actix_grants_proc_macro

Attribute Macro has_permissions

source
#[has_permissions]
Expand description

Macro to сheck that the user has all the specified permissions. Allow to add a conditional restriction based on handlers parameters. Add the secure attribute followed by the the boolean expression to validate based on parameters

Also you can use you own types instead of Strings, just add type attribute with path to type

§Examples

use actix_web_grants::proc_macro::has_permissions;
use actix_web::HttpResponse;

// User should be ADMIN with OP_GET_SECRET permission
#[has_permissions["ROLE_ADMIN", "OP_GET_SECRET"]]
async fn macro_secured() -> HttpResponse {
    HttpResponse::Ok().body("some secured info")
}

// User should be ADMIN with OP_GET_SECRET permission and the user.id param should be equal
// to the path parameter {user_id}
struct User {id: i32}
#[has_permissions["ROLE_ADMIN", "OP_GET_SECRET", secure="user_id.into_inner() == user.id"]]
async fn macro_secured_params(user_id: web::Path<i32>, user: web::Data<User>) -> HttpResponse {
    HttpResponse::Ok().body("some secured info with user_id path equal to user.id")
}

// User must have MyPermissionEnum::OP_GET_SECRET (you own enum example)
#[has_permissions["OP_GET_SECRET", type = "MyPermissionEnum"]]
async fn macro_enum_secured() -> HttpResponse {
    HttpResponse::Ok().body("some secured info")
}