The #2 gap in alknet-call: discovers the remote peer's External operations via services/list + services/schema and registers them in the connection's Layer 2 overlay as FromCall-provenance leaves with forwarding handlers. The discovery mechanism was already implemented in registry/discovery.rs; from_call is the client-side consumer of that API. src/client/from_call.rs: - from_call(connection, FromCallConfig) -> Result<Vec<HandlerRegistration>, AdapterError>. Calls services/list then services/schema for each op, rebuilds OperationSpec from the schema JSON (parsing op_type, visibility, error_schemas, access_control), constructs a forwarding handler that calls the remote op via CallConnection::call(), and returns FromCall-provenance bundles (composition_authority: None, scoped_env: None, empty capabilities, remote_safe: false per ADR-028 §4). - FromCallConfig { namespace_prefix: Option<String>, operation_filter: Option<HashSet<String>> } with builder methods. - v1 defaults (two-way doors recorded in client-and-adapters.md): - error-on-collision (DC-3/OQ-28): applying the (possibly empty) prefix produces a name already seen -> AdapterError::Conflict, not silent overwrite. - auto-on-reconnect (DC-2/OQ-27): the overlay is per-connection (Layer 2, ADR-024), so re-import on reconnect is naturally scoped; the assembly layer calls from_call immediately after connect(). - Forwarding handler captures an Arc<CallConnection> and, on invocation, calls the remote op and returns its ResponseEnvelope. The parent_request_id participates in the cross-node abort cascade (ADR-016 §6) — if the parent is aborted, the cascade reaches this handler which sends call.aborted to the remote node; cross-node abort is transparent. - Trust is transitive (recorded in spec): a from_call-imported op executes the remote node's code; scoped_env bounds which ops are reachable, not what they do. OperationContext.internal is now pub (was pub(crate)) so downstream consumers (assembly layer, integration tests) can construct contexts for overlay-env dispatch. Tests (207 lib + 2 integration): - Unit: rebuild_spec name/prefix/op_type/visibility/error_schemas/acl; unknown op_type -> SchemaParse; missing op_type -> SchemaParse; FromCallConfig builder; from_call against a mock connection returns DiscoveryFailed (no transport); FromCall provenance + leaf fields + remote_safe false. - Integration (tests/two_node_call.rs): from_call over a real QUIC loopback — CallClient connects, from_call discovers server/echo, registers the bundle in the overlay, and the forwarding handler round-trips an input through the overlay env to the remote op and back. clippy + fmt + test all green. Refs: tasks/call/client/from-call.md Refs: docs/architecture/decisions/017-call-protocol-client-and-adapter-contract.md §3, §6 Refs: docs/architecture/crates/call/client-and-adapters.md §from_call
179 lines
4.5 KiB
Rust
179 lines
4.5 KiB
Rust
use std::collections::{HashMap, HashSet};
|
|
use std::sync::Arc;
|
|
use std::time::Instant;
|
|
|
|
use alknet_core::auth::Identity;
|
|
use alknet_core::types::Capabilities;
|
|
use serde_json::Value;
|
|
|
|
use super::env::OperationEnv;
|
|
|
|
pub struct OperationContext {
|
|
pub request_id: String,
|
|
pub parent_request_id: Option<String>,
|
|
pub identity: Option<Identity>,
|
|
pub handler_identity: Option<CompositionAuthority>,
|
|
pub capabilities: Capabilities,
|
|
pub metadata: HashMap<String, Value>,
|
|
pub scoped_env: ScopedOperationEnv,
|
|
pub env: Arc<dyn OperationEnv + Send + Sync>,
|
|
pub abort_policy: AbortPolicy,
|
|
pub deadline: Option<Instant>,
|
|
pub internal: bool,
|
|
}
|
|
|
|
impl OperationContext {
|
|
pub fn is_internal(&self) -> bool {
|
|
self.internal
|
|
}
|
|
}
|
|
|
|
#[derive(Debug, Clone, Copy, PartialEq, Eq, Default)]
|
|
pub enum AbortPolicy {
|
|
#[default]
|
|
AbortDependents,
|
|
ContinueRunning,
|
|
}
|
|
|
|
#[derive(Debug, Clone)]
|
|
pub struct CompositionAuthority {
|
|
pub label: String,
|
|
pub scopes: Vec<String>,
|
|
pub resources: HashMap<String, Vec<String>>,
|
|
}
|
|
|
|
impl CompositionAuthority {
|
|
pub fn none() -> Option<Self> {
|
|
None
|
|
}
|
|
|
|
pub fn new(label: &str, scopes: impl IntoIterator<Item = String>) -> Self {
|
|
Self {
|
|
label: label.to_string(),
|
|
scopes: scopes.into_iter().collect(),
|
|
resources: HashMap::new(),
|
|
}
|
|
}
|
|
|
|
pub fn as_identity(&self) -> Option<Identity> {
|
|
Some(Identity {
|
|
id: self.label.clone(),
|
|
scopes: self.scopes.clone(),
|
|
resources: self.resources.clone(),
|
|
})
|
|
}
|
|
}
|
|
|
|
#[derive(Debug, Clone)]
|
|
pub struct ScopedOperationEnv {
|
|
allowed: HashSet<String>,
|
|
}
|
|
|
|
impl ScopedOperationEnv {
|
|
pub fn empty() -> Self {
|
|
Self {
|
|
allowed: HashSet::new(),
|
|
}
|
|
}
|
|
|
|
pub fn new(ops: impl IntoIterator<Item = impl Into<String>>) -> Self {
|
|
Self {
|
|
allowed: ops.into_iter().map(|s| s.into()).collect(),
|
|
}
|
|
}
|
|
|
|
pub fn allows(&self, name: &str) -> bool {
|
|
self.allowed.contains(name)
|
|
}
|
|
}
|
|
|
|
impl Default for ScopedOperationEnv {
|
|
fn default() -> Self {
|
|
Self::empty()
|
|
}
|
|
}
|
|
|
|
#[allow(dead_code)]
|
|
pub(crate) fn generate_request_id() -> String {
|
|
uuid::Uuid::new_v4().to_string()
|
|
}
|
|
|
|
#[cfg(test)]
|
|
mod tests {
|
|
use super::*;
|
|
|
|
#[test]
|
|
fn scoped_env_allows_in_set() {
|
|
let env = ScopedOperationEnv::new(["fs/readFile", "agent/chat"]);
|
|
assert!(env.allows("fs/readFile"));
|
|
assert!(env.allows("agent/chat"));
|
|
}
|
|
|
|
#[test]
|
|
fn scoped_env_disallows_not_in_set() {
|
|
let env = ScopedOperationEnv::new(["fs/readFile"]);
|
|
assert!(!env.allows("agent/chat"));
|
|
assert!(!env.allows(""));
|
|
}
|
|
|
|
#[test]
|
|
fn scoped_env_empty_allows_nothing() {
|
|
let env = ScopedOperationEnv::empty();
|
|
assert!(!env.allows("fs/readFile"));
|
|
}
|
|
|
|
#[test]
|
|
fn composition_authority_as_identity_correct() {
|
|
let mut resources = HashMap::new();
|
|
resources.insert("service".to_string(), vec!["vastai".to_string()]);
|
|
let authority = CompositionAuthority {
|
|
label: "agent-chat".to_string(),
|
|
scopes: vec!["llm:call".to_string(), "fs:read".to_string()],
|
|
resources,
|
|
};
|
|
let identity = authority.as_identity().expect("as_identity returns Some");
|
|
assert_eq!(identity.id, "agent-chat");
|
|
assert_eq!(
|
|
identity.scopes,
|
|
vec!["llm:call".to_string(), "fs:read".to_string()]
|
|
);
|
|
assert_eq!(
|
|
identity.resources.get("service"),
|
|
Some(&vec!["vastai".to_string()])
|
|
);
|
|
}
|
|
|
|
#[test]
|
|
fn composition_authority_new_populates_label_and_scopes() {
|
|
let authority = CompositionAuthority::new(
|
|
"agent-chat",
|
|
["llm:call".to_string(), "fs:read".to_string()],
|
|
);
|
|
assert_eq!(authority.label, "agent-chat");
|
|
assert_eq!(
|
|
authority.scopes,
|
|
vec!["llm:call".to_string(), "fs:read".to_string()]
|
|
);
|
|
assert!(authority.resources.is_empty());
|
|
}
|
|
|
|
#[test]
|
|
fn composition_authority_none_is_none() {
|
|
assert!(CompositionAuthority::none().is_none());
|
|
}
|
|
|
|
#[test]
|
|
fn abort_policy_default_is_abort_dependents() {
|
|
let policy = AbortPolicy::default();
|
|
assert!(matches!(policy, AbortPolicy::AbortDependents));
|
|
}
|
|
|
|
#[test]
|
|
fn generate_request_id_is_unique_and_non_deterministic() {
|
|
let a = generate_request_id();
|
|
let b = generate_request_id();
|
|
assert_ne!(a, b);
|
|
assert!(!a.is_empty());
|
|
}
|
|
}
|