surrealdb::opt::capabilities

Struct Capabilities

Source 
pub struct Capabilities { /* private fields */ }
Expand description

Capabilities are used to limit what a user can do to the system.

Capabilities are split into 4 categories:

  • Scripting: Whether or not the user can execute scripts
  • Guest access: Whether or not a non-authenticated user can execute queries on the system when authentication is enabled.
  • Functions: Whether or not the user can execute certain functions
  • Network: Whether or not the user can access certain network addresses

Capabilities are configured globally. By default, capabilities are configured as:

  • Scripting: false
  • Guest access: false
  • Functions: All functions are allowed
  • Network: No network address is allowed nor denied, hence all network addresses are denied unless explicitly allowed

The capabilities are defined using allow/deny lists for fine-grained control.

§Filtering functions and net-targets.

The filtering of net targets and functions is done with an allow/deny list. These list can either match everything, nothing or a given list.

By default every function and net-target is disallowed. For a function or net target to be allowed it must match the allow-list and not match the deny-list. This means that if for example a function is both in the allow-list and in the deny-list it will be disallowed.

With the combination of both these lists you can filter subgroups. For example:

Capabilities::none()
    .with_allow_function("http::*")?
    .with_deny_function("http::post")?

Will allow all and only all http::* functions except the function http::post.

Examples:

  • Allow all functions: --allow-funcs
  • Allow all functions except http.*: --allow-funcs --deny-funcs 'http.*'
  • Allow all network addresses except AWS metadata endpoint: --allow-net --deny-net='169.254.169.254'

§Examples

Create a new instance, and allow all capabilities

let capabilities = Capabilities::all();
let config = Config::default().capabilities(capabilities);
let db = Surreal::new::<File>(("temp.db", config)).await?;

Create a new instance, and allow certain functions

let capabilities = Capabilities::default()
    .with_deny_function("http::*")?;
let config = Config::default().capabilities(capabilities);
let db = Surreal::new::<File>(("temp.db", config)).await?;

Implementations§

Source§

impl Capabilities

Source

pub fn new() -> Self

Create a builder with default capabilities enabled.

Default capabilities enables live query notifications and all (non-scripting) functions.

Source

pub fn all() -> Self

Create a builder with all capabilities enabled.

Source

pub fn none() -> Self

Create a builder with all capabilities disabled.

Source

pub fn with_scripting(self, enabled: bool) -> Self

Set whether to enable the embedded javascript scripting runtime.

Source

pub fn with_guest_access(self, enabled: bool) -> Self

Set whether to allow non-authenticated users to execute queries when authentication is enabled.

Source

pub fn with_live_query_notifications(self, enabled: bool) -> Self

Set wether to enable live query notifications.

Source

pub fn allow_all_functions(&mut self) -> &mut Self

Set the allow list to allow all functions

Source

pub fn with_allow_all_functions(self) -> Self

Set the allow list to allow all functions

Source

pub fn deny_all_functions(&mut self) -> &mut Self

Set the deny list to deny all functions

Source

pub fn with_deny_all_function(self) -> Self

Set the deny list to deny all functions

Source

pub fn allow_none_functions(&mut self) -> &mut Self

Set the allow list to allow no function

Source

pub fn with_allow_none_functions(self) -> Self

Set the allow list to allow no function

Source

pub fn deny_none_functions(&mut self) -> &mut Self

Set the deny list to deny no function

Source

pub fn with_deny_none_function(self) -> Self

Set the deny list to deny no function

Source

pub fn allow_function<S: AsRef<str>>( &mut self, func: S, ) -> Result<&mut Self, ParseFuncTargetError>

Add a function to the allow lists

Adding a function to the allow list overwrites previously set allow-all or allow-none filters.

Source

pub fn with_allow_function<S: AsRef<str>>( self, func: S, ) -> Result<Self, ParseFuncTargetError>

Add a function to the allow lists

Adding a function to the allow list overwrites previously set allow-all or allow-none filters.

Source

pub fn deny_function<S: AsRef<str>>( &mut self, func: S, ) -> Result<&mut Self, ParseFuncTargetError>

Add a function to the deny lists

Adding a function to the deny list overwrites previously set deny-all or deny-none filters.

Source

pub fn with_deny_function<S: AsRef<str>>( self, func: S, ) -> Result<Self, ParseFuncTargetError>

Add a function to the deny lists

Adding a function to the deny list overwrites previously set deny-all or deny-none filters.

Source

pub fn allow_all_net_targets(&mut self) -> &mut Self

Set the allow list to allow all net targets

Source

pub fn with_allow_all_net_targets(self) -> Self

Set the allow list to allow all net targets

Source

pub fn deny_all_net_targets(&mut self) -> &mut Self

Set the deny list to deny all net targets

Source

pub fn with_deny_all_net_target(self) -> Self

Set the deny list to deny all net targets

Source

pub fn allow_none_net_targets(&mut self) -> &mut Self

Set the allow list to allow no net targets

Source

pub fn with_allow_none_net_targets(self) -> Self

Set the allow list to allow no net targets

Source

pub fn deny_none_net_targets(&mut self) -> &mut Self

Set the deny list to deny no net targets

Source

pub fn with_deny_none_net_target(self) -> Self

Set the deny list to deny no net targets

Source

pub fn allow_net_target<S: AsRef<str>>( &mut self, func: S, ) -> Result<&mut Self, ParseNetTargetError>

Add a net target to the allow lists

Adding a net target to the allow list overwrites previously set allow-all or allow-none filters.

Source

pub fn with_allow_net_target<S: AsRef<str>>( self, func: S, ) -> Result<Self, ParseNetTargetError>

Add a net target to the allow lists

Adding a net target to the allow list overwrites previously set allow-all or allow-none filters.

Source

pub fn deny_net_target<S: AsRef<str>>( &mut self, func: S, ) -> Result<&mut Self, ParseNetTargetError>

Add a net target to the deny lists

Adding a net target to the deny list overwrites previously set deny-all or deny-none filters.

Source

pub fn with_deny_net_target<S: AsRef<str>>( self, func: S, ) -> Result<Self, ParseNetTargetError>

Add a net target to the deny lists

Adding a net target to the deny list overwrites previously set deny-all or deny-none filters.

Trait Implementations§

Source§

impl Clone for Capabilities

Source§

fn clone(&self) -> Capabilities

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Capabilities

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for Capabilities

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<G1, G2> Within<G2> for G1
where G2: Contains<G1>,

Source§

fn is_within(&self, b: &G2) -> bool

Source§

impl<G1, G2> Within<G2> for G1
where G2: Contains<G1>,

Source§

fn is_within(&self, b: &G2) -> bool

Source§

impl<T> ParallelSend for T
where T: Send,