textus 0.22.0 → 0.26.0

data/lib/textus/cli/verb/put.rb

@@ -8,7 +8,7 @@ module Textus
         option :use_stdin, "--stdin"
         option :fetch_name, "--fetch=NAME"
 
-        def call(store) # rubocop:disable Metrics/AbcSize
+        def call(store)
           key = positional.shift or raise UsageError.new("put requires a key")
           raise UsageError.new("put requires --stdin in v1") unless use_stdin
 
@@ -17,15 +17,17 @@ module Textus
           raw = @stdin.read
           payload =
             if fetch_name
-              callable = store.bus.rpc_callable(:resolve_intake, fetch_name)
               result =
                 begin
-                  Timeout.timeout(Textus::Application::Refresh::Worker::FETCH_TIMEOUT_SECONDS) do
-                    callable.call(config: { "bytes" => raw }, store: store, args: {})
+                  Timeout.timeout(Textus::Application::Write::RefreshWorker::FETCH_TIMEOUT_SECONDS) do
+                    store.rpc.invoke(:resolve_intake, fetch_name,
+                                     caps: nil,
+                                     config: { "bytes" => raw },
+                                     args: {})
                   end
                 rescue Timeout::Error
                   raise UsageError.new(
-                    "fetch '#{fetch_name}' exceeded #{Textus::Application::Refresh::Worker::FETCH_TIMEOUT_SECONDS}s timeout",
+                    "fetch '#{fetch_name}' exceeded #{Textus::Application::Write::RefreshWorker::FETCH_TIMEOUT_SECONDS}s timeout",
                   )
                 end
               basename = key.split(".").last
@@ -44,7 +46,7 @@ module Textus
           meta = payload["_meta"] || {}
           body = payload["body"] || ""
           if_etag = payload["if_etag"]
-          result = Textus::Operations.for(store, role: role).put(key, meta: meta, body: body, if_etag: if_etag)
+          result = store.session(role: role).put(key, meta: meta, body: body, if_etag: if_etag)
           emit(result.to_h_for_wire)
         end
       end

data/lib/textus/cli/verb/rdeps.rb

@@ -6,7 +6,7 @@ module Textus
 
         def call(store)
           key = positional.shift or raise UsageError.new("rdeps requires a key")
-          emit({ "key" => key, "rdeps" => operations_for(store).rdeps(key) })
+          emit({ "key" => key, "rdeps" => session_for(store).rdeps(key) })
         end
       end
     end

data/lib/textus/cli/verb/refresh.rb

@@ -6,7 +6,7 @@ module Textus
 
         def call(store)
           key = positional.shift or raise UsageError.new("refresh requires a key")
-          emit(operations_for(store).refresh(key).to_h_for_wire)
+          emit(session_for(store).refresh(key).to_h_for_wire)
         end
       end
     end

data/lib/textus/cli/verb/refresh_stale.rb

@@ -10,7 +10,7 @@ module Textus
         option :as_flag, "--as=ROLE"
 
         def call(store)
-          result = operations_for(store).refresh_all(prefix: prefix, zone: zone)
+          result = session_for(store).refresh_all(prefix: prefix, zone: zone)
           emit(result)
           result["ok"] ? 0 : 1
         end

data/lib/textus/cli/verb/reject.rb

@@ -8,7 +8,7 @@ module Textus
 
         def call(store)
           key = positional.shift or raise UsageError.new("reject requires a key")
-          emit(operations_for(store).reject(key))
+          emit(session_for(store).reject(key))
         end
       end
     end

data/lib/textus/cli/verb/rule_explain.rb

@@ -7,7 +7,7 @@ module Textus
 
         def call(store)
           key = positional.shift or raise UsageError.new("policy explain requires a KEY")
-          result = operations_for(store).policy_explain(key: key)
+          result = session_for(store).policy_explain(key: key)
           emit({ "verb" => "policy_explain" }.merge(result.transform_keys(&:to_s)))
         end
       end

data/lib/textus/cli/verb/rule_lint.rb

@@ -0,0 +1,18 @@
+module Textus
+  class CLI
+    class Verb
+      class RuleLint < Verb
+        command_name "lint"
+        parent_group Group::Rule
+
+        option :against, "--against=FILE"
+
+        def call(store)
+          path = against or raise UsageError.new("rule lint --against=FILE required")
+          yaml = File.read(path)
+          emit(session_for(store).rule_lint(candidate_yaml: yaml).to_h)
+        end
+      end
+    end
+  end
+end

data/lib/textus/cli/verb/schema.rb

@@ -7,7 +7,7 @@ module Textus
 
         def call(store)
           key = positional.shift or raise UsageError.new("schema requires a key")
-          emit(operations_for(store).schema_envelope(key))
+          emit(session_for(store).schema_envelope(key))
         end
       end
     end

data/lib/textus/cli/verb/uid.rb

@@ -7,7 +7,7 @@ module Textus
 
         def call(store)
           key = positional.shift or raise UsageError.new("uid requires a key")
-          emit({ "key" => key, "uid" => operations_for(store).uid(key) })
+          emit({ "key" => key, "uid" => session_for(store).uid(key) })
         end
       end
     end

data/lib/textus/cli/verb/where.rb

@@ -6,7 +6,7 @@ module Textus
 
         def call(store)
           key = positional.shift or raise UsageError.new("where requires a key")
-          emit(operations_for(store).where(key))
+          emit(session_for(store).where(key))
         end
       end
     end

data/lib/textus/cli/verb/zone_mv.rb

@@ -0,0 +1,19 @@
+module Textus
+  class CLI
+    class Verb
+      class ZoneMv < Verb
+        command_name "mv"
+        parent_group Group::Zone
+
+        option :as_flag, "--as=ROLE"
+        option :dry_run, "--dry-run"
+
+        def call(store)
+          from = positional.shift or raise UsageError.new("zone mv requires <from> <to>")
+          to   = positional.shift or raise UsageError.new("zone mv requires <from> <to>")
+          emit(session_for(store).zone_mv(from: from, to: to, dry_run: dry_run || false).to_h)
+        end
+      end
+    end
+  end
+end

data/lib/textus/cli/verb.rb

@@ -100,12 +100,12 @@ module Textus
       # Convenience for verbs whose only pre-call boilerplate is
       # resolving the role and wrapping it in a context.
       def context_for(store)
-        Textus::Operations.for(store, role: resolved_role(store)).ctx
+        store.session(role: resolved_role(store)).ctx
       end
 
-      # Returns an Operations instance bound to the resolved role.
-      def operations_for(store)
-        Textus::Operations.for(store, role: resolved_role(store))
+      # Returns a Session instance bound to the resolved role.
+      def session_for(store)
+        store.session(role: resolved_role(store))
       end
     end
   end

data/lib/textus/doctor/check/audit_log.rb

@@ -3,8 +3,8 @@ module Textus
     class Check
       class AuditLog < Check
         def call
-          path = File.join(store.root, "audit.log")
-          Textus::Infra::AuditLog.new(store.root).verify_integrity.map do |v|
+          path = File.join(root, "audit.log")
+          Textus::Infra::AuditLog.new(root).verify_integrity.map do |v|
             {
               "code" => "audit.parse_error",
               "level" => "warning",

data/lib/textus/doctor/check/handler_allowlist.rb

@@ -7,12 +7,12 @@ module Textus
       class HandlerAllowlist < Check
         def call
           out = []
-          store.manifest.entries.each do |mentry|
+          manifest.data.entries.each do |mentry|
             next unless mentry.is_a?(Textus::Manifest::Entry::Intake)
 
             handler = mentry.handler
 
-            allow = store.manifest.rules_for(mentry.key).handler_allowlist
+            allow = manifest.rules.for(mentry.key).handler_allowlist
             next if allow.nil?
             next if allow.allows?(handler)
 

data/lib/textus/doctor/check/hooks.rb

@@ -4,15 +4,16 @@ module Textus
       class Hooks < Check
         def call
           out = []
-          dir = File.join(store.root, "hooks")
+          dir = File.join(root, "hooks")
           return out unless File.directory?(dir)
 
           Dir.glob(File.join(dir, "*.rb")).sort.each do |f| # rubocop:disable Lint/RedundantDirGlobSort
-            bus = Textus::Hooks::Bus.new
+            events = Textus::Hooks::EventBus.new
+            rpc    = Textus::Hooks::RpcRegistry.new
             Textus.drain_hook_blocks
             begin
               load(f)
-              Textus.drain_hook_blocks.each { |b| b.call(bus) }
+              Textus.drain_hook_blocks.each { |b| b.call(Textus::Hooks::Loader::Dsl.new(events: events, rpc: rpc)) }
             end
           rescue StandardError, ScriptError => e
             out << {

data/lib/textus/doctor/check/illegal_keys.rb

@@ -4,10 +4,10 @@ module Textus
       class IllegalKeys < Check
         def call
           out = []
-          store.manifest.entries.each do |entry|
+          manifest.data.entries.each do |entry|
             next unless entry.nested?
 
-            base = File.join(store.root, "zones", entry.path)
+            base = File.join(root, "zones", entry.path)
             next unless File.directory?(base)
 
             index_fn = entry.respond_to?(:index_filename) ? entry.index_filename : nil

data/lib/textus/doctor/check/intake_registration.rb

@@ -6,7 +6,7 @@ module Textus
 
         def call
           declared = collect_declared_handlers
-          registered = store.bus.rpc_names(:resolve_intake).to_set
+          registered = rpc.names(:resolve_intake).to_set
 
           out = (declared - registered).map do |name|
             {
@@ -35,7 +35,7 @@ module Textus
 
         def collect_declared_handlers
           set = Set.new
-          store.manifest.entries.each do |mentry|
+          manifest.data.entries.each do |mentry|
             set << mentry.handler.to_sym if mentry.is_a?(Textus::Manifest::Entry::Intake)
           end
           set

data/lib/textus/doctor/check/manifest_files.rb

@@ -3,10 +3,10 @@ module Textus
     class Check
       class ManifestFiles < Check
         def call
-          store.manifest.entries.each_with_object([]) do |entry, out|
+          manifest.data.entries.each_with_object([]) do |entry, out|
             next if entry.nested?
 
-            path = Textus::Key::Path.resolve(store.manifest, entry)
+            path = Textus::Key::Path.resolve(manifest.data, entry)
             next if File.exist?(path)
 
             out << {

data/lib/textus/doctor/check/protocol_version.rb

@@ -23,10 +23,10 @@ module Textus
           }]
         end
 
-        # Doctor check interface: store.root is the .textus/ directory itself,
+        # Doctor check interface: root is the .textus/ directory itself,
         # so manifest.yaml lives directly inside it.
         def call
-          path = File.join(store.root, "manifest.yaml")
+          path = File.join(root, "manifest.yaml")
           return [] unless File.exist?(path)
 
           doc = YAML.safe_load_file(path, aliases: false) || {}

data/lib/textus/doctor/check/refresh_locks.rb

@@ -1,7 +1,7 @@
 module Textus
   module Doctor
     class Check
-      # Lists per-key refresh lock files under <store.root>/.locks/ whose
+      # Lists per-key refresh lock files under <root>/.locks/ whose
       # recorded PID is no longer running. These are forensic artifacts only:
       # Refresh::Lock uses flock(2), which the kernel releases on process
       # death, so stale files do not block subsequent acquires. The check
@@ -9,7 +9,7 @@ module Textus
       # (e.g. a refresh path that crashes repeatedly).
       class RefreshLocks < Check
         def call
-          dir = File.join(store.root, ".locks")
+          dir = File.join(root, ".locks")
           return [] unless File.directory?(dir)
 
           Dir.glob(File.join(dir, "*.lock")).filter_map { |path| inspect_lock(path) }

data/lib/textus/doctor/check/rule_ambiguity.rb

@@ -10,8 +10,8 @@ module Textus
 
         def call
           out = []
-          rules = store.manifest.rules
-          store.manifest.entries.each do |mentry|
+          rules = manifest.rules
+          manifest.data.entries.each do |mentry|
             matches = rules.explain(mentry.key)
             next if matches.length < 2
 

data/lib/textus/doctor/check/schema_parse_error.rb

@@ -7,7 +7,7 @@ module Textus
       # leaving the operator with no signal that a schema is broken.
       class SchemaParseError < Check
         def call
-          dir = File.join(store.root, "schemas")
+          dir = File.join(root, "schemas")
           return [] unless File.directory?(dir)
 
           Dir.glob(File.join(dir, "*.yaml")).each_with_object([]) do |path, out|

data/lib/textus/doctor/check/schema_violations.rb

@@ -3,7 +3,7 @@ module Textus
     class Check
       class SchemaViolations < Check
         def call
-          res = Textus::Operations.for(store).validate_all
+          res = @session.validate_all
           res["violations"].map do |v|
             fix = v["expected"] &&
                   "field '#{v["field"]}' should be written by '#{v["expected"]}' (last writer: #{v["last_writer"]})"

data/lib/textus/doctor/check/schemas.rb

@@ -4,10 +4,10 @@ module Textus
       class Schemas < Check
         def call
           out = []
-          store.manifest.entries.each do |entry|
+          manifest.data.entries.each do |entry|
             next if entry.schema.nil?
 
-            sp = File.join(store.root, "schemas", "#{entry.schema}.yaml")
+            sp = File.join(root, "schemas", "#{entry.schema}.yaml")
             next if File.exist?(sp)
 
             out << {

data/lib/textus/doctor/check/sentinels.rb

@@ -3,10 +3,10 @@ module Textus
     class Check
       class Sentinels < Check
         def call
-          dir = File.join(store.root, "sentinels")
+          dir = File.join(root, "sentinels")
           return [] unless File.directory?(dir)
 
-          repo_root = File.dirname(store.root)
+          repo_root = File.dirname(root)
           Dir.glob(File.join(dir, "**", "*#{Textus::Domain::Sentinel::SUFFIX}")).flat_map do |sentinel_path|
             inspect_sentinel(sentinel_path, repo_root)
           end

data/lib/textus/doctor/check/templates.rb

@@ -4,11 +4,11 @@ module Textus
       class Templates < Check
         def call
           out = []
-          store.manifest.entries.each do |entry|
+          manifest.data.entries.each do |entry|
             template = entry.respond_to?(:template) ? entry.template : nil
             next if template.nil?
 
-            tp = File.join(store.root, "templates", template)
+            tp = File.join(root, "templates", template)
             next if File.exist?(tp)
 
             out << {

data/lib/textus/doctor/check/unowned_schema_fields.rb

@@ -3,7 +3,7 @@ module Textus
     class Check
       class UnownedSchemaFields < Check
         def call
-          dir = File.join(store.root, "schemas")
+          dir = File.join(root, "schemas")
           return [] unless File.directory?(dir)
 
           Dir.glob(File.join(dir, "*.yaml")).flat_map do |path|

data/lib/textus/doctor/check.rb

@@ -14,8 +14,8 @@ module Textus
                           .downcase
       end
 
-      def initialize(store)
-        @store = store
+      def initialize(session)
+        @session = session
       end
 
       def call
@@ -24,7 +24,9 @@ module Textus
 
       protected
 
-      attr_reader :store
+      def root     = @session.read_caps.root
+      def manifest = @session.read_caps.manifest
+      def rpc      = @session.rpc
     end
   end
 end

data/lib/textus/doctor.rb

@@ -30,7 +30,7 @@ module Textus
 
     module_function
 
-    def run(store, checks: nil)
+    def run(session, checks: nil)
       selected_keys = checks ? Array(checks).map(&:to_s) : ALL_CHECKS
       unknown = selected_keys - ALL_CHECKS
       unless unknown.empty?
@@ -40,8 +40,8 @@ module Textus
       end
 
       selected = CHECKS.select { |c| selected_keys.include?(c.name_key) }
-      issues = selected.flat_map { |c| c.new(store).call }
-      issues.concat(run_registered_checks(store))
+      issues = selected.flat_map { |c| c.new(session).call }
+      issues.concat(run_registered_checks(session))
 
       summary = LEVELS.to_h { |l| [l, issues.count { |i| i["level"] == l }] }
       {
@@ -52,30 +52,27 @@ module Textus
       }
     end
 
-    def run_registered_checks(store)
-      out = []
-      store.bus.rpc_names(:validate).each do |name|
-        callable = store.bus.rpc_callable(:validate, name)
-        begin
-          result = Timeout.timeout(DOCTOR_CHECK_TIMEOUT_SECONDS) { callable.call(store: store) }
-          if result.is_a?(Array)
-            out.concat(result.map { |h| h.transform_keys(&:to_s) })
-          else
-            out << fail_issue(name, code: "doctor_check.bad_return",
-                                    message: "doctor_check '#{name}' returned #{result.class} (expected Array)",
-                                    fix: "return an array of issue hashes from the doctor_check block")
-          end
-        rescue Timeout::Error
-          out << fail_issue(name, code: "doctor_check.timeout",
-                                  message: "doctor_check '#{name}' exceeded #{DOCTOR_CHECK_TIMEOUT_SECONDS}s",
-                                  fix: "shorten the check or split it into smaller checks")
-        rescue StandardError => e
-          out << fail_issue(name, code: "doctor_check.failed",
-                                  message: "#{e.class}: #{e.message}",
-                                  fix: "fix the :validate hook in .textus/hooks/")
-        end
+    def run_registered_checks(session)
+      session.rpc.names(:validate).flat_map { |name| invoke_registered_check(session, name) }
+    end
+
+    def invoke_registered_check(session, name)
+      result = Timeout.timeout(DOCTOR_CHECK_TIMEOUT_SECONDS) do
+        session.rpc.invoke(:validate, name, caps: session.write_caps)
       end
-      out
+      return result.map { |h| h.transform_keys(&:to_s) } if result.is_a?(Array)
+
+      [fail_issue(name, code: "doctor_check.bad_return",
+                        message: "doctor_check '#{name}' returned #{result.class} (expected Array)",
+                        fix: "return an array of issue hashes from the doctor_check block")]
+    rescue Timeout::Error
+      [fail_issue(name, code: "doctor_check.timeout",
+                        message: "doctor_check '#{name}' exceeded #{DOCTOR_CHECK_TIMEOUT_SECONDS}s",
+                        fix: "shorten the check or split it into smaller checks")]
+    rescue StandardError => e
+      [fail_issue(name, code: "doctor_check.failed",
+                        message: "#{e.class}: #{e.message}",
+                        fix: "fix the :validate hook in .textus/hooks/")]
     end
 
     def fail_issue(name, code:, message:, fix:)
@@ -88,6 +85,6 @@ module Textus
       }
     end
 
-    private_class_method :run_registered_checks, :fail_issue
+    private_class_method :run_registered_checks, :invoke_registered_check, :fail_issue
   end
 end

data/lib/textus/domain/authorizer.rb

@@ -11,24 +11,24 @@ module Textus
       end
 
       def can_write?(zone, role:)
-        @manifest.permission_for(zone.to_s).allows_write?(role)
+        @manifest.policy.permission_for(zone.to_s).allows_write?(role)
       end
 
       def can_read?(zone, role:)
-        @manifest.permission_for(zone.to_s).allows_read?(role)
+        @manifest.policy.permission_for(zone.to_s).allows_read?(role)
       end
 
       def authorize_write!(mentry, role:)
         return if can_write?(mentry.zone, role: role)
 
-        writers = @manifest.zone_writers(mentry.zone)
+        writers = @manifest.policy.zone_writers(mentry.zone)
         raise WriteForbidden.new(mentry.key, mentry.zone, writers: writers)
       end
 
       def authorize_read!(mentry, role:)
         return if can_read?(mentry.zone, role: role)
 
-        readers = @manifest.zone_readers[mentry.zone]
+        readers = @manifest.policy.zone_readers[mentry.zone]
         readers = nil if readers == :all
         raise ReadForbidden.new(mentry.key, mentry.zone, readers: readers)
       end

data/lib/textus/{application → domain}/policy/predicates/accept_authority_signed.rb

@@ -1,5 +1,5 @@
 module Textus
-  module Application
+  module Domain
     module Policy
       module Predicates
         # Promotion predicate: the role driving the promotion must have
@@ -20,7 +20,7 @@ module Textus
             role_str = role&.to_s
             return true if role_str.nil? || role_str.empty?
 
-            kind = manifest.role_kind(role_str)
+            kind = manifest.policy.role_kind(role_str)
             return true if kind == :accept_authority
 
             @reason = "role '#{role_str}' has kind '#{kind.inspect}', expected ':accept_authority'"

data/lib/textus/{application → domain}/policy/predicates/schema_valid.rb

@@ -1,5 +1,5 @@
 module Textus
-  module Application
+  module Domain
     module Policy
       module Predicates
         class SchemaValid

data/lib/textus/{application → domain}/policy/promotion.rb

@@ -2,7 +2,7 @@ require_relative "predicates/schema_valid"
 require_relative "predicates/accept_authority_signed"
 
 module Textus
-  module Application
+  module Domain
     module Policy
       class Promotion
         Result = Struct.new(:ok?, :reasons, keyword_init: true)

data/lib/textus/domain/staleness/generator_check.rb

@@ -19,7 +19,7 @@ module Textus
           src = mentry.source
           return [] unless src.is_a?(Textus::Manifest::Entry::Derived::External)
 
-          path = Textus::Key::Path.resolve(@manifest, mentry)
+          path = Textus::Key::Path.resolve(@manifest.data, mentry)
           return [stale_row(mentry, path, "derived entry has never been generated")] unless File.exist?(path)
 
           parsed = Entry.for_format(mentry.format).parse(File.binread(path), path: path)
@@ -63,7 +63,7 @@ module Textus
         end
 
         def check_filesystem_source(src, gen_time)
-          abs = File.absolute_path?(src) ? src : File.join(File.dirname(@manifest.root), src)
+          abs = File.absolute_path?(src) ? src : File.join(File.dirname(@manifest.data.root), src)
           if File.directory?(abs)
             Dir.glob(File.join(abs, "**", "*")).each do |fp|
               next unless File.file?(fp)

data/lib/textus/domain/staleness/intake_check.rb

@@ -13,10 +13,10 @@ module Textus
         def rows_for(mentry)
           return [] unless mentry.is_a?(Textus::Manifest::Entry::Intake)
 
-          ttl = @manifest.rules_for(mentry.key).refresh&.ttl_seconds
+          ttl = @manifest.rules.for(mentry.key).refresh&.ttl_seconds
           return [] unless ttl
 
-          path = Textus::Key::Path.resolve(@manifest, mentry)
+          path = Textus::Key::Path.resolve(@manifest.data, mentry)
           return [row(mentry, path, "never refreshed")] unless File.exist?(path)
 
           meta = Entry.for_format(mentry.format).parse(File.binread(path), path: path)["_meta"]

data/lib/textus/domain/staleness.rb

@@ -8,7 +8,7 @@ module Textus
       end
 
       def call(prefix: nil, zone: nil)
-        @manifest.entries
+        @manifest.data.entries
                  .select { |m| entry_matches?(m, prefix: prefix, zone: zone) }
                  .flat_map { |m| @generator_check.rows_for(m) + @intake_check.rows_for(m) }
       end