pub fn mint_capability<P, R>(
engine: &dyn PolicyEngine,
subject: &str,
resource: &R,
) -> Result<Capability<P, R>, CapabilityError>where
P: Permission,
R: Resource,Expand description
Mint a Capability by running a policy check.
This is the only public way to obtain a Capability outside typesec-core’s
test module. The engine performs the check, logs the decision, and either
returns a typed capability or an error.
Implemented as a free function (not a trait method) so that PolicyEngine
remains object-safe (dyn PolicyEngine is valid).
§Why is this the only path?
Capability::new_unchecked is pub(crate). Only code inside typesec-core
can call it. This function is that single gated path — it calls the policy
engine, logs the verdict, and only creates a capability on Allow.