Expand description
RBAC (Role-Based Access Control) middleware and permission enforcement
This module provides middleware for enforcing role-based access control on admin endpoints, ensuring users can only perform actions they’re authorized for.
Structs§
- Admin
Action Permissions - Admin action to permission mapping
- User
Context - User context extracted from request
Functions§
- extract_
user_ context - Extract user context from request headers Currently supports:
- get_
default_ user_ context - Default user context for unauthenticated requests (development mode) In production, this should return None to enforce authentication
- get_
user_ context_ from_ request - Helper to extract user context from request extensions
- get_
user_ context_ from_ state - Helper to get user context from axum State (if stored)
- rbac_
middleware - RBAC middleware to enforce permissions on admin endpoints