Enum PrivilegeLevel

Source

pub enum PrivilegeLevel {
    Standard,
    Elevated {
        until: Instant,
    },
}

Expand description

The current privilege level of a session.

This implements a sudo-like model where all actors start with limited permissions and must explicitly elevate to perform privileged operations.

§Design Rationale

§Why Not Always Elevated?

Even human users operate in Standard mode by default:

Prevents accidents: git reset --hard requires explicit elevation
Audit clarity: Elevated actions are intentional and logged
Network safety: Compromised sessions have limited damage potential

§Time-Limited Elevation

Elevated privileges automatically expire to minimize the window of elevated access. This follows the principle of least privilege.

§Example

use orcs_auth::PrivilegeLevel;
use std::time::{Duration, Instant};

// Standard mode (default)
let standard = PrivilegeLevel::Standard;
assert!(!standard.is_elevated());

// Elevated mode (explicit, time-limited)
let until = Instant::now() + Duration::from_secs(300);
let elevated = PrivilegeLevel::Elevated { until };
assert!(elevated.is_elevated());

Variants§

§

Standard

Normal operations only.

In this mode, the following are not allowed:

Global signals (Veto)
Destructive file operations (rm -rf, overwrite without backup)
Destructive git operations (reset --hard, push --force)
Modifying system configuration

This is the default mode for all principals.

§

Elevated

Elevated privileges with expiration.

Grants full access to all operations until the specified time. After expiration, the session automatically drops to Standard.

§Fields

until - When elevation expires (automatically serializes as duration from now)

Fields

§until: Instant

Expiration time for elevated privileges.

Implementations§

Source §

impl PrivilegeLevel

Source

pub fn standard() -> PrivilegeLevel

Creates a new Standard privilege level.

Source

pub fn elevated_for(duration: Duration) -> PrivilegeLevel

Creates a new Elevated privilege level with the given duration.

§Example

use orcs_auth::PrivilegeLevel;
use std::time::Duration;

let elevated = PrivilegeLevel::elevated_for(Duration::from_secs(60));
assert!(elevated.is_elevated());

Source

pub fn is_elevated(&self) -> bool

Returns true if currently elevated (and not expired).

§Example

use orcs_auth::PrivilegeLevel;
use std::time::Duration;

let standard = PrivilegeLevel::Standard;
assert!(!standard.is_elevated());

let elevated = PrivilegeLevel::elevated_for(Duration::from_secs(60));
assert!(elevated.is_elevated());

Source

pub fn is_standard(&self) -> bool

Returns true if this is Standard mode or elevation has expired.

Source

pub fn remaining(&self) -> Option<Duration>

Returns the remaining elevation time, or None if not elevated.

§Example

use orcs_auth::PrivilegeLevel;
use std::time::Duration;

let elevated = PrivilegeLevel::elevated_for(Duration::from_secs(60));
let remaining = elevated.remaining();
assert!(remaining.is_some());
assert!(remaining.expect("elevated has remaining") <= Duration::from_secs(60));