Struct FilePermissions 

pub struct FilePermissions {
    pub read: bool,
    pub write: bool,
    pub execute: bool,
    pub mode: Option<u32>,
}

File permission requirements and validation rules for secure file operations.

FilePermissions is a value object that encapsulates file access permissions in a cross-platform manner, supporting both Unix-style permission bits and Windows-style access control for comprehensive file security management.

Key Features

• Cross-Platform Support: Unified permission model for Unix and Windows
• Permission Validation: Ensures operations respect security constraints
• Immutable Design: Value object semantics prevent accidental modification
• Standard Presets: Common permission patterns for typical use cases
• Compatibility Checking: Validates if permissions meet requirements

Permission Model

The permission model supports three basic access types:

• Read: Ability to read file contents
• Write: Ability to modify file contents
• Execute: Ability to execute the file (Unix) or run as program (Windows)

Usage Patterns

Security Considerations

• Permissions are validated before file operations
• Default permissions follow principle of least privilege
• Cross-platform compatibility ensures consistent security
• Mode bits provide fine-grained control on Unix systems

Cross-Language Compatibility

• JSON: Object with read/write/execute boolean fields
• Go: Struct with similar field layout and os.FileMode integration
• Python: Dataclass with stat module compatibility
• Database: Separate columns for each permission type plus mode

Fields

read: bool

Whether the file can be read

write: bool

Whether the file can be written

execute: bool

Whether the file can be executed

mode: Option<u32>

Unix-style permission bits for fine-grained control

Implementations

impl FilePermissions

pub fn read_only() -> Self

Creates permissions for read-only access (0o444).

This creates a permission set that allows reading but prevents writing or executing. Suitable for configuration files, documentation, or any content that should not be modified during pipeline operations.

Returns

A FilePermissions instance with read-only access.

Examples

Use Cases

• Configuration files that should not be modified
• Documentation and reference materials
• Backup files for integrity protection
• Template files used for generation

pub fn read_write() -> Self

Creates permissions for read-write access (0o644).

This creates a permission set that allows reading and writing but prevents execution. This is the most common permission set for data files, logs, and other content that needs to be modified during pipeline operations.

Returns

A FilePermissions instance with read-write access.

Examples

Use Cases

• Data files processed by the pipeline
• Log files and output files
• Temporary files during processing
• Cache files and intermediate results

pub fn full_access() -> Self

Creates permissions for full access including execution (0o755).

This creates a permission set that allows reading, writing, and executing. Should be used sparingly and only for files that genuinely need to be executable, such as scripts or binary executables.

Returns

A FilePermissions instance with full access.

Examples

Security Warning

Execute permissions should be granted carefully as they allow the file to be run as a program. Only use this for legitimate executables and scripts.

Use Cases

• Shell scripts and batch files
• Binary executables
• Pipeline processing scripts
• Utility programs and tools

pub fn satisfies(&self, required: &FilePermissions) -> bool

Validates if the current permissions satisfy the specified requirements.

This method checks whether the current permission set provides at least the access level specified in the required permissions. It uses logical AND operations to ensure all required permissions are available.

Arguments

• required - The minimum permissions that must be satisfied

Returns

true if current permissions meet or exceed requirements, false otherwise.

Examples

Logic

The satisfaction logic works as follows:

• If required.read is true, self.read must be true
• If required.write is true, self.write must be true
• If required.execute is true, self.execute must be true
• All conditions must be met for satisfaction

Trait Implementations

impl Clone for FilePermissions

fn clone(&self) -> FilePermissions

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for FilePermissions

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl PartialEq for FilePermissions

fn eq(&self, other: &FilePermissions) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl StructuralPartialEq for FilePermissions