drogue_client/user/v1/data/
authz.rs

1use crate::metrics::{AsPassFail, PassFail};
2use core::fmt;
3use serde::{Deserialize, Serialize};
4
5#[derive(Clone, Copy, Debug, PartialEq, Eq, Serialize, Deserialize)]
6pub enum Permission {
7    Owner,
8    Admin,
9    Write,
10    Read,
11}
12
13impl fmt::Display for Permission {
14    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
15        write!(f, "{:?}", self)
16    }
17}
18
19/// Authorize a request for a user.
20///
21/// NOTE: The user_id and roles information must come from a trusted source, like
22/// a validated token. The user service will not re-validate this information.
23#[derive(Clone, Debug, Serialize, Deserialize)]
24pub struct AuthorizationRequest {
25    pub application: String,
26    pub permission: Permission,
27
28    pub user_id: Option<String>,
29    pub roles: Vec<String>,
30}
31
32/// The outcome of an authorization request
33#[derive(Clone, Copy, Debug, serde::Serialize, serde::Deserialize, PartialEq, Eq)]
34#[serde(rename_all = "camelCase")]
35pub enum Outcome {
36    Allow,
37    Deny,
38}
39
40impl Outcome {
41    pub fn is_allowed(&self) -> bool {
42        matches!(self, Self::Allow)
43    }
44
45    pub fn ensure<F, E>(&self, f: F) -> Result<(), E>
46    where
47        F: FnOnce() -> E,
48    {
49        match self.is_allowed() {
50            true => Ok(()),
51            false => Err(f()),
52        }
53    }
54}
55
56/// The result of an authorization request.
57#[derive(Clone, Debug, Deserialize, Serialize)]
58pub struct AuthorizationResponse {
59    /// The outcome, of the request.
60    pub outcome: Outcome,
61}
62
63impl AsPassFail for AuthorizationResponse {
64    fn as_pass_fail(&self) -> PassFail {
65        match self.outcome {
66            Outcome::Allow => PassFail::Pass,
67            Outcome::Deny => PassFail::Fail,
68        }
69    }
70}
drogue_client/user/v1/data/authz.rs

drogue_client/user/v1/data/
authz.rs
