Expand description
This module contains the Cedar “authorizer”, which implements the actual authorization logic.
Together with the parser, evaluator, and other components, this comprises the “authorization engine”.
Structs§
- Authorizer
- Authorizer
- Diagnostics
- Diagnostics providing more information on how a
Decisionwas reached - Evaluation
Response - Policy evaluation response returned from the
Authorizer. - Partial
Response - A partially evaluated authorization response.
Splits the results into several categories: satisfied, false, and residual for each policy effect.
Also tracks all the errors that were encountered during evaluation.
This structure currently has to own all of the
PolicyIDobjects due to theSelf::reauthorizemethod. IfPolicySetcould borrow its PolicyID/contents then this whole structured could be borrowed. - Response
- Authorization response returned from the
Authorizer
Enums§
- Authorization
Error - Errors that can occur during authorization
- Concretization
Error - Errors that occur during concretizing a partial request
- Decision
- Decision returned from the
Authorizer - Error
State - Enum representing whether a policy is not satisfied due to
evaluating to
false, or because it errored. - Reauthorization
Error - Errors that occur during reauthorizing partial responses