pnm-cli 0.9.4

CLI Tool for managing a personal Verifiable Trust Agent
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245

//! Dispatch for `pnm webvh …`.

use vta_cli_common::commands::webvh;
use vta_sdk::client::VtaClient;

use crate::cli::WebvhCommands;

pub(crate) async fn run(
    client: &VtaClient,
    command: WebvhCommands,
) -> Result<(), Box<dyn std::error::Error>> {
    match command {
        WebvhCommands::AddServer { id, did, label } => {
            webvh::cmd_webvh_server_add(client, id, did, label).await
        }
        WebvhCommands::ListServers => webvh::cmd_webvh_server_list(client).await,
        WebvhCommands::UpdateServer { id, label } => {
            webvh::cmd_webvh_server_update(client, &id, label).await
        }
        WebvhCommands::RemoveServer { id } => webvh::cmd_webvh_server_remove(client, &id).await,
        WebvhCommands::CreateDid {
            context,
            server,
            did_url,
            path,
            domain,
            label,
            portable,
            mediator_service,
            services,
            pre_rotation,
            did_document,
            did_log,
            no_primary,
            signing_key,
            ka_key,
            template,
            template_context,
            vars,
        } => {
            if server.is_none() && did_url.is_none() {
                Err("either --server or --did-url is required".into())
            } else if server.is_some() && did_url.is_some() {
                Err("--server and --did-url are mutually exclusive".into())
            } else {
                // Default template lookup to the DID's own context so
                // context-local overrides are found before the global
                // fallback.
                let template_context =
                    template_context.or_else(|| template.as_ref().map(|_| context.clone()));
                // Interactive domain prompt: when the caller picked a
                // hosting server but didn't supply `--domain`, list
                // the server's available domains and ask. Non-TTY
                // invocations skip the prompt — the VTA's own
                // resolver runs the caller-default → system-default
                // chain server-side, so an unselected domain is
                // harmless on a single-domain host.
                let domain = if let (Some(srv_id), None) = (server.as_deref(), domain.as_ref()) {
                    prompt_domain_if_interactive(client, srv_id).await?
                } else {
                    domain
                };
                webvh::cmd_webvh_did_create_with_files(
                    client,
                    context,
                    server,
                    did_url,
                    path,
                    domain,
                    label,
                    portable,
                    mediator_service,
                    services,
                    pre_rotation,
                    did_document,
                    did_log,
                    no_primary,
                    signing_key,
                    ka_key,
                    template,
                    template_context,
                    vars,
                )
                .await
            }
        }
        WebvhCommands::EditDid {
            did,
            document,
            options_file,
            pre_rotation,
            ttl,
            watchers,
            no_watchers,
            label,
            no_confirm,
        } => {
            let flags = vta_cli_common::commands::webvh_edit::EditFlags {
                document_file: document,
                options_file,
                pre_rotation,
                ttl,
                watchers,
                no_watchers,
                label,
            };
            webvh::cmd_webvh_did_edit(client, &did, flags, no_confirm).await
        }
        WebvhCommands::RegisterDid {
            did,
            server,
            force,
            domain,
        } => {
            let domain = match domain {
                Some(d) => Some(d),
                None => prompt_domain_if_interactive(client, &server).await?,
            };
            webvh::cmd_webvh_did_register_server(client, &did, &server, force, domain).await
        }
        WebvhCommands::ListDids { context, server } => {
            webvh::cmd_webvh_did_list(client, context.as_deref(), server.as_deref()).await
        }
        WebvhCommands::GetDid { did } => webvh::cmd_webvh_did_get(client, &did).await,
        WebvhCommands::DeleteDid { did } => webvh::cmd_webvh_did_delete(client, &did).await,
        WebvhCommands::DidLog { did, out } => {
            webvh::cmd_webvh_did_log(client.base_url(), &did, out).await
        }
        WebvhCommands::ListDomains { server } => cmd_list_domains(client, &server).await,
    }
}

/// Fetch the server's `/api/me/domains` view and print it as a
/// short table. Used by the dedicated `list-domains` subcommand.
async fn cmd_list_domains(
    client: &VtaClient,
    server_id: &str,
) -> Result<(), Box<dyn std::error::Error>> {
    let domains = client.list_webvh_server_domains(server_id).await?;
    if domains.domains.is_empty() {
        println!(
            "No hosting domains available to this VTA on `{server_id}`. \
             Ask the server's admin to grant your VTA's DID an ACL entry \
             scoped to the domain(s) you need."
        );
        return Ok(());
    }
    println!(
        "Hosting domains on `{server_id}`:{}",
        if let Some(d) = &domains.default {
            format!(" (system default: {d})")
        } else {
            String::new()
        }
    );
    for entry in &domains.domains {
        let default = if entry.default_domain {
            " (default)"
        } else {
            ""
        };
        let status = if entry.status == "disabled" {
            " [disabled]"
        } else {
            ""
        };
        let label = entry
            .label
            .as_ref()
            .map(|l| format!("{l}"))
            .unwrap_or_default();
        println!("  - {}{}{}{}", entry.name, default, status, label);
    }
    Ok(())
}

/// When the caller didn't pass `--domain` but is targeting a
/// specific hosting server, interactively prompt them to pick one of
/// the server's available domains. Returns `Ok(None)` when stdin is
/// not a TTY (CI / scripted use) so the call proceeds with the
/// server's own resolution chain. Network failures and empty domain
/// lists also fall back to `Ok(None)` rather than blocking the
/// operation — the server's `did-management:unknown_domain` error
/// surfaces any real misconfiguration downstream.
async fn prompt_domain_if_interactive(
    client: &VtaClient,
    server_id: &str,
) -> Result<Option<String>, Box<dyn std::error::Error>> {
    use std::io::IsTerminal;
    if !std::io::stdin().is_terminal() {
        return Ok(None);
    }
    let domains = match client.list_webvh_server_domains(server_id).await {
        Ok(d) => d,
        Err(e) => {
            eprintln!(
                "warning: could not list hosting domains on `{server_id}` ({e}); \
                 falling back to the server's default domain."
            );
            return Ok(None);
        }
    };
    if domains.domains.is_empty() {
        return Ok(None);
    }
    if domains.domains.len() == 1 {
        // Single-domain host — no point prompting.
        return Ok(None);
    }
    println!("Available hosting domains on `{server_id}`:");
    for (i, entry) in domains.domains.iter().enumerate() {
        let default = if entry.default_domain {
            " (default)"
        } else {
            ""
        };
        let status = if entry.status == "disabled" {
            " [disabled]"
        } else {
            ""
        };
        println!("  [{}] {}{}{}", i + 1, entry.name, default, status);
    }
    println!("  [0] use server default");
    eprint!(
        "Pick a domain (1..={}, or 0 for default): ",
        domains.domains.len()
    );
    use std::io::Write;
    std::io::stderr().flush().ok();
    let mut line = String::new();
    std::io::stdin().read_line(&mut line)?;
    let trimmed = line.trim();
    if trimmed.is_empty() || trimmed == "0" {
        return Ok(None);
    }
    let idx: usize = trimmed
        .parse()
        .map_err(|_| "invalid selection — enter a number from the list".to_string())?;
    let entry = domains
        .domains
        .get(idx.saturating_sub(1))
        .ok_or_else(|| "selection out of range".to_string())?;
    Ok(Some(entry.name.clone()))
}