Struct security_framework::authorization::Authorization
source · pub struct Authorization { /* private fields */ }
Expand description
A wrapper around AuthorizationCreate
and functions which operate on an
AuthorizationRef
.
Implementations§
source§impl Authorization
impl Authorization
sourcepub fn default() -> Result<Self>
pub fn default() -> Result<Self>
Creates an authorization object which has no environment or associated rights.
sourcepub fn new(
rights: Option<AuthorizationItemSetStorage>,
environment: Option<AuthorizationItemSetStorage>,
flags: Flags
) -> Result<Self>
pub fn new( rights: Option<AuthorizationItemSetStorage>, environment: Option<AuthorizationItemSetStorage>, flags: Flags ) -> Result<Self>
Creates an authorization reference and provides an option to authorize or preauthorize rights.
rights
should be the names of the rights you want to create.
environment
is used when authorizing or preauthorizing rights. Not
used in OS X v10.2 and earlier. In macOS 10.3 and later, you can pass
icon or prompt data to be used in the authentication dialog box. In
macOS 10.4 and later, you can also pass a user name and password in
order to authorize a user without user interaction.
sourcepub fn from_external_form(
external_form: AuthorizationExternalForm
) -> Result<Self>
👎Deprecated since 2.0.1: Please use the TryFrom trait instead
pub fn from_external_form( external_form: AuthorizationExternalForm ) -> Result<Self>
Internalizes the external representation of an authorization reference.
sourcepub fn destroy_rights(self)
pub fn destroy_rights(self)
By default the rights acquired will be retained by the Security Server. Use this to ensure they are destroyed and to prevent shared rights’ continued used by other processes.
sourcepub fn get_right<T: Into<Vec<u8>>>(
name: T
) -> Result<CFDictionary<CFString, CFTypeRef>>
pub fn get_right<T: Into<Vec<u8>>>( name: T ) -> Result<CFDictionary<CFString, CFTypeRef>>
Retrieve’s the right’s definition as a dictionary. Use right_exists
if you want to avoid retrieving the dictionary.
name
can be a wildcard right name.
If name
isn’t convertable to a CString
it will return
Err(errSecConversionError).
sourcepub fn right_exists<T: Into<Vec<u8>>>(name: T) -> Result<bool>
pub fn right_exists<T: Into<Vec<u8>>>(name: T) -> Result<bool>
Checks if a right exists within the policy database. This is the same as
get_right
, but avoids a dictionary allocation.
If name
isn’t convertable to a CString
it will return
Err(errSecConversionError).
sourcepub fn remove_right<T: Into<Vec<u8>>>(&self, name: T) -> Result<()>
pub fn remove_right<T: Into<Vec<u8>>>(&self, name: T) -> Result<()>
Removes a right from the policy database.
name
cannot be a wildcard right name.
If name
isn’t convertable to a CString
it will return
Err(errSecConversionError).
sourcepub fn set_right<T: Into<Vec<u8>>>(
&self,
name: T,
definition: RightDefinition<'_>,
description: Option<&str>,
bundle: Option<CFBundleRef>,
locale: Option<&str>
) -> Result<()>
pub fn set_right<T: Into<Vec<u8>>>( &self, name: T, definition: RightDefinition<'_>, description: Option<&str>, bundle: Option<CFBundleRef>, locale: Option<&str> ) -> Result<()>
Creates or updates a right entry in the policy database. Your process must have a code signature in order to be able to add rights to the authorization database.
name
cannot be a wildcard right.
definition
can be either a CFDictionaryRef
containing keys defining
the rules or a CFStringRef
representing the name of another right
whose rules you wish to duplicaate.
description
is a key which can be used to look up localized
descriptions.
bundle
will be used to get localizations from if not the main bundle.
localeTableName
will be used to get localizations if provided.
If name
isn’t convertable to a CString
it will return
Err(errSecConversionError).
sourcepub fn copy_info<T: Into<Vec<u8>>>(
&self,
tag: Option<T>
) -> Result<AuthorizationItemSet<'_>>
pub fn copy_info<T: Into<Vec<u8>>>( &self, tag: Option<T> ) -> Result<AuthorizationItemSet<'_>>
An authorization plugin can store the results of an authentication
operation by calling the SetContextValue
function. You can then
retrieve this supporting data, such as the user name.
tag
should specify the type of data the Security Server should return.
If None
, all available information is retreieved.
If tag
isn’t convertable to a CString
it will return
Err(errSecConversionError).
sourcepub fn make_external_form(&self) -> Result<AuthorizationExternalForm>
pub fn make_external_form(&self) -> Result<AuthorizationExternalForm>
Creates an external representation of an authorization reference so that you can transmit it between processes.
sourcepub fn execute_with_privileges<P, S, I>(
&self,
command: P,
arguments: I,
flags: Flags
) -> Result<()>where
P: AsRef<Path>,
I: IntoIterator<Item = S>,
S: AsRef<OsStr>,
pub fn execute_with_privileges<P, S, I>( &self, command: P, arguments: I, flags: Flags ) -> Result<()>where P: AsRef<Path>, I: IntoIterator<Item = S>, S: AsRef<OsStr>,
Runs an executable tool with root privileges. Discards executable’s output
sourcepub fn execute_with_privileges_piped<P, S, I>(
&self,
command: P,
arguments: I,
flags: Flags
) -> Result<File>where
P: AsRef<Path>,
I: IntoIterator<Item = S>,
S: AsRef<OsStr>,
pub fn execute_with_privileges_piped<P, S, I>( &self, command: P, arguments: I, flags: Flags ) -> Result<File>where P: AsRef<Path>, I: IntoIterator<Item = S>, S: AsRef<OsStr>,
Runs an executable tool with root privileges,
and returns a File
handle to its communication pipe