Struct Context 

pub struct Context {
    pub auth: AuthBlock,
    pub requested_format: ContentType,
    pub backend_manager: Option<Arc<BackendManager>>,
    pub root_directory: Arc<str>,
    pub pubsub_lookup: Option<PubSubLookupFn>,
    /* private fields */
}

Request context. Five typed blocks per ADR-011 plus host-only side fields.

The shape after Wave-3 collapse (2026-05-25):

• WIT-mirrored blocks crossing the ABI: request, lineage, routing (optional), identity (optional — the resolved view).
• Host-side auth state consumed by the dispatch pipeline: auth: AuthBlock holding identity_input (wire-level credential), access (resolved User+Role), and permission (per-request TablePermission cache).
• Host-only side-channel for backend manager, pubsub lookup, parsed JSON body, requested content-type, and rootDirectory.

auth.identity_input is renamed from the old flat auth_identity field to avoid colliding with the WIT-side identity block above (which is the post-auth resolved shape that crosses the ABI).

Clone is implemented manually so the wasm-only LazyBacking field can be reset on clone (the underlying Box<dyn WitContextHandle> isn’t itself Clone). Cloned wasm Contexts inherit eager fields only — host code paths use Clone freely.

Fields

auth: AuthBlock

Host-side authentication/authorization state consumed by the dispatch pipeline.

requested_format: ContentType

Negotiated response content-type (from the Accept header).

backend_manager: Option<Arc<BackendManager>>

Backend manager for table access; None on contexts without storage.

root_directory: Arc<str>

Deployment root directory (rootDirectory), used to resolve on-disk paths.

pubsub_lookup: Option<PubSubLookupFn>

Lookup for a table’s PubSub manager; None when pub/sub is unavailable.

Implementations

impl Context

pub fn from_request( method: Method, path: impl Into<EcoString>, body: Bytes, headers: HeaderMap, ) -> Self

Create a Context from a raw inbound request. Subsequent layers fill in routing (router), identity (auth pipeline), and other side fields.

pub fn placeholder() -> Self

Vacant Context used as a swap target for Tower Service<Context> chains.

pub fn for_service( app_id: Arc<str>, root_directory: Arc<str>, backend_manager: Option<Arc<BackendManager>>, pubsub_lookup: Option<PubSubLookupFn>, ) -> Self

Context for on_ready / queue-worker / scheduled dispatch.

pub fn method(&self) -> &Method

The request HTTP method.

pub fn protocol(&self) -> Protocol

The wire protocol the request arrived on.

pub fn path(&self) -> &str

The request path (app-prefix included).

pub fn body(&self) -> &Bytes

The raw request body bytes.

pub fn headers(&self) -> &HeaderMap

The inbound request headers.

pub const fn routing(&self) -> Option<&Routing>

The routing block, when the router has populated it. None only on raw-request contexts that bypassed the router (e.g. test fixtures, queue-worker dispatch). Most call sites should reach for the flat accessors (app_id(), resource_id(), database(), etc.) instead.

pub const fn query_params_mut(&mut self) -> &mut HashMap<String, String>

Mutable access to the query-param map. Used by routing code that augments the parsed query with synthetic keys (_search, path-extracted values, etc.) before downstream handlers observe it.

pub fn query_params(&self) -> &HashMap<String, String>

The parsed query-param map.

pub fn app_id(&self) -> Arc<str>

Application id from routing, or empty Arc<str> when unrouted.

pub fn resource_id(&self) -> Arc<str>

Resource (table) id from routing, or empty Arc<str> when unrouted.

pub fn path_id(&self) -> &str

Record key from routing, or "" for a collection-level operation.

pub fn is_collection(&self) -> bool

true when this is a collection-level operation (no record key).

pub fn database(&self) -> Arc<str>

Database name. Settled at request-routing time from TableDefinition.database (or the default "data" when the table doesn’t specify). Distinct from app_id — the @database schema directive can point a table at a database shared across apps. Returns empty string when no routing.

pub fn table_name(&self) -> Arc<str>

Table name. For table-backed resources the resource name IS the table name.

pub fn set_method(&mut self, m: Method)

Set the request method.

pub fn set_path(&mut self, p: impl Into<EcoString>)

Set the request path.

pub fn set_body(&mut self, b: Bytes)

Set the request body.

pub fn set_headers(&mut self, h: HeaderMap)

Set the request headers.

pub const fn set_protocol(&mut self, p: Protocol)

Set the wire protocol.

pub fn set_query_params(&mut self, q: HashMap<String, String>)

Replace the parsed query-param map.

pub fn set_app_id(&mut self, app_id: Arc<str>)

Set the routing app id (creating a Routing block if absent).

pub fn set_resource_id(&mut self, resource_id: Arc<str>)

Set the routing resource id (creating a Routing block if absent).

pub fn set_path_id(&mut self, key: impl Into<String>)

Set the routing record key (empty string clears it to collection-level).

pub fn set_is_collection(&mut self, is_coll: bool)

Clear the record key when is_coll is true (makes the op collection-level).

pub fn set_database(&mut self, db: Arc<str>)

Set the database field on the current Routing (creating a Routing block if none exists). Called by the router after it resolves the target table’s @database directive.

pub fn set_table_name(&mut self, name: Arc<str>)

Set the routing table name (aliases the resource id for table-backed resources).

pub fn root_dir(&self) -> &str

Root directory accessor.

pub fn app_id_str(&self) -> &str

Application ID as &str.

pub fn resource_id_str(&self) -> &str

Resource ID as &str — borrow-returning counterpart to resource_id() (which returns an owned Arc<str>).

pub fn pubsub(&self, table_name: &str) -> Option<Arc<PubSubManager>>

PubSub manager for a named table.

pub fn backend(&self, name: &str) -> Option<Arc<dyn KvBackend>>

Raw table backend accessor.

pub fn require_backend(&self, name: &str) -> Result<Arc<dyn KvBackend>>

Raw table backend accessor that errors when missing.

Errors

YetiError::Internal when no backend is attached or registered for name.

pub fn query(&self, name: &str) -> Option<&str>

A named query parameter, or None when absent.

pub fn query_int(&self, name: &str, default: i64) -> i64

A named query parameter parsed as i64, falling back to default.

pub fn query_bool(&self, name: &str, default: bool) -> bool

A named query parameter parsed as a bool (true/1/yes/on), falling back to default.

pub fn table_context(&self) -> (&str, &str)

Get the database and table name as a pair (for permission checks). Database comes from routing.database (settled at routing time from the table’s @database directive); table comes from routing.resource.

pub fn database_str(&self) -> &str

Database name as &str. See Self::database for the full distinction between database and app_id.

pub fn table_name_str(&self) -> &str

Table name as &str. For table-backed resources, the resource name IS the table name.

pub fn json_body(&self) -> Option<&Value>

The request body parsed as JSON — lazily on first call, cached thereafter. None for an empty or non-JSON body. Requests that never read it (e.g. public/super-user writes that skip attribute-level permission checks) never pay the parse. Goes through body() so the wasm lazy backing materializes request first.

pub fn parse_body(&mut self)

Force the lazy Context::json_body parse now. Useful when a later &self reader shouldn’t pay the cost, or to pre-warm the cache. No-op once cached or for an empty body.

pub const fn access(&self) -> &Access

Resolved Access for this request. Defaults to Access::None when unauthenticated.

pub const fn permission(&self) -> &TablePermission

Cached per-request TablePermission decision.

pub const fn auth_identity(&self) -> Option<&AuthIdentity>

Wire-level authentication claim produced by an AuthProvider::authenticate() call. None for unauthenticated requests.

pub fn request_id(&self) -> &str

Request id (UUIDv7) — stamped by the inbound router, propagates through HLC + logs.

pub fn parent_id(&self) -> Option<&str>

Parent request id when this request was triggered by another (e.g. queue worker dispatching a job’s child call).

pub fn correlation_id(&self) -> Option<&str>

Cross-request correlation id (e.g. customer’s X-Correlation-Id header). None when no correlation was passed.

pub fn deployment(&self) -> &str

Deployment hash — identifies the yeti-fabric node that produced this request. Defaults to "local" for single-tenant dev.

pub const fn hlc(&self) -> Hlc

Hybrid Logical Clock stamp at request receipt. Copy, so returned by value.

pub const fn identity(&self) -> Option<&Identity>

Resolved request identity — None for unauthenticated requests or paths that bypass the auth pipeline (public endpoints).

pub fn principal(&self) -> Option<&str>

Convenience: the authenticated principal (username / email / service id) when the request resolved an identity. Equivalent to ctx.identity().and_then(|i| i.principal.as_deref()).

pub fn roles(&self) -> &[String]

Convenience: the authenticated role set, or empty slice when unauthenticated. Always-safe-to-iterate shape; for permission checks prefer Self::permissions which carries the resolved super_user bit + per-resource ops mask.

pub fn permissions(&self) -> Option<&Permissions>

Convenience: the resolved permission bundle (super_user + per-resource op mask). Returns a default-empty Permissions when unauthenticated so call sites can chain .super_user without an outer Option dance.

pub fn auth_method(&self) -> AuthMethod

Convenience: the authentication method (basic / jwt / oauth / api-key / service-token / none).

pub fn set_request_id(&mut self, id: impl Into<String>)

Set the request id.

pub fn set_parent_id(&mut self, parent: Option<String>)

Set the parent request id.

pub fn set_correlation_id(&mut self, c: Option<String>)

Set the cross-request correlation id.

pub fn set_deployment(&mut self, d: impl Into<String>)

Set the deployment hash.

pub const fn set_hlc(&mut self, hlc: Hlc)

Set the HLC stamp.

pub fn set_identity(&mut self, identity: Option<Identity>)

Set the resolved identity block.

pub fn set_routing(&mut self, routing: Option<Routing>)

Set the routing block.

pub fn set_access(&mut self, access: Access)

Set the resolved Access.

pub fn set_permission(&mut self, p: TablePermission)

Set the cached TablePermission decision.

pub fn set_auth_identity(&mut self, id: Option<AuthIdentity>)

Set the wire-level authentication claim.

pub const fn access_mut(&mut self) -> &mut Access

Mutable Access for the auth pipeline’s save/restore pattern: std::mem::take(ctx.access_mut()) swaps in Access::default() so the resolver runs against a clean slate, then restoration writes back via Self::set_access.

pub const fn auth_identity_mut(&mut self) -> &mut Option<AuthIdentity>

Mutable wire-level authentication claim (companion to Self::access_mut for the same save/restore pattern).

Trait Implementations

impl Clone for Context

fn clone(&self) -> Self

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Context

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.