Struct PolicyEnforcer 

pub struct PolicyEnforcer { /* private fields */ }

Policy enforcer

Implementations

impl PolicyEnforcer

pub fn new(policy: SecurityPolicy) -> Self

Create a new policy enforcer

pub fn default() -> Self

Create with default policy

pub fn check_ip(&self, ip: &str) -> SecurityResult<()>

Check if an IP is allowed

pub fn check_tls(&self, is_tls: bool, version: &str) -> SecurityResult<()>

Check if TLS is required

pub fn check_origin(&self, origin: &str) -> SecurityResult<()>

Check CORS origin

pub fn check_request_size(&self, size: usize) -> SecurityResult<()>

Check request size

pub fn check_endpoint(&self, endpoint: &str) -> SecurityResult<()>

Check if endpoint is allowed

pub fn check_mfa(&self, has_mfa: bool, is_sensitive: bool) -> SecurityResult<()>

Check if MFA is required

pub fn check_session(&self, created_at: DateTime<Utc>) -> SecurityResult<()>

Check session validity

pub fn check_data_classification( &self, classification: &DataClassification, ) -> SecurityResult<()>

Validate data classification

pub fn check_request(&self, context: &SecurityContext) -> SecurityResult<()>

Comprehensive security check

pub fn block_ip(&mut self, ip: String)

Add an IP to the blocklist

pub fn unblock_ip(&mut self, ip: &str)

Remove an IP from the blocklist

pub fn get_policy(&self) -> &SecurityPolicy

Get the current policy

pub fn update_policy(&mut self, policy: SecurityPolicy)

Update the policy