#[has_permissions]
Expand description
Macro to сheck that the user has all the specified permissions.
Allow to add a conditional restriction based on handlers parameters.
Add the secure
attribute followed by the the boolean expression to validate based on parameters
Also you can use you own types instead of Strings, just add type
attribute with path to type
§Examples
use actix_web_grants::proc_macro::has_permissions;
use actix_web::HttpResponse;
// User should be ADMIN with OP_GET_SECRET permission
#[has_permissions["ROLE_ADMIN", "OP_GET_SECRET"]]
async fn macro_secured() -> HttpResponse {
HttpResponse::Ok().body("some secured info")
}
// User should be ADMIN with OP_GET_SECRET permission and the user.id param should be equal
// to the path parameter {user_id}
struct User {id: i32}
#[has_permissions["ROLE_ADMIN", "OP_GET_SECRET", secure="user_id.into_inner() == user.id"]]
async fn macro_secured_params(user_id: web::Path<i32>, user: web::Data<User>) -> HttpResponse {
HttpResponse::Ok().body("some secured info with user_id path equal to user.id")
}
// User must have MyPermissionEnum::OP_GET_SECRET (you own enum example)
#[has_permissions["OP_GET_SECRET", type = "MyPermissionEnum"]]
async fn macro_enum_secured() -> HttpResponse {
HttpResponse::Ok().body("some secured info")
}