Struct security_framework::authorization::Authorization
source · [−]pub struct Authorization { /* private fields */ }
Expand description
A wrapper around AuthorizationCreate and functions which operate on an AuthorizationRef.
Implementations
Creates an authorization object which has no environment or associated rights.
pub fn new(
rights: Option<AuthorizationItemSetStorage>,
environment: Option<AuthorizationItemSetStorage>,
flags: Flags
) -> Result<Self>
pub fn new(
rights: Option<AuthorizationItemSetStorage>,
environment: Option<AuthorizationItemSetStorage>,
flags: Flags
) -> Result<Self>
Creates an authorization reference and provides an option to authorize or preauthorize rights.
rights
should be the names of the rights you want to create.
environment
is used when authorizing or preauthorizing rights. Not
used in OS X v10.2 and earlier. In macOS 10.3 and later, you can pass
icon or prompt data to be used in the authentication dialog box. In
macOS 10.4 and later, you can also pass a user name and password in
order to authorize a user without user interaction.
👎 Deprecated since 2.0.1: Please use the TryFrom trait instead
Please use the TryFrom trait instead
Internalizes the external representation of an authorization reference.
By default the rights acquired will be retained by the Security Server. Use this to ensure they are destroyed and to prevent shared rights’ continued used by other processes.
Retrieve’s the right’s definition as a dictionary. Use right_exists
if you want to avoid retrieving the dictionary.
name
can be a wildcard right name.
If name
isn’t convertable to a CString
it will return
Err(errSecConversionError).
Checks if a right exists within the policy database. This is the same as
get_right
, but avoids a dictionary allocation.
If name
isn’t convertable to a CString
it will return
Err(errSecConversionError).
Removes a right from the policy database.
name
cannot be a wildcard right name.
If name
isn’t convertable to a CString
it will return
Err(errSecConversionError).
Creates or updates a right entry in the policy database. Your process must have a code signature in order to be able to add rights to the authorization database.
name
cannot be a wildcard right.
definition
can be either a CFDictionaryRef
containing keys defining
the rules or a CFStringRef
representing the name of another right
whose rules you wish to duplicaate.
description
is a key which can be used to look up localized
descriptions.
bundle
will be used to get localizations from if not the main bundle.
localeTableName
will be used to get localizations if provided.
If name
isn’t convertable to a CString
it will return
Err(errSecConversionError).
An authorization plugin can store the results of an authentication
operation by calling the SetContextValue
function. You can then
retrieve this supporting data, such as the user name.
tag
should specify the type of data the Security Server should return.
If None
, all available information is retreieved.
If tag
isn’t convertable to a CString
it will return
Err(errSecConversionError).
Creates an external representation of an authorization reference so that you can transmit it between processes.
pub fn execute_with_privileges<P, S, I>(
&self,
command: P,
arguments: I,
flags: Flags
) -> Result<()> where
P: AsRef<Path>,
I: IntoIterator<Item = S>,
S: AsRef<OsStr>,
pub fn execute_with_privileges<P, S, I>(
&self,
command: P,
arguments: I,
flags: Flags
) -> Result<()> where
P: AsRef<Path>,
I: IntoIterator<Item = S>,
S: AsRef<OsStr>,
Runs an executable tool with root privileges. Discards executable’s output
pub fn execute_with_privileges_piped<P, S, I>(
&self,
command: P,
arguments: I,
flags: Flags
) -> Result<File> where
P: AsRef<Path>,
I: IntoIterator<Item = S>,
S: AsRef<OsStr>,
pub fn execute_with_privileges_piped<P, S, I>(
&self,
command: P,
arguments: I,
flags: Flags
) -> Result<File> where
P: AsRef<Path>,
I: IntoIterator<Item = S>,
S: AsRef<OsStr>,
Runs an executable tool with root privileges,
and returns a File
handle to its communication pipe