nodedb 0.3.0

Local-first, real-time, edge-to-cloud hybrid database for multi-modal workloads
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

// SPDX-License-Identifier: BUSL-1.1

//! Row-Level Security policy enumeration for `PurgeCollection` cascade.
//!
//! RLS policies are scoped to a single collection. When the collection
//! is hard-deleted the policies must go too — an orphan policy would
//! sit in the catalog forever and silently short-circuit future
//! queries if a collection with the same name were re-created.

use crate::control::security::catalog::SystemCatalog;

/// Enumerate RLS policies bound to `(tenant_id, collection)`.
/// Returns policy names only.
pub fn find_rls_policies_on(
    catalog: &SystemCatalog,
    tenant_id: u64,
    collection: &str,
) -> crate::Result<Vec<String>> {
    let all = catalog.load_all_rls_policies()?;
    let mut out: Vec<String> = all
        .into_iter()
        .filter(|p| p.tenant_id == tenant_id && p.collection == collection)
        .map(|p| p.name)
        .collect();
    out.sort();
    Ok(out)
}