Skip to main content

AuthorizationResolver

mcp_server_sqlite::access_control

Struct AuthorizationResolver

pub struct AuthorizationResolver {Show 34 fields
    pub selector_set: AccessControlSelectorSet,
    pub create_index_default_permissions: Authorization,
    pub create_table_default_permissions: Authorization,
    pub create_temp_index_default_permissions: Authorization,
    pub create_temp_table_default_permissions: Authorization,
    pub create_temp_trigger_default_permissions: Authorization,
    pub create_temp_view_default_permissions: Authorization,
    pub create_trigger_default_permissions: Authorization,
    pub create_view_default_permissions: Authorization,
    pub delete_default_permissions: Authorization,
    pub drop_index_default_permissions: Authorization,
    pub drop_table_default_permissions: Authorization,
    pub drop_temp_index_default_permissions: Authorization,
    pub drop_temp_table_default_permissions: Authorization,
    pub drop_temp_trigger_default_permissions: Authorization,
    pub drop_temp_view_default_permissions: Authorization,
    pub drop_trigger_default_permissions: Authorization,
    pub drop_view_default_permissions: Authorization,
    pub insert_default_permissions: Authorization,
    pub pragma_default_permissions: Authorization,
    pub read_default_permissions: Authorization,
    pub select_default_permissions: Authorization,
    pub transaction_default_permissions: Authorization,
    pub update_default_permissions: Authorization,
    pub attach_default_permissions: Authorization,
    pub detach_default_permissions: Authorization,
    pub alter_table_default_permissions: Authorization,
    pub reindex_default_permissions: Authorization,
    pub analyze_default_permissions: Authorization,
    pub create_vtable_default_permissions: Authorization,
    pub drop_vtable_default_permissions: Authorization,
    pub function_default_permissions: Authorization,
    pub savepoint_default_permissions: Authorization,
    pub recursive_default_permissions: Authorization,
}

Expand description

Resolves incoming SQLite authorization requests against a set of configured allow/deny rules and per-action default permissions.

The resolver holds an AccessControlSelectorSet containing all user-supplied rules, plus a default rusqlite::hooks::Authorization for each action type that is used when no rule matches. Call authorization with an AuthContext to obtain the final verdict.

Fields§

§selector_set: AccessControlSelectorSet

The set of allow/deny rules to evaluate.

§create_index_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§create_table_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§create_temp_index_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§create_temp_table_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§create_temp_trigger_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§create_temp_view_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§create_trigger_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§create_view_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§delete_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§drop_index_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§drop_table_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§drop_temp_index_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§drop_temp_table_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§drop_temp_trigger_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§drop_temp_view_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§drop_trigger_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§drop_view_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§insert_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§pragma_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§read_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§select_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§transaction_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§update_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§attach_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§detach_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§alter_table_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§reindex_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§analyze_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§create_vtable_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§drop_vtable_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§function_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§savepoint_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

§recursive_default_permissions: Authorization

The fallback authorization returned when no rule in the selector set matches this action type.

Implementations§

impl AuthorizationResolver

pub fn new_allow_everything() -> Self

Creates a resolver that permits every action by default. Rules added to the selector set can then selectively deny specific operations.

pub fn new_deny_everything() -> Self

Creates a resolver that denies every action by default. Rules added to the selector set can then selectively allow specific operations.

pub fn with_selector( self, selector: impl Into<AccessControlSelector>, allow: bool, ) -> Self

pub const fn with_create_index_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for CreateIndex actions when no rule matches.

pub const fn with_create_table_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for CreateTable actions when no rule matches.

pub const fn with_create_temp_index_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for CreateTempIndex actions when no rule matches.

pub const fn with_create_temp_table_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for CreateTempTable actions when no rule matches.

pub const fn with_create_temp_trigger_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for CreateTempTrigger actions when no rule matches.

pub const fn with_create_temp_view_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for CreateTempView actions when no rule matches.

pub const fn with_create_trigger_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for CreateTrigger actions when no rule matches.

pub const fn with_create_view_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for CreateView actions when no rule matches.

pub const fn with_delete_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Delete actions when no rule matches.

pub const fn with_drop_index_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for DropIndex actions when no rule matches.

pub const fn with_drop_table_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for DropTable actions when no rule matches.

pub const fn with_drop_temp_index_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for DropTempIndex actions when no rule matches.

pub const fn with_drop_temp_table_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for DropTempTable actions when no rule matches.

pub const fn with_drop_temp_trigger_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for DropTempTrigger actions when no rule matches.

pub const fn with_drop_temp_view_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for DropTempView actions when no rule matches.

pub const fn with_drop_trigger_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for DropTrigger actions when no rule matches.

pub const fn with_drop_view_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for DropView actions when no rule matches.

pub const fn with_insert_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Insert actions when no rule matches.

pub const fn with_pragma_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Pragma actions when no rule matches.

pub const fn with_read_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Read actions when no rule matches.

pub const fn with_select_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Select actions when no rule matches.

pub const fn with_transaction_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Transaction actions when no rule matches.

pub const fn with_update_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Update actions when no rule matches.

pub const fn with_attach_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Attach actions when no rule matches.

pub const fn with_detach_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Detach actions when no rule matches.

pub const fn with_alter_table_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for AlterTable actions when no rule matches.

pub const fn with_reindex_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Reindex actions when no rule matches.

pub const fn with_analyze_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Analyze actions when no rule matches.

pub const fn with_create_vtable_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for CreateVtable actions when no rule matches.

pub const fn with_drop_vtable_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for DropVtable actions when no rule matches.

pub const fn with_function_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Function actions when no rule matches.

pub const fn with_savepoint_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Savepoint actions when no rule matches.

pub const fn with_recursive_default_permissions( self, default_permissions: Authorization, ) -> Self

Sets the default authorization returned for Recursive actions when no rule matches.

pub fn authorization(&self, ctx: AuthContext<'_>) -> Authorization

Evaluates the configured rules against an incoming SQLite authorization request. Dispatches to the appropriate type-specific check on the selector set and falls back to the per-action default when no rule matches. Unrecognized actions are denied unconditionally.

impl AuthorizationResolver

pub fn new_read_only() -> Self

Creates a read-only resolver.

Allows reads, selects, transactions, SQL functions, recursive CTEs, and pragmas. Denies all data modification (insert, update, delete) and all DDL (create, drop, alter, attach, detach). Users can layer additional --allow / --deny rules on top to fine-tune access.

pub fn new_read_write() -> Self

Creates a read-write resolver that forbids schema changes.

Extends new_read_only with insert, update, delete, savepoints, analyze, reindex, and temporary object creation/deletion. Permanent DDL (create/drop table, index, trigger, view, virtual table), attach, and detach remain denied.

pub fn new_full_ddl() -> Self

Creates a resolver that allows all data and DDL operations but denies operations that reach outside the database file.

Extends new_read_write with permanent DDL (create/drop tables, indexes, triggers, views, and alter table). Attach, detach, and virtual table operations remain denied because they can access the filesystem or load arbitrary code.

Trait Implementations§

impl From<Preset> for AuthorizationResolver

Converts a Preset into the corresponding AuthorizationResolver by calling the matching constructor.

fn from(preset: Preset) -> Self

Converts to this type from the input type.

Auto Trait Implementations§

impl Freeze for AuthorizationResolver

impl RefUnwindSafe for AuthorizationResolver

impl Send for AuthorizationResolver

impl Sync for AuthorizationResolver

impl Unpin for AuthorizationResolver

impl UnsafeUnpin for AuthorizationResolver

impl UnwindSafe for AuthorizationResolver

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more