Expand description
Authorization helpers for canister-to-canister and user calls.
Compose rule futures and enforce them with require_all or
require_any. For ergonomics, prefer the macros [auth_require_all!]
and [auth_require_any!], which accept async closures or functions that
return AuthRuleResult.
Enums§
- Auth
Error - Error returned by authorization rule checks.
Functions§
- is_
app_ directory_ type - Ensure the caller matches the subnet directory entry recorded for
ty. Use for admin endpoints that expect specific app directory canisters. - is_
child - Require that the caller is a direct child of the current canister. Protects child-only endpoints (e.g., sync) from sibling/root callers.
- is_
controller - Require that the caller controls the current canister. Allows controller-only maintenance calls.
- is_
parent - Require that the caller is the root or a registered parent canister. Use on child sync endpoints to enforce parent-only calls.
- is_
principal - Require that the caller equals the provided
expectedprincipal. Handy for single-tenant or pre-registered callers. - is_
registered_ to_ subnet - Require that the caller is registered as an canister on this subnet *** ONLY ON ROOT FOR NOW *** Ensures only registered canisters call root orchestration endpoints.
- is_root
- Require that the caller equals the configured root canister. Gate root-only operations (e.g., topology mutations).
- is_
same_ canister - Require that the caller is the currently executing canister. For self-calls only.
- is_
subnet_ directory_ type - Ensure the caller matches the subnet directory entry recorded for
ty. Use for admin endpoints that expect specific subnet directory canisters. - is_
whitelisted - Require that the caller appears in the active whitelist (IC deployments). No-op on local builds; enforces whitelist on IC.
- require_
all - Require that all provided rules pass for the current caller.
- require_
any - Require that any one of the provided rules passes for the current caller.
Type Aliases§
- Auth
Rule Fn - Callable issuing an authorization decision for a given caller.
- Auth
Rule Result - Future produced by an
AuthRuleFn.