Struct Scope

pub struct Scope { /* private fields */ }

Scope of a given grant or resource, a set of scope-tokens separated by spaces.

Scopes are interpreted as a conjunction of scope tokens, i.e. a scope is fulfilled if all of its scope tokens are fulfilled. This induces a partial ordering on scopes where scope A is less or equal than scope B if all scope tokens of A are also found in B. This can be interpreted as the rule

A token with scope B is allowed to access a resource requiring scope A iff A <= B

Example

let grant_scope    = "some_scope other_scope".parse::<Scope>().unwrap();
let resource_scope = "some_scope".parse::<Scope>().unwrap();
let uncomparable   = "some_scope third_scope".parse::<Scope>().unwrap();

// Holding a grant with `grant_scope` allows access to the resource since:
assert!(resource_scope <= grant_scope);
assert!(resource_scope.allow_access(&grant_scope));

// But holders would not be allowed to access another resource with scope `uncomparable`:
assert!(!(uncomparable <= grant_scope));
assert!(!uncomparable.allow_access(&grant_scope));

// This would also not work the other way around:
assert!(!(grant_scope <= uncomparable));
assert!(!grant_scope.allow_access(&uncomparable));

Scope-tokens are restricted to the following subset of ascii:

• The character ‘!’
• The character range ‘\x32’ to ‘\x5b’ which includes numbers and upper case letters
• The character range ‘\x5d’ to ‘\x7e’ which includes lower case letters Individual scope-tokens are separated by spaces.

In particular, the characters ‘\x22’ (") and ‘\x5c’ (\) are not allowed.

Implementations

impl Scope

pub fn priviledged_to(&self, rhs: &Scope) -> bool

Determines if this scope has enough privileges to access some resource requiring the scope on the right side. This operation is equivalent to comparison via >=.

pub fn allow_access(&self, rhs: &Scope) -> bool

Determines if a resouce protected by this scope should allow access to a token with the grant on the right side. This operation is equivalent to comparison via <=.

pub fn iter(&self) -> impl Iterator<Item = &str>

Create an iterator over the individual scopes.

Trait Implementations

impl Clone for Scope

fn clone(&self) -> Scope

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Scope

fn fmt(&self, fmt: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for Scope

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>

where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Display for Scope

fn fmt(&self, fmt: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl FromStr for Scope

type Err = ParseScopeErr

The associated error which can be returned from parsing.

fn from_str(string: &str) -> Result<Scope, ParseScopeErr>

Parses a string s to return a value of this type.

impl PartialEq for Scope

fn eq(&self, other: &Scope) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd for Scope

fn partial_cmp(&self, rhs: &Self) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator.

impl Serialize for Scope

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>

where S: Serializer,

Serialize this value into the given Serde serializer.

impl Eq for Scope

impl StructuralPartialEq for Scope