Struct CapabilityRegistry 

pub struct CapabilityRegistry { /* private fields */ }

Collision-free explicit capability-to-bit registry.

For deployments with more than ~100 distinct named capabilities, the hash-based mapping in NarrowingMatrix::from_capabilities has a non-negligible probability of two different names landing on the same bit (birthday bound over 256 positions). CapabilityRegistry eliminates this risk by assigning bit positions sequentially in registration order — no hashing, no collisions, deterministic.

When to use this

• You have more than ~100 distinct capability names in a single deployment.
• You need a guaranteed bijection between name and bit position.
• You want to audit exactly which bit corresponds to which capability.

Capacity

Each registry holds up to 256 capabilities (the bit-width of a NarrowingMatrix). For larger sets, use multiple registries partitioned by capability domain (e.g. trading.*, portfolio.*, audit.*).

Example

use a1::identity::narrowing::CapabilityRegistry;

let mut registry = CapabilityRegistry::new();
registry.register_all(&["trade.equity", "portfolio.read", "audit.read"]).unwrap();

let parent = registry.build_mask(&["trade.equity", "portfolio.read"]).unwrap();
let child  = registry.build_mask(&["trade.equity"]).unwrap();

assert!(child.is_subset_of(&parent));

Implementations

impl CapabilityRegistry

pub fn new() -> Self

Create an empty registry.

pub fn register(&mut self, name: impl Into<String>) -> Result<u8, A1Error>

Register a single capability name and return its assigned slot index.

If the name is already registered, returns its existing slot without consuming a new slot. Returns an error if the registry is full (256 capabilities already registered).

pub fn register_all<S: AsRef<str>>( &mut self, names: &[S], ) -> Result<(), A1Error>

Register multiple capability names in order.

pub fn build_mask<S: AsRef<str>>( &self, capabilities: &[S], ) -> Result<NarrowingMatrix, A1Error>

Build a NarrowingMatrix from a set of registered capability names.

Returns an error if any name has not been registered. This ensures that only explicitly declared capabilities can appear in a mask — typos are caught at mask-build time rather than silently granting an unexpected bit.

pub fn build_full_mask(&self) -> NarrowingMatrix

Build a full mask covering all registered capabilities.

pub fn slot_of(&self, name: &str) -> Option<u8>

Return the slot index for a registered capability name, if present.

pub fn names_in_order(&self) -> Vec<&str>

Return all registered capability names sorted by their slot index.

pub fn len(&self) -> usize

Number of registered capabilities.

pub fn is_empty(&self) -> bool

Return true if no capabilities have been registered.

Trait Implementations

impl Clone for CapabilityRegistry

fn clone(&self) -> CapabilityRegistry

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for CapabilityRegistry

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for CapabilityRegistry

fn default() -> Self

Returns the “default value” for a type.