openauth_plugins/access/
error.rs

1use std::fmt;
2
3/// Access-control validation or authorization error.
4#[derive(Clone, Debug, Eq, PartialEq)]
5pub enum AccessError {
6    /// Authorization requests must contain at least one resource.
7    EmptyRequest,
8    /// A role or request referenced a resource that is not part of the policy.
9    UnknownResource { resource: String },
10    /// A role referenced an action that is not part of the base policy.
11    UnknownAction { resource: String, action: String },
12    /// The role has no permission for the requested resource.
13    ResourceDenied { resource: String },
14    /// The role is missing one or more requested actions for the resource.
15    UnauthorizedResource { resource: String },
16    /// No requested resource was authorized.
17    NotAuthorized,
18}
19
20impl fmt::Display for AccessError {
21    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
22        match self {
23            Self::EmptyRequest => f.write_str("access request must include at least one resource"),
24            Self::UnknownResource { resource } => {
25                write!(f, "unknown access resource `{resource}`")
26            }
27            Self::UnknownAction { resource, action } => {
28                write!(
29                    f,
30                    "unknown action `{action}` for access resource `{resource}`"
31                )
32            }
33            Self::ResourceDenied { resource } => {
34                write!(f, "not allowed to access resource `{resource}`")
35            }
36            Self::UnauthorizedResource { resource } => {
37                write!(f, "unauthorized to access resource `{resource}`")
38            }
39            Self::NotAuthorized => f.write_str("not authorized"),
40        }
41    }
42}
43
44impl std::error::Error for AccessError {}
openauth_plugins/access/error.rs

openauth_plugins/access/
error.rs
