Enum scratchstack_aspen::Resource

source · [−]

pub enum Resource {
    Any,
    Arn(ResourceArn),
}

Expand description

A resource in an Aspen policy.

Resource enums are immutable.

Variants

`Any`

Any resource. This is specified by the wildcard character *.

`Arn(ResourceArn)`

A resource specified by an ARN.

Implementations

impl Resource

pub fn is_any(&self) -> bool

If this is Resource::Any, returns true.

pub fn matches(
    &self,
    context: &Context,
    pv: PolicyVersion,
    candidate: &Arn
) -> Result<bool, AspenError>

Indicates whether this Resource matches the candidate Arn, given the request Context ad using variable substitution rules according to the specified PolicyVersion.

Example

let actor = Principal::from(vec![User::from_str("arn:aws:iam::123456789012:user/exampleuser").unwrap().into()]);
let s3_object_arn = Arn::from_str("arn:aws:s3:::examplebucket/exampleuser/my-object").unwrap();
let resources = vec![s3_object_arn.clone()];
let session_data = SessionData::from([("aws:username", SessionValue::from("exampleuser"))]);
let context = Context::builder()
    .service("s3").api("GetObject").actor(actor).resources(resources)
    .session_data(session_data).build().unwrap();
let r1 = Resource::Arn(ResourceArn::new("aws", "s3", "", "", "examplebucket/${aws:username}/*"));
let r2 = Resource::Any;
assert!(r1.matches(&context, PolicyVersion::V2012_10_17, &s3_object_arn).unwrap());
assert!(r2.matches(&context, PolicyVersion::V2012_10_17, &s3_object_arn).unwrap());

let bad_s3_object_arn = Arn::from_str("arn:aws:s3:::examplebucket/other-user/object").unwrap();
assert!(!r1.matches(&context, PolicyVersion::V2012_10_17, &bad_s3_object_arn).unwrap());
assert!(r2.matches(&context, PolicyVersion::V2012_10_17, &bad_s3_object_arn).unwrap());

Trait Implementations

impl Clone for Resource

fn clone(&self) -> Resource

Returns a copy of the value. Read more

1.0.0 · source

const fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for Resource

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl Display for Resource

fn fmt(&self, f: &mut Formatter<'_>) -> FmtResult

Formats the value using the given formatter. Read more

impl FromStr for Resource

type Err = AspenError

The associated error which can be returned from parsing.

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a string s to return a value of this type. Read more

impl PartialEq<Resource> for Resource

fn eq(&self, other: &Resource) -> bool

This method tests for self and other values to be equal, and is used by ==. Read more

1.0.0 · source

const fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason. Read more

impl Eq for Resource

impl StructuralEq for Resource

impl StructuralPartialEq for Resource

Auto Trait Implementations

impl RefUnwindSafe for Resource

impl Send for Resource

impl Sync for Resource

impl Unpin for Resource

impl UnwindSafe for Resource

Blanket Implementations

impl<T> Any for Twhere
T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for Twhere
T: ?Sized,

const: unstable · source

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for Twhere
T: ?Sized,

const: unstable · source

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

const: unstable · source

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for Twhere
U: From<T>,

const: unstable · source

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> ToOwned for Twhere
T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T> ToString for Twhere
T: Display + ?Sized,

default fn to_string(&self) -> String

Converts the given value to a String. Read more

impl<T, U> TryFrom<U> for Twhere
U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

const: unstable · source

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for Twhere
U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

const: unstable · source

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.