manas_storage 0.1.0

This crate provides traits and implementations for a `SolidStorage`, and `SolidStorageService`, (a solid-protocol compatible http service over a storage).
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

//! I provide few snippets to deal with authorization
//! handling in method implementations.
//!

use http::StatusCode;
use http_api_problem::ApiError;
use manas_access_control::model::{KResolvedAccessControl, KResolvedHostAccessControl};
use typed_record::TypedRecord;

use crate::{SgCredentials, SolidStorage};

/// Attach authorization context to api error fields.
pub fn attach_authorization_context<Storage: SolidStorage>(error: &mut ApiError) {
    if error.status() != StatusCode::FORBIDDEN {
        return;
    }

    let mut context = vec![];
    if let Some(r_acl) = error
        .extensions()
        .get_rv::<KResolvedAccessControl<SgCredentials<Storage>>>()
    {
        if !r_acl.is_allowed() {
            context.push(r_acl.clone())
        }
    }

    if let Some(rh_acl) = error
        .extensions()
        .get_rv::<KResolvedHostAccessControl<SgCredentials<Storage>>>()
    {
        if !rh_acl.is_allowed() {
            context.push(rh_acl.clone())
        }
    }

    error.add_field("authorization_context", context);
}