haste-access-control 0.14.0

use haste_fhir_model::r4::generated::{
    resources::AccessPolicyV2, terminology::AccessPolicyv2Engine,
};
use haste_fhir_operation_error::OperationOutcomeError;

use crate::context::PermissionLevel;

pub async fn evaluate(policy: &AccessPolicyV2) -> Result<PermissionLevel, OperationOutcomeError> {
    // Sanity check to ensure we are only evaluating FullAccess policies here.
    // Note this is done on root lib.rs evaluation of policy.
    if let AccessPolicyv2Engine::FullAccess(_) = *policy.engine {
        Ok(PermissionLevel::Allow)
    } else {
        Ok(PermissionLevel::Deny)
    }
}