Expand description
Instance-admin capability view.
InstanceAdmin is the gateway for operations gated by Admin on the
_users / _databases system databases — creating users, listing users,
promoting other admins.
It is obtained via User::admin, which only
constructs it when the user actually holds instance-admin. Because the
permission is checked at construction, the operations here perform no
further check of their own, and the privilege boundary is explicit at the
call site:
ⓘ
let admin = user.admin().await?; // Err if not an instance admin
admin.create_user(NewUser::passwordless("alice")).await?;Every operation signs _users / _databases writes with the user’s
session key (never the device key), so the same calls work on both
local and remote instances.
Structs§
- Instance
Admin - Instance-admin capability view over a
Usersession.