rust-tokio-supervisor 0.1.3

A Rust tokio supervisor with declarative task supervision, restart policy, shutdown coordination, and observability.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

//! External command allowlist.
//!
//! Only absolute executable paths listed in the allowlist configuration
//! are eligible for execution via control-plane extension points.
//! Default: empty list (deny all external commands).

use crate::config::ipc_security::AllowlistConfig;
use crate::dashboard::error::DashboardError;

/// Checks whether an executable path is in the allowlist.
///
/// # Arguments
///
/// - `path`: Absolute executable path to check.
/// - `config`: Allowlist configuration.
///
/// # Returns
///
/// Returns `Ok(())` when the path is allowed, or `Err(DashboardError)`
/// with `allowlist_empty` or `allowlist_denied`.
pub fn check_allowlist(path: &str, config: &AllowlistConfig) -> Result<(), DashboardError> {
    if !config.enabled {
        return Ok(());
    }

    if config.allowed_paths.is_empty() {
        return Err(DashboardError::allowlist_empty());
    }

    if !config.allowed_paths.iter().any(|p| p == path) {
        return Err(DashboardError::allowlist_denied(path));
    }

    Ok(())
}