52 lines
1.4 KiB
Rust
52 lines
1.4 KiB
Rust
#[derive(Clone, Debug, Eq, PartialEq, PartialOrd)]
|
|
pub enum Level {
|
|
No,
|
|
Kv,
|
|
Ns,
|
|
Db,
|
|
Sc,
|
|
}
|
|
|
|
/// Specifies the authentication level for the datastore execution context.
|
|
#[derive(Clone, Debug, Eq, PartialEq, PartialOrd)]
|
|
pub enum Auth {
|
|
/// Specifies that the user is not authenticated
|
|
No,
|
|
/// Specifies that the user is authenticated with full root permissions
|
|
Kv,
|
|
/// Specifies that the user is has full permissions for a particular Namespace
|
|
Ns(String),
|
|
/// Specifies that the user is has full permissions for a particular Namespace and Database
|
|
Db(String, String),
|
|
/// Specifies that the user is has full permissions for a particular Namespace, Database, and Scope
|
|
Sc(String, String, String),
|
|
}
|
|
|
|
impl Default for Auth {
|
|
fn default() -> Self {
|
|
Auth::No
|
|
}
|
|
}
|
|
|
|
impl Auth {
|
|
/// Checks whether permissions clauses need to be processed
|
|
pub(crate) fn perms(&self) -> bool {
|
|
match self {
|
|
Auth::No => true,
|
|
Auth::Sc(_, _, _) => true,
|
|
Auth::Db(_, _) => false,
|
|
Auth::Ns(_) => false,
|
|
Auth::Kv => false,
|
|
}
|
|
}
|
|
/// Checks whether the current authentication matches the required level
|
|
pub(crate) fn check(&self, level: Level) -> bool {
|
|
match self {
|
|
Auth::No => matches!(level, Level::No),
|
|
Auth::Sc(_, _, _) => matches!(level, Level::No | Level::Sc),
|
|
Auth::Db(_, _) => matches!(level, Level::No | Level::Sc | Level::Db),
|
|
Auth::Ns(_) => matches!(level, Level::No | Level::Sc | Level::Db | Level::Ns),
|
|
Auth::Kv => true,
|
|
}
|
|
}
|
|
}
|