rust-rbac 0.1.0

A flexible Role-Based Access Control (RBAC) system for Rust applications
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

use async_trait::async_trait;
use crate::error::RbacError;
use crate::models::{Permission, Role};

/// Trait defining storage operations for RBAC
#[async_trait]
pub trait RbacStorage: Send + Sync {
    /// Create a new permission
    async fn create_permission(&self, permission: &Permission) -> Result<(), RbacError>;
    
    /// Get a permission by name
    async fn get_permission(&self, name: &str) -> Result<Option<Permission>, RbacError>;
    
    /// Delete a permission
    async fn delete_permission(&self, name: &str) -> Result<(), RbacError>;
    
    /// Create a new role
    async fn create_role(&self, role: &Role) -> Result<(), RbacError>;
    
    /// Get a role by name
    async fn get_role(&self, name: &str) -> Result<Option<Role>, RbacError>;
    
    /// Delete a role
    async fn delete_role(&self, name: &str) -> Result<(), RbacError>;
    
    /// Assign a permission to a role
    async fn assign_permission_to_role(&self, permission_name: &str, role_name: &str) -> Result<(), RbacError>;
    
    /// Remove a permission from a role
    async fn remove_permission_from_role(&self, permission_name: &str, role_name: &str) -> Result<(), RbacError>;
    
    /// Get all permissions for a role
    async fn get_permissions_for_role(&self, role_name: &str) -> Result<Vec<Permission>, RbacError>;
    
    /// Assign a role to a subject
    async fn assign_role_to_subject(&self, role_name: &str, subject_id: &str) -> Result<(), RbacError>;
    
    /// Remove a role from a subject
    async fn remove_role_from_subject(&self, role_name: &str, subject_id: &str) -> Result<(), RbacError>;
    
    /// Get all roles for a subject
    async fn get_roles_for_subject(&self, subject_id: &str) -> Result<Vec<Role>, RbacError>;
    
    /// Assign a permission directly to a subject
    async fn assign_permission_to_subject(&self, permission_name: &str, subject_id: &str) -> Result<(), RbacError>;
    
    /// Remove a permission from a subject
    async fn remove_permission_from_subject(&self, permission_name: &str, subject_id: &str) -> Result<(), RbacError>;
    
    /// Get all direct permissions for a subject (not including those from roles)
    async fn get_direct_permissions_for_subject(&self, subject_id: &str) -> Result<Vec<Permission>, RbacError>;
    
    /// Check if a subject has a specific permission (either directly or via roles)
    async fn subject_has_permission(&self, subject_id: &str, permission_name: &str) -> Result<bool, RbacError>;
}