Struct AuthAccessApi 

pub struct AuthAccessApi;

AuthAccessApi

WHY THIS FILE EXISTS

This module defines the public authorization API exposed to:

• macro-expanded endpoints
• DSL-generated auth guards
• higher-level application code

It intentionally sits between:

• access::* (internal authorization logic)
• dto::error::Error (external error surface)

Responsibilities:

1. Error domain translation Access-layer errors are internal and must never leak directly. This API converts them into stable, user-facing error types.

2. Signature normalization This is the canonical place to adapt access-layer contracts (e.g. &'static str policy constants) to callers.

3. Stability during refactors Access internals may change freely as long as this API remains stable. Callers MUST NOT depend directly on access::*.

If this file appears repetitive, that is intentional. DO NOT collapse it into the access layer.

Implementations

impl AuthAccessApi

pub async fn require_all(rules: Vec<AccessRuleFn>) -> Result<(), Error>

Require that ALL access rules succeed.

Intended for use by DSL-expanded authorization pipelines.

pub async fn require_any(rules: Vec<AccessRuleFn>) -> Result<(), Error>

Require that ANY access rule succeeds.

pub async fn is_app_directory_role( caller: Principal, role: CanisterRole, ) -> Result<(), Error>

pub async fn is_child(caller: Principal) -> Result<(), Error>

pub async fn is_controller(caller: Principal) -> Result<(), Error>

pub async fn is_parent(caller: Principal) -> Result<(), Error>

pub async fn is_principal( caller: Principal, expected: Principal, ) -> Result<(), Error>

pub async fn is_registered_to_subnet(caller: Principal) -> Result<(), Error>

pub async fn caller_is_root(caller: Principal) -> Result<(), Error>

pub async fn is_same_canister(caller: Principal) -> Result<(), Error>

pub async fn is_subnet_directory_role( caller: Principal, role: CanisterRole, ) -> Result<(), Error>

pub async fn is_whitelisted(caller: Principal) -> Result<(), Error>

pub async fn verify_delegated_token() -> Result<(), Error>

Verify a delegated token read from the ingress payload.

Intended for DSL-generated auth guards only.

pub async fn verify_token( token: DelegatedToken, authority_pid: Principal, now_secs: u64, ) -> Result<(), Error>

pub async fn require_scope( claims: DelegatedTokenClaims, required_scope: &'static str, ) -> Result<(), Error>

Require that the delegated token includes a specific scope.

required_scope MUST be a compile-time policy constant.

pub async fn require_audience( claims: DelegatedTokenClaims, required_audience: &'static str, ) -> Result<(), Error>

Require that the delegated token targets a specific audience.

required_audience MUST be a compile-time policy constant.