Skip to main content

is_allowed_in

Function is_allowed_in 

Source
pub fn is_allowed_in(
    entries: &[String],
    identity: &str,
    policy: MatchPolicy<'_>,
) -> bool
Expand description

Stateless allowlist check: returns true when identity is admitted by entries under policy. Holds no state — the caller passes the entries (typically resolved from a canonical config source per call), so this satisfies single-source-of-truth invariants that forbid caching the allowlist in a long-lived field.

Semantics are identical to AllowlistAspect::is_allowed: an empty list denies everyone; any "*" entry admits everyone; otherwise the (possibly normalized / custom-matched) identity must match some entry.