pub struct CollectionPolicy {
pub owner_mode: OwnerMode,
pub create: Rule,
pub update: Rule,
pub delete: Rule,
pub read: Rule,
pub filter: Option<String>,
pub readonly_fields: Vec<String>,
pub private_fields: Vec<String>,
pub explicit: bool,
}Expand description
A compiled collection policy.
Fields§
§owner_mode: OwnerMode§create: Rule§update: Rule§delete: Rule§read: Rule§filter: Option<String>§readonly_fields: Vec<String>§private_fields: Vec<String>§explicit: boolWhether this policy was explicitly declared (vs the implicit default).
Implementations§
Source§impl CollectionPolicy
impl CollectionPolicy
Sourcepub fn is_read_scoped(&self) -> bool
pub fn is_read_scoped(&self) -> bool
Whether reads of this collection are restricted in any way.
Sourcepub fn allows_create(&self, actor: &Actor) -> bool
pub fn allows_create(&self, actor: &Actor) -> bool
Authorize a create.
Sourcepub fn allows_mutation(
&self,
actor: &Actor,
record: Option<&Value>,
kind: MutationKind,
resolved_filter: Option<&str>,
) -> Decision
pub fn allows_mutation( &self, actor: &Actor, record: Option<&Value>, kind: MutationKind, resolved_filter: Option<&str>, ) -> Decision
Authorize an update/delete against the existing record.
resolved_filter is the tenant filter with #var# already resolved; if
present, the record must also satisfy it (otherwise a tenant could mutate
another tenant’s row by guessing its id).
Sourcepub fn read_scope(
&self,
actor: &Actor,
filter_ctx: &HashMap<String, Value>,
) -> ReadScope
pub fn read_scope( &self, actor: &Actor, filter_ctx: &HashMap<String, Value>, ) -> ReadScope
Compute the read scope for actor. filter_ctx supplies #var# values
(user/session) for the tenant filter.
Sourcepub fn resolved_filter(
&self,
filter_ctx: &HashMap<String, Value>,
) -> Option<String>
pub fn resolved_filter( &self, filter_ctx: &HashMap<String, Value>, ) -> Option<String>
The resolved tenant filter for mutation checks, or None.
Sourcepub fn stamp_owner(&self, map: &mut Map<String, Value>, actor: &Actor)
pub fn stamp_owner(&self, map: &mut Map<String, Value>, actor: &Actor)
Stamp _owner into a new record’s field map (create only).
Sourcepub fn sanitize_input(&self, map: &mut Map<String, Value>)
pub fn sanitize_input(&self, map: &mut Map<String, Value>)
Remove client-supplied values the server manages: the _owner field
(never trust it from input) and any fields.readonly.
Trait Implementations§
Source§impl Clone for CollectionPolicy
impl Clone for CollectionPolicy
Source§fn clone(&self) -> CollectionPolicy
fn clone(&self) -> CollectionPolicy
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read moreSource§impl Debug for CollectionPolicy
impl Debug for CollectionPolicy
Auto Trait Implementations§
impl Freeze for CollectionPolicy
impl RefUnwindSafe for CollectionPolicy
impl Send for CollectionPolicy
impl Sync for CollectionPolicy
impl Unpin for CollectionPolicy
impl UnsafeUnpin for CollectionPolicy
impl UnwindSafe for CollectionPolicy
Blanket Implementations§
Source§impl<T> ArchivePointee for T
impl<T> ArchivePointee for T
Source§type ArchivedMetadata = ()
type ArchivedMetadata = ()
Source§fn pointer_metadata(
_: &<T as ArchivePointee>::ArchivedMetadata,
) -> <T as Pointee>::Metadata
fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata, ) -> <T as Pointee>::Metadata
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<F, W, T, D> Deserialize<With<T, W>, D> for F
impl<F, W, T, D> Deserialize<With<T, W>, D> for F
impl<A, B, T> HttpServerConnExec<A, B> for Twhere
B: Body,
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more