canic_core/api/access/
auth.rs

1use crate::{
2    InternalError,
3    access::auth::{self, AuthRuleFn},
4    cdk::types::Principal,
5    dto::error::Error,
6    ids::CanisterRole,
7};
8
9///
10/// AuthAccessApi
11///
12
13pub struct AuthAccessApi;
14
15impl AuthAccessApi {
16    // --- Require --------------------------------------------------------
17
18    pub async fn require_all(rules: Vec<AuthRuleFn>) -> Result<(), Error> {
19        auth::require_all(rules)
20            .await
21            .map_err(InternalError::from)
22            .map_err(Error::from)
23    }
24
25    pub async fn require_any(rules: Vec<AuthRuleFn>) -> Result<(), Error> {
26        auth::require_any(rules)
27            .await
28            .map_err(InternalError::from)
29            .map_err(Error::from)
30    }
31
32    // --- Rules ----------------------------------------------------------
33
34    pub async fn is_app_directory_role(caller: Principal, role: CanisterRole) -> Result<(), Error> {
35        auth::is_app_directory_role(caller, role)
36            .await
37            .map_err(InternalError::from)
38            .map_err(Error::from)
39    }
40
41    pub async fn is_child(caller: Principal) -> Result<(), Error> {
42        auth::is_child(caller)
43            .await
44            .map_err(InternalError::from)
45            .map_err(Error::from)
46    }
47
48    pub async fn is_controller(caller: Principal) -> Result<(), Error> {
49        auth::is_controller(caller)
50            .await
51            .map_err(InternalError::from)
52            .map_err(Error::from)
53    }
54
55    pub async fn is_parent(caller: Principal) -> Result<(), Error> {
56        auth::is_parent(caller)
57            .await
58            .map_err(InternalError::from)
59            .map_err(Error::from)
60    }
61
62    pub async fn is_principal(caller: Principal, expected: Principal) -> Result<(), Error> {
63        auth::is_principal(caller, expected)
64            .await
65            .map_err(InternalError::from)
66            .map_err(Error::from)
67    }
68
69    pub async fn is_registered_to_subnet(caller: Principal) -> Result<(), Error> {
70        auth::is_registered_to_subnet(caller)
71            .await
72            .map_err(InternalError::from)
73            .map_err(Error::from)
74    }
75
76    pub async fn is_root(caller: Principal) -> Result<(), Error> {
77        auth::is_root(caller)
78            .await
79            .map_err(InternalError::from)
80            .map_err(Error::from)
81    }
82
83    pub async fn is_same_canister(caller: Principal) -> Result<(), Error> {
84        auth::is_same_canister(caller)
85            .await
86            .map_err(InternalError::from)
87            .map_err(Error::from)
88    }
89
90    pub async fn is_subnet_directory_role(
91        caller: Principal,
92        role: CanisterRole,
93    ) -> Result<(), Error> {
94        auth::is_subnet_directory_role(caller, role)
95            .await
96            .map_err(InternalError::from)
97            .map_err(Error::from)
98    }
99
100    pub async fn is_whitelisted(caller: Principal) -> Result<(), Error> {
101        auth::is_whitelisted(caller)
102            .await
103            .map_err(InternalError::from)
104            .map_err(Error::from)
105    }
106}