swarmhive-api-types 0.1.0

SwarmHive HTTP API types: serde DTO + utoipa schema shared by server, CLI, and any future client.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137

use serde::{Deserialize, Serialize};
use utoipa::ToSchema;
use uuid::Uuid;

/// Built-in permission strings per docs/13-rbac.md.
///
/// Wire format is the verb-scoped string (`"release:publish"`); the enum is
/// the strongly-typed representation used in server middleware. New permissions
/// are added by appending a new variant **and** an entry to [`PERMISSIONS`];
/// `as_str` / `all` / `from_wire` derive from that single table.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash, Serialize, Deserialize, ToSchema)]
pub enum PermissionName {
    // System
    #[serde(rename = "system:manage")]
    SystemManage,
    #[serde(rename = "user:manage")]
    UserManage,
    #[serde(rename = "role:manage")]
    RoleManage,
    #[serde(rename = "token:manage")]
    TokenManage,
    #[serde(rename = "storage:manage")]
    StorageManage,
    #[serde(rename = "mail:manage")]
    MailManage,
    #[serde(rename = "auth:manage")]
    AuthManage,
    // App
    #[serde(rename = "app:create")]
    AppCreate,
    #[serde(rename = "app:read")]
    AppRead,
    #[serde(rename = "app:update")]
    AppUpdate,
    #[serde(rename = "app:delete")]
    AppDelete,
    // Release
    #[serde(rename = "release:create")]
    ReleaseCreate,
    #[serde(rename = "release:read")]
    ReleaseRead,
    #[serde(rename = "release:update")]
    ReleaseUpdate,
    #[serde(rename = "release:publish")]
    ReleasePublish,
    #[serde(rename = "release:promote")]
    ReleasePromote,
    #[serde(rename = "release:rollback")]
    ReleaseRollback,
    #[serde(rename = "release:yank")]
    ReleaseYank,
    // Artifact
    #[serde(rename = "artifact:upload")]
    ArtifactUpload,
    #[serde(rename = "artifact:read")]
    ArtifactRead,
    #[serde(rename = "artifact:delete")]
    ArtifactDelete,
    // Analytics
    #[serde(rename = "analytics:read")]
    AnalyticsRead,
    #[serde(rename = "telemetry:read")]
    TelemetryRead,
}

/// Single source of truth: variant ↔ wire string. Order is preserved by
/// [`PermissionName::all`] (seed iteration order).
const PERMISSIONS: &[(PermissionName, &str)] = {
    use PermissionName::*;
    &[
        (SystemManage, "system:manage"),
        (UserManage, "user:manage"),
        (RoleManage, "role:manage"),
        (TokenManage, "token:manage"),
        (StorageManage, "storage:manage"),
        (MailManage, "mail:manage"),
        (AuthManage, "auth:manage"),
        (AppCreate, "app:create"),
        (AppRead, "app:read"),
        (AppUpdate, "app:update"),
        (AppDelete, "app:delete"),
        (ReleaseCreate, "release:create"),
        (ReleaseRead, "release:read"),
        (ReleaseUpdate, "release:update"),
        (ReleasePublish, "release:publish"),
        (ReleasePromote, "release:promote"),
        (ReleaseRollback, "release:rollback"),
        (ReleaseYank, "release:yank"),
        (ArtifactUpload, "artifact:upload"),
        (ArtifactRead, "artifact:read"),
        (ArtifactDelete, "artifact:delete"),
        (AnalyticsRead, "analytics:read"),
        (TelemetryRead, "telemetry:read"),
    ]
};

impl PermissionName {
    /// Wire / DB string representation, e.g. `"release:publish"`.
    pub fn as_str(self) -> &'static str {
        PERMISSIONS
            .iter()
            .find_map(|(p, s)| (*p == self).then_some(*s))
            .expect("PERMISSIONS must enumerate every PermissionName variant")
    }

    /// Every permission as a flat list (used by seed).
    pub fn all() -> impl Iterator<Item = PermissionName> {
        PERMISSIONS.iter().map(|(p, _)| *p)
    }

    /// Total count of built-in permissions.
    pub const fn count() -> usize {
        PERMISSIONS.len()
    }

    /// Parse from the wire string (`"release:publish"` → `ReleasePublish`).
    /// Returns `None` for unknown strings.
    pub fn from_wire(s: &str) -> Option<PermissionName> {
        PERMISSIONS
            .iter()
            .find_map(|(p, name)| (*name == s).then_some(*p))
    }
}

#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, ToSchema)]
pub struct Permission {
    pub id: Uuid,
    pub name: PermissionName,
    pub description: Option<String>,
}

#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, ToSchema)]
pub struct Role {
    pub id: Uuid,
    pub name: String,
    pub description: Option<String>,
}