gix_sec/
trust.rs

1use crate::Trust;
2
3impl Trust {
4    /// Derive `Full` trust if `path` is owned by the user executing the current process, or `Reduced` trust otherwise.
5    pub fn from_path_ownership(path: &std::path::Path) -> std::io::Result<Self> {
6        Ok(if crate::identity::is_path_owned_by_current_user(path)? {
7            Trust::Full
8        } else {
9            Trust::Reduced
10        })
11    }
12}
13
14/// A trait to help creating default values based on a trust level.
15pub trait DefaultForLevel {
16    /// Produce a default value for the given trust `level`.
17    fn default_for_level(level: Trust) -> Self;
18}
19
20/// Associate instructions for how to deal with various `Trust` levels as they are encountered in the wild.
21pub struct Mapping<T> {
22    /// The value for fully trusted resources.
23    pub full: T,
24    /// The value for resources with reduced trust.
25    pub reduced: T,
26}
27
28impl<T> Default for Mapping<T>
29where
30    T: DefaultForLevel,
31{
32    fn default() -> Self {
33        Mapping {
34            full: T::default_for_level(Trust::Full),
35            reduced: T::default_for_level(Trust::Reduced),
36        }
37    }
38}
39
40impl<T> Mapping<T> {
41    /// Obtain the value for the given trust `level`.
42    pub fn by_level(&self, level: Trust) -> &T {
43        match level {
44            Trust::Full => &self.full,
45            Trust::Reduced => &self.reduced,
46        }
47    }
48
49    /// Obtain the value for the given `level` once.
50    pub fn into_value_by_level(self, level: Trust) -> T {
51        match level {
52            Trust::Full => self.full,
53            Trust::Reduced => self.reduced,
54        }
55    }
56}