Enum UserId

pub enum UserId {
    SystemWide(String),
    Namespace(NamespaceId, String),
}

The ID for a NetHsm user

UserIds are an essential part of the user management for a NetHSM. They come in two types: system-wide and in a namespace.

UserIds for system-wide users only consist of characters in the set [a-z0-9] (e.g. user1) and must be at least one char long.

The UserIds of users in a namespace consist of characters in the set [a-z0-9~] and contain the name of the namespace (see NamespaceId) they are in. These UserIds must be at least three chars long. The ~ character serves as delimiter between the namespace part and the user part (e.g. namespace1~user1).

Variants

SystemWide(String)

A system-wide user

Namespace(NamespaceId, String)

A user in a namespace

Implementations

impl UserId

pub fn new(user_id: String) -> Result<Self, Error>

Creates a new UserId from owned String

The provided string must be in the character set [a-z0-9~] and at least one char long. The ~ character can not be used as the first character and can only occur once.

Errors

Returns an Error if

• the provided string contains an invalid character
• the ~ character is used as the first character
• the ~ character is used more than once

Examples

use nethsm::UserId;

// the UserId of a system-wide user
assert!(UserId::new("user1".to_string()).is_ok());
// the UserId of a namespace user
assert!(UserId::new("namespace1~user1".to_string()).is_ok());

// the input can not contain invalid chars
assert!(UserId::new("user1X".to_string()).is_err());
assert!(UserId::new("user;-".to_string()).is_err());

// the '~' character must be surrounded by other characters and only occur once
assert!(UserId::new("~user1".to_string()).is_err());
assert!(UserId::new("namespace~user~else".to_string()).is_err());

pub fn namespace(&self) -> Option<String>

Returns the namespace of the UserId

Examples

use nethsm::UserId;

// the UserId of a system-wide user
assert_eq!(UserId::new("user1".to_string())?.namespace(), None);
// the UserId of a namespace user
assert_eq!(
    UserId::new("namespace1~user1".to_string())?.namespace(),
    Some("namespace1".to_string())
);

pub fn is_namespaced(&self) -> bool

Returns whether the UserId contains a namespace

Examples

use nethsm::UserId;

// the UserId of a system-wide user
assert_eq!(UserId::new("user1".to_string())?.is_namespaced(), false);
// the UserId of a namespace user
assert_eq!(
    UserId::new("namespace1~user1".to_string())?.is_namespaced(),
    true
);

pub fn validate_namespace_access( &self, support: NamespaceSupport, target: Option<&UserId>, role: Option<&UserRole>, ) -> Result<(), Error>

Validates whether the UserId can be used in a given context

Ensures that UserId can be used in its context (e.g. calls to system-wide or namespace resources) by defining namespace support of the context. Additionally ensures the validity of calls to resources targeting other users (provided by target), which are themselves system-wide or in a namespace. When role is provided, the validity of targeting the UserRole is evaluated.

Errors

This call returns an

• Error::NamespaceTargetMismatch if a user in one namespace tries to target a user in another namespace
• Error::NamespaceRoleInvalid, if a user in a namespace targets a user in the Backup or Metrics role, or if a user not in a namespace targets a namespaced user in the Backup or Metrics role.
• Error::NamespaceSystemWideTarget, if a user in a namespace targets a system-wide user

Trait Implementations

impl Clone for UserId

fn clone(&self) -> UserId

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for UserId

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for UserId

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Display for UserId

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl From<UserId> for String

fn from(value: UserId) -> Self

Converts to this type from the input type.

impl FromStr for UserId

type Err = Error

The associated error which can be returned from parsing.

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a string s to return a value of this type.

impl Hash for UserId

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl PartialEq for UserId

fn eq(&self, other: &UserId) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for UserId

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl TryFrom<&String> for UserId

type Error = Error

The type returned in the event of a conversion error.

fn try_from(value: &String) -> Result<Self, Self::Error>

Performs the conversion.

impl TryFrom<&str> for UserId

type Error = Error

The type returned in the event of a conversion error.

fn try_from(value: &str) -> Result<Self, Self::Error>

Performs the conversion.

impl TryFrom<String> for UserId

type Error = Error

The type returned in the event of a conversion error.

fn try_from(value: String) -> Result<Self, Self::Error>

Performs the conversion.

impl Eq for UserId

impl StructuralPartialEq for UserId