Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cerbos/cerbos-sdk-rust

Cerbos Rust SDK
https://github.com/cerbos/cerbos-sdk-rust

access-control api-client authorization authz cerbos rust rust-library security

Last synced: about 17 hours ago
JSON representation

Cerbos Rust SDK

Host: GitHub
URL: https://github.com/cerbos/cerbos-sdk-rust
Owner: cerbos
License: apache-2.0
Created: 2022-04-13T14:56:48.000Z (over 2 years ago)
Default Branch: main
Last Pushed: 2024-04-02T06:12:20.000Z (7 months ago)
Last Synced: 2024-04-02T07:30:05.196Z (7 months ago)
Topics: access-control, api-client, authorization, authz, cerbos, rust, rust-library, security
Language: Rust
Homepage: https://cerbos.dev
Size: 236 KB
Stars: 6
Watchers: 5
Forks: 2
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # Cerbos Rust SDK

Rust client library for [Cerbos](https://cerbos.dev): the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.

* [Cerbos website](https://cerbos.dev)

* [Cerbos documentation](https://docs.cerbos.dev)

* [Cerbos GitHub repository](https://github.com/cerbos/cerbos)

* [Cerbos Slack community](http://go.cerbos.io/slack)

## Usage

```

cargo add cerbos

```

The client can be used either asynchronously or synchronously by instantiating `CerbosAsyncClient`

or `CerbosSyncClient` respectively.

```rust

use cerbos::sdk::attr::attr;

use cerbos::sdk::model::{Principal, Resource};

use cerbos::sdk::{CerbosAsyncClient, CerbosClientOptions, CerbosEndpoint, Result};

#[tokio::main]

async fn main() -> Result<()> {

    let opt = CerbosClientOptions::new(CerbosEndpoint::HostPort("localhost", 3593));

    let mut client = CerbosAsyncClient::new(opt).await?;

    let principal = Principal::new("alice", ["employee"])

        .with_policy_version("20210210")

        .with_attributes([

            attr("department", "marketing"),

            attr("geography", "GB"),

            attr("team", "design"),

        ]);

    let resource = Resource::new("XX125", "leave_request")

        .with_policy_version("20210210")

        .with_attributes([

            attr("department", "marketing"),

            attr("geography", "GB"),

            attr("team", "design"),

            attr("owner", "alice"),

            attr("approved", true),

            attr("id", "XX125"),

        ]);

    let resp = client

        .is_allowed("view:public", principal, resource, None)

        .await?;

    println!("Allowed={:?}", resp);

    Ok(())

}

```

## Development

Running tests

```sh

cerbos run --set=storage.disk.directory=resources/store -- cargo test

```