oxigdal_security/multitenancy/
isolation.rs

1//! Resource isolation between tenants.
2
3use crate::error::Result;
4use dashmap::DashMap;
5use std::collections::HashSet;
6use std::sync::Arc;
7
8/// Resource isolation manager.
9pub struct IsolationManager {
10    /// Tenant to resources mapping.
11    tenant_resources: Arc<DashMap<String, HashSet<String>>>,
12}
13
14impl IsolationManager {
15    /// Create new isolation manager.
16    pub fn new() -> Self {
17        Self {
18            tenant_resources: Arc::new(DashMap::new()),
19        }
20    }
21
22    /// Assign resource to tenant.
23    pub fn assign_resource(&self, tenant_id: String, resource_id: String) -> Result<()> {
24        self.tenant_resources
25            .entry(tenant_id)
26            .or_default()
27            .insert(resource_id);
28        Ok(())
29    }
30
31    /// Check if tenant owns resource.
32    pub fn owns_resource(&self, tenant_id: &str, resource_id: &str) -> bool {
33        self.tenant_resources
34            .get(tenant_id)
35            .is_some_and(|resources| resources.contains(resource_id))
36    }
37
38    /// Get all resources for tenant.
39    pub fn get_resources(&self, tenant_id: &str) -> Vec<String> {
40        self.tenant_resources
41            .get(tenant_id)
42            .map(|resources| resources.iter().cloned().collect())
43            .unwrap_or_default()
44    }
45}
46
47impl Default for IsolationManager {
48    fn default() -> Self {
49        Self::new()
50    }
51}
oxigdal_security/multitenancy/isolation.rs

oxigdal_security/multitenancy/
isolation.rs
