Skip to main content

ValidationPipeline

pmcp_code_mode::validation

Struct ValidationPipeline 

Source 
pub struct ValidationPipeline<T: TokenGenerator = HmacTokenGenerator, E: ExplanationGenerator = TemplateExplanationGenerator> { /* private fields */ }
Expand description

The validation pipeline that orchestrates all validation stages.

Implementations§

Source§

impl ValidationPipeline<HmacTokenGenerator, TemplateExplanationGenerator>

Source

pub fn new( config: CodeModeConfig, token_secret: impl Into<Vec<u8>>, ) -> Result<Self, TokenError>

Create a new validation pipeline with default generators.

Warning: This constructor does not configure a policy evaluator. Only basic config checks will be performed.

§Errors

Returns TokenError::SecretTooShort if the token secret is shorter than HmacTokenGenerator::MIN_SECRET_LEN (16 bytes).

Source

pub fn from_token_secret( config: CodeModeConfig, secret: &TokenSecret, ) -> Result<Self, TokenError>

Create a new validation pipeline from a TokenSecret.

Convenience constructor for production callers and derive macro generated code. Callers never need to call expose_secret() directly.

Security note: Internally this creates an intermediate Vec<u8> copy of the secret bytes that is not zeroized on drop. For maximum security, prefer TokenSecret::from_env which minimizes secret copies. This limitation will be addressed in a future version by adding a HmacTokenGenerator::from_secret_ref constructor.

Warning: This constructor does not configure a policy evaluator. Only basic config checks will be performed.

§Errors

Returns TokenError::SecretTooShort if the token secret is shorter than HmacTokenGenerator::MIN_SECRET_LEN (16 bytes).

Source

pub fn with_policy_evaluator( config: CodeModeConfig, token_secret: impl Into<Vec<u8>>, evaluator: Arc<dyn PolicyEvaluator>, ) -> Result<Self, TokenError>

Create a new validation pipeline with a policy evaluator.

§Errors

Returns TokenError::SecretTooShort if the token secret is shorter than HmacTokenGenerator::MIN_SECRET_LEN (16 bytes).

Source

pub fn from_token_secret_with_policy( config: CodeModeConfig, secret: &TokenSecret, evaluator: Arc<dyn PolicyEvaluator>, ) -> Result<Self, TokenError>

Create a pipeline from a TokenSecret with an Arc policy evaluator.

Used by derive macro generated code where the policy evaluator is stored as Arc<dyn PolicyEvaluator> on the parent struct.

§Errors

Returns TokenError::SecretTooShort if the token secret is shorter than HmacTokenGenerator::MIN_SECRET_LEN (16 bytes).

Source§

impl<T: TokenGenerator, E: ExplanationGenerator> ValidationPipeline<T, E>

Source

pub fn with_generators( config: CodeModeConfig, token_generator: T, explanation_generator: E, ) -> Self

Create a pipeline with custom generators.

Source

pub fn set_policy_evaluator(&mut self, evaluator: Arc<dyn PolicyEvaluator>)

Set the policy evaluator for this pipeline.

Source

pub fn has_policy_evaluator(&self) -> bool

Check if a policy evaluator is configured.

Source

pub fn validate_graphql_query( &self, query: &str, context: &ValidationContext, ) -> Result<ValidationResult, ValidationError>

Validate a GraphQL query using basic config checks only.

Source

pub async fn validate_graphql_query_async( &self, query: &str, context: &ValidationContext, ) -> Result<ValidationResult, ValidationError>

Validate a GraphQL query using a policy evaluator (async).

Source

pub fn validate_javascript_code( &self, code: &str, context: &ValidationContext, ) -> Result<ValidationResult, ValidationError>

Validate JavaScript code for OpenAPI Code Mode (sync, no policy evaluation).

Runs config-level checks only. For policy evaluation (Cedar/AVP), use [validate_javascript_code_async] instead. Retained for backward compatibility with callers that don’t need policy enforcement.

Source

pub async fn validate_javascript_code_async( &self, code: &str, context: &ValidationContext, ) -> Result<ValidationResult, ValidationError>

Validate JavaScript code with async policy evaluation.

Mirrors [validate_graphql_query_async] but for JavaScript/OpenAPI:

  1. Parse JS via SWC + config-level checks (shared with sync version)
  2. Policy evaluation via PolicyEvaluator::evaluate_script (async, fail-closed)
  3. Security analysis + token generation

When no policy evaluator is configured, falls back to config-only checks.

Source

pub fn validate_sql_query( &self, sql: &str, context: &ValidationContext, ) -> Result<ValidationResult, ValidationError>

Validate a SQL statement using basic config checks only (no policy evaluator).

For policy evaluation (Cedar/AVP), use [validate_sql_query_async] instead.

Source

pub async fn validate_sql_query_async( &self, sql: &str, context: &ValidationContext, ) -> Result<ValidationResult, ValidationError>

Validate a SQL statement with async policy evaluation.

Mirrors [validate_graphql_query_async] and [validate_javascript_code_async]:

  1. Parse SQL via sqlparser + config-level checks (shared with sync version)
  2. Policy evaluation via PolicyEvaluator::evaluate_statement (async, fail-closed)
  3. Security analysis + token generation

When no policy evaluator is configured, falls back to config-only checks.

Source

pub fn should_auto_approve(&self, result: &ValidationResult) -> bool

Check if a validation result should be auto-approved.

Source

pub fn config(&self) -> &CodeModeConfig

Get the config.

Source

pub fn token_generator(&self) -> &T

Get the token generator.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<Unshared, Shared> IntoShared<Shared> for Unshared
where Shared: FromUnshared<Unshared>,

Source§

fn into_shared(self) -> Shared

Creates a shared type from an unshared type.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> Send for T
where T: ?Sized,

Source§

impl<T> Sync for T
where T: ?Sized,