Struct oxide_auth::primitives::scope::Scope

pub struct Scope { /* fields omitted */ }

Scope of a given grant or resource, a set of scope-tokens separated by spaces.

Scopes are interpreted as a conjunction of scope tokens, i.e. a scope is fulfilled if all of its scope tokens are fulfilled. This induces a partial ordering on scopes where scope A is less or equal than scope B if all scope tokens of A are also found in B. This can be interpreted as the rule

A token with scope B is allowed to access a resource requiring scope A iff A <= B

Example

let grant_scope    = "some_scope other_scope".parse::<Scope>().unwrap();
let resource_scope = "some_scope".parse::<Scope>().unwrap();
let uncomparable   = "some_scope third_scope".parse::<Scope>().unwrap();

// Holding a grant with `grant_scope` allows access to the resource since:
assert!(resource_scope <= grant_scope);
assert!(resource_scope.allow_access(&grant_scope));

// But holders would not be allowed to access another resource with scope `uncomparable`:
assert!(!(uncomparable <= grant_scope));
assert!(!uncomparable.allow_access(&grant_scope));

// This would also not work the other way around:
assert!(!(grant_scope <= uncomparable));
assert!(!grant_scope.allow_access(&uncomparable));

Scope-tokens are restricted to the following subset of ascii:

• The character '!'
• The character range '\x32' to '\x5b' which includes numbers and upper case letters
• The character range '\x5d' to '\x7e' which includes lower case letters Individual scope-tokens are separated by spaces.

In particular, the characters '\x22' (") and '\x5c' (\) are not allowed.

Methods

impl Scope

pub fn priviledged_to(&self, rhs: &Scope) -> bool

Determines if this scope has enough privileges to access some resource requiring the scope on the right side. This operation is equivalent to comparison via >=.

pub fn allow_access(&self, rhs: &Scope) -> bool

Determines if a resouce protected by this scope should allow access to a token with the grant on the right side. This operation is equivalent to comparison via <=.

Trait Implementations

impl PartialOrd<Scope> for Scope

fn partial_cmp(&self, rhs: &Self) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

#[must_use] fn lt(&self, other: &Rhs) -> bool

This method tests less than (for self and other) and is used by the < operator.

#[must_use] fn le(&self, other: &Rhs) -> bool

This method tests less than or equal to (for self and other) and is used by the <= operator.

#[must_use] fn gt(&self, other: &Rhs) -> bool

This method tests greater than (for self and other) and is used by the > operator.

#[must_use] fn ge(&self, other: &Rhs) -> bool

This method tests greater than or equal to (for self and other) and is used by the >= operator.

impl Clone for Scope

fn clone(&self) -> Scope

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl PartialEq<Scope> for Scope

fn eq(&self, other: &Scope) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Scope) -> bool

This method tests for !=.

impl Eq for Scope

impl Debug for Scope

fn fmt(&self, fmt: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Display for Scope

fn fmt(&self, fmt: &mut Formatter) -> Result

Formats the value using the given formatter.

impl FromStr for Scope

type Err = ParseScopeErr

The associated error which can be returned from parsing.

fn from_str(string: &str) -> Result<Scope, ParseScopeErr>

Parses a string s to return a value of this type.