Skip to main content

Identity

grafeo_engine::auth

Struct Identity 

Source 
pub struct Identity { /* private fields */ }
Expand description

A verified identity bound to a session.

Created by the caller (typically a server or application layer) and passed to GrafeoDB::session_with_identity. The engine trusts the caller to construct the identity correctly.

Implementations§

Source§

impl Identity

Source

pub fn new( user_id: impl Into<String>, roles: impl IntoIterator<Item = Role>, ) -> Self

Creates a new identity with the given user ID and roles.

Source

pub fn anonymous() -> Self

Creates an anonymous identity with full access.

Used internally when no identity is provided (backward-compatible default). Anonymous sessions have the Role::Admin role.

Source

pub fn with_grants(self, grants: impl IntoIterator<Item = Grant>) -> Self

Adds per-graph access grants to this identity.

When grants are set, the identity can only access the listed graphs at the specified role level. Graphs not in the grant list are inaccessible regardless of the identity’s top-level roles.

Source

pub fn user_id(&self) -> &str

Returns the user ID.

Source

pub fn roles(&self) -> &HashSet<Role>

Returns the roles assigned to this identity.

Source

pub fn has_role(&self, role: Role) -> bool

Returns true if this identity has the given role.

Source

pub fn can_read(&self) -> bool

Returns true if this identity can perform read operations.

Any assigned role grants read access.

Source

pub fn can_write(&self) -> bool

Returns true if this identity can perform write operations (create/update/delete nodes and edges, graph management).

Source

pub fn can_admin(&self) -> bool

Returns true if this identity can perform admin operations (schema DDL, index management, GC, configuration changes).

Source

pub fn grants(&self) -> &[Grant]

Returns the per-graph grants, if any.

Source

pub fn has_grants(&self) -> bool

Returns true if this identity has per-graph restrictions.

Source

pub fn can_access_graph(&self, graph: &str, required: Role) -> bool

Checks whether this identity can access the given graph at the required role level.

If no grants are configured, access is governed only by the identity’s top-level roles. If grants are configured, the graph must appear in the grant list with a sufficient role.

Trait Implementations§

Source§

impl Clone for Identity

Source§

fn clone(&self) -> Identity

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Identity

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Display for Identity

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.