Attribute Macro actix_web_grants::proc_macro::protect
source · #[protect]
Expand description
Macro to сheck that the user has all the specified permissions.
Allow to add a conditional restriction based on handlers parameters.
Add the expr
attribute followed by the the boolean expression to validate based on parameters
Also you can use you own types instead of Strings, just add ty
attribute with path to type
§Examples
use actix_web::web::Json;
// User should be ADMIN with OP_GET_SECRET permission
#[actix_web_grants::protect("ROLE_ADMIN", "OP_GET_SECRET")]
async fn macro_secured() -> &'static str {
"some secured info"
}
// User should be ADMIN with OP_GET_SECRET permission and the user.id param should be equal
// to the path parameter {user_id}
#[derive(serde::Deserialize)]
struct User {id: i32}
#[actix_web_grants::protect("ROLE_ADMIN", "OP_GET_SECRET", expr="user_id == user.id")]
async fn macro_secured_params(user_id: i32, user: Json<User>) -> &'static str {
"some secured info with user_id path equal to user.id"
}
#[derive(Hash, PartialEq, Eq)]
enum MyPermissionEnum {
OpGetSecret
}
// User must have MyPermissionEnum::OpGetSecret (you own enum example)
#[actix_web_grants::protect("MyPermissionEnum::OpGetSecret", ty = MyPermissionEnum)]
async fn macro_enum_secured() -> &'static str {
"some secured info"
}