- Rust 78.3%
- TypeScript 7.6%
- Python 5.6%
- Shell 3.6%
- HTML 2.7%
- Other 2.2%
|
Alexander Bokovoy
495c291b59
All checks were successful
CI / Rustfmt (pull_request) Successful in 2m14s
CI / Build (pull_request) Successful in 10m35s
CI / Examples (pull_request) Successful in 4m57s
CI / Documentation (pull_request) Successful in 9m5s
CI / Benchmark Smoke Test (pull_request) Successful in 9m57s
CI / Clippy (pull_request) Successful in 10m9s
CI / Test Suite (pull_request) Successful in 13m31s
CI / WASM Build (pull_request) Successful in 25m52s
CI / WASM Tests (pull_request) Successful in 8m3s
CI / Rustfmt (push) Successful in 2m1s
CI / Build (push) Successful in 6m21s
CI / Examples (push) Successful in 4m16s
CI / Documentation (push) Successful in 8m27s
CI / Clippy (push) Successful in 9m30s
CI / Benchmark Smoke Test (push) Successful in 10m0s
CI / Test Suite (push) Successful in 11m56s
CI / WASM Build (push) Successful in 20m16s
CI / WASM Tests (push) Successful in 11m19s
- Remove deprecated wasm32-wasi target from prerequisites
- Replace stale "fastbloom needs verification" caveat with resolved
status (bloom feature disabled for WASM via default-features=false)
- Add missing WASM-compatible dependencies (getrandom, js-sys,
web-sys, console_error_panic_hook) and note feature flags
- Document registerMatcher, getAllRulesJson, and addDimensionAll APIs
in abac-wasm README
- Document "all" wildcard dimension values in rule JSON format
- Document structured error objects ({type, message}) in both
abac-wasm and hbac-wasm READMEs
- Add abacQueue.ts and alertManager.ts to typescript-sensors project
structure listing
- Add abac-wasm and hbac-wasm to introduction.md crate list
- Add WASM examples to getting-started/examples.md
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
|
||
|---|---|---|
| .cargo | feat(abac-wasm): add WebAssembly bindings for ABAC engine | |
| .claude/agents | feat(claude): add agent definitions for project development | |
| .github | ci: add WASM build/test workflow, scripts, and documentation | |
| contrib/release | chore: update CI and release scripts | |
| crates | docs: update documentation to reflect current WASM implementation state | |
| docs | docs: update documentation to reflect current WASM implementation state | |
| fixtures | feat(fixtures): add missing ABAC baselines | |
| scripts | ci: add WASM build/test workflow, scripts, and documentation | |
| .gitignore | feat(claude): add agent definitions for project development | |
| Cargo.toml | feat(hbac-wasm): add WebAssembly bindings for HBAC engine | |
| CHANGELOG.md | docs: update documentation to reflect current implementation state | |
| README.md | docs: update documentation to reflect current implementation state | |
bac-rules
Business Access Control Rules - Rust workspace for FreeIPA-specific access control implementations.
Project: https://codeberg.org/abbra/bac-rules
Documentation
📖 Read the full documentation book (build with mdbook)
Overview
This workspace contains Rust libraries for modeling and evaluating access control systems, with a focus on FreeIPA-specific implementations.
Crates
acls-rs
Algebraically-correct permissions system with RBAC, ABAC, and temporal support. Provides the foundational abstractions for access control.
- Zero runtime dependencies
- Algebraic permission composition
- RBAC and ABAC policy support
- Temporal permissions
hbac-rs
FreeIPA Host-Based Access Control (HBAC) rule evaluation library. Implements FreeIPA's HBAC semantics on top of the acls-rs foundation.
- HBAC rule modeling and evaluation
- Category-based matching (all, specific)
- Group membership support
- Compatible with FreeIPA's pyhbac semantics
abac-rs
Generic Attribute-Based Access Control (ABAC) evaluation engine with high-performance optimization pipeline.
- Arbitrary attribute dimensions (not limited to user/host/service)
- Multi-type attributes (String, Integer, Float, IpAddr, IpCidr, custom)
- Pluggable matchers for custom matching logic
- Bitmap-based deny index and compiled evaluator
See individual crate READMEs for detailed documentation.
Building
# Build all crates
cargo build
# Run tests for all crates
cargo test
# Build specific crate
cargo build --package hbac-rs
# Run examples
cargo run --package hbac-rs --example basic_usage
cargo run --package hbac-rs --example freeipa_simulation
Development
Local CI
Run the complete CI pipeline locally:
# Run all CI jobs
./scripts/local-ci.sh all
# Run specific jobs
./scripts/local-ci.sh build fmt clippy test
# See scripts/README.md for full documentation
Performance Testing
# Run comprehensive benchmark suite
./scripts/bench.sh
# Custom benchmark configuration
./scripts/bench.sh --rules 1000,10000 --scenarios throughput
# Compare performance between commits
./scripts/bench.sh --compare ~/.cache/bac-bench/baseline
# See scripts/README.md for full documentation
License
Licensed under either of:
- Apache License, Version 2.0
- MIT license
at your option.