Development Documentation (main branch) - For stable release docs, see docs.rs/eidetica

AuthSettings

eidetica::auth::settings

Struct AuthSettings 

Source 
pub struct AuthSettings { /* private fields */ }
Expand description

Authentication settings view/interface over Doc data

Keys are stored by pubkey in the “keys” sub-object. Delegations are stored by root tree ID in the “delegations” sub-object. Global permission is stored in the “global” sub-object.

Implementations§

Source§

impl AuthSettings

Source

pub fn new() -> Self

Create a new empty auth settings view

Source

pub fn as_doc(&self) -> &Doc

Get the underlying Doc for direct access

Source

pub fn as_doc_mut(&mut self) -> &mut Doc

Get mutable access to the underlying Doc

Source

pub fn add_key(&mut self, pubkey: &PublicKey, key: AuthKey) -> Result<()>

Add a new authentication key by pubkey (fails if key already exists)

§Arguments
  • pubkey - The public key
  • key - The AuthKey containing permissions, status, and optional name
Source

pub fn overwrite_key(&mut self, pubkey: &PublicKey, key: AuthKey) -> Result<()>

Explicitly overwrite an existing authentication key

Source

pub fn get_key_by_pubkey(&self, pubkey: &PublicKey) -> Result<AuthKey>

Get a key by its public key

Source

pub fn find_keys_by_name(&self, name: &str) -> Vec<(String, AuthKey)>

Find keys by name (may return multiple if names collide)

Returns Vec of (pubkey, AuthKey) tuples sorted by pubkey for deterministic ordering.

Source

pub fn get_all_keys(&self) -> Result<HashMap<String, AuthKey>>

Get all authentication keys

Source

pub fn rename_key( &mut self, pubkey: &PublicKey, name: Option<&str>, ) -> Result<()>

Rename a key by pubkey

Updates only the display name of an existing key, preserving its permissions and status.

Source

pub fn revoke_key(&mut self, pubkey: &PublicKey) -> Result<()>

Revoke a key by pubkey

Source

pub fn add_delegated_tree(&mut self, tree_ref: DelegatedTreeRef) -> Result<()>

Add or update a delegated tree reference

The delegation is stored by root tree ID, extracted from tree_ref.tree.root. This ensures collision-resistant storage similar to key storage by pubkey.

Source

pub fn get_delegated_tree(&self, root_id: &ID) -> Result<DelegatedTreeRef>

Get a delegated tree reference by root tree ID

Source

pub fn get_delegated_tree_by_str( &self, root_id: &str, ) -> Result<DelegatedTreeRef>

Get a delegated tree reference by root tree ID string

This variant accepts a string directly, useful when the ID comes from a DelegationStep.tree field which stores the root ID as a string.

Source

pub fn get_all_delegated_trees(&self) -> Result<HashMap<ID, DelegatedTreeRef>>

Get all delegated tree references

Returns a map from root tree ID to the delegation reference.

Source

pub fn set_global_permission(&mut self, key: AuthKey)

Set the global permission

Stores the global permission at the global path, separate from individual key entries in the keys namespace.

Source

pub fn get_global_key(&self) -> Result<AuthKey>

Get the global permission AuthKey

Reads from the global path.

Source

pub fn resolve_hint(&self, hint: &KeyHint) -> Result<Vec<ResolvedAuth>>

Resolve a key hint to matching authentication info

Returns Vec of ResolvedAuth. For pubkey hints, returns at most one. For name hints, may return multiple if names collide. Caller should try each until signature verifies.

§Name Collision Handling

When multiple keys share the same name, all matching keys are returned. The caller (typically validate_entry) should iterate through the matches and attempt signature verification with each until one succeeds.

Source

pub fn has_global_permission(&self) -> bool

Check if global permission exists and is active

Source

pub fn get_global_permission(&self) -> Option<Permission>

Get global permission level if it exists and is active

Source

pub fn global_permission_grants_access( &self, requested_permission: &Permission, ) -> bool

Check if global permission grants sufficient access

Source

pub fn can_access( &self, pubkey: &PublicKey, requested_permission: &Permission, ) -> bool

Check if a public key can access the database with the requested permission

Source

pub fn find_all_sigkeys_for_pubkey( &self, pubkey: &PublicKey, ) -> Vec<(SigKey, Permission)>

Find all SigKeys that a public key can use to access this database

Returns (SigKey, Permission) tuples sorted by permission (highest first)

Source

pub fn resolve_sig_key_for_operation( &self, pubkey: &PublicKey, ) -> Result<(SigKey, Permission)>

Resolve which SigKey should be used for an operation

Returns the SigKey with highest permission for the given pubkey.

Source

pub fn can_modify_key( &self, signing_key: &ResolvedAuth, target_pubkey: &PublicKey, ) -> Result<bool>

Check if a signing key can modify an existing target key

Source

pub fn can_create_key( &self, signing_key: &ResolvedAuth, new_key_permissions: &Permission, ) -> Result<bool>

Check if a signing key can create a new key with the specified permissions

Trait Implementations§

Source§

impl Clone for AuthSettings

Source§

fn clone(&self) -> AuthSettings

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AuthSettings

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for AuthSettings

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for AuthSettings

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl From<AuthSettings> for Doc

Source§

fn from(settings: AuthSettings) -> Doc

Converts to this type from the input type.
Source§

impl From<Doc> for AuthSettings

Source§

fn from(doc: Doc) -> Self

Converts to this type from the input type.
Source§

impl Serialize for AuthSettings

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
§

impl<T> CompatExt for T

§

fn compat(self) -> Compat<T>

Applies the [Compat] adapter by value. Read more
§

fn compat_ref(&self) -> Compat<&T>

Applies the [Compat] adapter by shared reference. Read more
§

fn compat_mut(&mut self) -> Compat<&mut T>

Applies the [Compat] adapter by mutable reference. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FromRef<T> for T
where T: Clone,

§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
§

impl<T> PolicyExt for T
where T: ?Sized,

§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] only if self and other return Action::Follow. Read more
§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

§

impl<M> Meta for M
where M: Default,