Skip to main content

AdminRequestKind

astrid_types::kernel

Enum AdminRequestKind 

Source 
pub enum AdminRequestKind {

Show 14 variants    AgentCreate {
        name: String,
        groups: Vec<String>,
        grants: Vec<String>,
    },
    AgentDelete {
        principal: PrincipalId,
    },
    AgentEnable {
        principal: PrincipalId,
    },
    AgentDisable {
        principal: PrincipalId,
    },
    AgentList,
    AgentModify {
        principal: PrincipalId,
        add_groups: Vec<String>,
        remove_groups: Vec<String>,
    },
    QuotaSet {
        principal: PrincipalId,
        quotas: Quotas,
    },
    QuotaGet {
        principal: PrincipalId,
    },
    GroupCreate {
        name: String,
        capabilities: Vec<String>,
        description: Option<String>,
        unsafe_admin: bool,
    },
    GroupDelete {
        name: String,
    },
    GroupModify {
        name: String,
        capabilities: Option<Vec<String>>,
        description: Option<Option<String>>,
        unsafe_admin: Option<bool>,
    },
    GroupList,
    CapsGrant {
        principal: PrincipalId,
        capabilities: Vec<String>,
        unsafe_admin: bool,
    },
    CapsRevoke {
        principal: PrincipalId,
        capabilities: Vec<String>,
    },

}
Expand description

Typed admin request body — flattened into AdminKernelRequest on the wire as { "method": "...", "params": {...} }.

Every variant is gated by the Layer 5 capability-enforcement preamble through a sibling of required_capability — see required_capability_for_admin_request for the exact mapping. Mutating variants are serialized through the kernel’s admin write lock so concurrent callers cannot interleave on groups.toml / profile.toml.

Variants§

§

AgentCreate

Create a new agent identity. name must pass PrincipalId::new. Defaults to the built-in agent group when groups is empty.

Fields

§name: String

Human-readable name and principal identifier for the new agent.

§groups: Vec<String>

Group memberships for the new principal; empty → ["agent"].

§grants: Vec<String>

Per-principal capability grants beyond group inheritance.

§

AgentDelete

Delete an existing agent identity. The default principal is rejected unconditionally. The principal’s home directory is NOT scrubbed — reclamation is an ops concern.

Fields

§principal: PrincipalId

Principal to delete.

§

AgentEnable

Set enabled = true on the target principal’s profile.

Fields

§principal: PrincipalId

Principal to enable.

§

AgentDisable

Set enabled = false on the target principal’s profile. In-flight invocations finish under the old value; new invocations are refused.

Fields

§principal: PrincipalId

Principal to disable.

§

AgentList

List every agent principal with a profile on disk.

§

AgentModify

Partial-update an existing agent’s group memberships. Built-in group names (admin, agent, restricted) and custom groups loaded from groups.toml are both accepted as identifiers; validation that the named groups exist happens at the new profile’s validate step. Mutations are idempotent — adding an already-present group or removing an absent one is a no-op.

Fields

§principal: PrincipalId

Principal to modify.

§add_groups: Vec<String>

Groups to add (idempotent).

§remove_groups: Vec<String>

Groups to remove (idempotent — missing entries are no-ops). Removing the last group leaves the agent in zero groups, which the agent built-in does NOT auto-restore; operators who want a baseline should add agent explicitly.

§

QuotaSet

Replace the target principal’s Quotas block. Values are validated before the atomic profile write.

Fields

§principal: PrincipalId

Principal whose quotas are being set.

§quotas: Quotas

Replacement quota values.

§

QuotaGet

Read the target principal’s current Quotas block.

Fields

§principal: PrincipalId

Principal whose quotas are being read.

§

GroupCreate

Create a custom group, validated through the same rules the boot loader applies to groups.toml.

Fields

§name: String

Name of the new custom group.

§capabilities: Vec<String>

Capability patterns conferred by the new group.

§description: Option<String>

Human-readable description.

§unsafe_admin: bool

Required when capabilities contains the universal * pattern.

§

GroupDelete

Remove a custom group. Built-in groups (admin, agent, restricted) are rejected.

Fields

§name: String

Name of the group to remove.

§

GroupModify

Partial-update a custom group. Every provided field replaces the corresponding field on the existing group. Built-ins are rejected.

Fields

§name: String

Name of the group to modify.

§capabilities: Option<Vec<String>>

New capability patterns, if changing.

§description: Option<Option<String>>

New description, if changing. Outer None = keep, inner None = clear.

§unsafe_admin: Option<bool>

New unsafe_admin flag, if changing.

§

GroupList

List every group (built-in + custom) with its capability set.

§

CapsGrant

Append capability patterns to the principal’s grants vec. Does NOT clear matching revokes — revoke precedence is preserved.

Fields

§principal: PrincipalId

Principal receiving the grants.

§capabilities: Vec<String>

Capability patterns to add.

§unsafe_admin: bool

Required when capabilities contains the universal * pattern. Mirrors the unsafe_admin rail on Self::GroupCreate / Self::GroupModify so an individual grant cannot escalate a principal to universal admin without an explicit acknowledgement.

§

CapsRevoke

Append capability patterns to the principal’s revokes vec. Safe to call on caps the principal does not currently hold (pre-emptive revoke).

Fields

§principal: PrincipalId

Principal losing the capabilities.

§capabilities: Vec<String>

Capability patterns to revoke.

Trait Implementations§

Source§

impl Clone for AdminRequestKind

Source§

fn clone(&self) -> AdminRequestKind

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AdminRequestKind

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for AdminRequestKind

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl From<AdminRequestKind> for AdminKernelRequest

Source§

fn from(kind: AdminRequestKind) -> Self

Converts to this type from the input type.
Source§

impl Serialize for AdminRequestKind

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,