stack-profile 0.34.0-alpha.6

Centralised ~/.cipherstash profile file management
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

// Security lints
#![deny(unsafe_code)]
#![warn(clippy::unwrap_used)]
#![warn(clippy::expect_used)]
#![warn(clippy::panic)]
// Prevent mem::forget from bypassing ZeroizeOnDrop
#![warn(clippy::mem_forget)]
// Prevent accidental data leaks via output
#![warn(clippy::print_stdout)]
#![warn(clippy::print_stderr)]
#![warn(clippy::dbg_macro)]
// Code quality
#![warn(unreachable_pub)]
#![warn(unused_results)]
#![warn(clippy::todo)]
#![warn(clippy::unimplemented)]
// Relax in tests
#![cfg_attr(test, allow(clippy::unwrap_used))]
#![cfg_attr(test, allow(clippy::expect_used))]
#![cfg_attr(test, allow(clippy::panic))]
#![cfg_attr(test, allow(unused_results))]

//! Centralised `~/.cipherstash/` profile file management.
//!
//! The core type is [`ProfileStore`], a directory-scoped JSON file store that
//! handles reading, writing, and deleting profile data on disk.
//!
//! # Example
//!
//! ```no_run
//! use stack_profile::ProfileStore;
//! use serde::{Serialize, Deserialize};
//!
//! #[derive(Serialize, Deserialize)]
//! struct MyConfig {
//!     name: String,
//! }
//!
//! # fn main() -> Result<(), stack_profile::ProfileError> {
//! let store = ProfileStore::default();
//!
//! store.save("my-config.json", &MyConfig { name: "example".into() })?;
//! let config: MyConfig = store.load("my-config.json")?;
//! # Ok(())
//! # }
//! ```
//!
//! For sensitive files, use [`ProfileStore::save_with_mode`] to restrict permissions:
//!
//! ```no_run
//! # use stack_profile::ProfileStore;
//! # use serde::{Serialize, Deserialize};
//! # #[derive(Serialize, Deserialize)]
//! # struct Secret { key: String }
//! # fn main() -> Result<(), stack_profile::ProfileError> {
//! let store = ProfileStore::default();
//! store.save_with_mode("secret.json", &Secret { key: "shhh".into() }, 0o600)?;
//! # Ok(())
//! # }
//! ```

use serde::de::DeserializeOwned;
use serde::Serialize;

mod device_identity;
mod error;
mod profile_store;

pub use device_identity::DeviceIdentity;
pub use error::ProfileError;
pub use profile_store::ProfileStore;

/// A type that can be stored in a profile directory.
pub trait ProfileData: Serialize + DeserializeOwned {
    /// The filename used when saving/loading this type (e.g. `"secretkey.json"`).
    const FILENAME: &'static str;

    /// Unix file permissions for this file. `None` uses the default umask.
    /// Sensitive files should return `Some(0o600)`.
    const MODE: Option<u32> = None;
}