styrene-rbac 0.1.0

Role-based access control for the Styrene mesh — shared by styrened and aether
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

//! Role hierarchy — cumulative privilege tiers.

/// Privilege tiers on the Styrene mesh. Each role inherits all capabilities
/// from tiers below it. The numeric value determines ordering.
#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[repr(u8)]
pub enum Role {
    /// Explicit deny — all messages dropped, all requests rejected.
    Blocked = 0,
    /// No access. Fail-closed default for restrictive deployments.
    None = 1,
    /// Mesh peer — chat, basic queries, relay requests.
    Peer = 10,
    /// Read-only monitoring — inbox queries, dashboards, datalink.
    Monitor = 20,
    /// Fleet operator — config updates, restricted terminal, write ops.
    Operator = 30,
    /// Full control — exec, reboot, self-update, full terminal.
    Admin = 40,
}

impl Role {
    /// Parse a role name string (case-insensitive).
    pub fn from_name(name: &str) -> Option<Self> {
        match name.to_ascii_lowercase().as_str() {
            "blocked" => Some(Self::Blocked),
            "none" => Some(Self::None),
            "peer" => Some(Self::Peer),
            "monitor" => Some(Self::Monitor),
            "operator" => Some(Self::Operator),
            "admin" => Some(Self::Admin),
            _ => Option::None,
        }
    }

    /// Role name as a lowercase string.
    pub fn as_str(self) -> &'static str {
        match self {
            Self::Blocked => "blocked",
            Self::None => "none",
            Self::Peer => "peer",
            Self::Monitor => "monitor",
            Self::Operator => "operator",
            Self::Admin => "admin",
        }
    }

    /// Whether this role has any access at all.
    pub fn has_access(self) -> bool {
        self >= Self::Peer
    }
}

#[cfg(feature = "config")]
impl<'de> serde::Deserialize<'de> for Role {
    fn deserialize<D: serde::Deserializer<'de>>(deserializer: D) -> Result<Self, D::Error> {
        let s = String::deserialize(deserializer)?;
        Self::from_name(&s).ok_or_else(|| serde::de::Error::unknown_variant(&s, ROLE_NAMES))
    }
}

#[cfg(feature = "config")]
impl serde::Serialize for Role {
    fn serialize<S: serde::Serializer>(&self, serializer: S) -> Result<S::Ok, S::Error> {
        serializer.serialize_str(self.as_str())
    }
}

#[cfg(feature = "config")]
const ROLE_NAMES: &[&str] = &["blocked", "none", "peer", "monitor", "operator", "admin"];

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn ordering() {
        assert!(Role::Blocked < Role::None);
        assert!(Role::None < Role::Peer);
        assert!(Role::Peer < Role::Monitor);
        assert!(Role::Monitor < Role::Operator);
        assert!(Role::Operator < Role::Admin);
    }

    #[test]
    fn from_name_case_insensitive() {
        assert_eq!(Role::from_name("ADMIN"), Some(Role::Admin));
        assert_eq!(Role::from_name("Peer"), Some(Role::Peer));
        assert_eq!(Role::from_name("unknown"), Option::None);
    }

    #[test]
    fn roundtrip_name() {
        for role in
            [Role::Blocked, Role::None, Role::Peer, Role::Monitor, Role::Operator, Role::Admin]
        {
            assert_eq!(Role::from_name(role.as_str()), Some(role));
        }
    }

    #[test]
    fn has_access() {
        assert!(!Role::Blocked.has_access());
        assert!(!Role::None.has_access());
        assert!(Role::Peer.has_access());
        assert!(Role::Monitor.has_access());
        assert!(Role::Operator.has_access());
        assert!(Role::Admin.has_access());
    }
}