aws-iam 0.2.2

A Rust crate for dealing with AWS IAM Policy resources
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

use crate::model::{OneOrAll, Policy};
use crate::offline::request::Request;
use crate::offline::statement::evaluate_statement;
use crate::offline::{reduce_optional_results, EvaluationError, PartialEvaluationResult};
use tracing::{info, instrument};

// ------------------------------------------------------------------------------------------------
// Public Functions
// ------------------------------------------------------------------------------------------------

#[instrument]
pub fn evaluate_policy(
    request: &Request,
    policy: &Policy,
    policy_index: i32,
) -> Result<PartialEvaluationResult, EvaluationError> {
    let id = policy_id(policy, policy_index);
    let result = match &policy.statement {
        OneOrAll::One(statement) => evaluate_statement(request, statement, 0),
        OneOrAll::All(statements) => {
            let results: Result<Vec<PartialEvaluationResult>, EvaluationError> = statements
                .iter()
                .enumerate()
                .map(|(idx, statement)| evaluate_statement(request, statement, idx as i32))
                .collect();
            match results {
                Ok(mut results) => Ok(reduce_optional_results(&mut results)),
                Err(err) => Err(err),
            }
        }
    };
    info!("Returning policy {} effect {:?}", id, result);
    result
}

// ------------------------------------------------------------------------------------------------
// Private Functions
// ------------------------------------------------------------------------------------------------

fn policy_id(policy: &Policy, policy_index: i32) -> String {
    match &policy.id {
        Some(id) => id.to_string(),
        None => format!("[{}]", policy_index),
    }
}