bulwark_security/security/
inspector.rs

1use crate::request::context::RequestContext;
2use crate::security::FindingSeverity;
3use crate::BulwarkError;
4
5/// Result of an inspector analysis.
6///
7/// Inspector TIDAK membuat keputusan.
8/// Mereka hanya melaporkan temuan (finding).
9#[derive(Debug, Clone)]
10pub struct InspectorFinding {
11    /// Name / identifier of the inspector
12    pub inspector: &'static str,
13
14    /// Severity level of the finding
15    pub severity: FindingSeverity,
16
17    /// Human-readable reason
18    pub reason: String,
19}
20
21impl InspectorFinding {
22    /// Create a new inspector finding.
23    pub fn new(
24        inspector: &'static str,
25        severity: FindingSeverity,
26        reason: impl Into<String>,
27    ) -> Self {
28        Self {
29            inspector,
30            severity,
31            reason: reason.into(),
32        }
33    }
34}
35
36/// Inspector trait
37///
38/// Rules:
39/// - Ok(None)        → no issue
40/// - Ok(Some(_))    → finding reported
41/// - Err(_)         → hard failure (block)
42pub trait Inspector: Send + Sync {
43    fn inspect(&self, ctx: &RequestContext) -> Result<Option<InspectorFinding>, BulwarkError>;
44}
bulwark_security/security/inspector.rs

bulwark_security/security/
inspector.rs
