Skip to main content

Capability

orcs_component

Struct Capability 

Source 
pub struct Capability(/* private fields */);
Expand description

Logical capabilities that a context can grant to child entities.

Each capability gates a set of operations. Operations require the corresponding capability to be present in the context.

CapabilityOperations
READorcs.read, orcs.grep, orcs.glob
WRITEorcs.write, orcs.mkdir
DELETEorcs.remove, orcs.mv
EXECUTEorcs.exec
SPAWNorcs.spawn_child, orcs.spawn_runner
LLMorcs.llm
HTTPorcs.http

Implementations§

Source§

impl Capability

Source

pub const READ: Capability

Read files: orcs.read, orcs.grep, orcs.glob

Source

pub const WRITE: Capability

Write files: orcs.write, orcs.mkdir

Source

pub const DELETE: Capability

Delete/move files: orcs.remove, orcs.mv

Source

pub const EXECUTE: Capability

Execute commands: orcs.exec

Source

pub const SPAWN: Capability

Spawn children/runners: orcs.spawn_child, orcs.spawn_runner

Source

pub const LLM: Capability

Call LLM: orcs.llm

Source

pub const HTTP: Capability

HTTP requests: orcs.http

Source§

impl Capability

Source

pub const fn empty() -> Capability

Get a flags value with all bits unset.

Source

pub const fn all() -> Capability

Get a flags value with all known bits set.

Source

pub const fn bits(&self) -> u16

Get the underlying bits value.

The returned value is exactly the bits set in this flags value.

Source

pub const fn from_bits(bits: u16) -> Option<Capability>

Convert from a bits value.

This method will return None if any unknown bits are set.

Source

pub const fn from_bits_truncate(bits: u16) -> Capability

Convert from a bits value, unsetting any unknown bits.

Source

pub const fn from_bits_retain(bits: u16) -> Capability

Convert from a bits value exactly.

Source

pub fn from_name(name: &str) -> Option<Capability>

Get a flags value with the bits of a flag with the given name set.

This method will return None if name is empty or doesn’t correspond to any named flag.

Source

pub const fn is_empty(&self) -> bool

Whether all bits in this flags value are unset.

Source

pub const fn is_all(&self) -> bool

Whether all known bits in this flags value are set.

Source

pub const fn intersects(&self, other: Capability) -> bool

Whether any set bits in a source flags value are also set in a target flags value.

Source

pub const fn contains(&self, other: Capability) -> bool

Whether all set bits in a source flags value are also set in a target flags value.

Source

pub fn insert(&mut self, other: Capability)

The bitwise or (|) of the bits in two flags values.

Source

pub fn remove(&mut self, other: Capability)

The intersection of a source flags value with the complement of a target flags value (&!).

This method is not equivalent to self & !other when other has unknown bits set. remove won’t truncate other, but the ! operator will.

Source

pub fn toggle(&mut self, other: Capability)

The bitwise exclusive-or (^) of the bits in two flags values.

Source

pub fn set(&mut self, other: Capability, value: bool)

Call insert when value is true or remove when value is false.

Source

pub const fn intersection(self, other: Capability) -> Capability

The bitwise and (&) of the bits in two flags values.

Source

pub const fn union(self, other: Capability) -> Capability

The bitwise or (|) of the bits in two flags values.

Source

pub const fn difference(self, other: Capability) -> Capability

The intersection of a source flags value with the complement of a target flags value (&!).

This method is not equivalent to self & !other when other has unknown bits set. difference won’t truncate other, but the ! operator will.

Source

pub const fn symmetric_difference(self, other: Capability) -> Capability

The bitwise exclusive-or (^) of the bits in two flags values.

Source

pub const fn complement(self) -> Capability

The bitwise negation (!) of the bits in a flags value, truncating the result.

Source§

impl Capability

Source

pub const fn iter(&self) -> Iter<Capability>

Yield a set of contained flags values.

Each yielded flags value will correspond to a defined named flag. Any unknown bits will be yielded together as a final flags value.

Source

pub const fn iter_names(&self) -> IterNames<Capability>

Yield a set of contained named flags values.

This method is like iter, except only yields bits in contained named flags. Any unknown bits, or bits not corresponding to a contained flag will not be yielded.

Source§

impl Capability

Source

pub const FILE_ALL: Capability

All file operations: READ | WRITE | DELETE.

Source

pub const ALL: Capability

All capabilities.

Source

pub fn inherit(parent: Capability, requested: Capability) -> Capability

Computes the effective capabilities for a child.

Returns the intersection of parent and requested capabilities. A child can never exceed its parent’s capabilities.

§Arguments
  • parent - Parent’s capabilities
  • requested - Requested capabilities for the child
§Returns

parent & requested — the effective capability set.

§Example
use orcs_auth::Capability;

let parent = Capability::READ | Capability::WRITE;
let requested = Capability::READ | Capability::EXECUTE;
let effective = Capability::inherit(parent, requested);
assert_eq!(effective, Capability::READ);
Source

pub fn names(self) -> Vec<&'static str>

Returns a human-readable list of capability names.

§Example
use orcs_auth::Capability;

let caps = Capability::READ | Capability::WRITE;
let names = caps.names();
assert!(names.contains(&"READ"));
assert!(names.contains(&"WRITE"));
Source

pub fn parse(name: &str) -> Option<Capability>

Parses a capability name string (case-insensitive).

Unlike Flags::from_name (exact match), this accepts lowercase input and aliases like “EXEC” for “EXECUTE”.

§Example
use orcs_auth::Capability;

assert_eq!(Capability::parse("read"), Some(Capability::READ));
assert_eq!(Capability::parse("EXECUTE"), Some(Capability::EXECUTE));
assert_eq!(Capability::parse("exec"), Some(Capability::EXECUTE));
assert_eq!(Capability::parse("http"), Some(Capability::HTTP));
assert_eq!(Capability::parse("unknown"), None);
Source

pub fn parse_list<'a>(names: &[&'a str]) -> (Capability, Vec<&'a str>)

Parses a list of capability names into a combined set.

Returns the combined capabilities and a list of unknown names. Callers should decide how to handle unknown names (error, warn, etc.)

§Example
use orcs_auth::Capability;

let (caps, unknown) = Capability::parse_list(&["READ", "WRITE"]);
assert_eq!(caps, Capability::READ | Capability::WRITE);
assert!(unknown.is_empty());

let (caps, unknown) = Capability::parse_list(&["READ", "bad"]);
assert_eq!(caps, Capability::READ);
assert_eq!(unknown, vec!["bad"]);

Trait Implementations§

Source§

impl Binary for Capability

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl BitAnd for Capability

Source§

fn bitand(self, other: Capability) -> Capability

The bitwise and (&) of the bits in two flags values.

Source§

type Output = Capability

The resulting type after applying the & operator.
Source§

impl BitAndAssign for Capability

Source§

fn bitand_assign(&mut self, other: Capability)

The bitwise and (&) of the bits in two flags values.

Source§

impl BitOr for Capability

Source§

fn bitor(self, other: Capability) -> Capability

The bitwise or (|) of the bits in two flags values.

Source§

type Output = Capability

The resulting type after applying the | operator.
Source§

impl BitOrAssign for Capability

Source§

fn bitor_assign(&mut self, other: Capability)

The bitwise or (|) of the bits in two flags values.

Source§

impl BitXor for Capability

Source§

fn bitxor(self, other: Capability) -> Capability

The bitwise exclusive-or (^) of the bits in two flags values.

Source§

type Output = Capability

The resulting type after applying the ^ operator.
Source§

impl BitXorAssign for Capability

Source§

fn bitxor_assign(&mut self, other: Capability)

The bitwise exclusive-or (^) of the bits in two flags values.

Source§

impl Clone for Capability

Source§

fn clone(&self) -> Capability

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Capability

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for Capability

Source§

fn deserialize<__D>( __deserializer: __D, ) -> Result<Capability, <__D as Deserializer<'de>>::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Display for Capability

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl Extend<Capability> for Capability

Source§

fn extend<T>(&mut self, iterator: T)
where T: IntoIterator<Item = Capability>,

The bitwise or (|) of the bits in each flags value.

Source§

fn extend_one(&mut self, item: A)

🔬This is a nightly-only experimental API. (extend_one)
Extends a collection with exactly one element.
Source§

fn extend_reserve(&mut self, additional: usize)

🔬This is a nightly-only experimental API. (extend_one)
Reserves capacity in a collection for the given number of additional elements. Read more
Source§

impl Flags for Capability

Source§

const FLAGS: &'static [Flag<Capability>]

The set of defined flags.
Source§

type Bits = u16

The underlying bits type.
Source§

fn bits(&self) -> u16

Get the underlying bits value. Read more
Source§

fn from_bits_retain(bits: u16) -> Capability

Convert from a bits value exactly.
Source§

fn empty() -> Self

Get a flags value with all bits unset.
Source§

fn all() -> Self

Get a flags value with all known bits set.
Source§

fn contains_unknown_bits(&self) -> bool

This method will return true if any unknown bits are set.
Source§

fn from_bits(bits: Self::Bits) -> Option<Self>

Convert from a bits value. Read more
Source§

fn from_bits_truncate(bits: Self::Bits) -> Self

Convert from a bits value, unsetting any unknown bits.
Source§

fn from_name(name: &str) -> Option<Self>

Get a flags value with the bits of a flag with the given name set. Read more
Source§

fn iter(&self) -> Iter<Self>

Yield a set of contained flags values. Read more
Source§

fn iter_names(&self) -> IterNames<Self>

Yield a set of contained named flags values. Read more
Source§

fn iter_defined_names() -> IterDefinedNames<Self>

Yield a set of all named flags defined by Self::FLAGS.
Source§

fn is_empty(&self) -> bool

Whether all bits in this flags value are unset.
Source§

fn is_all(&self) -> bool

Whether all known bits in this flags value are set.
Source§

fn intersects(&self, other: Self) -> bool
where Self: Sized,

Whether any set bits in a source flags value are also set in a target flags value.
Source§

fn contains(&self, other: Self) -> bool
where Self: Sized,

Whether all set bits in a source flags value are also set in a target flags value.
Source§

fn truncate(&mut self)
where Self: Sized,

Remove any unknown bits from the flags.
Source§

fn insert(&mut self, other: Self)
where Self: Sized,

The bitwise or (|) of the bits in two flags values.
Source§

fn remove(&mut self, other: Self)
where Self: Sized,

The intersection of a source flags value with the complement of a target flags value (&!). Read more
Source§

fn toggle(&mut self, other: Self)
where Self: Sized,

The bitwise exclusive-or (^) of the bits in two flags values.
Source§

fn set(&mut self, other: Self, value: bool)
where Self: Sized,

Call Flags::insert when value is true or Flags::remove when value is false.
Source§

fn clear(&mut self)
where Self: Sized,

Unsets all bits in the flags.
Source§

fn intersection(self, other: Self) -> Self

The bitwise and (&) of the bits in two flags values.
Source§

fn union(self, other: Self) -> Self

The bitwise or (|) of the bits in two flags values.
Source§

fn difference(self, other: Self) -> Self

The intersection of a source flags value with the complement of a target flags value (&!). Read more
Source§

fn symmetric_difference(self, other: Self) -> Self

The bitwise exclusive-or (^) of the bits in two flags values.
Source§

fn complement(self) -> Self

The bitwise negation (!) of the bits in a flags value, truncating the result.
Source§

impl FromIterator<Capability> for Capability

Source§

fn from_iter<T>(iterator: T) -> Capability
where T: IntoIterator<Item = Capability>,

The bitwise or (|) of the bits in each flags value.

Source§

impl Hash for Capability

Source§

fn hash<__H>(&self, state: &mut __H)
where __H: Hasher,

Feeds this value into the given Hasher. Read more
1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
Source§

impl IntoIterator for Capability

Source§

type Item = Capability

The type of the elements being iterated over.
Source§

type IntoIter = Iter<Capability>

Which kind of iterator are we turning this into?
Source§

fn into_iter(self) -> <Capability as IntoIterator>::IntoIter

Creates an iterator from a value. Read more
Source§

impl LowerHex for Capability

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl Not for Capability

Source§

fn not(self) -> Capability

The bitwise negation (!) of the bits in a flags value, truncating the result.

Source§

type Output = Capability

The resulting type after applying the ! operator.
Source§

impl Octal for Capability

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl PartialEq for Capability

Source§

fn eq(&self, other: &Capability) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for Capability

Source§

fn serialize<__S>( &self, __serializer: __S, ) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Sub for Capability

Source§

fn sub(self, other: Capability) -> Capability

The intersection of a source flags value with the complement of a target flags value (&!).

This method is not equivalent to self & !other when other has unknown bits set. difference won’t truncate other, but the ! operator will.

Source§

type Output = Capability

The resulting type after applying the - operator.
Source§

impl SubAssign for Capability

Source§

fn sub_assign(&mut self, other: Capability)

The intersection of a source flags value with the complement of a target flags value (&!).

This method is not equivalent to self & !other when other has unknown bits set. difference won’t truncate other, but the ! operator will.

Source§

impl UpperHex for Capability

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl Copy for Capability

Source§

impl Eq for Capability

Source§

impl StructuralPartialEq for Capability

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,