Crate ockam_abac
source ·Expand description
The ockam_abac crate is responsible for performing attribute based authorization control on messages within an Ockam worker system.
Re-exports§
pub use expr::Expr;
pub use resource::Resource;
pub use resource::ResourceType;
pub use tokio;
Modules§
Structs§
- This AccessControl uses a storage for authenticated attributes in order to verify if a policy expression is valid A similar access control policy is available as
crate::policy::PolicyAccessControl
where ascrate::Policies
can be used to retrieve a specific policy for a given resource and action - Evaluates a policy expression against an environment of attributes.
Enums§
Constants§
- Key we use to indicate a subject has valid credential
- Key we use to check Identifier
- Prefix we use to check for subject attributes
Traits§
- This repository stores policies for resources. A policy is an expression which can be evaluated against an environment (a list of attribute names and values) in order to determine if a given action can be performed on a given resource.
- This repository stores policies for resources types. A policy is an expression which can be evaluated against an environment (a list of attribute names and values) in order to determine if a given action can be performed on a given resource.
- This repository stores resources.