systemprompt-cli 0.14.4

Unified CLI for systemprompt.io AI governance: agent orchestration, MCP governance, analytics, profiles, cloud deploy, and self-hosted operations.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54

//! `admin access-control` subcommand: inspect and promote live RBAC rules.
//!
//! Exposes [`AccessControlCommands`] for exporting the current role rules as a
//! committable YAML baseline and linting the live access-control tables for
//! unknown entities or unreachable rules.

mod export;
mod lint;

use anyhow::Result;
use clap::{Args, Subcommand};

use crate::CliConfig;
use crate::shared::{CommandOutput, render_result};

#[derive(Debug, Clone, Copy, Subcommand)]
pub enum AccessControlCommands {
    #[command(
        about = "Print current role rules as a YAML snippet for promotion to the committed \
                 baseline"
    )]
    ExportYaml(ExportYamlArgs),

    #[command(
        about = "Lint the live access-control tables for unknown entities and unreachable rules; \
                 exits non-zero on findings"
    )]
    Lint(LintArgs),
}

#[derive(Debug, Clone, Copy, Args)]
pub struct ExportYamlArgs;

#[derive(Debug, Clone, Copy, Args)]
pub struct LintArgs;

pub async fn execute(cmd: AccessControlCommands, config: &CliConfig) -> Result<()> {
    match cmd {
        AccessControlCommands::ExportYaml(args) => {
            let result = export::run(args, config).await?;
            render_result(&result);
            Ok(())
        },
        AccessControlCommands::Lint(args) => {
            let (text, exit_nonzero) = lint::run(args, config).await?;
            let result = CommandOutput::text_titled("Access-control lint", text);
            render_result(&result);
            if exit_nonzero {
                anyhow::bail!("access-control lint failed; see report above");
            }
            Ok(())
        },
    }
}