Skip to main content

Policy

Trait Policy 

Source
pub trait Policy<Cx: Send + Sync + 'static>:
    Send
    + Sync
    + 'static {
    // Required method
    fn authorize<'life0, 'life1, 'life2, 'life3, 'async_trait>(
        &'life0 self,
        resource: &'life1 ResourceIdent,
        permission: &'life2 Permission,
        context: &'life3 Cx,
    ) -> Pin<Box<dyn Future<Output = Result<Decision>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait,
             'life2: 'async_trait,
             'life3: 'async_trait;

    // Provided methods
    fn check<'life0, 'life1, 'life2, 'async_trait>(
        &'life0 self,
        obj: &'life1 dyn SecuredAction,
        context: &'life2 Cx,
    ) -> Pin<Box<dyn Future<Output = Result<Decision>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait,
             'life2: 'async_trait { ... }
    fn check_required<'life0, 'life1, 'life2, 'async_trait>(
        &'life0 self,
        obj: &'life1 dyn SecuredAction,
        context: &'life2 Cx,
    ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait,
             'life2: 'async_trait { ... }
    fn authorize_many<'life0, 'life1, 'life2, 'life3, 'async_trait>(
        &'life0 self,
        resources: &'life1 [ResourceIdent],
        permission: &'life2 Permission,
        context: &'life3 Cx,
    ) -> Pin<Box<dyn Future<Output = Result<Vec<Decision>>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait,
             'life2: 'async_trait,
             'life3: 'async_trait { ... }
    fn authorize_checked<'life0, 'life1, 'life2, 'life3, 'async_trait>(
        &'life0 self,
        resource: &'life1 ResourceIdent,
        permission: &'life2 Permission,
        context: &'life3 Cx,
    ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait,
             'life2: 'async_trait,
             'life3: 'async_trait { ... }
}
Expand description

Policy for access control.

Required Methods§

Source

fn authorize<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, resource: &'life1 ResourceIdent, permission: &'life2 Permission, context: &'life3 Cx, ) -> Pin<Box<dyn Future<Output = Result<Decision>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait,

Check if the policy allows the action.

Specifically, this method should return Decision::Allow if the context is granted the requested permission on the resource, and Decision::Deny otherwise.

Provided Methods§

Source

fn check<'life0, 'life1, 'life2, 'async_trait>( &'life0 self, obj: &'life1 dyn SecuredAction, context: &'life2 Cx, ) -> Pin<Box<dyn Future<Output = Result<Decision>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait,

Source

fn check_required<'life0, 'life1, 'life2, 'async_trait>( &'life0 self, obj: &'life1 dyn SecuredAction, context: &'life2 Cx, ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait,

Source

fn authorize_many<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, resources: &'life1 [ResourceIdent], permission: &'life2 Permission, context: &'life3 Cx, ) -> Pin<Box<dyn Future<Output = Result<Vec<Decision>>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait,

Source

fn authorize_checked<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, resource: &'life1 ResourceIdent, permission: &'life2 Permission, context: &'life3 Cx, ) -> Pin<Box<dyn Future<Output = Result<()>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait,

Check if the policy allows the action, and return an error if denied.

Dyn Compatibility§

This trait is dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementations on Foreign Types§

Source§

impl<T: Policy<Cx>, Cx: Send + Sync + 'static> Policy<Cx> for Arc<T>

Source§

fn authorize<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, resource: &'life1 ResourceIdent, permission: &'life2 Permission, context: &'life3 Cx, ) -> Pin<Box<dyn Future<Output = Result<Decision>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait,

Source§

fn authorize_many<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, resources: &'life1 [ResourceIdent], permission: &'life2 Permission, context: &'life3 Cx, ) -> Pin<Box<dyn Future<Output = Result<Vec<Decision>>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait,

Implementors§

Source§

impl<Cx: Send + Sync + 'static> Policy<Cx> for ConstantPolicy

Source§

impl<Cx: Send + Sync + 'static> Policy<Cx> for ServerHandler<Cx>

Source§

impl<Cx: Send + Sync + 'static> Policy<Cx> for ServerHandlerInner<Cx>