plexus-core 0.5.3

Core infrastructure for Plexus RPC: Activation trait, DynamicHub, schemas
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147

//! `ForwardPolicyRegistry` — per-hub map from callee namespace to the
//! [`ForwardPolicy`] that the framework consults when dispatching across the
//! boundary into that callee.
//!
//! AUTHLANG-3 wires this into the canonical edge-crossing point
//! ([`super::plexus::route_to_child`]). The registry holds
//! `Arc<dyn ForwardPolicy>` keyed by the lowercased callee namespace string
//! (matching the `child_routers` key convention on
//! [`super::plexus::DynamicHub`]). Without an entry, the framework treats the
//! lookup as "no opinion declared" and falls back to
//! [`plexus_auth_core::IdentityOnly`] — the safe default per the spike.
//!
//! AUTHLANG-4 (the `#[plexus::activation(forward_policy = ...)]` macro) is
//! the supported declarative path that populates the registry. Imperative
//! registration is intentionally exposed (via [`Self::register`]) so
//! integration tests and hand-rolled wiring can drive the same code path
//! without going through the macro.
//!
//! # Vocabulary
//!
//! Per AUTHZ-0: `caller` and `callee`, not `parent` and `child`. The
//! existing `ChildRouter` API name is preserved as legacy; the spike's
//! decision to keep that name is documented in
//! `plans/AUTHLANG/AUTHLANG-S01-output.md`.

use plexus_auth_core::ForwardPolicy;
use std::collections::HashMap;
use std::sync::Arc;

/// Registry of [`ForwardPolicy`] implementations keyed by callee namespace.
///
/// `Clone` is cheap: every policy is wrapped in `Arc`, and the underlying
/// `HashMap` clones the key strings + the `Arc` handles. The registry is
/// designed to be built at hub-construction time and read at dispatch time;
/// mutating after the hub is shared across tasks requires going through
/// [`DynamicHub::with_forward_policy`](super::plexus::DynamicHub) at builder
/// time.
///
/// [`DynamicHub::with_forward_policy`]: super::plexus::DynamicHub::with_forward_policy
#[derive(Clone, Default)]
pub struct ForwardPolicyRegistry {
    inner: HashMap<String, Arc<dyn ForwardPolicy>>,
}

impl ForwardPolicyRegistry {
    /// Construct an empty registry.
    pub fn new() -> Self {
        Self {
            inner: HashMap::new(),
        }
    }

    /// Register a policy for a callee namespace.
    ///
    /// The namespace is the same lowercased token used to look up
    /// [`super::plexus::ChildRouter::get_child`] (e.g. `"solar"`,
    /// `"echo"`). If a policy is already registered for the namespace, it
    /// is replaced.
    pub fn register(&mut self, callee_ns: impl Into<String>, policy: Arc<dyn ForwardPolicy>) {
        self.inner.insert(callee_ns.into(), policy);
    }

    /// Look up the policy declared for a callee namespace.
    ///
    /// Returns `None` when no policy is registered; the dispatch path
    /// interprets that as "fall back to [`plexus_auth_core::IdentityOnly`]"
    /// — the spike-pinned safe default.
    pub fn get(&self, callee_ns: &str) -> Option<Arc<dyn ForwardPolicy>> {
        self.inner.get(callee_ns).cloned()
    }

    /// Returns `true` when the registry contains no entries.
    pub fn is_empty(&self) -> bool {
        self.inner.is_empty()
    }

    /// Number of registered policies.
    pub fn len(&self) -> usize {
        self.inner.len()
    }
}

impl std::fmt::Debug for ForwardPolicyRegistry {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        // Avoid printing the trait-object pointer; surface only the keys so
        // logs/snapshots stay deterministic.
        let mut keys: Vec<&String> = self.inner.keys().collect();
        keys.sort();
        f.debug_struct("ForwardPolicyRegistry")
            .field("entries", &keys)
            .finish()
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use plexus_auth_core::{Anonymous, IdentityOnly, PassThrough};

    #[test]
    fn empty_registry_returns_none_for_any_key() {
        let r = ForwardPolicyRegistry::new();
        assert!(r.is_empty());
        assert!(r.get("solar").is_none());
        assert!(r.get("nonexistent").is_none());
    }

    #[test]
    fn register_then_lookup_returns_arc() {
        let mut r = ForwardPolicyRegistry::new();
        r.register("solar", Arc::new(PassThrough));
        r.register("echo", Arc::new(Anonymous));
        assert_eq!(r.len(), 2);
        assert_eq!(r.get("solar").unwrap().name().as_str(), "pass_through");
        assert_eq!(r.get("echo").unwrap().name().as_str(), "anonymous");
        assert!(r.get("missing").is_none());
    }

    #[test]
    fn register_replaces_existing_entry() {
        let mut r = ForwardPolicyRegistry::new();
        r.register("solar", Arc::new(IdentityOnly));
        r.register("solar", Arc::new(PassThrough));
        assert_eq!(r.len(), 1);
        assert_eq!(r.get("solar").unwrap().name().as_str(), "pass_through");
    }

    #[test]
    fn default_is_empty() {
        let r = ForwardPolicyRegistry::default();
        assert!(r.is_empty());
    }

    #[test]
    fn debug_lists_keys_alphabetically() {
        let mut r = ForwardPolicyRegistry::new();
        r.register("solar", Arc::new(PassThrough));
        r.register("echo", Arc::new(Anonymous));
        let dbg = format!("{:?}", r);
        // Keys are sorted in Debug so snapshots are stable.
        assert!(dbg.contains("echo"));
        assert!(dbg.contains("solar"));
        let echo_pos = dbg.find("echo").unwrap();
        let solar_pos = dbg.find("solar").unwrap();
        assert!(echo_pos < solar_pos);
    }
}