Module ValidatePermission 

ValidatePermission

Role-based access control for IPC operations. Two atoms: SecurityContext::Struct - the per-request envelope (user / roles / permissions / IP / timestamp), and Validator::Struct - the engine that holds the role + permission tables, the operation → permissions map, and enforces the default-deny policy through Validator::Struct::ValidatePermission.

Modules

SecurityContext

Per-request security envelope - user identity, role list, direct permissions, origin IP, and request timestamp. Used by Validator::Struct::ValidatePermission to decide whether to allow an operation.

Validator

Validator::Struct - role-based access control engine. Holds the role / permission tables and the operation → required-permission mapping; enforces the default-deny + RBAC policy through ValidatePermission. The struct + impl + tests stay in one file - tightly coupled cluster.