pub trait IAuthorizationPolicy: Send + Sync {
// Required method
fn authorize<'life0, 'life1, 'life2, 'life3, 'async_trait>(
&'life0 self,
claims: &'life1 dyn IClaims,
resource_key: &'life2 str,
method: &'life3 str,
) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + 'async_trait>>
where 'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
'life3: 'async_trait,
Self: 'async_trait;
}Expand description
Authorization policy that checks whether an authenticated user can access a given resource.
The resource_key is the original route pattern string (e.g., "/api/users/{id}"),
enabling dynamic identity-authorization-data systems to match routes directly.
Required Methods§
Check if the authenticated user can access the resource.
claims— the user’s authentication claims.resource_key— the original route pattern string.method— the HTTP method.
Returns Ok(()) if authorized, or an Err if forbidden.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".