_ffi*" />
+    </ItemGroup>    
+    <Copy SourceFiles="@(RegorusDylib)" DestinationFolder="." />
+    <Copy SourceFiles=".\regorus_ffi.dll"  DestinationFiles="$(OutDir)regorusc.dll" />
+  </Target>
+
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net40</TargetFramework>
+    <RootNamespace>regorus_test</RootNamespace>
+    <StartupObject>regoregorus_test.Program</StartupObject>
+    <ImplicitUsings>enable</ImplicitUsings> 
+    <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
+  </PropertyGroup>
+
+
+
+</Project>

bindings/csharp/Program.cs → bindings/csharp/net8.0/Program.cs

@@ -21,10 +21,10 @@
 w.Restart();
 
 // Load policies and data.
-engine.AddPolicyFromFile("../../tests/aci/framework.rego");
-engine.AddPolicyFromFile("../../tests/aci/api.rego");
-engine.AddPolicyFromFile("../../tests/aci/policy.rego");
-engine.AddDataFromJsonFile("../../tests/aci/data.json");
+engine.AddPolicyFromFile("../../../tests/aci/framework.rego");
+engine.AddPolicyFromFile("../../../tests/aci/api.rego");
+engine.AddPolicyFromFile("../../../tests/aci/policy.rego");
+engine.AddDataFromJsonFile("../../../tests/aci/data.json");
 
 
 w.Stop();
@@ -34,7 +34,7 @@
 w.Restart();
 
 // Set input and eval rule.
-engine.SetInputFromJsonFile("../../tests/aci/input.json");
+engine.SetInputFromJsonFile("../../../tests/aci/input.json");
 var value = engine.EvalQuery("data.framework.mount_overlay");
 var valueDoc = System.Text.Json.JsonDocument.Parse(value);
 

bindings/csharp/regorus-test.csproj → bindings/csharp/net8.0/regorus-test.csproj

@@ -1,10 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk" InitialTargets="BuildRegorusFFI"> 
 
   <Target Name="BuildRegorusFFI">
-    <Exec Command="cargo build -r --manifest-path ../ffi/Cargo.toml" />
-    <Copy SourceFiles="../ffi/RegorusFFI.g.cs" DestinationFolder="." />
+    <Exec Command="cargo build -r --manifest-path ../../ffi/Cargo.toml" />
+    <Copy SourceFiles="../../ffi/RegorusFFI.g.cs" DestinationFolder="." />
     <ItemGroup>
-        <RegorusDylib Include="..\..\target\release\*regorus_ffi*" />
+        <RegorusDylib Include="..\..\..\target\release\*regorus_ffi*" />
     </ItemGroup>    
     <Copy SourceFiles="@(RegorusDylib)" DestinationFolder="." />
   </Target>