Skip to main content

Module auth

orcs_runtime

Module auth 

Source
Expand description

Authentication and authorization for ORCS CLI.

Core types (Session, PrivilegeLevel) are defined in orcs-auth. This module provides runtime-specific implementations:

§Architecture

orcs-auth (traits + data types)
    Session, PrivilegeLevel, PermissionPolicy, GrantPolicy, CommandPermission
        ↓
orcs-runtime/auth (implementations)
    PermissionChecker, DefaultPolicy, DefaultGrantStore, CommandCheckResult

Structs§

DefaultGrantStore
Thread-safe, in-memory command grant store.
DefaultPolicy
Default permission policy.
Session
An active security context combining identity and privilege.

Enums§

AccessDenied
Unified error for access denied across all permission layers.
CommandCheckResult
Result of a command permission check.
CommandPermission
Result of a command permission check (trait-level type).
Principal
The actor performing an action.
PrivilegeLevel
The current privilege level of a session.

Traits§

GrantPolicy
Dynamic command permission management.
PermissionChecker
Runtime-level permission checker with HIL integration.
PermissionPolicy
Abstract permission policy for session-based access control.