oxidite 2.1.0

A modern, batteries-included web framework for Rust inspired by Laravel and Rails - Oxidite
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114

# Authorization Guide

Role-based access control (RBAC) and permission management in Oxidite.

## Installation

```toml
[dependencies]
oxidite = { version = "1.0", features = ["auth", "database"] }
```

## Quick Start

```rust
use oxidite::prelude::*;
use oxidite::auth::rbac::*;

// Protect routes with permissions
app.delete("/users/:id", delete_user)
    .middleware(RequirePermission::new("users.delete"));

app.get("/secure", secure_page)
    .middleware(RequireRole::new("admin"));
```

## Roles and Permissions

```rust
// Create role
let admin_role = Role {
    name: "admin".to_string(),
    permissions: vec![
        "users.create".to_string(),
        "users.read".to_string(),
        "users.update".to_string(),
        "users.delete".to_string(),
    ],
};

// Assign to user
user.assign_role(&db, "admin").await?;

// Check permission
if user.has_permission("users.delete") {
    // Allow action
}

// Check role
if user.has_role("admin") {
    // Allow access
}
```

## Middleware

```rust
use oxidite::auth::rbac::*;

// Require specific permission
app.post("/posts", create_post)
    .middleware(RequirePermission::new("posts.create"));

// Require specific role
app.get("/analytics", analytics_page)
    .middleware(RequireRole::new("admin"));

// Require any of multiple permissions
app.put("/posts/:id", update_post)
    .middleware(RequireAnyPermission::new(vec![
        "posts.update.own",
        "posts.update.all"
    ]));
```

## In Handlers

```rust
async fn delete_user(
    auth: Auth,
    Path(params): Path<HashMap<String, String>>,
) -> Result<Response> {
    // Auth automatically injected by middleware
    if !auth.user.has_permission("users.delete") {
        return Err(Error::Forbidden);
    }
    
    let user_id = params.get("id").unwrap().parse()?;
    User::delete(&db, user_id).await?;
    
    Ok(Response::ok())
}
```

## Permission Hierarchy

```rust
// users.* grants all user permissions
let super_admin = Role {
    name: "super_admin".to_string(),
    permissions: vec!["*".to_string()], // All permissions
};
```

## Dynamic Permissions

```rust
// Check at runtime
async fn can_edit_post(user: &User, post: &Post) -> bool {
    user.has_permission("posts.update.all") ||
    (user.has_permission("posts.update.own") && post.user_id == user.id)
}
```

Complete examples at [docs.rs/oxidite](https://docs.rs/oxidite)