spawn_access_control/
access_manager.rs1use crate::{Role, Resource, AccessControl};
2use std::collections::HashMap;
3use tokio::sync::RwLock;
4use std::sync::Arc;
5
6pub struct AccessManager {
7 users: RwLock<HashMap<String, AccessControl>>,
8 rate_limiter: Arc<RwLock<RateLimiter>>,
9}
10
11#[derive(Clone)]
12pub struct RateLimiter {
13 #[allow(dead_code)]
14 max_requests: u32,
15 #[allow(dead_code)]
16 window_size: chrono::Duration,
17}
18
19impl RateLimiter {
20 pub fn new(max_requests: u32, window_size: chrono::Duration) -> Self {
21 Self {
22 max_requests,
23 window_size,
24 }
25 }
26
27 pub fn is_within_limit(&self) -> bool {
28 true
29 }
30}
31
32impl AccessManager {
33 pub fn new() -> Self {
34 Self {
35 users: RwLock::new(HashMap::new()),
36 rate_limiter: Arc::new(RwLock::new(RateLimiter::new(100, chrono::Duration::seconds(60)))),
37 }
38 }
39
40 pub async fn add_user(&self, username: String, role: Role) {
41 let mut users = self.users.write().await;
42 let mut access_control = AccessControl::new();
43 access_control.add_role(role);
44 users.insert(username, access_control);
45 }
46
47 pub async fn check_access(&self, username: &str, resource: &Resource) -> bool {
48 let users = self.users.read().await;
49 if let Some(access_control) = users.get(username) {
50 let rate_limiter = self.rate_limiter.read().await;
51 if rate_limiter.is_within_limit() {
52 return access_control.has_access(resource);
53 }
54 }
55 false
56 }
57
58 pub async fn add_role_to_user(&self, username: &str, role: Role) {
59 let mut users = self.users.write().await;
60 if let Some(access_control) = users.get_mut(username) {
61 access_control.add_role(role);
62 }
63 }
64}