diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-15 16:37:08 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-17 16:30:22 -0600 |
| commit | 45df4d0d9b577fecee798d672695fe24ff57fb1b (patch) | |
| tree | 1b99bf645035b58e0d6db08c7a83521f41f7a75b /vendor/hyper/src/service/http.rs | |
| parent | f94f79608393d4ab127db63cc41668445ef6b243 (diff) | |
feat: migrate from Cedar to SpiceDB authorization system
This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.
Key changes:
- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization
This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.
Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.
Diffstat (limited to 'vendor/hyper/src/service/http.rs')
| -rw-r--r-- | vendor/hyper/src/service/http.rs | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/vendor/hyper/src/service/http.rs b/vendor/hyper/src/service/http.rs deleted file mode 100644 index dd174316..00000000 --- a/vendor/hyper/src/service/http.rs +++ /dev/null @@ -1,52 +0,0 @@ -use std::error::Error as StdError; -use std::future::Future; - -use crate::body::Body; -use crate::service::service::Service; -use crate::{Request, Response}; - -/// An asynchronous function from `Request` to `Response`. -pub trait HttpService<ReqBody>: sealed::Sealed<ReqBody> { - /// The `Body` body of the `http::Response`. - type ResBody: Body; - - /// The error type that can occur within this `Service`. - /// - /// Note: Returning an `Error` to a hyper server will cause the connection - /// to be abruptly aborted. In most cases, it is better to return a `Response` - /// with a 4xx or 5xx status code. - type Error: Into<Box<dyn StdError + Send + Sync>>; - - /// The `Future` returned by this `Service`. - type Future: Future<Output = Result<Response<Self::ResBody>, Self::Error>>; - - #[doc(hidden)] - fn call(&mut self, req: Request<ReqBody>) -> Self::Future; -} - -impl<T, B1, B2> HttpService<B1> for T -where - T: Service<Request<B1>, Response = Response<B2>>, - B2: Body, - T::Error: Into<Box<dyn StdError + Send + Sync>>, -{ - type ResBody = B2; - - type Error = T::Error; - type Future = T::Future; - - fn call(&mut self, req: Request<B1>) -> Self::Future { - Service::call(self, req) - } -} - -impl<T, B1, B2> sealed::Sealed<B1> for T -where - T: Service<Request<B1>, Response = Response<B2>>, - B2: Body, -{ -} - -mod sealed { - pub trait Sealed<T> {} -} |