diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-14 16:29:33 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-14 16:29:33 -0600 |
| commit | 0432cfbbb07f234dd2cd294cfe7dfa065b113182 (patch) | |
| tree | cab9f759b7d656dab92eab48694e5924c54b9644 /src/authorization | |
| parent | 5a74d3988d8a029f1c879da709db623611aa545a (diff) | |
| parent | e0b38f6ca22b28a0c4fe4192d642fceb48030737 (diff) | |
Merge branch 'the-spice-must-flow' into 'main'
Add SpiceDB Integration with Service-based Routing
See merge request gitlab-org/software-supply-chain-security/authorization/authzd!9
Diffstat (limited to 'src/authorization')
| -rw-r--r-- | src/authorization/entities.rs | 8 | ||||
| -rw-r--r-- | src/authorization/server.rs | 16 |
2 files changed, 6 insertions, 18 deletions
diff --git a/src/authorization/entities.rs b/src/authorization/entities.rs index ec1a7a1b..050f6f26 100644 --- a/src/authorization/entities.rs +++ b/src/authorization/entities.rs @@ -1,6 +1,10 @@ use crate::gitlab::Api; use serde::Serialize; use std::collections::HashSet; +use std::future::Future; +use std::pin::Pin; + +type BoxFuture<'a, T> = Pin<Box<dyn Future<Output = T> + 'a>>; // Cedar entity structures // Note: We define custom types instead of using cedar_policy::Entity directly because: @@ -102,9 +106,7 @@ impl EntitiesRepository { group_id: u64, entities: &'a mut Vec<CedarEntity>, groups: &'a mut HashSet<u64>, - ) -> std::pin::Pin< - Box<dyn std::future::Future<Output = Result<(), Box<dyn std::error::Error>>> + 'a>, - > { + ) -> BoxFuture<'a, Result<(), Box<dyn std::error::Error>>> { Box::pin(async move { if groups.contains(&group_id) { return Ok(()); diff --git a/src/authorization/server.rs b/src/authorization/server.rs index 90d3edf6..31bf2af8 100644 --- a/src/authorization/server.rs +++ b/src/authorization/server.rs @@ -9,25 +9,11 @@ pub struct Server { impl Server { pub fn new<T: super::Authorizer>(authorizer: T) -> Result<Server, Box<dyn std::error::Error>> { - let (health_reporter, health_service) = tonic_health::server::health_reporter(); - std::mem::drop( - health_reporter.set_service_status("", tonic_health::ServingStatus::Serving), - ); let authorization_service = AuthorizationServer::new(CheckService::new(Arc::new(authorizer))); - let reflection_service = tonic_reflection::server::Builder::configure() - .register_encoded_file_descriptor_set(tonic_health::pb::FILE_DESCRIPTOR_SET) - .register_encoded_file_descriptor_set(include_bytes!( - "../../vendor/envoy-types/src/generated/types.bin" - )) - .build_v1()?; - Ok(Self::new_with(|mut builder| { - builder - .add_service(authorization_service) - .add_service(health_service) - .add_service(reflection_service) + builder.add_service(authorization_service) })) } |