Extension for [
rocket] to validate user permissions.
To check user access to specific services, you can use built-in proc-macro, PermissionGuard or manual.
Provides a complete analogue of the [actix-web-grants] and [poem-grants].
The easiest way is to declare a function with the following signature:
rust,ignore
// You can use custom type instead of String
async fn extract(req: &rocket::Request<'_>) -> Option<Vec<String>>
rust,ignore
rocket::build().mount("/api", rocket::routes![endpoint])
.attach(GrantsFairing::with_extractor_fn(|req| {
Box::pin(extract(req)) // example with a separate async function, but you can write a closure right here
}))
Steps 1 and 2 can be replaced by integration with your custom fairing.
proc-macro way protection```rust,no_run
async fn macrosecured() -> &'static str { "ADMINRESPONSE" } ```
Here is an example using the type and secure attributes. But these are independent features.
secure allows you to include some checks in the macro based on function params.
type allows you to use a custom type for the roles and permissions (then the fairing needs to be configured).
Take a look at an enum-role example
```rust,ignore use enums::Role::{self, ADMIN}; use dto::User;
async fn rolemacrosecuredwithparams(user_id: i32, user: Json
```rust,norun use rocketgrants::permissions::{AuthDetails, PermissionsCheck};
async fn manualsecure(details: AuthDetails) -> &'static str { if details.haspermission("ROLEADMIN") { return "ADMINRESPONSE" } "OTHER_RESPONSE" } ```
You can find more [examples] in the git repository folder and [documentation].
rocket versionsrocket-grants: 0.5.* supported version of rocket is 0.5.*