[−][src]Struct aliri_oauth2::ScopesPolicy
An access policy based on OAuth2 scopes
This access policy takes the form of alternatives around required scopes. This policy will allow access if any of the alternatives would allow access. If the policy contains no alternatives, the default effect is to deny access.
Examples
Deny all requests
use aliri::Policy; use aliri_oauth2::{Scopes, ScopesPolicy}; let policy = ScopesPolicy::deny_all(); let request = Scopes::single("admin"); assert!(policy.evaluate(&request).is_err());
Allow all requests
use aliri::Policy; use aliri_oauth2::{Scopes, ScopesPolicy}; let policy = ScopesPolicy::allow_all(); let request = Scopes::empty(); assert!(policy.evaluate(&request).is_ok());
Allow requests with a single scope
use aliri::Policy; use aliri_oauth2::{Scopes, ScopesPolicy}; let policy = ScopesPolicy::allow_one( Scopes::single("admin") ); let request = Scopes::from_scopes(vec![ "admin", "user", ]); assert!(policy.evaluate(&request).is_ok()); let user_request = Scopes::from_scopes(vec![ "user", ]); assert!(policy.evaluate(&user_request).is_err());
Allow requests with multiple potential sets of scopes
use aliri::Policy; use aliri_oauth2::{Scopes, ScopesPolicy}; let mut policy = ScopesPolicy::deny_all(); policy.allow(Scopes::single("admin")); policy.allow(Scopes::from_scopes(vec![ "special", "user", ])); let admin_request = Scopes::from_scopes(vec![ "admin", ]); assert!(policy.evaluate(&admin_request).is_ok()); let user_request = Scopes::from_scopes(vec![ "user", ]); assert!(policy.evaluate(&user_request).is_err()); let special_user_request = Scopes::from_scopes(vec![ "special", "user", ]); assert!(policy.evaluate(&special_user_request).is_ok());
Implementations
impl ScopesPolicy[src]
pub fn deny_all() -> Self[src]
Constructs a policy that has no permissible alternatives
By default, this policy will deny all requests
pub fn allow_all() -> Self[src]
Constructs a policy that does not require any scopes (allow)
pub fn allow_one(scopes: Scopes) -> Self[src]
Constructs a policy that requires this set of scopes
pub fn allow(&mut self, scopes: Scopes)[src]
Add an alternative set of required scopes
Trait Implementations
impl Clone for ScopesPolicy[src]
fn clone(&self) -> ScopesPolicy[src]
fn clone_from(&mut self, source: &Self)1.0.0[src]
impl Debug for ScopesPolicy[src]
impl Default for ScopesPolicy[src]
fn default() -> ScopesPolicy[src]
impl Eq for ScopesPolicy[src]
impl Extend<Scopes> for ScopesPolicy[src]
fn extend<I>(&mut self, iter: I) where
I: IntoIterator<Item = Scopes>, [src]
I: IntoIterator<Item = Scopes>,
fn extend_one(&mut self, item: A)[src]
fn extend_reserve(&mut self, additional: usize)[src]
impl FromIterator<Scopes> for ScopesPolicy[src]
fn from_iter<I>(iter: I) -> Self where
I: IntoIterator<Item = Scopes>, [src]
I: IntoIterator<Item = Scopes>,
impl IntoIterator for ScopesPolicy[src]
type Item = Scopes
The type of the elements being iterated over.
type IntoIter = <Vec<Scopes> as IntoIterator>::IntoIter
Which kind of iterator are we turning this into?
fn into_iter(self) -> Self::IntoIter[src]
impl<'a> IntoIterator for &'a ScopesPolicy[src]
type Item = &'a Scopes
The type of the elements being iterated over.
type IntoIter = Iter<'a>
Which kind of iterator are we turning this into?
fn into_iter(self) -> Self::IntoIter[src]
impl PartialEq<ScopesPolicy> for ScopesPolicy[src]
fn eq(&self, other: &ScopesPolicy) -> bool[src]
fn ne(&self, other: &ScopesPolicy) -> bool[src]
impl Policy for ScopesPolicy[src]
type Request = Scopes
The request type evaluated by this policy
type Denial = InsufficientScopes
The error returned when this policy denies a request
fn evaluate(&self, held: &Self::Request) -> Result<(), Self::Denial>[src]
impl StructuralEq for ScopesPolicy[src]
impl StructuralPartialEq for ScopesPolicy[src]
Auto Trait Implementations
impl RefUnwindSafe for ScopesPolicy
impl Send for ScopesPolicy
impl Sync for ScopesPolicy
impl Unpin for ScopesPolicy
impl UnwindSafe for ScopesPolicy
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized, [src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized, [src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized, [src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T[src]
impl<T> From<T> for T[src]
impl<T> Instrument for T[src]
fn instrument(self, span: Span) -> Instrumented<Self>[src]
fn in_current_span(self) -> Instrumented<Self>[src]
impl<T, U> Into<U> for T where
U: From<T>, [src]
U: From<T>,
impl<I> IntoIterator for I where
I: Iterator, [src]
I: Iterator,
type Item = <I as Iterator>::Item
The type of the elements being iterated over.
type IntoIter = I
Which kind of iterator are we turning this into?
fn into_iter(self) -> I[src]
impl<T> ToOwned for T where
T: Clone, [src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
fn to_owned(&self) -> T[src]
fn clone_into(&self, target: &mut T)[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>, [src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>, [src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>[src]
impl<T> WithSubscriber for T[src]
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>, [src]
S: Into<Dispatch>,