pub struct CollectionPolicyConfig {
pub owner: Option<String>,
pub create: Option<String>,
pub update: Option<String>,
pub delete: Option<String>,
pub read: Option<String>,
pub filter: Option<String>,
pub fields: FieldRulesConfig,
}Expand description
Raw per-collection authorization policy — one per [collections.name] in what.toml.
Semantic validation (reserved words, invalid combinations) happens when the
PolicyRegistry is built at startup, so errors fail loud with the collection name.
§Example (what.toml)
[collections.notes]
create = "all"
update = "owner"
delete = "owner, admin"
read = "owner"
[collections.orders]
filter = "org_id=#user.org_id#"
fields.private = ["internal_margin"]Fields§
§owner: Option<String>Ownership mode: “auto” (default — stamp _owner on create) or “none”
create: Option<String>Who may create records: “all” | “user” | “none” | role list (“editor, admin”)
update: Option<String>Who may update records: adds “owner” to the create vocabulary
delete: Option<String>Who may delete records
read: Option<String>Who may read records — owner/user/roles force a WHERE scope on every fetch
filter: Option<String>Forced filter AND-ed into every read and checked on mutations.
Supports #user.*# / #session.*# interpolation, e.g. “org_id=#user.org_id#”
fields: FieldRulesConfigField-level rules
Trait Implementations§
Source§impl Clone for CollectionPolicyConfig
impl Clone for CollectionPolicyConfig
Source§fn clone(&self) -> CollectionPolicyConfig
fn clone(&self) -> CollectionPolicyConfig
Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source. Read moreSource§impl Debug for CollectionPolicyConfig
impl Debug for CollectionPolicyConfig
Source§impl Default for CollectionPolicyConfig
impl Default for CollectionPolicyConfig
Source§fn default() -> CollectionPolicyConfig
fn default() -> CollectionPolicyConfig
Returns the “default value” for a type. Read more
Source§impl<'de> Deserialize<'de> for CollectionPolicyConfig
impl<'de> Deserialize<'de> for CollectionPolicyConfig
Source§fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
Auto Trait Implementations§
impl Freeze for CollectionPolicyConfig
impl RefUnwindSafe for CollectionPolicyConfig
impl Send for CollectionPolicyConfig
impl Sync for CollectionPolicyConfig
impl Unpin for CollectionPolicyConfig
impl UnsafeUnpin for CollectionPolicyConfig
impl UnwindSafe for CollectionPolicyConfig
Blanket Implementations§
Source§impl<T> ArchivePointee for T
impl<T> ArchivePointee for T
Source§type ArchivedMetadata = ()
type ArchivedMetadata = ()
The archived version of the pointer metadata for this type.
Source§fn pointer_metadata(
_: &<T as ArchivePointee>::ArchivedMetadata,
) -> <T as Pointee>::Metadata
fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata, ) -> <T as Pointee>::Metadata
Converts some archived metadata to the pointer metadata for itself.
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<F, W, T, D> Deserialize<With<T, W>, D> for F
impl<F, W, T, D> Deserialize<With<T, W>, D> for F
impl<T> DeserializeOwned for Twhere
T: for<'de> Deserialize<'de>,
impl<A, B, T> HttpServerConnExec<A, B> for Twhere
B: Body,
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
Converts
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
Converts
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more