Struct AccessControlSelectorSet 

pub struct AccessControlSelectorSet {

    pub create_index_selectors: BTreeMap<usize, Vec<Permission<CreateIndex>>>,
    pub create_table_selectors: BTreeMap<usize, Vec<Permission<CreateTable>>>,
    pub create_temp_index_selectors: BTreeMap<usize, Vec<Permission<CreateTempIndex>>>,
    pub create_temp_table_selectors: BTreeMap<usize, Vec<Permission<CreateTempTable>>>,
    pub create_temp_trigger_selectors: BTreeMap<usize, Vec<Permission<CreateTempTrigger>>>,
    pub create_temp_view_selectors: BTreeMap<usize, Vec<Permission<CreateTempView>>>,
    pub create_trigger_selectors: BTreeMap<usize, Vec<Permission<CreateTrigger>>>,
    pub create_view_selectors: BTreeMap<usize, Vec<Permission<CreateView>>>,
    pub delete_selectors: BTreeMap<usize, Vec<Permission<Delete>>>,
    pub drop_index_selectors: BTreeMap<usize, Vec<Permission<DropIndex>>>,
    pub drop_table_selectors: BTreeMap<usize, Vec<Permission<DropTable>>>,
    pub drop_temp_index_selectors: BTreeMap<usize, Vec<Permission<DropTempIndex>>>,
    pub drop_temp_table_selectors: BTreeMap<usize, Vec<Permission<DropTempTable>>>,
    pub drop_temp_trigger_selectors: BTreeMap<usize, Vec<Permission<DropTempTrigger>>>,
    pub drop_temp_view_selectors: BTreeMap<usize, Vec<Permission<DropTempView>>>,
    pub drop_trigger_selectors: BTreeMap<usize, Vec<Permission<DropTrigger>>>,
    pub drop_view_selectors: BTreeMap<usize, Vec<Permission<DropView>>>,
    pub insert_selectors: BTreeMap<usize, Vec<Permission<Insert>>>,
    pub pragma_selectors: BTreeMap<usize, Vec<Permission<Pragma>>>,
    pub read_selectors: BTreeMap<usize, Vec<Permission<Read>>>,
    pub select_selectors: BTreeMap<usize, Vec<Permission<Select>>>,
    pub transaction_selectors: BTreeMap<usize, Vec<Permission<Transaction>>>,
    pub update_selectors: BTreeMap<usize, Vec<Permission<Update>>>,
    pub attach_selectors: BTreeMap<usize, Vec<Permission<Attach>>>,
    pub detach_selectors: BTreeMap<usize, Vec<Permission<Detach>>>,
    pub alter_table_selectors: BTreeMap<usize, Vec<Permission<AlterTable>>>,
    pub reindex_selectors: BTreeMap<usize, Vec<Permission<Reindex>>>,
    pub analyze_selectors: BTreeMap<usize, Vec<Permission<Analyze>>>,
    pub create_vtable_selectors: BTreeMap<usize, Vec<Permission<CreateVtable>>>,
    pub drop_vtable_selectors: BTreeMap<usize, Vec<Permission<DropVtable>>>,
    pub function_selectors: BTreeMap<usize, Vec<Permission<Function>>>,
    pub savepoint_selectors: BTreeMap<usize, Vec<Permission<Savepoint>>>,
    pub recursive_selectors: BTreeMap<usize, Vec<Permission<Recursive>>>,
}

Holds all configured access control rules, grouped by selector type and indexed by specificity.

Each selector type gets its own BTreeMap keyed by the selector’s specificity value (number of concrete Value fields). This layout enables the policy resolver to iterate from most-specific to least-specific rules efficiently: the highest-specificity match wins, with deny breaking ties.

Fields

create_index_selectors: BTreeMap<usize, Vec<Permission<CreateIndex>>>

Selector for CREATE INDEX statements, scoped to a table and index name.

String syntax examples

• CreateIndex – any index on any table.
• CreateIndex(Students) – any index on Students.
• CreateIndex(Students.idx_email) – one specific index.

create_table_selectors: BTreeMap<usize, Vec<Permission<CreateTable>>>

Selector for CREATE TABLE statements.

String syntax examples

• CreateTable – any table.
• CreateTable(Students) – only Students.

create_temp_index_selectors: BTreeMap<usize, Vec<Permission<CreateTempIndex>>>

Selector for CREATE TEMP INDEX statements, scoped to a table and index name.

String syntax examples

• CreateTempIndex – any temporary index on any table.
• CreateTempIndex(Sessions) – temp indexes on Sessions.

create_temp_table_selectors: BTreeMap<usize, Vec<Permission<CreateTempTable>>>

Selector for CREATE TEMP TABLE statements.

String syntax examples

• CreateTempTable – any temporary table.
• CreateTempTable(scratch) – only scratch.

create_temp_trigger_selectors: BTreeMap<usize, Vec<Permission<CreateTempTrigger>>>

Selector for CREATE TEMP TRIGGER statements, scoped to a table and trigger name.

String syntax examples

• CreateTempTrigger – any temp trigger on any table.
• CreateTempTrigger(Orders.trg_audit) – one specific trigger.

create_temp_view_selectors: BTreeMap<usize, Vec<Permission<CreateTempView>>>

Selector for CREATE TEMP VIEW statements.

String syntax examples

• CreateTempView – any temporary view.
• CreateTempView(recent_orders) – only recent_orders.

create_trigger_selectors: BTreeMap<usize, Vec<Permission<CreateTrigger>>>

Selector for CREATE TRIGGER statements, scoped to a table and trigger name.

String syntax examples

• CreateTrigger – any trigger on any table.
• CreateTrigger(Orders.trg_audit) – one specific trigger.

create_view_selectors: BTreeMap<usize, Vec<Permission<CreateView>>>

Selector for CREATE VIEW statements.

String syntax examples

• CreateView – any view.
• CreateView(active_users) – only active_users.

delete_selectors: BTreeMap<usize, Vec<Permission<Delete>>>

Selector for DELETE statements, scoped to a table.

String syntax examples

• Delete – delete from any table.
• Delete(Sessions) – only from Sessions.

drop_index_selectors: BTreeMap<usize, Vec<Permission<DropIndex>>>

Selector for DROP INDEX statements, scoped to a table and index name.

String syntax examples

• DropIndex – any index on any table.
• DropIndex(Students.idx_email) – one specific index.

drop_table_selectors: BTreeMap<usize, Vec<Permission<DropTable>>>

Selector for DROP TABLE statements.

String syntax examples

• DropTable – any table.
• DropTable(Students) – only Students.

drop_temp_index_selectors: BTreeMap<usize, Vec<Permission<DropTempIndex>>>

Selector for DROP TEMP INDEX statements, scoped to a table and index name.

String syntax examples

• DropTempIndex – any temporary index.
• DropTempIndex(Sessions.idx_ts) – one specific index.

drop_temp_table_selectors: BTreeMap<usize, Vec<Permission<DropTempTable>>>

Selector for DROP TEMP TABLE statements.

String syntax examples

• DropTempTable – any temporary table.
• DropTempTable(scratch) – only scratch.

drop_temp_trigger_selectors: BTreeMap<usize, Vec<Permission<DropTempTrigger>>>

Selector for DROP TEMP TRIGGER statements, scoped to a table and trigger name.

String syntax examples

• DropTempTrigger – any temp trigger.
• DropTempTrigger(Orders.trg_audit) – one specific trigger.

drop_temp_view_selectors: BTreeMap<usize, Vec<Permission<DropTempView>>>

Selector for DROP TEMP VIEW statements.

String syntax examples

• DropTempView – any temporary view.
• DropTempView(recent_orders) – only recent_orders.

drop_trigger_selectors: BTreeMap<usize, Vec<Permission<DropTrigger>>>

Selector for DROP TRIGGER statements, scoped to a table and trigger name.

String syntax examples

• DropTrigger – any trigger on any table.
• DropTrigger(Orders.trg_audit) – one specific trigger.

drop_view_selectors: BTreeMap<usize, Vec<Permission<DropView>>>

Selector for DROP VIEW statements.

String syntax examples

• DropView – any view.
• DropView(active_users) – only active_users.

insert_selectors: BTreeMap<usize, Vec<Permission<Insert>>>

Selector for INSERT statements, scoped to a table.

String syntax examples

• Insert – insert into any table.
• Insert(Students) – only into Students.

pragma_selectors: BTreeMap<usize, Vec<Permission<Pragma>>>

Selector for PRAGMA statements, scoped to a pragma name

String syntax examples

• Pragma – any pragma.
• Pragma(journal_mode) – only journal_mode.

read_selectors: BTreeMap<usize, Vec<Permission<Read>>>

Selector for column-level read operations, scoped to a table and column.

When both fields are globs, this matches all read operations across the entire database. Specifying a table_name narrows the scope to a single table, and additionally specifying a column_name narrows it to one column.

String syntax examples

• Read – all tables, all columns.
• Read(Students) – the Students table, all columns.
• Read(Students.name) – only the name column of Students.
• Read(*.name) – the name column across every table.

select_selectors: BTreeMap<usize, Vec<Permission<Select>>>

Selector for bare SELECT operations (the statement-level authorization check, not column-level reads).

transaction_selectors: BTreeMap<usize, Vec<Permission<Transaction>>>

Selector for transaction control operations (BEGIN, COMMIT, ROLLBACK).

String syntax examples

• Transaction – any transaction operation.
• Transaction(BEGIN) – only BEGIN statements.

update_selectors: BTreeMap<usize, Vec<Permission<Update>>>

Selector for UPDATE statements, scoped to a table and column.

String syntax examples

• Update – any column on any table.
• Update(Students) – any column on Students.
• Update(Students.email) – only the email column.

attach_selectors: BTreeMap<usize, Vec<Permission<Attach>>>

Selector for ATTACH DATABASE statements, scoped to a filename.

String syntax examples

• Attach – any attachment.
• Attach(other.db) – only other.db.

detach_selectors: BTreeMap<usize, Vec<Permission<Detach>>>

Selector for DETACH DATABASE statements, scoped to a database name.

String syntax examples

• Detach – any detachment.
• Detach(aux) – only the aux database.

alter_table_selectors: BTreeMap<usize, Vec<Permission<AlterTable>>>

Selector for ALTER TABLE statements, scoped to a database and table.

String syntax examples

• AlterTable – any alter on any table.
• AlterTable(main.Students) – Students in main.

reindex_selectors: BTreeMap<usize, Vec<Permission<Reindex>>>

Selector for REINDEX statements, scoped to an index name.

String syntax examples

• Reindex – any index.
• Reindex(idx_email) – only idx_email.

analyze_selectors: BTreeMap<usize, Vec<Permission<Analyze>>>

Selector for ANALYZE statements, scoped to a table.

String syntax examples

• Analyze – any table.
• Analyze(Students) – only Students.

create_vtable_selectors: BTreeMap<usize, Vec<Permission<CreateVtable>>>

Selector for CREATE VIRTUAL TABLE statements, scoped to a table and module name.

String syntax examples

• CreateVtable – any virtual table.
• CreateVtable(docs.fts5) – docs using fts5.

drop_vtable_selectors: BTreeMap<usize, Vec<Permission<DropVtable>>>

Selector for DROP VIRTUAL TABLE statements, scoped to a table and module name.

String syntax examples

• DropVtable – any virtual table.
• DropVtable(docs.fts5) – docs backed by fts5.

function_selectors: BTreeMap<usize, Vec<Permission<Function>>>

Selector for SQL function invocations within a query.

String syntax examples

• Function – any function.
• Function(load_extension) – only load_extension.

savepoint_selectors: BTreeMap<usize, Vec<Permission<Savepoint>>>

Selector for SAVEPOINT, RELEASE, and ROLLBACK TO operations on named savepoints.

String syntax examples

• Savepoint – any savepoint operation.
• Savepoint(RELEASE) – only RELEASE operations.
• Savepoint(RELEASE.sp1) – RELEASE on savepoint sp1.

recursive_selectors: BTreeMap<usize, Vec<Permission<Recursive>>>

Selector for recursive query authorization checks.

Implementations

impl AccessControlSelectorSet

pub fn new() -> Self

Creates an empty AccessControlSelectorSet with no rules.

pub fn with_selector( self, selector: impl Into<AccessControlSelector>, allow: bool, ) -> Self

Adds a rule by converting any selector type into an AccessControlSelector and dispatching it to the appropriate type-specific builder. allow controls whether the rule permits or denies the matched operation.

pub fn with_create_index_selector( self, selector: CreateIndex, allow: bool, ) -> Self

Adds a CreateIndex rule, inserting it into the bucket matching its specificity.

pub fn check_create_index( &self, table_name: &(impl PartialEq<String> + ?Sized), index_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured CreateIndex rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_create_table_selector( self, selector: CreateTable, allow: bool, ) -> Self

Adds a CreateTable rule, inserting it into the bucket matching its specificity.

pub fn check_create_table( &self, table_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured CreateTable rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_create_temp_index_selector( self, selector: CreateTempIndex, allow: bool, ) -> Self

Adds a CreateTempIndex rule, inserting it into the bucket matching its specificity.

pub fn check_create_temp_index( &self, table_name: &(impl PartialEq<String> + ?Sized), index_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured CreateTempIndex rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_create_temp_table_selector( self, selector: CreateTempTable, allow: bool, ) -> Self

Adds a CreateTempTable rule, inserting it into the bucket matching its specificity.

pub fn check_create_temp_table( &self, table_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured CreateTempTable rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_create_temp_trigger_selector( self, selector: CreateTempTrigger, allow: bool, ) -> Self

Adds a CreateTempTrigger rule, inserting it into the bucket matching its specificity.

pub fn check_create_temp_trigger( &self, table_name: &(impl PartialEq<String> + ?Sized), trigger_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured CreateTempTrigger rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_create_temp_view_selector( self, selector: CreateTempView, allow: bool, ) -> Self

Adds a CreateTempView rule, inserting it into the bucket matching its specificity.

pub fn check_create_temp_view( &self, view_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured CreateTempView rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_create_trigger_selector( self, selector: CreateTrigger, allow: bool, ) -> Self

Adds a CreateTrigger rule, inserting it into the bucket matching its specificity.

pub fn check_create_trigger( &self, table_name: &(impl PartialEq<String> + ?Sized), trigger_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured CreateTrigger rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_create_view_selector( self, selector: CreateView, allow: bool, ) -> Self

Adds a CreateView rule, inserting it into the bucket matching its specificity.

pub fn check_create_view( &self, view_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured CreateView rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_delete_selector(self, selector: Delete, allow: bool) -> Self

Adds a Delete rule, inserting it into the bucket matching its specificity.

pub fn check_delete( &self, table_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Delete rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_drop_index_selector(self, selector: DropIndex, allow: bool) -> Self

Adds a DropIndex rule, inserting it into the bucket matching its specificity.

pub fn check_drop_index( &self, table_name: &(impl PartialEq<String> + ?Sized), index_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured DropIndex rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_drop_table_selector(self, selector: DropTable, allow: bool) -> Self

Adds a DropTable rule, inserting it into the bucket matching its specificity.

pub fn check_drop_table( &self, table_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured DropTable rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_drop_temp_index_selector( self, selector: DropTempIndex, allow: bool, ) -> Self

Adds a DropTempIndex rule, inserting it into the bucket matching its specificity.

pub fn check_drop_temp_index( &self, table_name: &(impl PartialEq<String> + ?Sized), index_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured DropTempIndex rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_drop_temp_table_selector( self, selector: DropTempTable, allow: bool, ) -> Self

Adds a DropTempTable rule, inserting it into the bucket matching its specificity.

pub fn check_drop_temp_table( &self, table_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured DropTempTable rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_drop_temp_trigger_selector( self, selector: DropTempTrigger, allow: bool, ) -> Self

Adds a DropTempTrigger rule, inserting it into the bucket matching its specificity.

pub fn check_drop_temp_trigger( &self, table_name: &(impl PartialEq<String> + ?Sized), trigger_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured DropTempTrigger rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_drop_temp_view_selector( self, selector: DropTempView, allow: bool, ) -> Self

Adds a DropTempView rule, inserting it into the bucket matching its specificity.

pub fn check_drop_temp_view( &self, view_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured DropTempView rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_drop_trigger_selector( self, selector: DropTrigger, allow: bool, ) -> Self

Adds a DropTrigger rule, inserting it into the bucket matching its specificity.

pub fn check_drop_trigger( &self, table_name: &(impl PartialEq<String> + ?Sized), trigger_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured DropTrigger rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_drop_view_selector(self, selector: DropView, allow: bool) -> Self

Adds a DropView rule, inserting it into the bucket matching its specificity.

pub fn check_drop_view( &self, view_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured DropView rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_insert_selector(self, selector: Insert, allow: bool) -> Self

Adds a Insert rule, inserting it into the bucket matching its specificity.

pub fn check_insert( &self, table_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Insert rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_pragma_selector(self, selector: Pragma, allow: bool) -> Self

Adds a Pragma rule, inserting it into the bucket matching its specificity.

pub fn check_pragma( &self, pragma_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Pragma rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_read_selector(self, selector: Read, allow: bool) -> Self

Adds a Read rule, inserting it into the bucket matching its specificity.

pub fn check_read( &self, table_name: &(impl PartialEq<String> + ?Sized), column_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Read rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_select_selector(self, selector: Select, allow: bool) -> Self

Adds a Select rule, inserting it into the bucket matching its specificity.

pub fn check_select(&self) -> Option<Authorization>

Resolves the configured Select rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_transaction_selector( self, selector: Transaction, allow: bool, ) -> Self

Adds a Transaction rule, inserting it into the bucket matching its specificity.

pub fn check_transaction( &self, operation: &(impl PartialEq<TransactionOperation> + ?Sized), ) -> Option<Authorization>

Resolves the configured Transaction rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_update_selector(self, selector: Update, allow: bool) -> Self

Adds a Update rule, inserting it into the bucket matching its specificity.

pub fn check_update( &self, table_name: &(impl PartialEq<String> + ?Sized), column_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Update rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_attach_selector(self, selector: Attach, allow: bool) -> Self

Adds a Attach rule, inserting it into the bucket matching its specificity.

pub fn check_attach( &self, filename: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Attach rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_detach_selector(self, selector: Detach, allow: bool) -> Self

Adds a Detach rule, inserting it into the bucket matching its specificity.

pub fn check_detach( &self, database_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Detach rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_alter_table_selector( self, selector: AlterTable, allow: bool, ) -> Self

Adds a AlterTable rule, inserting it into the bucket matching its specificity.

pub fn check_alter_table( &self, database_name: &(impl PartialEq<String> + ?Sized), table_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured AlterTable rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_reindex_selector(self, selector: Reindex, allow: bool) -> Self

Adds a Reindex rule, inserting it into the bucket matching its specificity.

pub fn check_reindex( &self, index_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Reindex rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_analyze_selector(self, selector: Analyze, allow: bool) -> Self

Adds a Analyze rule, inserting it into the bucket matching its specificity.

pub fn check_analyze( &self, table_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Analyze rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_create_vtable_selector( self, selector: CreateVtable, allow: bool, ) -> Self

Adds a CreateVtable rule, inserting it into the bucket matching its specificity.

pub fn check_create_vtable( &self, table_name: &(impl PartialEq<String> + ?Sized), module_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured CreateVtable rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_drop_vtable_selector( self, selector: DropVtable, allow: bool, ) -> Self

Adds a DropVtable rule, inserting it into the bucket matching its specificity.

pub fn check_drop_vtable( &self, table_name: &(impl PartialEq<String> + ?Sized), module_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured DropVtable rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_function_selector(self, selector: Function, allow: bool) -> Self

Adds a Function rule, inserting it into the bucket matching its specificity.

pub fn check_function( &self, function_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Function rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_savepoint_selector(self, selector: Savepoint, allow: bool) -> Self

Adds a Savepoint rule, inserting it into the bucket matching its specificity.

pub fn check_savepoint( &self, operation: &(impl PartialEq<TransactionOperation> + ?Sized), savepoint_name: &(impl PartialEq<String> + ?Sized), ) -> Option<Authorization>

Resolves the configured Savepoint rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

pub fn with_recursive_selector(self, selector: Recursive, allow: bool) -> Self

Adds a Recursive rule, inserting it into the bucket matching its specificity.

pub fn check_recursive(&self) -> Option<Authorization>

Resolves the configured Recursive rules against the given field values. Iterates from highest to lowest specificity; at each level, deny wins if both allow and deny match. Returns None when no rule matches.

Trait Implementations

impl Clone for AccessControlSelectorSet

fn clone(&self) -> AccessControlSelectorSet

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for AccessControlSelectorSet

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for AccessControlSelectorSet

fn default() -> AccessControlSelectorSet

Returns the “default value” for a type.

impl Hash for AccessControlSelectorSet

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Ord for AccessControlSelectorSet

fn cmp(&self, other: &AccessControlSelectorSet) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Self

where Self: Sized,

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Self

where Self: Sized,

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Self

where Self: Sized,

Restrict a value to a certain interval.

impl PartialEq for AccessControlSelectorSet

fn eq(&self, other: &AccessControlSelectorSet) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd for AccessControlSelectorSet

fn partial_cmp(&self, other: &AccessControlSelectorSet) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator.

impl Eq for AccessControlSelectorSet

impl StructuralPartialEq for AccessControlSelectorSet