Skip to main content

PolicyContext

bext_plugin_api::authz_policy

Struct PolicyContext 

Source 
pub struct PolicyContext {
    pub action: String,
    pub resource: String,
    pub principal: Option<String>,
    pub attributes: HashMap<String, String>,
}
Expand description

Evaluation context for a single authorization decision.

Pure POD to stay WASM-ABI friendly (same convention as crate::feature_flag::FlagContext and crate::auth::AuthRequestContext). The host populates this from the already-authenticated request: the router sets action and resource, crate::auth::AuthPlugin fills principal via [crate::auth::AuthUser::user_id], and anything the policy needs beyond that (tenant id, request IP, feature flags, tenant plan tier) lands in attributes as flat string pairs.

Fields§

§action: String

The action being attempted, in namespace:verb form. Examples: "post:read", "invoice:update", "admin.users:delete". The shape is engine-agnostic — Cedar parses it into its own Action entity, CEL reads it as a plain string. Callers MUST NOT embed resource ids here (that is what resource is for).

§resource: String

The resource the action targets, as an opaque identifier. Typical shapes: "posts/123", "tenant/acme/invoices/inv_9f2", "user/u_42/profile". Engines that understand hierarchical ids (Cedar) parse the slashes; flat engines (CEL) treat the whole string as one attribute.

§principal: Option<String>

The authenticated subject (user id) requesting the action. None for anonymous requests — policies that require a principal should return PolicyDecision::Deny with a reason rather than erroring.

§attributes: HashMap<String, String>

Free-form attributes the policy can read. Keys are policy-defined ("tenant", "plan", "ip", "mfa", …); values are plain strings so the map round-trips cleanly through any sandbox boundary. This is the same escape hatch used by crate::feature_flag::FlagContext::attributes and crate::auth::AuthUser::attributes.

Implementations§

Source§

impl PolicyContext

Source

pub fn new(action: impl Into<String>, resource: impl Into<String>) -> Self

Construct a fully anonymous context for a given action and resource. Callers add principal and attributes with the builder helpers below.

Source

pub fn with_principal(self, principal: impl Into<String>) -> Self

Attach an authenticated subject to this context.

Source

pub fn with_attribute( self, key: impl Into<String>, value: impl Into<String>, ) -> Self

Attach a single free-form attribute.

Trait Implementations§

Source§

impl Clone for PolicyContext

Source§

fn clone(&self) -> PolicyContext

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for PolicyContext

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for PolicyContext

Source§

fn default() -> PolicyContext

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.