purwa_auth/
policy.rs

1//! Struct-based authorization stub (PRD §13 #2 — Casbin deferred).
2//!
3//! Applications can implement [`Policy`] with their own action/resource types and call
4//! [`Policy::authorize`] before mutating state.
5
6use std::fmt;
7
8use thiserror::Error;
9
10/// Authorization failure (minimal stub).
11#[derive(Debug, Error)]
12#[error("forbidden: {0}")]
13pub struct AuthzError(pub String);
14
15/// Gate carrying the current subject; extend with resource-specific checks.
16pub struct Gate<U> {
17    pub user: U,
18}
19
20impl<U> Gate<U> {
21    pub fn new(user: U) -> Self {
22        Self { user }
23    }
24
25    /// Stub: always ok. Replace with real rules (roles, ownership, etc.).
26    pub fn authorize(&self, _action: &str) -> Result<(), AuthzError> {
27        Ok(())
28    }
29}
30
31/// Optional trait for richer policy objects.
32pub trait Policy {
33    type User;
34    type Action: fmt::Debug + ?Sized;
35
36    fn authorize(&self, user: &Self::User, action: &Self::Action) -> Result<(), AuthzError>;
37}
purwa_auth/policy.rs

purwa_auth/
policy.rs
