bindle 0.9.1

An aggregate object storage system for applications
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

//! Types and traits for use in authorization. This module is only available if the `server` feature
//! is enabled

pub mod always;
pub mod anonymous_get;

/// A trait that can be implemented on any type (such as a custom `User` or `Token` type) so that it
/// can be authorized by an [`Authorizer`](Authorizer)
pub trait Authorizable {
    /// Returns the identity or username of the authenticated user
    fn principal(&self) -> String;

    /// Returns the groups the authenticated user is a member of, generally embedded on something
    /// like a JWT or fetched from an upstream server
    fn groups(&self) -> Vec<String>;
}

/// A trait for any system that can authorize any [`Authorizable`](Authorizable) type
// TODO: Will this need to be async?
pub trait Authorizer {
    /// Checks whether or not the given item is authorized to access provided path and method,
    /// returning a failure reason in the case where the item is not authorized
    // TODO: We might want to have a custom error enum down the line
    fn authorize<A: Authorizable>(
        &self,
        item: A,
        path: &str,
        method: &warp::http::Method,
    ) -> anyhow::Result<()>;
}