Rash v0.1.0 released! https://github.com/pando85/rash
Rash是一种受Ansible工具启发的Declarative Shell脚本语言。
Declarative vs imperative:Imperative: entrypoint.sh
:
#!/bin/bashset -e
REQUIRED_PARAMS="VAULT_URLVAULT_ROLE_IDVAULT_SECRET_IDVAULT_SECRET_PATH"
for required in $REQUIRED_PARAMS ; do [[ -z "${!required}" ]] && echo "$required IS NOT DEFINED" && exit 1done
echo "[$0] Logging into Vault..."VAULT_TOKEN=$(curl -s $VAULT_URL/v1/auth/approle/login \--data '{"role_id": "'$VAULT_ROLE_ID'","secret_id": "'$VAULT_SECRET_ID'"}' \| jq -r .auth.client_token)
echo "[$0] Getting Samuel API key from Vault..."export APP1_API_KEY=$(curl -s -H "X-Vault-Token: $VAULT_TOKEN" \$VAULT_URL/v1/$VAULT_SECRET_PATH | jq -r .data.api_key)
exec "$@"
Declarative: entrypoint.rh
:
#!/bin/rash
- name: Verify input parameters assert: that: - VAULT_URL is defined - VAULT_ROLE_ID is defined - VAULT_SECRET_ID is defined - VAULT_SECRET_PATH is defined
- name: launch docker CMD command: {{ input.args }} transfer_ownership: yes env: APP1_API_KEY: "{{ lookup('vault', env.VAULT_SECRET_PATH ) }}"
Rocket can be compiled on stable Rust 1.45 https://github.com/SergioBenitez/Rocket/issues/19#issuecomment-630650328
Rocket现在可以通过stable Rust 1.45编译了。
Mun v0.2.0 Released https://mun-lang.org/ https://github.com/mun-lang/mun/releases/tag/v0.2.0
Mun是一个通过iteration可以不断创造迭代的嵌入式编程语言。Mun语言诞生的想法来自找到一个可以规避Lua动态脚本语言的弊端有可以在Rust语言里hot-reload(热加载) 新的编程语言。因此,Mun新语言首先不能是Rust语言的竞争对手,同时有可以在Rust语言(或C/C++)宿主语言 中无缝嵌入编程。Mun完全由Rust语言写成,主要的软件包是rust-analyzer和rustc 。主要的特点包括:
新版本更新的功能:
Actix Casbin Middleware https://github.com/casbin-rs/actix-casbin-auth
Casbin 是Rust语言网页构架 actix-web framework的访问控制中间件。
安装(install)
在Cargo.toml添加下面的内容:
actix-casbin-auth = "0.2.0"actix-rt = "1.1.1"actix-web = "2.0.0"
需求(requirement)
Casbin只负责权限管理,因此需要实现Authentication Middleware
来确认用户。因此需要将带有subject(username)
和domain(optional)
信息的actix_casbin_auth::CasbinVals
加在Extension
里。
比如下面的例子:
use std::cell::RefCell;use std::pin::Pin;use std::rc::Rc;use std::task::{Context, Poll};
use actix_service::{Service, Transform};use actix_web::{dev::ServiceRequest, dev::ServiceResponse, Error, HttpMessage};use futures::future::{ok, Future, Ready};
use actix_casbin_auth::CasbinVals;
pub struct FakeAuth;
impl<S: 'static, B> Transform<S> for FakeAuth where S: Service<Request = ServiceRequest, Response = ServiceResponse<B>, Error = Error>, S::Future: 'static, B: 'static,{ type Request = ServiceRequest; type Response = ServiceResponse<B>; type Error = Error; type InitError = (); type Transform = FakeAuthMiddleware<S>; type Future = Ready<Result<Self::Transform, Self::InitError>>;
fn new_transform(&self, service: S) -> Self::Future { ok(FakeAuthMiddleware { service: Rc::new(RefCell::new(service)), }) }}
pub struct FakeAuthMiddleware<S> { service: Rc<RefCell<S>>,}
impl<S, B> Service for FakeAuthMiddleware<S> where S: Service<Request = ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static, S::Future: 'static, B: 'static,{ type Request = ServiceRequest; type Response = ServiceResponse<B>; type Error = Error; type Future = Pin<Box<dyn Future<Output = Result<Self::Response, Self::Error>>>>;
fn poll_ready(&mut self, cx: &mut Context) -> Poll<Result<(), Self::Error>> { self.service.poll_ready(cx) }
fn call(&mut self, req: ServiceRequest) -> Self::Future { let mut svc = self.service.clone();
Box::pin(async move { let vals = CasbinVals { subject: String::from("alice"), domain: None, }; req.extensions_mut().insert(vals); svc.call(req).await }) }}
然后看下面的例子:
use actix_casbin_auth::casbin::function_map::key_match2;use actix_casbin_auth::casbin::{CoreApi, DefaultModel, FileAdapter, Result};use actix_casbin_auth::CasbinService;use actix_web::{web, App, HttpResponse, HttpServer};
#[allow(dead_code)]mod fake_auth;
#[actix_rt::main]async fn main() -> Result<()> { let m = DefaultModel::from_file("examples/rbac_with_pattern_model.conf").await?; let a = FileAdapter::new("examples/rbac_with_pattern_policy.csv"); //You can also use diesel-adapter or sqlx-adapter
let casbin_middleware = CasbinService::new(m, a).await;
casbin_middleware .write() .await .add_matching_fn(key_match2)?;
HttpServer::new(move || { App::new() .wrap(casbin_middleware.clone()) .wrap(FakeAuth) .route("/pen/1", web::get().to(|| HttpResponse::Ok())) .route("/book/{id}", web::get().to(|| HttpResponse::Ok())) }) .bind("127.0.0.1:8080")? .run() .await?;
Ok(())}
--