modkit_security/
policy_engine.rs

1use crate::SecurityContext;
2
3/// Type alias for a reference-counted Policy Engine
4pub type PolicyEngineRef = std::sync::Arc<dyn PolicyEngine>;
5
6/// Policy Engine - Zero Trust Policy Engine, responsible for evaluating and enforcing policies or rules
7pub trait PolicyEngine: Send + Sync {
8    fn allows(&self, ctx: &SecurityContext, resource: &str, action: &str) -> bool;
9}
10
11pub struct NoopPolicyEngine;
12
13impl Default for NoopPolicyEngine {
14    fn default() -> Self {
15        NoopPolicyEngine
16    }
17}
18
19impl PolicyEngine for NoopPolicyEngine {
20    fn allows(&self, _ctx: &SecurityContext, _resource: &str, _action: &str) -> bool {
21        true
22    }
23}

modkit_security/policy_engine.rs

modkit_security/
policy_engine.rs