pub trait DocumentOps {
// Required methods
fn document_encrypt(
&self,
document_data: Vec<u8>,
encrypt_opts: &DocumentEncryptOpts,
) -> impl Future<Output = Result<DocumentEncryptResult>> + Send;
fn document_decrypt(
&self,
encrypted_document: &[u8],
) -> impl Future<Output = Result<DocumentDecryptResult>> + Send;
fn document_list(
&self,
) -> impl Future<Output = Result<DocumentListResult>> + Send;
fn document_get_metadata(
&self,
id: &DocumentId,
) -> impl Future<Output = Result<DocumentMetadataResult>> + Send;
fn document_get_id_from_bytes(
&self,
encrypted_document: &[u8],
) -> Result<DocumentId>;
fn document_update_bytes(
&self,
id: &DocumentId,
new_document_data: Vec<u8>,
) -> impl Future<Output = Result<DocumentEncryptResult>> + Send;
fn document_update_name(
&self,
id: &DocumentId,
name: Option<&DocumentName>,
) -> impl Future<Output = Result<DocumentMetadataResult>> + Send;
fn document_grant_access(
&self,
document_id: &DocumentId,
grant_list: &[UserOrGroup],
) -> impl Future<Output = Result<DocumentAccessResult>> + Send;
fn document_revoke_access(
&self,
document_id: &DocumentId,
revoke_list: &[UserOrGroup],
) -> impl Future<Output = Result<DocumentAccessResult>> + Send;
}
Expand description
IronOxide Document Operations
§Key Terms
- ID - The ID representing a document. It must be unique within the document’s segment and will not be encrypted.
- Name - The human-readable name of a document. It does not need to be unique and will not be encrypted.
Required Methods§
Sourcefn document_encrypt(
&self,
document_data: Vec<u8>,
encrypt_opts: &DocumentEncryptOpts,
) -> impl Future<Output = Result<DocumentEncryptResult>> + Send
fn document_encrypt( &self, document_data: Vec<u8>, encrypt_opts: &DocumentEncryptOpts, ) -> impl Future<Output = Result<DocumentEncryptResult>> + Send
Encrypts the provided document bytes.
Returns a DocumentEncryptResult
which contains document metadata as well as the encrypted_data
,
which is the only thing that must be passed to document_decrypt
in order to decrypt the document.
Metadata about the document will be stored by IronCore, but the encrypted bytes of the document will not. To encrypt without any document information being stored by IronCore, consider using document_encrypt_unmanaged instead.
§Arguments
document_data
- Bytes of the document to encryptencrypt_opts
- Document encryption parameters. Default values are provided with DocumentEncryptOpts::default().
§Examples
let data = "secret data".to_string().into_bytes();
let encrypted = sdk.document_encrypt(data, &DocumentEncryptOpts::default()).await?;
Sourcefn document_decrypt(
&self,
encrypted_document: &[u8],
) -> impl Future<Output = Result<DocumentDecryptResult>> + Send
fn document_decrypt( &self, encrypted_document: &[u8], ) -> impl Future<Output = Result<DocumentDecryptResult>> + Send
Decrypts an IronCore encrypted document.
Requires the encrypted data returned from document_encrypt.
Returns details about the document as well as its decrypted bytes.
§Arguments
encrypted_document
- Bytes of the encrypted document
§Errors
Fails if passed malformed data or if the calling user does not have sufficient access to the document.
§Examples
let decrypted_document = sdk.document_decrypt(&encrypted_data).await?;
let decrypted_data = decrypted_document.decrypted_data();
Sourcefn document_list(
&self,
) -> impl Future<Output = Result<DocumentListResult>> + Send
fn document_list( &self, ) -> impl Future<Output = Result<DocumentListResult>> + Send
Lists metadata for all of the encrypted documents that the calling user can read or decrypt.
§Examples
let document_data = sdk.document_list().await?;
let documents: Vec<DocumentListMeta> = document_data.result().to_vec();
Sourcefn document_get_metadata(
&self,
id: &DocumentId,
) -> impl Future<Output = Result<DocumentMetadataResult>> + Send
fn document_get_metadata( &self, id: &DocumentId, ) -> impl Future<Output = Result<DocumentMetadataResult>> + Send
Returns the metadata for an encrypted document.
This will not return the encrypted document bytes, as they are not stored by IronCore.
§Arguments
id
- ID of the document to retrieve
§Examples
use std::convert::TryFrom;
let document_id = DocumentId::try_from("test_document")?;
let document_meta = sdk.document_get_metadata(&document_id).await?;
Sourcefn document_get_id_from_bytes(
&self,
encrypted_document: &[u8],
) -> Result<DocumentId>
fn document_get_id_from_bytes( &self, encrypted_document: &[u8], ) -> Result<DocumentId>
Returns the document ID from the bytes of an encrypted document.
This is the same ID returned by DocumentEncryptResult.id()
.
§Arguments
encrypted_document
- Bytes of the encrypted document
§Errors
Fails if the provided bytes are not an encrypted document or have no header.
§Examples
// with `bytes` returned from `document_encrypt`
let document_id = sdk.document_get_id_from_bytes(&bytes)?;
Sourcefn document_update_bytes(
&self,
id: &DocumentId,
new_document_data: Vec<u8>,
) -> impl Future<Output = Result<DocumentEncryptResult>> + Send
fn document_update_bytes( &self, id: &DocumentId, new_document_data: Vec<u8>, ) -> impl Future<Output = Result<DocumentEncryptResult>> + Send
Updates the contents of an existing IronCore encrypted document.
The new contents will be encrypted, and which users and groups are granted access will remain unchanged.
§Arguments
id
- ID of the document to updatenew_document_data
- New document bytes to encrypt
§Examples
let new_data = "more secret data".to_string().into_bytes();
let encrypted = sdk.document_update_bytes(&document_id, new_data).await?;
Sourcefn document_update_name(
&self,
id: &DocumentId,
name: Option<&DocumentName>,
) -> impl Future<Output = Result<DocumentMetadataResult>> + Send
fn document_update_name( &self, id: &DocumentId, name: Option<&DocumentName>, ) -> impl Future<Output = Result<DocumentMetadataResult>> + Send
Modifies or removes a document’s name.
Returns the updated metadata of the document.
§Arguments
id
- ID of the document to updatename
- New name for the document. Provide aSome
to update to a new name or aNone
to clear the name field.
§Examples
use std::convert::TryFrom;
let new_name = DocumentName::try_from("updated")?;
let document_meta = sdk.document_update_name(&document_id, Some(&new_name)).await?;
Sourcefn document_grant_access(
&self,
document_id: &DocumentId,
grant_list: &[UserOrGroup],
) -> impl Future<Output = Result<DocumentAccessResult>> + Send
fn document_grant_access( &self, document_id: &DocumentId, grant_list: &[UserOrGroup], ) -> impl Future<Output = Result<DocumentAccessResult>> + Send
Grants decryption access to a document for the provided users and/or groups.
Returns lists of successful and failed grants.
§Arguments
document_id
- ID of the document whose access is being modified.grant_list
- List of users and groups to grant access to.
§Errors
This operation supports partial success. If the request succeeds, then the resulting
DocumentAccessResult
will indicate which grants succeeded and which failed, and it
will provide an explanation for each failure.
§Examples
use ironoxide::document::UserOrGroup;
// from a list of UserIds, `users`
let users_or_groups: Vec<UserOrGroup> = users.iter().map(|user| user.into()).collect();
let access_result = sdk.document_grant_access(&document_id, &users_or_groups).await?;
Sourcefn document_revoke_access(
&self,
document_id: &DocumentId,
revoke_list: &[UserOrGroup],
) -> impl Future<Output = Result<DocumentAccessResult>> + Send
fn document_revoke_access( &self, document_id: &DocumentId, revoke_list: &[UserOrGroup], ) -> impl Future<Output = Result<DocumentAccessResult>> + Send
Revokes decryption access to a document for the provided users and/or groups.
Returns lists of successful and failed revocations.
§Arguments
document_id
- ID of the document whose access is being modified.revoke_list
- List of users and groups to revoke access from.
§Errors
This operation supports partial success. If the request succeeds, then the resulting
DocumentAccessResult
will indicate which revocations succeeded and which failed, and it
will provide an explanation for each failure.
§Examples
use ironoxide::document::UserOrGroup;
// from a list of UserIds, `users`
let users_or_groups: Vec<UserOrGroup> = users.iter().map(|user| user.into()).collect();
let access_result = sdk.document_revoke_access(&document_id, &users_or_groups).await?;
Dyn Compatibility§
This trait is not dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.