objectstore_types/
auth.rs

1//! Authentication and authorization types.
2//!
3//! Permissions are carried in JWT tokens and checked by the server's
4//! authorization layer before each operation.
5
6use std::collections::HashSet;
7
8use serde::{Deserialize, Serialize};
9
10/// Permissions that control whether different operations are authorized.
11#[derive(Debug, Clone, Deserialize, Serialize, PartialEq, Eq, Hash)]
12pub enum Permission {
13    /// Read / download objects (serialized as `"object.read"`).
14    #[serde(rename = "object.read")]
15    ObjectRead,
16
17    /// Create / overwrite objects (serialized as `"object.write"`).
18    #[serde(rename = "object.write")]
19    ObjectWrite,
20
21    /// Delete objects (serialized as `"object.delete"`).
22    #[serde(rename = "object.delete")]
23    ObjectDelete,
24}
25
26impl Permission {
27    /// Convenience function for creating a set with read, write, and delete permissions.
28    pub fn rwd() -> HashSet<Permission> {
29        HashSet::from([
30            Permission::ObjectRead,
31            Permission::ObjectWrite,
32            Permission::ObjectDelete,
33        ])
34    }
35}
objectstore_types/auth.rs

objectstore_types/
auth.rs
