pub struct GrantsMiddleware<E, Req, Type>where
    for<'a> E: PermissionsExtractor<'a, Req, Type>,
    Type: PartialEq + Clone + 'static,{ /* private fields */ }
Expand description

Built-in middleware for extracting user permission.

Examples

use actix_web::dev::ServiceRequest;
use actix_web::{get, App, Error, HttpResponse, HttpServer, Responder};

use actix_web_grants::permissions::{AuthDetails, PermissionsCheck};
use actix_web_grants::{proc_macro::has_permissions, GrantsMiddleware};

fn main() {
    HttpServer::new(|| {
        let auth = GrantsMiddleware::with_extractor(extract);
        App::new()
            .wrap(auth)
            .service(you_service)
    });
}

// You can use both &ServiceRequest and &mut ServiceRequest
// Futhermore, you can use you own type instead of `String` (e.g. Enum).
async fn extract(_req: &ServiceRequest) -> Result<Vec<String>, Error> {
   // Here is a place for your code to get user permissions/grants/permissions from a request
   // For example from a token or database

   // Stub example
   Ok(vec!["ROLE_ADMIN".to_string()])
}

// `has_permissions` is one of options to validate permissions.
// `proc-macro` crate has additional features, like ABAC security and custom types. See examples and `proc-macro` crate docs.
#[get("/admin")]
#[has_permissions("ROLE_ADMIN")]
async fn you_service() -> impl Responder {
    HttpResponse::Ok().finish()
}

Implementations§

source§

impl<E, Req, Type> GrantsMiddleware<E, Req, Type>where for<'a> E: PermissionsExtractor<'a, Req, Type>, Type: PartialEq + Clone + 'static,

source

pub fn with_extractor(extractor: E) -> GrantsMiddleware<E, Req, Type>

Create middleware by PermissionsExtractor.

You can use a built-in implementation for async fn with a suitable signature (see example below). Or you can define your own implementation of trait.

Example of function with implementation of PermissionsExtractor
use actix_web::dev::ServiceRequest;
use actix_web::Error;

async fn extract(_req: &ServiceRequest) -> Result<Vec<String>, Error> {
    // Here is a place for your code to get user permissions/grants/permissions from a request
     // For example from a token or database
    Ok(vec!["WRITE_ACCESS".to_string()])
}

// Or with you own type:
#[derive(PartialEq, Clone)] // required bounds
enum Permission { WRITE, READ }
async fn extract_enum(_req: &ServiceRequest) -> Result<Vec<Permission>, Error> {
    // Here is a place for your code to get user permissions/grants/permissions from a request
     // For example from a token, database or external service
    Ok(vec![Permission::WRITE])
}

Trait Implementations§

source§

impl<S, B, E, Req, Type> Transform<S, ServiceRequest> for GrantsMiddleware<E, Req, Type>where S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static, for<'a> E: PermissionsExtractor<'a, Req, Type> + 'static, Type: PartialEq + Clone + 'static,

§

type Response = ServiceResponse<B>

Responses produced by the service.
§

type Error = Error

Errors produced by the service.
§

type Transform = GrantsService<S, E, Req, Type>

The TransformService value created by this factory
§

type InitError = ()

Errors produced while building a transform service.
§

type Future = Ready<Result<<GrantsMiddleware<E, Req, Type> as Transform<S, ServiceRequest>>::Transform, <GrantsMiddleware<E, Req, Type> as Transform<S, ServiceRequest>>::InitError>>

The future response value.
source§

fn new_transform(&self, service: S) -> Self::Future

Creates and returns a new Transform component, asynchronously

Auto Trait Implementations§

§

impl<E, Req, Type> RefUnwindSafe for GrantsMiddleware<E, Req, Type>where E: RefUnwindSafe, Req: RefUnwindSafe, Type: RefUnwindSafe,

§

impl<E, Req, Type> !Send for GrantsMiddleware<E, Req, Type>

§

impl<E, Req, Type> !Sync for GrantsMiddleware<E, Req, Type>

§

impl<E, Req, Type> Unpin for GrantsMiddleware<E, Req, Type>where Req: Unpin, Type: Unpin,

§

impl<E, Req, Type> UnwindSafe for GrantsMiddleware<E, Req, Type>where E: RefUnwindSafe, Req: UnwindSafe, Type: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

source§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more