Module authorizer

Expand description

This module contains the Cedar “authorizer”, which implements the actual authorization logic.

Together with the parser, evaluator, and other components, this comprises the “authorization engine”.

Structs§

Authorizer
Authorizer
Diagnostics
Diagnostics providing more information on how a Decision was reached
EvaluationResponse
Policy evaluation response returned from the Authorizer.
PartialResponse
A partially evaluated authorization response. Splits the results into several categories: satisfied, false, and residual for each policy effect. Also tracks all the errors that were encountered during evaluation. This structure currently has to own all of the PolicyID objects due to the Self::reauthorize method. If PolicySet could borrow its PolicyID/contents then this whole structured could be borrowed.
Response
Authorization response returned from the Authorizer

AuthorizationError
Errors that can occur during authorization
ConcretizationError
Errors that occur during concretizing a partial request
Decision
Decision returned from the Authorizer
ErrorState
Enum representing whether a policy is not satisfied due to evaluating to false, or because it errored.
ReauthorizationError
Errors that occur during reauthorizing partial responses