Struct Permissions

Source

pub struct Permissions { /* private fields */ }

Expand description

A set of granted permissions.

Internally this type stores permission IDs in a compressed bitmap for compact storage and fast membership checks. The public API accepts permission names or precomputed PermissionId values while keeping the bitmap representation internal.

In day-to-day application code, this is the type you use to grant, revoke, and check fine-grained capabilities.

§Examples

use webgates_core::permissions::Permissions;

let mut permissions = Permissions::new();
permissions
    .grant("read:profile")
    .grant("write:profile")
    .grant("delete:profile");

assert!(permissions.has("read:profile"));
assert!(!permissions.has("admin:users"));
assert!(permissions.has_all(["read:profile", "write:profile"]));
assert!(permissions.has_any(["read:profile", "admin:users"]));

Build a set immutably:

use webgates_core::permissions::Permissions;

let permissions = Permissions::new()
    .with("read:api")
    .with("write:api")
    .build();

assert!(permissions.has("read:api"));
assert!(permissions.has("write:api"));

Implementations§

Source §

impl Permissions

Source

pub fn new() -> Self

Creates a new empty permission set.

§Examples

use webgates_core::permissions::Permissions;

let permissions = Permissions::new();
assert!(permissions.is_empty());

Source

pub fn grant(&mut self, permission: P) -> &mut Self
where P: Into<PermissionId>,

Grants a permission to this set.

Returns a mutable reference to self for method chaining.

§Examples

use webgates_core::permissions::permission_id::PermissionId;
use webgates_core::permissions::Permissions;

let mut permissions = Permissions::new();
permissions
    .grant("read:profile")
    .grant(PermissionId::from("write:profile"));

assert!(permissions.has("read:profile"));
assert!(permissions.has(PermissionId::from("write:profile")));

Source

pub fn revoke(&mut self, permission: P) -> &mut Self
where P: Into<PermissionId>,

Revokes a permission from this set.

Returns a mutable reference to self for method chaining.

§Examples

use webgates_core::permissions::permission_id::PermissionId;
use webgates_core::permissions::Permissions;

let mut permissions: Permissions = ["read:profile", "write:profile"].into_iter().collect();
permissions.revoke(PermissionId::from("write:profile"));

assert!(permissions.has("read:profile"));
assert!(!permissions.has("write:profile"));

Source

pub fn has(&self, permission: P) -> bool
where P: Into<PermissionId>,

Returns true when a specific permission is granted.

§Examples

use webgates_core::permissions::permission_id::PermissionId;
use webgates_core::permissions::Permissions;

let permissions: Permissions = ["read:profile"].into_iter().collect();

assert!(permissions.has("read:profile"));
assert!(permissions.has(PermissionId::from("read:profile")));
assert!(!permissions.has("write:profile"));

Source

pub fn has_all<I, P>(&self, permissions: I) -> bool
where I: IntoIterator<Item = P>, P: Into<PermissionId>,

Returns true when all specified permissions are granted.

§Examples

use webgates_core::permissions::permission_id::PermissionId;
use webgates_core::permissions::Permissions;

let permissions: Permissions = [
    "read:profile",
    "write:profile",
    "read:posts",
].into_iter().collect();

assert!(permissions.has_all(["read:profile", "write:profile"]));
assert!(permissions.has_all([PermissionId::from("read:profile")]));
assert!(!permissions.has_all(["read:profile", "admin:users"]));

Source

pub fn has_any<I, P>(&self, permissions: I) -> bool
where I: IntoIterator<Item = P>, P: Into<PermissionId>,

Returns true when any of the specified permissions are granted.

§Examples

use webgates_core::permissions::permission_id::PermissionId;
use webgates_core::permissions::Permissions;

let permissions: Permissions = ["read:profile"].into_iter().collect();

assert!(permissions.has_any(["read:profile", "write:profile"]));
assert!(permissions.has_any([PermissionId::from("read:profile")]));
assert!(!permissions.has_any(["write:profile", "admin:users"]));

Source

pub fn len(&self) -> usize

Returns the number of granted permissions in this set.

§Examples

use webgates_core::permissions::Permissions;

let permissions: Permissions = ["read:profile", "write:profile"].into_iter().collect();
assert_eq!(permissions.len(), 2);

Source

pub fn is_empty(&self) -> bool

Returns true if the set contains no permissions.

§Examples

use webgates_core::permissions::Permissions;

let permissions = Permissions::new();
assert!(permissions.is_empty());

let mut permissions = Permissions::new();
permissions.grant("read:profile");
assert!(!permissions.is_empty());

Source

pub fn clear(&mut self)

Removes all permissions from this set.

§Examples

use webgates_core::permissions::Permissions;

let mut permissions: Permissions = ["read:profile", "write:profile"].into_iter().collect();
assert!(!permissions.is_empty());

permissions.clear();
assert!(permissions.is_empty());

Source

pub fn union(&mut self, other: &Permissions) -> &mut Self

Merges another permission set into this one.

After this call, the set contains every permission that exists in either set.

§Examples

use webgates_core::permissions::Permissions;

let mut permissions1: Permissions = ["read:profile"].into_iter().collect();
let permissions2: Permissions = ["write:profile"].into_iter().collect();

permissions1.union(&permissions2);

assert!(permissions1.has("read:profile"));
assert!(permissions1.has("write:profile"));

Source

pub fn intersection(&mut self, other: &Permissions) -> &mut Self

Intersects this set with another permission set.

After this call, only permissions present in both sets remain.

§Examples

use webgates_core::permissions::Permissions;

let mut permissions1: Permissions = ["read:profile", "write:profile"].into_iter().collect();
let permissions2: Permissions = ["read:profile", "admin:users"].into_iter().collect();

permissions1.intersection(&permissions2);

assert!(permissions1.has("read:profile"));
assert!(!permissions1.has("write:profile"));
assert!(!permissions1.has("admin:users"));

Source

pub fn difference(&mut self, other: &Permissions) -> &mut Self

Removes from this set any permissions that also exist in another set.

§Examples

use webgates_core::permissions::Permissions;

let mut permissions1: Permissions = ["read:profile", "write:profile"].into_iter().collect();
let permissions2: Permissions = ["write:profile"].into_iter().collect();

permissions1.difference(&permissions2);

assert!(permissions1.has("read:profile"));
assert!(!permissions1.has("write:profile"));

Source

pub fn with(self, permission: P) -> Self
where P: Into<PermissionId>,

Builder-style variant of Self::grant.

Use this when constructing a permission set fluently without mutable access.

§Examples

use webgates_core::permissions::permission_id::PermissionId;
use webgates_core::permissions::Permissions;

let permissions = Permissions::new()
    .with("read:profile")
    .with(PermissionId::from("write:profile"))
    .build();

assert!(permissions.has("read:profile"));
assert!(permissions.has("write:profile"));

Source

pub fn build(self) -> Self

Finalizes the fluent builder pattern.

This returns self unchanged and mostly serves readability in builder-style code.

§Examples

use webgates_core::permissions::Permissions;

let permissions = Permissions::new()
    .with("read:profile")
    .with("write:profile")
    .build();

Source

pub fn iter(&self) -> impl Iterator<Item = u64> + '_

Returns an iterator over the raw permission IDs in this set.

Use this when you need to inspect all granted permissions or integrate with lower-level systems that work with permission IDs directly.

§Examples

use webgates_core::permissions::Permissions;

let permissions: Permissions = ["read:profile", "write:profile"].into_iter().collect();
let ids: Vec<u64> = permissions.iter().collect();
assert_eq!(ids.len(), 2);

Trait Implementations§

Source §

impl AsRef<RoaringTreemap> for Permissions

Source §

fn as_ref(&self) -> &RoaringTreemap

Converts this type into a shared reference of the (usually inferred) input type.

Source §

impl Clone for Permissions

Source §

fn clone(&self) -> Permissions

Returns a duplicate of the value. Read more

1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Source §

impl Debug for Permissions

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Source §

impl Default for Permissions

Source §

fn default() -> Self

Returns the “default value” for a type. Read more

Source §

impl<'de> Deserialize<'de> for Permissions

Source §

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more

Source §

impl Display for Permissions

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Source §

impl From<Permissions> for RoaringTreemap

Source §

fn from(permissions: Permissions) -> Self

Converts to this type from the input type.

Source §

impl From<RoaringTreemap> for Permissions

Source §

fn from(bitmap: RoaringTreemap) -> Self

Converts to this type from the input type.

Source §

impl FromIterator for Permissions
where P: Into<PermissionId>,

Source §

fn from_iter<I: IntoIterator<Item = P>>(iter: I) -> Self

Creates a permission set from an iterator of permission values.

§Examples

use webgates_core::permissions::Permissions;

let permissions: Permissions = ["read:profile", "write:profile", "read:posts"]
    .into_iter()
    .collect();

assert!(permissions.has("read:profile"));
assert!(permissions.has("write:profile"));
assert!(permissions.has("read:posts"));