Skip to main content

MemoryAuthority

Struct MemoryAuthority 

Source
pub struct MemoryAuthority { /* private fields */ }

Implementations§

Source§

impl MemoryAuthority

Source

pub async fn append( &self, permit: AuthorityPermit, caller_idempotency_key: String, namespace: String, content: String, source: Option<String>, ) -> Result<AuthorityReceiptV1, MemoryError>

Append a new fact and start a new authority lineage.

Source

pub async fn append_with_metadata( &self, permit: AuthorityPermit, caller_idempotency_key: String, namespace: String, content: String, source: Option<String>, metadata: Option<Value>, ) -> Result<AuthorityReceiptV1, MemoryError>

Append a new governed fact with caller metadata atomically bound to the fact row, authority lineage, journal entry, and idempotency payload.

Caller metadata must be a JSON object. Reserved authority metadata is always generated by this authority boundary and cannot be caller-set.

Source

pub async fn supersede( &self, permit: AuthorityPermit, caller_idempotency_key: String, target_fact_id: String, content: String, source: Option<String>, ) -> Result<AuthorityReceiptV1, MemoryError>

Append a replacement fact and supersede the current lineage head.

Source

pub async fn redact( &self, permit: AuthorityPermit, caller_idempotency_key: String, target_fact_id: String, reason: String, ) -> Result<AuthorityReceiptV1, MemoryError>

Append a redaction tombstone and make it the current lineage head.

Source

pub async fn forget( &self, permit: AuthorityPermit, caller_idempotency_key: String, request: ForgettingClosureRequestV1, ) -> Result<ForgettingClosureReceiptV1, MemoryError>

Forget a canonical fact and every accessible derived artifact in one transaction.

Source

pub async fn forget_governed( &self, permit: AuthorityPermit, caller_idempotency_key: String, request: ForgettingClosureRequestV1, access: GovernedAccessRequestV1, ) -> Result<ForgettingClosureReceiptV1, MemoryError>

Governed forgetting validates every root against the same policy evaluator before the closure planner can inspect or invalidate it. Administrative authority is an explicit, time-bounded elevation rather than an implicit consequence of a write permit.

Source

pub async fn verify_and_commit( &self, permit: AuthorityPermit, caller_idempotency_key: String, candidate: MemoryTransitionCandidateV1, ) -> Result<MemoryTransitionOutcomeV1, MemoryError>

Deterministically verify a source-grounded candidate immediately before authority commit.

Failed verification is durably quarantined and never invokes canonical mutation. A passing verification, its immutable evidence, and the existing authority mutation commit in one SQLite transaction.

Source

pub async fn get_transition_by_idempotency_key( &self, caller_idempotency_key: &str, ) -> Result<Option<MemoryTransitionRecordV1>, MemoryError>

Inspect a committed or quarantined transition by caller idempotency key.

Source

pub async fn get_forgetting_receipt_by_idempotency_key( &self, caller_idempotency_key: &str, ) -> Result<Option<ForgettingClosureReceiptV1>, MemoryError>

Load an immutable selective-forgetting receipt by caller idempotency key.

Source

pub async fn get_receipt_by_operation_id( &self, operation_id: &str, ) -> Result<Option<AuthorityReceiptV1>, MemoryError>

Find a committed authority receipt by operation identity.

Source

pub async fn get_receipt_by_idempotency_key( &self, caller_idempotency_key: &str, ) -> Result<Option<AuthorityReceiptV1>, MemoryError>

Find a committed authority receipt by the caller’s idempotency key.

Source

pub async fn get_origin_authority( &self, fact_id: &str, ) -> Result<Option<OriginAuthorityRecordV1>, MemoryError>

Load the immutable write-time origin label for a canonical fact.

Source

pub async fn get_fact_governed( &self, fact_id: &str, request: GovernedAccessRequestV1, ) -> Result<GovernedFactAccessV1, MemoryError>

Direct-ID governed recall. Content is never returned when the decision denies access.

Source

pub async fn export_fact_governed( &self, fact_id: &str, request: GovernedAccessRequestV1, ) -> Result<GovernedFactAccessV1, MemoryError>

Governed export uses the same decision path as direct recall.

Source

pub async fn search_governed( &self, query: &str, top_k: Option<usize>, request: GovernedAccessRequestV1, ) -> Result<GovernedSearchResponseV1, MemoryError>

Governed hybrid search filters every result after cache retrieval, preventing cache bypass.

Source

pub async fn current_state(&self) -> Result<AuthorityStateV1, MemoryError>

Read the current authority snapshot and retrieval epoch for cache validation.

Source

pub async fn search_governed_with_view( &self, query: &str, top_k: Option<usize>, request: GovernedAccessRequestV1, view: StateView, ) -> Result<GovernedSearchResponseV1, MemoryError>

Governed current or historical search. The candidate source is intentionally irrelevant: every returned row is passed through the same canonical evaluator used by direct access.

Source

pub async fn list_facts_governed( &self, request: GovernedAccessRequestV1, limit: usize, offset: usize, view: StateView, ) -> Result<GovernedFactListResponseV1, MemoryError>

Governed enumeration applies the same direct-ID policy check to every listed fact.

Source

pub async fn resolve_memory_governed( &self, query: &str, top_k: Option<usize>, request: GovernedAccessRequestV1, mode: StateResolutionMode, budget: usize, ) -> Result<GovernedStateResolutionResponseV1, MemoryError>

State resolution is candidate generation only; this wrapper removes denied assertions before an answer can leave the crate, including historical state views and cache-backed searches. The resolution receipt remains an audit record, not a content channel.

Source

pub async fn list_graph_edges_for_node_governed( &self, node_id: &str, request: GovernedAccessRequestV1, ) -> Result<GovernedGraphResponseV1, MemoryError>

Governed graph traversal authorizes every fact endpoint before returning an edge.

Source

pub async fn replay_search_receipt_governed( &self, receipt_id: &str, query: &str, top_k: Option<usize>, request: GovernedAccessRequestV1, ) -> Result<GovernedReplayResponseV1, MemoryError>

Replay a durable receipt, then authorize every replay result for the current caller.

Source

pub async fn revoke_origin( &self, permit: AuthorityPermit, caller_idempotency_key: String, fact_id: &str, revocation_reference: String, ) -> Result<OriginAuthorityDecisionV1, MemoryError>

Append an origin revocation without mutating the immutable write-time label.

Trait Implementations§

Source§

impl Clone for MemoryAuthority

Source§

fn clone(&self) -> MemoryAuthority

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more