Struct Policy

pub struct Policy { /* private fields */ }

A policy for OpenPGP signatures in git.

A Policy governs state changes in git repositories. A state change is a change from one git commit with a policy embedded into it to the next commit, which may change the policy, the source, or both.

Implementations

impl Policy

pub fn parse_bytes<D: AsRef<[u8]>>(bytes: D) -> Result<Self>

pub fn read_file<P: AsRef<Path>>(path: P) -> Result<Policy>

Reads the policy from the given path.

pub fn read_file_or_default<P: AsRef<Path>>(path: P) -> Result<Policy>

Reads the policy from the given path.

pub fn read_from_working_dir() -> Result<Policy>

Reads the policy from the current git working directory.

Default to the empty policy if the work directory doesn’t contain a policy.

pub fn read_bytes_from_commit(git: &Repository, commit: &Oid) -> Result<Vec<u8>>

Reads the policy from the given git commit.

pub fn read_from_commit(git: &Repository, commit: &Oid) -> Result<Self>

Reads the policy from the given git commit.

pub fn write<P: AsRef<Path>>(&self, path: P) -> Result<()>

Writes the policy into a file with the given path.

pub fn write_to_working_dir(&self) -> Result<()>

Writes the policy to the current git working directory.

pub fn version(&self) -> usize

The policy version.

pub fn commit_goodlist(&self) -> &BTreeSet<String>

Set of commits that is assumed to be good.

The commits will pass verification even if it would fail for whatever reason.

To change this set, you need the audit right.

pub fn commit_goodlist_mut(&mut self) -> &mut BTreeSet<String>

Set of commits that is assumed to be good.

The commits will pass verification even if it would fail for whatever reason.

To change this set, you need the audit right.

pub fn authorization(&self) -> &BTreeMap<String, Authorization>

Set of authorizations.

The key is a free-form, human-readable identifier for the authorization.

pub fn authorization_mut(&mut self) -> &mut BTreeMap<String, Authorization>

Set of authorizations.

The key is a free-form, human-readable identifier for the authorization.

pub fn diff<'f, 't>(&'f self, other: &'t Policy) -> Result<Diff<'f, 't>>

Computes the difference between this policy and other.

pub fn verify( &self, git: &Repository, commit_id: &Oid, commit_policy: &Policy, signer_keys: &mut BTreeSet<Fingerprint>, primary_uids: &mut BTreeSet<UserID>, ) -> Result<Vec<Result<(String, Signature, Cert, Fingerprint)>>>

Verifies that the given commit adheres to this policy.

During verification, the key(s) used are stored in signer_keys, and the primary user id of the issuing cert at the time of the signing is stored in primary_uids. This information can be used to prune certs in a policy.

If the commit is goodlisted, this function returns Ok with an empty vector of verification results.

pub fn verify_archive<T, S>( &self, signature: S, archive: T, ) -> Result<Vec<Result<(String, Signature, Cert, Fingerprint)>>>

where T: AsRef<[u8]>, S: AsRef<[u8]>,

Trait Implementations

impl Clone for Policy

fn clone(&self) -> Policy

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Default for Policy

fn default() -> Policy

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for Policy

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl PartialEq for Policy

fn eq(&self, other: &Policy) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for Policy

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl Eq for Policy

impl StructuralPartialEq for Policy