coil-runtime 0.1.1

HTTP runtime and request handling for the Coil framework.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122

use coil_assets::ManagedAsset;
use coil_auth::{AuthModelPackage, Capability, CoilAuth, DefaultSubject};
use zanzibar::RebacEngine;

use super::RuntimeStorageError;

#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub struct ManagedAssetPublicationGate {
    pub can_publish: bool,
    pub can_replace: bool,
    pub can_manage_storage: bool,
    pub public_delivery_enabled: bool,
}

impl ManagedAssetPublicationGate {
    pub fn can_publish_publicly(&self) -> bool {
        self.can_publish
            && self.can_replace
            && self.can_manage_storage
            && self.public_delivery_enabled
    }

    pub fn ensure_public_delivery_allowed(
        &self,
        asset_id: impl Into<String>,
    ) -> Result<(), RuntimeStorageError> {
        if self.can_publish_publicly() {
            Ok(())
        } else {
            Err(RuntimeStorageError::PublicationAuthorizationDenied {
                asset_id: asset_id.into(),
                reason: self.denial_reason(),
            })
        }
    }

    pub async fn resolve<E>(
        auth: &CoilAuth<E>,
        package: &impl AuthModelPackage,
        subject: &DefaultSubject,
        asset: &ManagedAsset,
    ) -> Result<Self, RuntimeStorageError>
    where
        E: RebacEngine,
    {
        let asset_entity = asset.auth_entity();
        let can_publish = check_capability(
            auth,
            package,
            subject,
            asset,
            Capability::AssetPublish,
            &asset_entity,
        )
        .await?;
        let can_replace = check_capability(
            auth,
            package,
            subject,
            asset,
            Capability::AssetReplace,
            &asset_entity,
        )
        .await?;
        let can_manage_storage = check_capability(
            auth,
            package,
            subject,
            asset,
            Capability::AssetManageStorage,
            &asset_entity,
        )
        .await?;

        Ok(Self {
            can_publish,
            can_replace,
            can_manage_storage,
            public_delivery_enabled: asset.publication().is_published()
                && asset
                    .publication()
                    .live_revision()
                    .is_some_and(|revision| revision.storage_plan().public_delivery_eligible()),
        })
    }

    fn denial_reason(&self) -> String {
        let mut missing = Vec::new();
        if !self.can_publish {
            missing.push(Capability::AssetPublish.to_string());
        }
        if !self.can_replace {
            missing.push(Capability::AssetReplace.to_string());
        }
        if !self.can_manage_storage {
            missing.push(Capability::AssetManageStorage.to_string());
        }
        if !self.public_delivery_enabled {
            missing.push("published public delivery state".to_string());
        }
        missing.join(", ")
    }
}

async fn check_capability<E>(
    auth: &CoilAuth<E>,
    package: &impl AuthModelPackage,
    subject: &DefaultSubject,
    asset: &ManagedAsset,
    capability: Capability,
    asset_entity: &coil_auth::Entity,
) -> Result<bool, RuntimeStorageError>
where
    E: RebacEngine,
{
    auth.check_capability(package, subject, capability, asset_entity)
        .await
        .map_err(|_| RuntimeStorageError::PublicationAuthorizationDenied {
            asset_id: asset.id().to_string(),
            reason: capability.to_string(),
        })
}