Skip to main content

RlsContext

qail_pg::driver

Struct RlsContext 

Source 
pub struct RlsContext {
    pub tenant_id: String,
    pub operator_id: String,
    pub agent_id: String,
    /* private fields */
}
Expand description

RLS context carrying tenant identity for data isolation.

Fields§

§tenant_id: String

The unified tenant ID — the primary identity for data isolation. Empty string means no tenant scope.

§operator_id: String

Legacy: The operator (vendor) this context is scoped to. Set to the same value as tenant_id during the transition period.

§agent_id: String

Legacy: The agent (reseller) this context is scoped to. Set to the same value as tenant_id during the transition period.

Implementations§

Source§

impl RlsContext

Source

pub fn tenant(tenant_id: &str) -> RlsContext

Create a context scoped to a specific tenant (the unified identity).

Source

pub fn operator(operator_id: &str) -> RlsContext

Create a context scoped to a specific operator. Legacy — use tenant() for new code.

Source

pub fn agent(agent_id: &str) -> RlsContext

Create a context scoped to a specific agent (reseller). Legacy — use tenant() for new code.

Source

pub fn operator_and_agent(operator_id: &str, agent_id: &str) -> RlsContext

Create a context scoped to both operator and agent. Legacy — use tenant() for new code.

Source

pub fn super_admin(_token: SuperAdminToken) -> RlsContext

Create a super admin context that bypasses tenant isolation.

Requires a SuperAdminToken — which can only be created via named constructors (for_system_process, for_webhook, for_auth).

Uses nil UUID for all IDs to avoid ''::uuid cast errors in PostgreSQL RLS policies (PostgreSQL doesn’t short-circuit OR).

Source

pub fn empty() -> RlsContext

Create an empty context (no tenant, no super admin).

Used for system-level operations that must not operate within any tenant scope (startup introspection, migrations, health checks).

Source

pub fn has_tenant(&self) -> bool

Returns true if this context has a tenant scope.

Source

pub fn has_operator(&self) -> bool

Returns true if this context has an operator scope.

Source

pub fn has_agent(&self) -> bool

Returns true if this context has an agent scope.

Source

pub fn bypasses_rls(&self) -> bool

Returns true if this context bypasses tenant isolation.

Trait Implementations§

Source§

impl Clone for RlsContext

Source§

fn clone(&self) -> RlsContext

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for RlsContext

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl Display for RlsContext

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl PartialEq for RlsContext

Source§

fn eq(&self, other: &RlsContext) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Eq for RlsContext

Source§

impl StructuralPartialEq for RlsContext

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> ColumnValue<Value> for T