pnm-cli 0.9.4

CLI Tool for managing a personal Verifiable Trust Agent
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74

//! Dispatch for `pnm acl …`.

use vta_cli_common::commands::acl;
use vta_sdk::client::VtaClient;

use crate::cli::AclCommands;

pub(crate) async fn run(
    client: &VtaClient,
    command: AclCommands,
) -> Result<(), Box<dyn std::error::Error>> {
    match command {
        AclCommands::List { context } => acl::cmd_acl_list(client, context.as_deref()).await,
        AclCommands::Get { did } => acl::cmd_acl_get(client, &did).await,
        AclCommands::Create {
            did,
            role,
            label,
            contexts,
            expires,
            step_up_approver,
            step_up_require,
        } => match resolve_expires_at(expires.as_deref()) {
            Ok(expires_at) => {
                acl::cmd_acl_create(
                    client,
                    did,
                    role,
                    label,
                    contexts,
                    expires_at,
                    step_up_approver,
                    step_up_require,
                )
                .await
            }
            Err(e) => Err(e),
        },
        AclCommands::Update {
            did,
            role,
            label,
            contexts,
            step_up_approver,
            step_up_require,
        } => {
            acl::cmd_acl_update(
                client,
                &did,
                role,
                label,
                contexts,
                step_up_approver,
                step_up_require,
            )
            .await
        }
        AclCommands::Delete { did } => acl::cmd_acl_delete(client, &did).await,
    }
}

/// Resolve an optional `--expires` duration string (e.g. `24h`, `7d`)
/// to an absolute unix-epoch `expires_at`. Matches the error-prefix
/// style used by `contexts::resolve_admin_acl_options` so CLI messages
/// read consistently.
fn resolve_expires_at(expires: Option<&str>) -> Result<Option<u64>, Box<dyn std::error::Error>> {
    match expires {
        Some(s) => Ok(Some(
            vta_cli_common::duration::duration_to_expires_at(s)
                .map_err(|e| format!("--expires: {e}"))?,
        )),
        None => Ok(None),
    }
}