src/sys/component_manager/src/model/routing/router_ext.rs - fuchsia - Git at Google

 // Copyright 2024 The Fuchsia Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 use crate::model::routing::router::Request;
 use crate::model::routing::router::Routable;
 use crate::model::routing::router::Router;

 use crate::capability::CapabilitySource;
 use ::routing::{error::RoutingError, policy::GlobalPolicyChecker};
 use async_trait::async_trait;
 use bedrock_error::BedrockError;
 use sandbox::Capability;

 /// A trait to add functions to Router that know about the component manager
 /// types.
 pub trait RouterExt {
     /// Returns a router that ensures the capability request is allowed by the
     /// policy in [`GlobalPolicyChecker`].
     fn with_policy_check(
         self,
         capability_source: CapabilitySource,
         policy_checker: GlobalPolicyChecker,
     ) -> Self;
 }

 impl RouterExt for Router {
     fn with_policy_check(
         self,
         capability_source: CapabilitySource,
         policy_checker: GlobalPolicyChecker,
     ) -> Self {
         Router::new(PolicyCheckRouter::new(capability_source, policy_checker, self))
     }
 }

 pub struct PolicyCheckRouter {
     capability_source: CapabilitySource,
     policy_checker: GlobalPolicyChecker,
     router: Router,
 }

 impl PolicyCheckRouter {
     pub fn new(
         capability_source: CapabilitySource,
         policy_checker: GlobalPolicyChecker,
         router: Router,
     ) -> Self {
         PolicyCheckRouter { capability_source, policy_checker, router }
     }
 }

 #[async_trait]
 impl Routable for PolicyCheckRouter {
     async fn route(&self, request: Request) -> Result<Capability, BedrockError> {
         match self
             .policy_checker
             .can_route_capability(&self.capability_source, &request.target.moniker)
         {
             Ok(()) => self.router.route(request).await,
             Err(policy_error) => Err(RoutingError::PolicyError(policy_error).into()),
         }
     }
 }
	// Copyright 2024 The Fuchsia Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	use crate::model::routing::router::Request;
	use crate::model::routing::router::Routable;
	use crate::model::routing::router::Router;

	use crate::capability::CapabilitySource;
	use ::routing::{error::RoutingError, policy::GlobalPolicyChecker};
	use async_trait::async_trait;
	use bedrock_error::BedrockError;
	use sandbox::Capability;

	/// A trait to add functions to Router that know about the component manager
	/// types.
	pub trait RouterExt {
	/// Returns a router that ensures the capability request is allowed by the
	/// policy in [`GlobalPolicyChecker`].
	fn with_policy_check(
	self,
	capability_source: CapabilitySource,
	policy_checker: GlobalPolicyChecker,
	) -> Self;
	}

	impl RouterExt for Router {
	fn with_policy_check(
	self,
	capability_source: CapabilitySource,
	policy_checker: GlobalPolicyChecker,
	) -> Self {
	Router::new(PolicyCheckRouter::new(capability_source, policy_checker, self))
	}
	}

	pub struct PolicyCheckRouter {
	capability_source: CapabilitySource,
	policy_checker: GlobalPolicyChecker,
	router: Router,
	}

	impl PolicyCheckRouter {
	pub fn new(
	capability_source: CapabilitySource,
	policy_checker: GlobalPolicyChecker,
	router: Router,
	) -> Self {
	PolicyCheckRouter { capability_source, policy_checker, router }
	}
	}

	#[async_trait]
	impl Routable for PolicyCheckRouter {
	async fn route(&self, request: Request) -> Result<Capability, BedrockError> {
	match self
	.policy_checker
	.can_route_capability(&self.capability_source, &request.target.moniker)
	{
	Ok(()) => self.router.route(request).await,
	Err(policy_error) => Err(RoutingError::PolicyError(policy_error).into()),
	}
	}
	}