clawdb 0.1.2

The cognitive database for AI agents — unified memory, semantic retrieval, branching, sync, and governance.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

//! `SessionContext`: the per-request security context threaded through query execution.

use uuid::Uuid;

/// Immutable security context attached to every in-flight request.
#[derive(Debug, Clone)]
pub struct SessionContext {
    /// Session identifier.
    pub session_id: Uuid,
    /// Agent identifier.
    pub agent_id: Uuid,
    /// Opaque bearer token used for guard checks.
    pub token: String,
    /// Role granted for this session.
    pub role: String,
    /// Granted permission scopes.
    pub scopes: Vec<String>,
    /// The task type driving this session (used by guard policy).
    pub task_type: String,
    /// Unix timestamp at which this session expires.
    pub expires_at: i64,
}

impl SessionContext {
    /// Creates an anonymous/system-level session context with no expiry.
    pub fn system() -> Self {
        Self {
            session_id: Uuid::nil(),
            agent_id: Uuid::nil(),
            token: "system".to_string(),
            role: "system".to_string(),
            scopes: vec!["*".to_string()],
            task_type: "system".to_string(),
            expires_at: i64::MAX,
        }
    }

    /// Returns `true` if the session has not yet expired.
    pub fn is_valid(&self) -> bool {
        let now = chrono::Utc::now().timestamp();
        self.expires_at > now
    }

    /// Returns `true` if this session holds the given scope.
    pub fn has_scope(&self, scope: &str) -> bool {
        self.scopes.iter().any(|s| s == "*" || s == scope)
    }
}