Struct Capability 

pub struct Capability(/* private fields */);

A validated capability identifier.

Capabilities are the atomic unit of authorization in Auths. They follow a namespace convention:

• Well-known capabilities: sign_commit, sign_release, manage_members, rotate_keys
• Custom capabilities: any valid string (alphanumeric + : + - + _, max 64 chars)

The auths: prefix is reserved for future well-known capabilities and cannot be used in custom capabilities created via parse().

Examples

use auths_verifier::Capability;

// Well-known capabilities
let cap = Capability::sign_commit();
assert_eq!(cap.as_str(), "sign_commit");

// Custom capabilities
let custom = Capability::parse("acme:deploy").unwrap();
assert_eq!(custom.as_str(), "acme:deploy");

// Reserved namespace is rejected
assert!(Capability::parse("auths:custom").is_err());

Implementations

impl Capability

pub const MAX_LEN: usize = 64

Maximum length for capability strings.

pub fn sign_commit() -> Self

Creates the sign_commit capability.

Grants permission to sign commits.

pub fn sign_release() -> Self

Creates the sign_release capability.

Grants permission to sign releases.

pub fn manage_members() -> Self

Creates the manage_members capability.

Grants permission to add/remove members in an organization.

pub fn rotate_keys() -> Self

Creates the rotate_keys capability.

Grants permission to rotate keys for an identity.

pub fn parse(raw: &str) -> Result<Self, CapabilityError>

Parses and validates a capability string.

This is the primary way to create custom capabilities. The input is trimmed and lowercased to produce a canonical form.

Validation Rules

• Non-empty
• Maximum 64 characters
• Only alphanumeric characters, colons (:), hyphens (-), and underscores (_)
• Cannot start with auths: (reserved namespace)

Examples

use auths_verifier::Capability;

// Valid custom capabilities
assert!(Capability::parse("deploy").is_ok());
assert!(Capability::parse("acme:deploy").is_ok());
assert!(Capability::parse("org:team:action").is_ok());

// Invalid capabilities
assert!(Capability::parse("").is_err());           // empty
assert!(Capability::parse("has space").is_err());  // invalid char
assert!(Capability::parse("auths:custom").is_err()); // reserved namespace

pub fn custom(s: impl Into<String>) -> Option<Self>

👎Deprecated since 0.2.0: Use parse() for better error handling

Creates a custom capability after validation.

This is a convenience method that returns Option<Self> instead of Result.

Deprecated

Prefer using parse() for better error handling.

pub fn validate_custom(s: &str) -> bool

👎Deprecated since 0.2.0: Use parse() for validation

Validates a custom capability string.

Deprecated

This method is retained for backward compatibility. Use parse() instead.

pub fn as_str(&self) -> &str

Returns the canonical string representation of this capability.

This is the authoritative string form used for comparison, display, and serialization.

pub fn is_well_known(&self) -> bool

Returns true if this is a well-known Auths capability.

pub fn namespace(&self) -> Option<&str>

Returns the namespace portion of the capability (before first colon), if any.

Trait Implementations

impl Clone for Capability

fn clone(&self) -> Capability

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Capability

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for Capability

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Display for Capability

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl From<Capability> for String

fn from(cap: Capability) -> Self

Converts to this type from the input type.

impl FromStr for Capability

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a capability string with CLI-friendly alias resolution.

Normalizes the input (trim, lowercase, replace hyphens with underscores) and matches well-known capabilities before falling through to Capability::parse() for custom capability validation.

Unlike the deprecated parse_capability_cli, this returns an error for unrecognized well-known names instead of silently defaulting.

Args:

• s: The capability string (e.g., “sign_commit”, “Sign-Commit”).

Usage:

use auths_verifier::Capability;
let cap: Capability = "sign_commit".parse().unwrap();
assert_eq!(cap.as_str(), "sign_commit");

type Err = CapabilityError

The associated error which can be returned from parsing.

impl Hash for Capability

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl PartialEq for Capability

fn eq(&self, other: &Capability) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for Capability

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl TryFrom<String> for Capability

type Error = CapabilityError

The type returned in the event of a conversion error.

fn try_from(s: String) -> Result<Self, Self::Error>

Performs the conversion.

impl Eq for Capability

impl StructuralPartialEq for Capability