Mountain/IPC/Permission/Role/ManageRole/
Permission.rs

1#![allow(non_snake_case)]
2
3//! `Permission::Struct` - RBAC permission descriptor.
4//! `category.action` name shape (validated by `Validate`),
5//! human description, category bucket, and an `IsSensitive`
6//! flag that drives elevated audit logging in the
7//! `LogEvent` module.
8
9use serde::{Deserialize, Serialize};
10
11#[derive(Debug, Clone, Serialize, Deserialize)]
12pub struct Struct {
13	pub Name:String,
14	pub Description:String,
15	pub Category:String,
16	pub IsSensitive:bool,
17}
18
19impl Struct {
20	pub fn New(Name:String, Description:String, Category:String) -> Self {
21		Self { Name, Description, Category, IsSensitive:false }
22	}
23
24	pub fn NewSensitive(Name:String, Description:String, Category:String) -> Self {
25		Self { Name, Description, Category, IsSensitive:true }
26	}
27
28	pub fn SetSensitive(mut self) -> Self {
29		self.IsSensitive = true;
30		self
31	}
32
33	pub fn GetAction(&self) -> String { self.Name.rsplit('.').next().unwrap_or("unknown").to_string() }
34
35	pub fn GetCategory(&self) -> String {
36		if let Some(pos) = self.Name.rfind('.') {
37			self.Name[..pos].to_string()
38		} else {
39			"unknown".to_string()
40		}
41	}
42
43	pub fn Validate(&self) -> Result<(), String> {
44		if self.Name.is_empty() {
45			return Err("Permission name cannot be empty".to_string());
46		}
47
48		if self.Name.contains(|c:char| c.is_whitespace()) {
49			return Err("Permission name cannot contain whitespace".to_string());
50		}
51
52		if !self.Name.contains('.') {
53			return Err("Permission name must contain a dot separating category and action".to_string());
54		}
55
56		if self.Description.is_empty() {
57			return Err("Permission description cannot be empty".to_string());
58		}
59
60		if self.Category.is_empty() {
61			return Err("Permission category cannot be empty".to_string());
62		}
63
64		Ok(())
65	}
66}
Mountain/IPC/Permission/Role/ManageRole/Permission.rs

Mountain/IPC/Permission/Role/ManageRole/
Permission.rs
