coil_auth/explain/
error.rs1use super::*;
2
3#[derive(Debug)]
4pub enum CoilAuthError {
5 Rebac(RebacError),
6 MissingCapabilityBinding {
7 capability: Capability,
8 },
9 ResourceNamespaceMismatch {
10 capability: Capability,
11 actual: Namespace,
12 expected: Vec<Namespace>,
13 },
14 UnsupportedExplainNamespace {
15 namespace: String,
16 },
17 UnsupportedExplainRelation {
18 relation: String,
19 },
20}
21
22impl fmt::Display for CoilAuthError {
23 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
24 match self {
25 Self::Rebac(error) => write!(f, "{error}"),
26 Self::MissingCapabilityBinding { capability } => {
27 write!(f, "no binding exists for capability `{capability}`")
28 }
29 Self::ResourceNamespaceMismatch {
30 capability,
31 actual,
32 expected,
33 } => {
34 let expected = expected
35 .iter()
36 .map(Namespace::to_string)
37 .collect::<Vec<_>>()
38 .join(", ");
39 write!(
40 f,
41 "capability `{capability}` does not apply to `{actual}` resources; expected one of [{expected}]"
42 )
43 }
44 Self::UnsupportedExplainNamespace { namespace } => {
45 write!(
46 f,
47 "cannot explain tuples or schema entries for unsupported namespace `{namespace}`"
48 )
49 }
50 Self::UnsupportedExplainRelation { relation } => {
51 write!(
52 f,
53 "cannot explain tuples or schema entries for unsupported relation `{relation}`"
54 )
55 }
56 }
57 }
58}
59
60impl Error for CoilAuthError {}
61
62impl From<RebacError> for CoilAuthError {
63 fn from(value: RebacError) -> Self {
64 Self::Rebac(value)
65 }
66}