Struct security_framework::authorization::Authorization

source ·

pub struct Authorization { /* private fields */ }

Expand description

A wrapper around AuthorizationCreate and functions which operate on an AuthorizationRef.

Implementations§

source §

impl Authorization

source

pub fn default() -> Result<Self>

Creates an authorization object which has no environment or associated rights.

source

pub fn new( rights: Option<AuthorizationItemSetStorage>, environment: Option<AuthorizationItemSetStorage>, flags: Flags, ) -> Result<Self>

Creates an authorization reference and provides an option to authorize or preauthorize rights.

rights should be the names of the rights you want to create.

environment is used when authorizing or preauthorizing rights. Not used in OS X v10.2 and earlier. In macOS 10.3 and later, you can pass icon or prompt data to be used in the authentication dialog box. In macOS 10.4 and later, you can also pass a user name and password in order to authorize a user without user interaction.

source

pub fn from_external_form( external_form: AuthorizationExternalForm, ) -> Result<Self>

👎Deprecated since 2.0.1: Please use the TryFrom trait instead

Internalizes the external representation of an authorization reference.

source

pub fn destroy_rights(self)

By default the rights acquired will be retained by the Security Server. Use this to ensure they are destroyed and to prevent shared rights’ continued used by other processes.

source

pub fn get_right<T: Into<Vec<u8>>>( name: T, ) -> Result<CFDictionary<CFString, CFTypeRef>>

Retrieve’s the right’s definition as a dictionary. Use right_exists if you want to avoid retrieving the dictionary.

name can be a wildcard right name.

If name isn’t convertable to a CString it will return Err(errSecConversionError).

source

pub fn right_exists<T: Into<Vec<u8>>>(name: T) -> Result<bool>

Checks if a right exists within the policy database. This is the same as get_right, but avoids a dictionary allocation.

If name isn’t convertable to a CString it will return Err(errSecConversionError).

source

pub fn remove_right<T: Into<Vec<u8>>>(&self, name: T) -> Result<()>

Removes a right from the policy database.

name cannot be a wildcard right name.

If name isn’t convertable to a CString it will return Err(errSecConversionError).

source

pub fn set_right<T: Into<Vec<u8>>>( &self, name: T, definition: RightDefinition<'_>, description: Option<&str>, bundle: Option<CFBundleRef>, locale: Option<&str>, ) -> Result<()>

Creates or updates a right entry in the policy database. Your process must have a code signature in order to be able to add rights to the authorization database.

name cannot be a wildcard right.

definition can be either a CFDictionaryRef containing keys defining the rules or a CFStringRef representing the name of another right whose rules you wish to duplicaate.

description is a key which can be used to look up localized descriptions.

bundle will be used to get localizations from if not the main bundle.

localeTableName will be used to get localizations if provided.

If name isn’t convertable to a CString it will return Err(errSecConversionError).

source

pub fn copy_info<T: Into<Vec<u8>>>( &self, tag: Option<T>, ) -> Result<AuthorizationItemSet<'_>>

An authorization plugin can store the results of an authentication operation by calling the SetContextValue function. You can then retrieve this supporting data, such as the user name.

tag should specify the type of data the Security Server should return. If None, all available information is retreieved.

If tag isn’t convertable to a CString it will return Err(errSecConversionError).

source