gix_sec/
trust.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
use crate::Trust;

impl Trust {
    /// Derive `Full` trust if `path` is owned by the user executing the current process, or `Reduced` trust otherwise.
    pub fn from_path_ownership(path: &std::path::Path) -> std::io::Result<Self> {
        Ok(if crate::identity::is_path_owned_by_current_user(path)? {
            Trust::Full
        } else {
            Trust::Reduced
        })
    }
}

/// A trait to help creating default values based on a trust level.
pub trait DefaultForLevel {
    /// Produce a default value for the given trust `level`.
    fn default_for_level(level: Trust) -> Self;
}

/// Associate instructions for how to deal with various `Trust` levels as they are encountered in the wild.
pub struct Mapping<T> {
    /// The value for fully trusted resources.
    pub full: T,
    /// The value for resources with reduced trust.
    pub reduced: T,
}

impl<T> Default for Mapping<T>
where
    T: DefaultForLevel,
{
    fn default() -> Self {
        Mapping {
            full: T::default_for_level(Trust::Full),
            reduced: T::default_for_level(Trust::Reduced),
        }
    }
}

impl<T> Mapping<T> {
    /// Obtain the value for the given trust `level`.
    pub fn by_level(&self, level: Trust) -> &T {
        match level {
            Trust::Full => &self.full,
            Trust::Reduced => &self.reduced,
        }
    }

    /// Obtain the value for the given `level` once.
    pub fn into_value_by_level(self, level: Trust) -> T {
        match level {
            Trust::Full => self.full,
            Trust::Reduced => self.reduced,
        }
    }
}