From bbcf6de3b4f1c768bbd6468f5e3a866dc4d8d066 Mon Sep 17 00:00:00 2001
From: reste85 <teoreste@gmail.com>
Date: Thu, 15 Feb 2024 18:02:50 +0100
Subject: [PATCH] fix: PolicyStore field should be mandatory inside
 PolicyTemplate

---
 API.md                       | 60 ++++++++++++++++++------------------
 README.md                    |  1 +
 package.json                 |  2 +-
 src/policy-template.ts       | 12 ++++----
 test/policy-template.test.ts | 28 +++++------------
 test/policy.test.ts          |  2 ++
 yarn.lock                    | 38 +++++++++++------------
 7 files changed, 66 insertions(+), 77 deletions(-)

diff --git a/API.md b/API.md
index e538b5f..ede3c6e 100644
--- a/API.md
+++ b/API.md
@@ -1235,7 +1235,7 @@ account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.isOwnedResource">isOwnedResource</a></code> | Returns true if the construct was created by CDK, and false otherwise. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.isResource">isResource</a></code> | Check whether the given construct is a Resource. |
-| <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.fromPolicyTemplateAttributes">fromPolicyTemplateAttributes</a></code> | Creates a PolicyStore construct that represents an external Policy Store. |
+| <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.fromPolicyTemplateAttributes">fromPolicyTemplateAttributes</a></code> | Creates a PolicyTemplate construct that represents an external Policy Template. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.fromPolicyTemplateId">fromPolicyTemplateId</a></code> | Create a PolicyTemplate construct that represents an external policy template via policy template id. |
 
 ---
@@ -1298,7 +1298,7 @@ import { PolicyTemplate } from '@cdklabs/cdk-verified-permissions'
 PolicyTemplate.fromPolicyTemplateAttributes(scope: Construct, id: string, attrs: PolicyTemplateAttributes)
 ```
 
-Creates a PolicyStore construct that represents an external Policy Store.
+Creates a PolicyTemplate construct that represents an external Policy Template.
 
 ###### `scope`<sup>Required</sup> <a name="scope" id="@cdklabs/cdk-verified-permissions.PolicyTemplate.fromPolicyTemplateAttributes.parameter.scope"></a>
 
@@ -1320,7 +1320,7 @@ The construct's name.
 
 - *Type:* <a href="#@cdklabs/cdk-verified-permissions.PolicyTemplateAttributes">PolicyTemplateAttributes</a>
 
-A `PolicyStoreAttributes` object.
+A `PolicyTemplateAttributes` object.
 
 ---
 
@@ -1365,10 +1365,10 @@ The PolicyTemplate's id.
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.property.env">env</a></code> | <code>aws-cdk-lib.ResourceEnvironment</code> | The environment this resource belongs to. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.property.stack">stack</a></code> | <code>aws-cdk-lib.Stack</code> | The stack in which this resource is defined. |
+| <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.property.policyStore">policyStore</a></code> | <code><a href="#@cdklabs/cdk-verified-permissions.IPolicyStore">IPolicyStore</a></code> | The Policy store that contains the template. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.property.policyTemplateId">policyTemplateId</a></code> | <code>string</code> | The ID of the policy template. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.property.statement">statement</a></code> | <code>string</code> | The statement of the policy template. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.property.description">description</a></code> | <code>string</code> | Description of the policy template. |
-| <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplate.property.policyStore">policyStore</a></code> | <code><a href="#@cdklabs/cdk-verified-permissions.IPolicyStore">IPolicyStore</a></code> | The Policy store that contains the template. |
 
 ---
 
@@ -1415,6 +1415,18 @@ The stack in which this resource is defined.
 
 ---
 
+##### `policyStore`<sup>Required</sup> <a name="policyStore" id="@cdklabs/cdk-verified-permissions.PolicyTemplate.property.policyStore"></a>
+
+```typescript
+public readonly policyStore: IPolicyStore;
+```
+
+- *Type:* <a href="#@cdklabs/cdk-verified-permissions.IPolicyStore">IPolicyStore</a>
+
+The Policy store that contains the template.
+
+---
+
 ##### `policyTemplateId`<sup>Required</sup> <a name="policyTemplateId" id="@cdklabs/cdk-verified-permissions.PolicyTemplate.property.policyTemplateId"></a>
 
 ```typescript
@@ -1451,18 +1463,6 @@ Description of the policy template.
 
 ---
 
-##### `policyStore`<sup>Optional</sup> <a name="policyStore" id="@cdklabs/cdk-verified-permissions.PolicyTemplate.property.policyStore"></a>
-
-```typescript
-public readonly policyStore: IPolicyStore;
-```
-
-- *Type:* <a href="#@cdklabs/cdk-verified-permissions.IPolicyStore">IPolicyStore</a>
-
-The Policy store that contains the template.
-
----
-
 
 ## Structs <a name="Structs" id="Structs"></a>
 
@@ -2004,9 +2004,22 @@ const policyTemplateProps: PolicyTemplateProps = { ... }
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
+| <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplateProps.property.policyStore">policyStore</a></code> | <code><a href="#@cdklabs/cdk-verified-permissions.IPolicyStore">IPolicyStore</a></code> | The policy store that contains the template. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplateProps.property.statement">statement</a></code> | <code>string</code> | Specifies the content that you want to use for the new policy template, written in the Cedar policy language. |
 | <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplateProps.property.description">description</a></code> | <code>string</code> | The description to attach to the new or updated policy template. |
-| <code><a href="#@cdklabs/cdk-verified-permissions.PolicyTemplateProps.property.policyStore">policyStore</a></code> | <code><a href="#@cdklabs/cdk-verified-permissions.IPolicyStore">IPolicyStore</a></code> | The policy store that contains the template. |
+
+---
+
+##### `policyStore`<sup>Required</sup> <a name="policyStore" id="@cdklabs/cdk-verified-permissions.PolicyTemplateProps.property.policyStore"></a>
+
+```typescript
+public readonly policyStore: IPolicyStore;
+```
+
+- *Type:* <a href="#@cdklabs/cdk-verified-permissions.IPolicyStore">IPolicyStore</a>
+- *Default:* The policy store to attach the new or updated policy template.
+
+The policy store that contains the template.
 
 ---
 
@@ -2036,19 +2049,6 @@ The description to attach to the new or updated policy template.
 
 ---
 
-##### `policyStore`<sup>Optional</sup> <a name="policyStore" id="@cdklabs/cdk-verified-permissions.PolicyTemplateProps.property.policyStore"></a>
-
-```typescript
-public readonly policyStore: IPolicyStore;
-```
-
-- *Type:* <a href="#@cdklabs/cdk-verified-permissions.IPolicyStore">IPolicyStore</a>
-- *Default:* No policy store.
-
-The policy store that contains the template.
-
----
-
 ### StaticPolicyDefinitionProperty <a name="StaticPolicyDefinitionProperty" id="@cdklabs/cdk-verified-permissions.StaticPolicyDefinitionProperty"></a>
 
 #### Initializer <a name="Initializer" id="@cdklabs/cdk-verified-permissions.StaticPolicyDefinitionProperty.Initializer"></a>
diff --git a/README.md b/README.md
index ba1ba05..63d3c49 100644
--- a/README.md
+++ b/README.md
@@ -155,6 +155,7 @@ permit (
 );`;
 const template = new PolicyTemplate(scope, 'PolicyTemplate', {
   statement: policyTemplateStatement,
+  policyStore: policyStore,
 });
 
 const policy = new Policy(scope, 'MyTestPolicy', {
diff --git a/package.json b/package.json
index 2eb6c88..8f17f07 100644
--- a/package.json
+++ b/package.json
@@ -62,7 +62,7 @@
     "jsii-docgen": "^10.3.16",
     "jsii-pacmak": "^1.94.0",
     "jsii-rosetta": "^5.3.15",
-    "projen": "^0.79.21",
+    "projen": "^0.79.22",
     "standard-version": "^9",
     "ts-jest": "^29.1.2",
     "ts-node": "^10.9.2",
diff --git a/src/policy-template.ts b/src/policy-template.ts
index 7dde342..61d7952 100644
--- a/src/policy-template.ts
+++ b/src/policy-template.ts
@@ -30,9 +30,9 @@ export interface PolicyTemplateProps {
   /**
    * The policy store that contains the template.
    *
-   * @default - No policy store.
+   * @default - The policy store to attach the new or updated policy template.
    */
-  readonly policyStore?: IPolicyStore;
+  readonly policyStore: IPolicyStore;
 }
 
 export interface PolicyTemplateAttributes {
@@ -65,11 +65,11 @@ export class PolicyTemplate extends PolicyTemplateBase {
   }
 
   /**
-   * Creates a PolicyStore construct that represents an external Policy Store.
+   * Creates a PolicyTemplate construct that represents an external Policy Template.
    *
    * @param scope The parent creating construct (usually `this`).
    * @param id The construct's name.
-   * @param attrs A `PolicyStoreAttributes` object.
+   * @param attrs A `PolicyTemplateAttributes` object.
    */
   public static fromPolicyTemplateAttributes(
     scope: Construct,
@@ -113,7 +113,7 @@ export class PolicyTemplate extends PolicyTemplateBase {
   /**
    * The Policy store that contains the template.
    */
-  readonly policyStore?: IPolicyStore;
+  readonly policyStore: IPolicyStore;
 
   constructor(scope: Construct, id: string, props: PolicyTemplateProps) {
     super(scope, id);
@@ -121,7 +121,7 @@ export class PolicyTemplate extends PolicyTemplateBase {
     this.policyTemplate = new CfnPolicyTemplate(this, id, {
       statement: props.statement,
       description: props.description,
-      policyStoreId: props.policyStore?.policyStoreId,
+      policyStoreId: props.policyStore.policyStoreId,
     });
     this.policyTemplateId = this.policyTemplate.attrPolicyTemplateId;
     this.statement = this.policyTemplate.statement;
diff --git a/test/policy-template.test.ts b/test/policy-template.test.ts
index 516b377..0f0d5ac 100644
--- a/test/policy-template.test.ts
+++ b/test/policy-template.test.ts
@@ -14,32 +14,19 @@ permit (
 );`;
 
 describe('Policy Template creation', () => {
-  test('Policy Template creation only with Statement', () => {
+  test('Policy Template creation with Statement and PolicyStore', () => {
     // GIVEN
     const stack = new Stack(undefined, 'Stack');
-
-    // WHEN
-    new PolicyTemplate(stack, 'PolicyTemplate', {
-      statement: Statement.fromInline(policyTemplateStatement),
-    });
-
-    // THEN
-    Template.fromStack(stack).hasResourceProperties(
-      'AWS::VerifiedPermissions::PolicyTemplate',
-      {
-        Statement: policyTemplateStatement,
+    const policyStore = new PolicyStore(stack, 'PolicyStore', {
+      validationSettings: {
+        mode: ValidationSettingsMode.OFF,
       },
-    );
-  });
-
-  test('Policy Template creation with Statement and Description', () => {
-    // GIVEN
-    const stack = new Stack(undefined, 'Stack');
+    });
 
     // WHEN
     new PolicyTemplate(stack, 'PolicyTemplate', {
       statement: Statement.fromInline(policyTemplateStatement),
-      description: 'Test Description for Policy Template',
+      policyStore: policyStore,
     });
 
     // THEN
@@ -47,12 +34,11 @@ describe('Policy Template creation', () => {
       'AWS::VerifiedPermissions::PolicyTemplate',
       {
         Statement: policyTemplateStatement,
-        Description: 'Test Description for Policy Template',
       },
     );
   });
 
-  test('Policy Template creation with Statement and Description and PolicyStoreId', () => {
+  test('Policy Template creation with Statement and Description and PolicyStore', () => {
     // GIVEN
     const stack = new Stack(undefined, 'Stack');
     const policyStore = new PolicyStore(stack, 'PolicyStore', {
diff --git a/test/policy.test.ts b/test/policy.test.ts
index 8f97151..97636c1 100644
--- a/test/policy.test.ts
+++ b/test/policy.test.ts
@@ -187,6 +187,7 @@ when { true };`;
     });
     const template = new PolicyTemplate(stack, 'PolicyTemplate', {
       statement: Statement.fromInline(policyTemplateStatement),
+      policyStore: policyStore,
     });
 
     // Create a policy and add it to the policy store
@@ -268,6 +269,7 @@ when { true };`;
     });
     const template = new PolicyTemplate(stack, 'PolicyTemplate', {
       statement: Statement.fromInline(policyTemplateStatement),
+      policyStore: policyStore,
     });
 
     // THEN
diff --git a/yarn.lock b/yarn.lock
index 3ff0c2f..ccf8d7f 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -881,16 +881,16 @@
   integrity sha512-hov8bUuiLiyFPGyFPE1lwWhmzYbirOXQNNo40+y3zow8aFVTeyn3VWL0VFFfdNddA8S4Vf0Tc062rzyNr7Paag==
 
 "@types/node@*":
-  version "20.11.17"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-20.11.17.tgz#cdd642d0e62ef3a861f88ddbc2b61e32578a9292"
-  integrity sha512-QmgQZGWu1Yw9TDyAP9ZzpFJKynYNeOvwMJmaxABfieQoVoiVOS6MN1WSpqpRcbeA5+RW82kraAVxCCJg+780Qw==
+  version "20.11.19"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-20.11.19.tgz#b466de054e9cb5b3831bee38938de64ac7f81195"
+  integrity sha512-7xMnVEcZFu0DikYjWOlRq7NTPETrm7teqUT2WkQjrTIkEgUyyGdWsj/Zg8bEJt5TNklzbPD1X3fqfsHw3SpapQ==
   dependencies:
     undici-types "~5.26.4"
 
 "@types/node@^18":
-  version "18.19.15"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-18.19.15.tgz#313a9d75435669a57fc28dc8694e7f4c4319f419"
-  integrity sha512-AMZ2UWx+woHNfM11PyAEQmfSxi05jm9OlkxczuHeEqmvwPkYj6MWv44gbzDPefYOLysTOFyI3ziiy2ONmUZfpA==
+  version "18.19.17"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-18.19.17.tgz#a581a9fb4b2cfdbc61f008804f4436b2d5c40354"
+  integrity sha512-SzyGKgwPzuWp2SHhlpXKzCX0pIOfcI4V2eF37nNBJOhwlegQ83omtVQ1XxZpDE06V/d6AQvfQdPfnw0tRC//Ng==
   dependencies:
     undici-types "~5.26.4"
 
@@ -1938,9 +1938,9 @@ downlevel-dts@^0.11.0:
     typescript next
 
 electron-to-chromium@^1.4.668:
-  version "1.4.669"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.669.tgz#37e9cc16cc2fbdd8e06a46fc1fd3a1249e091f64"
-  integrity sha512-E2SmpffFPrZhBSgf8ibqanRS2mpuk3FIRDzLDwt7WFpfgJMKDHJs0hmacyP0PS1cWsq0dVkwIIzlscNaterkPg==
+  version "1.4.670"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.670.tgz#0fc5ac92ada8371e898ea72d577ffc888167a017"
+  integrity sha512-hcijYOWjOtjKrKPtNA6tuLlA/bTLO3heFG8pQA6mLpq7dRydSWicXova5lyxDzp1iVJaYhK7J2OQlGE52KYn7A==
 
 emittery@^0.13.1:
   version "0.13.1"
@@ -4188,10 +4188,10 @@ process-nextick-args@~2.0.0:
   resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2"
   integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==
 
-projen@^0.79.21:
-  version "0.79.21"
-  resolved "https://registry.yarnpkg.com/projen/-/projen-0.79.21.tgz#8c0f769d2f8052f9dce95ddf9209ec5d7bccda2e"
-  integrity sha512-q1tdKuFMW9dIuPU27PqHs5iVAWWQ+9BCbLjihfnEkaCaPMl7F8k//+d7DpJcZhghMiYLcmBdr3N8jKVtw8iDeQ==
+projen@^0.79.22:
+  version "0.79.22"
+  resolved "https://registry.yarnpkg.com/projen/-/projen-0.79.22.tgz#14225ccf9bbaeb14ca018cff6120aaa7b5ddbbe4"
+  integrity sha512-95m5kBcdTaGr1JR6i/6z5XpHjXhaKwfKANXDN0y3/SsTLSPtXDCz0o8HCrKnAMjpSrR86ZGBbENm5gxhvq2B2Q==
   dependencies:
     "@iarna/toml" "^2.2.5"
     case "^1.6.3"
@@ -4572,9 +4572,9 @@ spdx-correct@^3.0.0:
     spdx-license-ids "^3.0.0"
 
 spdx-exceptions@^2.1.0:
-  version "2.4.0"
-  resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.4.0.tgz#c07a4ede25b16e4f78e6707bbd84b15a45c19c1b"
-  integrity sha512-hcjppoJ68fhxA/cjbN4T8N6uCUejN8yFw69ttpqtBeCbF3u13n7mb31NB9jKwGTTWWnt9IbRA/mf1FprYS8wfw==
+  version "2.5.0"
+  resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.5.0.tgz#5d607d27fc806f66d7b64a766650fa890f04ed66"
+  integrity sha512-PiU42r+xO4UbUS1buo3LPJkjlO7430Xn5SVAhdpzzsPHsjbYVflnnFdATgabnLude+Cqu25p6N+g2lw/PFsa4w==
 
 spdx-expression-parse@^3.0.0:
   version "3.0.1"
@@ -5009,9 +5009,9 @@ typescript@^5.3.3, typescript@~5.3:
   integrity sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==
 
 typescript@next:
-  version "5.4.0-dev.20240214"
-  resolved "https://registry.yarnpkg.com/typescript/-/typescript-5.4.0-dev.20240214.tgz#7412fc712e698c6c3bd36d2d336d75eb7ef2c614"
-  integrity sha512-JXOvFnlY/tw/adrzpfOUIrdf8PeIsfW7ljice9bP7dK/dBo/F0VcHr98QA5KtPG1ECsYi2Sl/d9AnucpUCgAaw==
+  version "5.4.0-dev.20240215"
+  resolved "https://registry.yarnpkg.com/typescript/-/typescript-5.4.0-dev.20240215.tgz#68015a58c64dd0cb92f5f74fa5ee294ab8a11ae1"
+  integrity sha512-XC4/5bqzYJYPwH1EaVY3E7gtieevPWkKc1oBcHdiZytptFaqms77yIiiXmCpZsl+ydrcxCijAVzBXLWxujaksw==
 
 typescript@~3.9.10:
   version "3.9.10"