fraiseql_core/security/
mod.rs1pub mod actor_type;
18pub mod audit;
19#[cfg(feature = "audit-syslog")]
20pub mod audit_export_syslog;
21#[cfg(feature = "audit-webhook")]
22pub mod audit_export_webhook;
23pub mod auth_middleware;
24pub mod authorizer;
25pub mod error_formatter;
26pub mod errors;
27pub mod field_authorizer;
28pub mod field_filter;
29pub mod field_masking;
30pub mod headers;
31pub mod introspection_enforcer;
32pub mod kms;
33pub mod oidc;
34pub mod profiles;
35pub mod query_validator;
36pub mod rls_policy;
37pub mod security_context;
38pub mod tls_enforcer;
39pub mod validation_audit;
40
41pub use actor_type::{ActorType, derive_actor};
43pub use audit::{
44 AuditEntry, AuditExportConfig, AuditExporter, AuditLevel, AuditLogger, AuditStats,
45 SyslogExportConfig, WebhookExportConfig,
46};
47#[cfg(feature = "audit-syslog")]
48pub use audit_export_syslog::SyslogAuditExporter;
49#[cfg(feature = "audit-webhook")]
50pub use audit_export_webhook::WebhookAuditExporter;
51pub use auth_middleware::{AuthConfig, AuthMiddleware, AuthRequest, AuthenticatedUser, SigningKey};
52pub use authorizer::{Authorizer, AuthzDecision, AuthzRequest, OperationKind};
53pub use error_formatter::{DetailLevel, ErrorFormatter};
54pub use errors::SecurityError;
55pub use field_authorizer::{FieldAuthorizer, FieldAuthzDecision, FieldAuthzRequest};
56pub use field_filter::{FieldAccessError, FieldFilter, FieldFilterBuilder, FieldFilterConfig};
57pub use field_masking::{FieldMasker, FieldSensitivity};
58pub use headers::SecurityHeaders;
59pub use introspection_enforcer::{IntrospectionEnforcer, IntrospectionPolicy};
60pub use kms::{
61 BaseKmsProvider, DataKeyPair, EncryptedData, KeyPurpose, KeyReference, KeyState, KmsError,
62 KmsResult, RotationPolicy, VaultConfig, VaultKmsProvider,
63};
64pub use oidc::{OidcConfig, OidcValidator};
65pub use profiles::SecurityProfile;
66pub use query_validator::{QueryValidator, QueryValidatorConfig};
67pub use rls_policy::{CompiledRLSPolicy, DefaultRLSPolicy, NoRLSPolicy, RLSPolicy, RlsWhereClause};
68pub use security_context::SecurityContext;
69pub use tls_enforcer::{TlsConfig, TlsConnection, TlsEnforcer, TlsVersion};
70pub use validation_audit::{
71 RedactionPolicy, ValidationAuditEntry, ValidationAuditLogger, ValidationAuditLoggerConfig,
72};
73
74pub use crate::graphql::complexity::QueryMetrics;
75
76#[cfg(test)]
77mod tests;