actix-web-grants

Extension for actix-web to validate user permissions.

Apache 2.0 or MIT licensed

To check user access to specific services, you can use built-in proc-macro, PermissionGuard or manual.

The library can also be integrated with third-party solutions (like [actix-web-httpauth]).

Example of `proc-macro` way protection

```rust use actixwebgrants::procmacro::{haspermissions};

[get("/secure")]

[haspermissions("OPREADSECUREDINFO")]

async fn macrosecured() -> HttpResponse { HttpResponse::Ok().body("ADMINRESPONSE") } ```

Example of `Guard` way protection

```rust use actixwebgrants::{PermissionGuard, GrantsMiddleware};

App::new() .wrap(GrantsMiddleware::withextractor(extract)) .service(web::resource("/admin") .to(|| async { HttpResponse::Ok().finish() }) .guard(PermissionGuard::new("ROLEADMIN".to_string()))) ```

Example of manual way protection

```rust use actixwebgrants::permissions::{AuthDetails, PermissionsCheck};

async fn manualsecure(details: AuthDetails) -> HttpResponse { if details.haspermission(ROLEADMIN) { return HttpResponse::Ok().body("ADMINRESPONSE"); } HttpResponse::Ok().body("OTHER_RESPONSE") } ```

You can find more [examples] in the git repository folder and [documentation].