Struct PolicyRuleBuilder 

pub struct PolicyRuleBuilder { /* private fields */ }

Builder for creating PolicyRule instances with a fluent API

Examples

use core_policy::builder::PolicyRuleBuilder;
use core_policy::{Action, Resource};

// Basic RBAC rule
let rule = PolicyRuleBuilder::new()
    .for_peer("12D3KooWXYZ...")
    .allow(Action::Read)
    .on(Resource::File("/docs/*".into()))
    .build()
    .unwrap();

// ABAC rule with expiration
let rule = PolicyRuleBuilder::new()
    .for_peer("technician")
    .allow(Action::Read)
    .on(Resource::File("/logs/*".into()))
    .expires_at(1762348800)
    .build()
    .unwrap();

// ABAC rule with attributes
let rule = PolicyRuleBuilder::new()
    .for_peer("alice")
    .allow(Action::Write)
    .on(Resource::File("/shared/*".into()))
    .with_attribute("location", "office")
    .with_attribute("security_level", "high")
    .build()
    .unwrap();

// ABAC rule with context expression (advanced)
let rule = PolicyRuleBuilder::new()
    .for_peer("alice")
    .allow(Action::Read)
    .on(Resource::File("/sensitive/*".into()))
    .with_context_expr("role == \"admin\" AND department == \"IT\"")?  // Returns Result
    .build()
    .unwrap();

Implementations

impl PolicyRuleBuilder

pub fn new() -> Self

Create a new builder

pub fn for_peer(self, peer_id: impl Into<String>) -> Self

Set the peer ID that this rule applies to

pub fn allow(self, action: Action) -> Self

Set the action allowed by this rule

pub fn on(self, resource: Resource) -> Self

Set the resource this rule applies to

pub const fn expires_at(self, timestamp: u64) -> Self

Set the expiration timestamp (Unix seconds) - ABAC

pub fn with_attribute( self, key: impl Into<String>, value: impl Into<String>, ) -> Self

Add an attribute for contextual access control - ABAC (legacy)

pub fn with_context_expr(self, expr: impl AsRef<str>) -> Result<Self>

Add a context expression for advanced ABAC (boolean logic)

Arguments

• expr - Expression string to parse (e.g., “role == "admin" AND department == "IT"”)

Errors

Returns PolicyError::InvalidExpression if the expression syntax is invalid

Example

use core_policy::builder::PolicyRuleBuilder;
use core_policy::{Action, Resource};

let rule = PolicyRuleBuilder::new()
    .for_peer("alice")
    .allow(Action::Read)
    .on(Resource::All)
    .with_context_expr("role == \"admin\" AND active == \"true\"")?  // Returns Result
    .build()
    .unwrap();

pub fn build(self) -> Result<PolicyRule>

Build the PolicyRule, returning an error if required fields are missing

Errors

Returns PolicyError::InvalidRule if any required field is missing:

• peer_id
• action
• resource

Trait Implementations

impl Debug for PolicyRuleBuilder

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for PolicyRuleBuilder

fn default() -> PolicyRuleBuilder

Returns the “default value” for a type.