// Copyright 2023 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
use serde::Deserialize;
/// Privilege group for a crate. They are ordered with higher values being
/// higher privilege.
#[derive(Copy, Clone, Debug, Deserialize, Hash, PartialEq, Eq, Ord, PartialOrd)]
#[serde(rename_all = "lowercase")]
pub enum Group {
/// Test-only code (or for tools that don't contribute directly to the
/// shipping product).
Test,
/// Crates that do not satisfy the Rule of Two, and thus must be used from
/// a sandboxed process.
Sandbox,
/// Crates that satisfy the Rule of Two, and can be used without
/// restriction from any process.
Safe,
}
#[derive(Debug)]
pub struct GroupParseError;
impl std::error::Error for GroupParseError {}
impl std::fmt::Display for GroupParseError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> Result<(), std::fmt::Error> {
write!(f, "failed ot parse group, should be one of: safe|sandbox|test")
}
}
#[cfg(test)]
mod test {
use super::*;
#[test]
fn least_privilege() {
assert_eq!(std::cmp::min(Group::Safe, Group::Safe), Group::Safe);
assert_eq!(std::cmp::min(Group::Safe, Group::Sandbox), Group::Sandbox);
assert_eq!(std::cmp::min(Group::Sandbox, Group::Safe), Group::Sandbox);
assert_eq!(std::cmp::min(Group::Safe, Group::Test), Group::Test);
assert_eq!(std::cmp::min(Group::Test, Group::Safe), Group::Test);
assert_eq!(std::cmp::min(Group::Sandbox, Group::Sandbox), Group::Sandbox);
assert_eq!(std::cmp::min(Group::Sandbox, Group::Test), Group::Test);
assert_eq!(std::cmp::min(Group::Test, Group::Sandbox), Group::Test);
assert_eq!(std::cmp::min(Group::Test, Group::Test), Group::Test);
}
}
Codebase Browser
chromium