diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-15 16:37:08 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-17 16:30:22 -0600 |
| commit | 45df4d0d9b577fecee798d672695fe24ff57fb1b (patch) | |
| tree | 1b99bf645035b58e0d6db08c7a83521f41f7a75b /vendor/tower-layer/src/layer_fn.rs | |
| parent | f94f79608393d4ab127db63cc41668445ef6b243 (diff) | |
feat: migrate from Cedar to SpiceDB authorization system
This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.
Key changes:
- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization
This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.
Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.
Diffstat (limited to 'vendor/tower-layer/src/layer_fn.rs')
| -rw-r--r-- | vendor/tower-layer/src/layer_fn.rs | 114 |
1 files changed, 0 insertions, 114 deletions
diff --git a/vendor/tower-layer/src/layer_fn.rs b/vendor/tower-layer/src/layer_fn.rs deleted file mode 100644 index 06f6e0e3..00000000 --- a/vendor/tower-layer/src/layer_fn.rs +++ /dev/null @@ -1,114 +0,0 @@ -use super::Layer; -use std::fmt; - -/// Returns a new [`LayerFn`] that implements [`Layer`] by calling the -/// given function. -/// -/// The [`Layer::layer`] method takes a type implementing [`Service`] and -/// returns a different type implementing [`Service`]. In many cases, this can -/// be implemented by a function or a closure. The [`LayerFn`] helper allows -/// writing simple [`Layer`] implementations without needing the boilerplate of -/// a new struct implementing [`Layer`]. -/// -/// # Example -/// ```rust -/// # use tower::Service; -/// # use std::task::{Poll, Context}; -/// # use tower_layer::{Layer, layer_fn}; -/// # use std::fmt; -/// # use std::convert::Infallible; -/// # -/// // A middleware that logs requests before forwarding them to another service -/// pub struct LogService<S> { -/// target: &'static str, -/// service: S, -/// } -/// -/// impl<S, Request> Service<Request> for LogService<S> -/// where -/// S: Service<Request>, -/// Request: fmt::Debug, -/// { -/// type Response = S::Response; -/// type Error = S::Error; -/// type Future = S::Future; -/// -/// fn poll_ready(&mut self, cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> { -/// self.service.poll_ready(cx) -/// } -/// -/// fn call(&mut self, request: Request) -> Self::Future { -/// // Log the request -/// println!("request = {:?}, target = {:?}", request, self.target); -/// -/// self.service.call(request) -/// } -/// } -/// -/// // A `Layer` that wraps services in `LogService` -/// let log_layer = layer_fn(|service| { -/// LogService { -/// service, -/// target: "tower-docs", -/// } -/// }); -/// -/// // An example service. This one uppercases strings -/// let uppercase_service = tower::service_fn(|request: String| async move { -/// Ok::<_, Infallible>(request.to_uppercase()) -/// }); -/// -/// // Wrap our service in a `LogService` so requests are logged. -/// let wrapped_service = log_layer.layer(uppercase_service); -/// ``` -/// -/// [`Service`]: https://docs.rs/tower-service/latest/tower_service/trait.Service.html -/// [`Layer::layer`]: crate::Layer::layer -pub fn layer_fn<T>(f: T) -> LayerFn<T> { - LayerFn { f } -} - -/// A `Layer` implemented by a closure. See the docs for [`layer_fn`] for more details. -#[derive(Clone, Copy)] -pub struct LayerFn<F> { - f: F, -} - -impl<F, S, Out> Layer<S> for LayerFn<F> -where - F: Fn(S) -> Out, -{ - type Service = Out; - - fn layer(&self, inner: S) -> Self::Service { - (self.f)(inner) - } -} - -impl<F> fmt::Debug for LayerFn<F> { - fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - f.debug_struct("LayerFn") - .field("f", &format_args!("{}", std::any::type_name::<F>())) - .finish() - } -} - -#[cfg(test)] -mod tests { - use super::*; - - #[allow(dead_code)] - #[test] - fn layer_fn_has_useful_debug_impl() { - struct WrappedService<S> { - inner: S, - } - let layer = layer_fn(|svc| WrappedService { inner: svc }); - let _svc = layer.layer("foo"); - - assert_eq!( - "LayerFn { f: tower_layer::layer_fn::tests::layer_fn_has_useful_debug_impl::{{closure}} }".to_string(), - format!("{:?}", layer), - ); - } -} |