iii-sdk 0.11.0

SDK for III Engine - a platform for building distributed applications
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178

use std::collections::HashMap;

use schemars::JsonSchema;
use serde::{Deserialize, Serialize};
use serde_json::Value;

use crate::protocol::TriggerAction;

/// Input passed to the RBAC auth function during WebSocket upgrade.
///
/// Contains the HTTP headers, query parameters, and client IP from the
/// connecting worker's upgrade request.
#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
pub struct AuthInput {
    /// HTTP headers from the WebSocket upgrade request.
    pub headers: HashMap<String, String>,
    /// Query parameters from the upgrade URL. Each key maps to a vec of values
    /// to support repeated keys (e.g. `?a=1&a=2`).
    pub query_params: HashMap<String, Vec<String>>,
    /// IP address of the connecting client.
    pub ip_address: String,
}

/// Return value from the RBAC auth function.
///
/// Controls which functions the authenticated worker can invoke and what
/// context is forwarded to the middleware.
#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
pub struct AuthResult {
    /// Additional function IDs to allow beyond the `expose_functions` config.
    #[serde(default)]
    pub allowed_functions: Vec<String>,
    /// Function IDs to deny even if they match `expose_functions`.
    /// Takes precedence over allowed.
    #[serde(default)]
    pub forbidden_functions: Vec<String>,
    /// Trigger type IDs the worker may register triggers for.
    /// When `None`, all types are allowed.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub allowed_trigger_types: Option<Vec<String>>,
    /// Whether the worker may register new trigger types.
    #[serde(default = "default_true")]
    pub allow_trigger_type_registration: bool,
    /// Whether the worker may register new functions. Defaults to `true`.
    #[serde(default = "default_true")]
    pub allow_function_registration: bool,
    /// Arbitrary context forwarded to the middleware function on every
    /// invocation.
    #[serde(default = "default_context")]
    pub context: Value,
    /// Optional prefix applied to all function IDs registered by this worker.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub function_registration_prefix: Option<String>,
}

fn default_true() -> bool {
    true
}

fn default_context() -> Value {
    Value::Object(Default::default())
}

/// Input passed to the RBAC middleware function on every function invocation
/// through the RBAC port.
///
/// The middleware can inspect, modify, or reject the call before it reaches
/// the target function.
#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
pub struct MiddlewareFunctionInput {
    /// ID of the function being invoked.
    pub function_id: String,
    /// Payload sent by the caller.
    pub payload: Value,
    /// Routing action, if any.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub action: Option<TriggerAction>,
    /// Auth context returned by the auth function for this session.
    pub context: Value,
}

/// Input passed to the `on_trigger_type_registration_function_id` hook
/// when a worker attempts to register a new trigger type through the RBAC port.
/// Return an [`OnTriggerTypeRegistrationResult`] with the (possibly mapped)
/// fields, or return an error to deny the registration.
#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
pub struct OnTriggerTypeRegistrationInput {
    /// ID of the trigger type being registered.
    pub trigger_type_id: String,
    /// Human-readable description of the trigger type.
    pub description: String,
    /// Auth context from `AuthResult.context` for this session.
    pub context: Value,
}

/// Result returned from the `on_trigger_type_registration_function_id` hook.
/// Omitted fields keep the original value from the registration request.
#[derive(Debug, Clone, Default, Serialize, Deserialize, JsonSchema)]
pub struct OnTriggerTypeRegistrationResult {
    /// Mapped trigger type ID.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub trigger_type_id: Option<String>,
    /// Mapped description.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub description: Option<String>,
}

/// Input passed to the `on_trigger_registration_function_id` hook
/// when a worker attempts to register a trigger through the RBAC port.
/// Return an [`OnTriggerRegistrationResult`] with the (possibly mapped)
/// fields, or return an error to deny the registration.
#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
pub struct OnTriggerRegistrationInput {
    /// ID of the trigger being registered.
    pub trigger_id: String,
    /// Trigger type identifier.
    pub trigger_type: String,
    /// ID of the function this trigger is bound to.
    pub function_id: String,
    /// Trigger-specific configuration.
    pub config: Value,
    /// Arbitrary metadata attached to the trigger.
    #[serde(skip_serializing_if = "Option::is_none")]
    pub metadata: Option<Value>,
    /// Auth context from `AuthResult.context` for this session.
    pub context: Value,
}

/// Result returned from the `on_trigger_registration_function_id` hook.
/// Omitted fields keep the original value from the registration request.
#[derive(Debug, Clone, Default, Serialize, Deserialize, JsonSchema)]
pub struct OnTriggerRegistrationResult {
    /// Mapped trigger ID.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub trigger_id: Option<String>,
    /// Mapped trigger type.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub trigger_type: Option<String>,
    /// Mapped function ID.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub function_id: Option<String>,
    /// Mapped trigger configuration.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub config: Option<Value>,
}

/// Input passed to the `on_function_registration_function_id` hook
/// when a worker attempts to register a function through the RBAC port.
/// Return an [`OnFunctionRegistrationResult`] with the (possibly mapped)
/// fields, or return an error to deny the registration.
#[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)]
pub struct OnFunctionRegistrationInput {
    /// ID of the function being registered.
    pub function_id: String,
    /// Human-readable description of the function.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub description: Option<String>,
    /// Arbitrary metadata attached to the function.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub metadata: Option<Value>,
    /// Auth context from `AuthResult.context` for this session.
    pub context: Value,
}

/// Result returned from the `on_function_registration_function_id` hook.
/// Omitted fields keep the original value from the registration request.
#[derive(Debug, Clone, Default, Serialize, Deserialize, JsonSchema)]
pub struct OnFunctionRegistrationResult {
    /// Mapped function ID.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub function_id: Option<String>,
    /// Mapped description.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub description: Option<String>,
    /// Mapped metadata.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub metadata: Option<Value>,
}