actix_permissions/
lib.rs

1//! Action Permissions Permission and input validation extension for Actix Web.
2//! With access to app data injections, HttpRequest and Payload.
3#![deny(missing_docs, rust_2018_idioms, elided_lifetimes_in_paths)]
4
5use actix_web::dev::fn_factory;
6use actix_web::{FromRequest, Handler, HttpRequest, HttpResponse, Responder, Route};
7
8use crate::builder::Builder;
9use crate::permission::Permission;
10use crate::service::PermissionService;
11
12pub mod builder;
13pub mod permission;
14pub mod service;
15mod tests;
16
17/// Shorthand for instantiating permissions [`Builder`]
18/// ```
19/// use actix_web::web;
20/// use actix_web::HttpRequest;
21/// use actix_permissions::permission;
22///
23/// async fn permission_check(_req: HttpRequest)->actix_web::Result<bool>{
24///     Ok(true)
25/// }
26/// async fn index() -> actix_web::Result<String> {
27///     Ok("".to_string())
28/// }
29/// permission().check(web::get()).validate(permission_check).to(index).build();
30/// ```
31pub fn permission<F, Args, P1, P1Args>() -> Builder<F, Args, P1, P1Args> {
32    Builder::default()
33}
34
35/// Creates a route which:
36/// - intercepts requests and validates inputs.
37/// - if permission check is true, passes through to handler.
38/// - if permission check is false, `FORBIDDEN` is returned.
39#[deprecated(since = "2.0.0-beta.1", note = "please use `permission()` instead")]
40pub fn check<F, Args, P1, P1Args>(route: Route, perm: P1, handler: F) -> Route
41where
42    F: Handler<Args>,
43    Args: FromRequest + 'static,
44    P1: Permission<P1Args>,
45    P1Args: FromRequest + 'static,
46    F::Output: Responder,
47{
48    permission().check(route).validate(perm).to(handler).build()
49}
50
51/// Creates a more flexible route than `check`, which:
52/// - intercepts requests and validates inputs.
53/// - if permission checks are all true, passes through to handler.
54/// - if any of the permissions is false, `deny_handler` is called.
55#[deprecated(since = "2.0.0-beta.1", note = "please use `permission()` instead")]
56pub fn check_with_custom_deny<F, Args, P1, P1Args>(
57    route: Route,
58    perm: P1,
59    handler: F,
60    deny_handler: fn(HttpRequest) -> HttpResponse,
61) -> Route
62where
63    F: Handler<Args>,
64    Args: FromRequest + 'static,
65    P1: Permission<P1Args>,
66    P1Args: FromRequest + 'static,
67    F::Output: Responder,
68{
69    permission()
70        .with_deny_handler(deny_handler)
71        .check(route)
72        .validate(perm)
73        .to(handler)
74        .build()
75}