pib-service-api 0.11.0

pib-service edit API
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

// SPDX-FileCopyrightText: Politik im Blick developers
// SPDX-FileCopyrightText: Wolfgang Silbermayr <wolfgang@silbermayr.at>
//
// SPDX-License-Identifier: AGPL-3.0-or-later OR EUPL-1.2

use pib_service_api_permissions::{Method, Permissions, Resource};
use uuid::Uuid;

use crate::Error;

#[async_trait::async_trait]
pub(crate) trait EnforcePermissions: Permissions {
    async fn enforce(&self, resource: Resource, method: Method, user_id: Uuid)
    -> Result<(), Error>;
}

#[async_trait::async_trait]
impl<T: ?Sized + Permissions> EnforcePermissions for T {
    async fn enforce(
        &self,
        resource: Resource,
        method: Method,
        user_id: Uuid,
    ) -> Result<(), Error> {
        let admission = self.request_permission(resource, method, user_id).await?;

        if admission.is_denied() {
            return Err(Error::Forbidden);
        }

        Ok(())
    }
}