Skip to main content

Crate orcs_auth

Crate orcs_auth 

Source
Expand description

Permission primitives for ORCS.

This crate provides the unified permission model for ORCS, sitting at the same level as orcs-event in the dependency graph.

§Permission Model

Effective Permission =
    Capability(static WHAT)
  ∩ SandboxPolicy(WHERE)
  ∩ Session(WHO + WHEN)
  ∩ GrantPolicy(dynamic WHAT — modified by Grant/Revoke)
LayerTypeControls
CapabilityBitflagsWhat operations are allowed (static, inherited)
SandboxPolicyTraitWhere operations can target (filesystem boundary, etc.)
SessionStructWho is acting, with what privilege level
GrantPolicyTraitDynamic command permissions (grant/revoke at runtime)
PermissionPolicyTraitCombines all layers for permission decisions

§Crate Architecture

orcs-types  (IDs, Principal)
    ↑            ↑
orcs-event   orcs-auth  ◄── THIS CRATE
(Signal)     (Capability, SandboxPolicy, Session, GrantPolicy, PermissionPolicy)
    ↑            ↑
    orcs-component (Component, ChildContext — uses orcs-auth)
         ↑
    orcs-runtime (ProjectSandbox impl, DefaultGrantStore impl, DefaultPolicy impl)

§Design Principles

  • Trait definitions here, implementations in consumers — orcs-runtime provides concrete implementations like ProjectSandbox and DefaultPolicy
  • Resource-generalSandboxPolicy abstracts filesystem today, but the model extends to Docker volumes, network scopes, etc.
  • Deny wins — A child can never exceed its parent’s capabilities

Re-exports§

pub use capability::Capability;
pub use error::AccessDenied;
pub use grant::CommandGrant;
pub use grant::GrantError;
pub use grant::GrantKind;
pub use grant::GrantPolicy;
pub use permission::CommandPermission;
pub use policy::PermissionPolicy;
pub use privilege::PrivilegeLevel;
pub use resource::SandboxError;
pub use resource::SandboxPolicy;
pub use session::Session;

Modules§

capability
Capability-based permission model.
error
Unified access denied error type.
grant
Dynamic command permission grants.
permission
Command permission types.
policy
Permission policy trait.
privilege
Privilege level types.
resource
Resource boundary policy.
session
Session types (Principal + Privilege).

Enums§

Principal
The actor performing an action.