core-policy 0.11.0

Pure RBAC/ABAC policy engine core (zero crypto/network dependencies)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

//! Integration tests for PolicyBuilder and PolicyRuleBuilder

use core_policy::{Action, PolicyBuilder, PolicyRuleBuilder, Resource};

#[test]
fn test_policy_rule_builder() {
    let rule = PolicyRuleBuilder::new()
        .for_peer("12D3KooWTest")
        .allow(Action::read())
        .on(Resource::file("/docs/*"))
        .build()
        .unwrap();

    assert_eq!(rule.peer_id, "12D3KooWTest");
    assert_eq!(rule.action, Action::Read);
    assert!(matches!(rule.resource, Resource::File(_)));
}

#[test]
fn test_policy_rule_builder_missing_fields() {
    let result = PolicyRuleBuilder::new().for_peer("12D3KooWTest").build();

    assert!(result.is_err());
}

#[test]
fn test_policy_builder() {
    let policy = PolicyBuilder::new("test-policy")
        .add_rule_with(|rule| {
            rule.for_peer("12D3KooWAlice")
                .allow(Action::all())
                .on(Resource::all())
        })
        .add_rule_with(|rule| {
            rule.for_peer("12D3KooWBob")
                .allow(Action::read())
                .on(Resource::file("/docs/*"))
        })
        .with_metadata("owner", "alice")
        .build()
        .unwrap();

    assert_eq!(policy.name(), "test-policy");
    assert_eq!(policy.rules().len(), 2);
    assert_eq!(policy.metadata().get("owner"), Some(&"alice".to_string()));
}

/// Example usage of PolicyRuleBuilder
///
/// ```
/// use core_policy::{PolicyRuleBuilder, Action, Resource};
///
/// let rule = PolicyRuleBuilder::new()
///     .for_peer("12D3KooWTest")
///     .allow(Action::read())
///     .on(Resource::file("/docs/*"))
///     .build()
///     .unwrap();
/// ```
#[test]
fn test_policy_rule_builder_doctest() {
    let rule = PolicyRuleBuilder::new()
        .for_peer("12D3KooWTest")
        .allow(Action::read())
        .on(Resource::file("/docs/*"))
        .build()
        .unwrap();

    assert_eq!(rule.peer_id, "12D3KooWTest");
}

/// Example usage of PolicyBuilder
///
/// ```
/// use core_policy::{PolicyBuilder, Action, Resource};
///
/// let policy = PolicyBuilder::new("my-policy")
///     .add_rule_with(|rule| {
///         rule.for_peer("12D3KooWTest")
///             .allow(Action::read())
///             .on(Resource::file("/docs/*"))
///     })
///     .build()
///     .unwrap();
/// ```
#[test]
fn test_policy_builder_doctest() {
    let policy = PolicyBuilder::new("my-policy")
        .add_rule_with(|rule| {
            rule.for_peer("12D3KooWTest")
                .allow(Action::read())
                .on(Resource::file("/docs/*"))
        })
        .build()
        .unwrap();

    assert_eq!(policy.name(), "my-policy");
    assert_eq!(policy.rules().len(), 1);
}