Struct MfaDeleteManager 

pub struct MfaDeleteManager { /* private fields */ }

Top-level manager. Owns the gateway-wide “default” secret + per-bucket overrides + per-bucket MFA-Delete enabled/disabled state. All public operations go through RwLock for thread safety; an Arc<MfaDeleteManager> is the expected handle shape (same pattern as VersioningManager / ObjectLockManager).

Implementations

impl MfaDeleteManager

pub fn new() -> Self

Empty manager — no default secret, no per-bucket overrides, no bucket has MFA Delete enabled.

pub fn set_default_secret(&self, secret: MfaSecret)

Install (or replace) the gateway-wide default secret. Buckets with is_enabled(bucket) == true and no per-bucket override use this secret to verify the client-supplied TOTP code.

pub fn set_bucket_secret(&self, bucket: &str, secret: MfaSecret)

Install (or replace) a per-bucket override.

pub fn set_bucket_state(&self, bucket: &str, enabled: bool)

Toggle MFA Delete on bucket. true enables enforcement (every subsequent DELETE / DELETE-version / delete-marker request needs x-amz-mfa); false disables (the bucket falls back to the regular versioning DELETE flow).

pub fn is_enabled(&self, bucket: &str) -> bool

true when bucket has explicitly enabled MFA Delete (default false for never-configured buckets, matching S3 spec).

pub fn lookup_secret(&self, bucket: &str) -> Option<MfaSecret>

Lookup the MFA secret to use when verifying a request against bucket: per-bucket override takes precedence over the default. Returns None when neither has been configured.

pub fn to_json(&self) -> Result<String, Error>

JSON snapshot for restart-recoverable state. Pair with Self::from_json.

pub fn from_json(s: &str) -> Result<Self, Error>

Restore from a JSON snapshot produced by Self::to_json.

Trait Implementations

impl Debug for MfaDeleteManager

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for MfaDeleteManager

fn default() -> MfaDeleteManager

Returns the “default value” for a type.