Struct Access Control Repository &nbsp; Copy item path

impl AccessControlRepository

pub async fn get_entity( &self, entity_type: EntityKind, entity_id: &str, ) -> AuthzResult<Option<EntityRow>>

Look up one entity catalog row. Ok(None) means the entity has no catalog row at all (publish-pipeline bootstrap gap) — the resolver turns this into crate::authz::DenyReason::UnknownEntity.

pub async fn upsert_entity( &self, entity_type: EntityKind, entity_id: &str, default_included: bool, source: &str, ) -> AuthzResult<()>

Upsert an entity catalog row. Always overwrites default_included and source so the most recent bootstrap pass wins — the publish pipeline is the source of truth and runs ahead of YAML grant ingestion.

pub async fn list_entities( &self, entity_type: EntityKind, ) -> AuthzResult<Vec<EntityRow>>

Bulk-fetch every catalog row for a given kind. Used by the CLI lint and the publish-pipeline validator to detect rules pointing at entities the bootstrap pass never registered.

impl AccessControlRepository

pub async fn list_role_rules_for_export( &self, ) -> AuthzResult<Vec<ExportRuleRow>>

pub async fn list_rules_for_entity( &self, entity_type: EntityKind, entity_id: &str, ) -> AuthzResult<Vec<AccessRule>>

pub async fn list_rules_bulk( &self, entity_type: EntityKind, entity_ids: &[String], ) -> AuthzResult<HashMap<String, Vec<AccessRule>>>

pub async fn upsert_rule( &self, params: UpsertRuleParams<'_>, ) -> AuthzResult<AccessRule>

Fails with a foreign-key violation if no entity catalog row exists for (entity_type, entity_id) — register the entity via Self::upsert_entity first.

pub async fn set_justification( &self, rule_id: &RuleId, justification: Option<&str>, ) -> AuthzResult<bool>

None clears the operator note.

pub fn from_pool(pool: Arc<PgPool>) -> Self

Trait Implementations§

impl Clone for AccessControlRepository

fn clone(&self) -> AccessControlRepository

Returns a duplicate of the value. Read more

1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for AccessControlRepository

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

impl Freeze for AccessControlRepository

impl !RefUnwindSafe for AccessControlRepository

impl Send for AccessControlRepository

impl Sync for AccessControlRepository

impl Unpin for AccessControlRepository

impl UnsafeUnpin for AccessControlRepository

impl !UnwindSafe for AccessControlRepository

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> DynClone for T
where T: Clone,

fn __clone_box(&self, _: Private) -> *mut ()

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> FromRef<T> for T
where T: Clone,

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> IntoEither for T

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

impl<T> PolicyExt for T
where T: ?Sized,

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more

impl<T> Same for T

type Output = T

Should always be Self

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom>::Error>

Performs the conversion.

impl<T, U> TryInto for T
where U: TryFrom<T>,

type Error = >::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, >::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more