Skip to main content

rs_tenant/
lib.rs

1//! Multi-tenant RBAC authorization library.
2//!
3//! This crate provides strong-typed identifiers, permission parsing and matching,
4//! and a pluggable async store interface. The default behavior is deny-by-default.
5//! Use [`Engine`] for authorization and [`Scope`] for resource scoping.
6//!
7//! # Examples
8//!
9//! Basic authorization flow using the in-memory store (enable `memory-store`):
10//! ```no_run
11//! use rs_tenant::{EngineBuilder, Permission, PrincipalId, TenantId};
12//! # #[cfg(feature = "memory-store")]
13//! # {
14//! use rs_tenant::MemoryStore;
15//! let store = MemoryStore::new();
16//! let engine = EngineBuilder::new(store).build();
17//! let tenant = TenantId::try_from("tenant_1").unwrap();
18//! let principal = PrincipalId::try_from_parts("employee", "user_1").unwrap();
19//! let permission = Permission::try_from("invoice:read").unwrap();
20//! let _ = engine.authorize(tenant, principal, permission);
21//! # }
22//! ```
23//!
24//! Creating a process-local cache (enable `memory-cache`):
25//! ```no_run
26//! # #[cfg(feature = "memory-cache")]
27//! # {
28//! use rs_tenant::MemoryCache;
29//! use std::time::Duration;
30//! let cache = MemoryCache::new(1024).with_ttl(Duration::from_secs(30));
31//! # let _ = cache;
32//! # }
33//! ```
34#![forbid(unsafe_code)]
35
36mod cache;
37mod engine;
38mod error;
39#[cfg(feature = "memory-cache")]
40mod memory_cache;
41mod permission;
42mod store;
43mod types;
44
45#[cfg(feature = "memory-store")]
46mod memory_store;
47
48#[cfg(feature = "axum")]
49pub mod axum;
50
51pub use crate::cache::{Cache, NoCache};
52pub use crate::engine::{Decision, Engine, EngineBuilder, Scope};
53pub use crate::error::{Error, Result, StoreError};
54pub use crate::permission::{DefaultPermissionValidator, Permission, PermissionValidator};
55pub use crate::store::{GlobalRoleStore, RoleStore, ScopeStore, Store, TenantStore};
56pub use crate::types::{GlobalRoleId, PrincipalId, ResourceName, RoleId, ScopePath, TenantId};
57
58#[cfg(feature = "memory-store")]
59pub use crate::memory_store::MemoryStore;
60
61#[cfg(feature = "memory-cache")]
62pub use crate::memory_cache::MemoryCache;