aboutsummaryrefslogtreecommitdiff
path: root/crates/secd/src/auth/z
diff options
context:
space:
mode:
Diffstat (limited to 'crates/secd/src/auth/z')
-rw-r--r--crates/secd/src/auth/z/mod.rs23
1 files changed, 17 insertions, 6 deletions
diff --git a/crates/secd/src/auth/z/mod.rs b/crates/secd/src/auth/z/mod.rs
index d663e65..d64f674 100644
--- a/crates/secd/src/auth/z/mod.rs
+++ b/crates/secd/src/auth/z/mod.rs
@@ -32,13 +32,24 @@ impl Authorization for Secd {
Ok(spice.check_permission(r).await?)
}
- async fn expand(&self) -> Result<(), SecdError> {
- todo!()
- }
- async fn read(&self) -> Result<(), SecdError> {
- todo!()
+ async fn check_list_namespaces(
+ &self,
+ ns: &Namespace,
+ subj: &Subject,
+ relation: &Relation,
+ ) -> Result<Vec<Uuid>, SecdError> {
+ let spice = self
+ .spice
+ .clone()
+ .expect("TODO: only supports postgres right now");
+ Ok(spice
+ .lookup_resources(ns, relation, subj)
+ .await?
+ .iter()
+ .map(|e| Uuid::parse_str(e).unwrap())
+ .collect())
}
- async fn watch(&self) -> Result<(), SecdError> {
+ async fn check_list_subjects(&self) -> Result<Vec<i32>, SecdError> {
unimplemented!()
}
async fn write(&self, ts: &[Relationship]) -> Result<(), SecdError> {
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-06 06:46:55 +0000