2026-03-13 00:18:14 +00:00
|
|
|
pub mod auth;
|
|
|
|
|
pub mod backlog_ncl;
|
|
|
|
|
pub mod drift_watcher;
|
|
|
|
|
pub mod handlers;
|
|
|
|
|
pub mod login;
|
feat: unified auth model, project onboarding, install pipeline, config management
The full scope across this batch: POST /sessions key→token exchange, SessionStore dual-index with revoke_by_id, CLI Bearer injection (ONTOREF_TOKEN), ontoref setup
--gen-keys, install scripts, daemon config form roundtrip, ADR-004/005, on+re self-description update (fully-self-described), and landing page refresh.
2026-03-13 20:56:31 +00:00
|
|
|
pub mod ncl_write;
|
2026-03-13 00:18:14 +00:00
|
|
|
pub mod qa_ncl;
|
2026-03-16 01:48:17 +00:00
|
|
|
pub mod search_bookmarks_ncl;
|
2026-03-13 00:18:14 +00:00
|
|
|
pub mod watcher;
|
|
|
|
|
|
|
|
|
|
pub use drift_watcher::DriftWatcher;
|
|
|
|
|
pub use watcher::TemplateWatcher;
|
|
|
|
|
|
|
|
|
|
use crate::api::AppState;
|
|
|
|
|
|
|
|
|
|
pub fn router(state: AppState) -> axum::Router {
|
feat: unified auth model, project onboarding, install pipeline, config management
The full scope across this batch: POST /sessions key→token exchange, SessionStore dual-index with revoke_by_id, CLI Bearer injection (ONTOREF_TOKEN), ontoref setup
--gen-keys, install scripts, daemon config form roundtrip, ADR-004/005, on+re self-description update (fully-self-described), and landing page refresh.
2026-03-13 20:56:31 +00:00
|
|
|
multi_router(state)
|
2026-03-13 00:18:14 +00:00
|
|
|
}
|
|
|
|
|
|
feat: unified auth model, project onboarding, install pipeline, config management
The full scope across this batch: POST /sessions key→token exchange, SessionStore dual-index with revoke_by_id, CLI Bearer injection (ONTOREF_TOKEN), ontoref setup
--gen-keys, install scripts, daemon config form roundtrip, ADR-004/005, on+re self-description update (fully-self-described), and landing page refresh.
2026-03-13 20:56:31 +00:00
|
|
|
#[allow(dead_code)]
|
2026-03-13 00:18:14 +00:00
|
|
|
fn single_router(state: AppState) -> axum::Router {
|
|
|
|
|
use axum::routing::{get, post};
|
|
|
|
|
axum::Router::new()
|
|
|
|
|
.route("/", get(handlers::dashboard))
|
|
|
|
|
.route("/graph", get(handlers::graph))
|
|
|
|
|
.route("/sessions", get(handlers::sessions))
|
|
|
|
|
.route("/notifications", get(handlers::notifications_page))
|
|
|
|
|
.route("/modes", get(handlers::modes))
|
|
|
|
|
.route("/search", get(handlers::search_page))
|
|
|
|
|
.route("/assets/{*path}", get(handlers::serve_asset_single))
|
|
|
|
|
.route("/public/{*path}", get(handlers::serve_public_single))
|
|
|
|
|
.route("/backlog", get(handlers::backlog_page))
|
|
|
|
|
.route("/backlog/status", post(handlers::backlog_update_status))
|
|
|
|
|
.route("/backlog/add", post(handlers::backlog_add))
|
|
|
|
|
.route("/manage", get(handlers::manage_page))
|
|
|
|
|
.route("/manage/add", post(handlers::manage_add))
|
|
|
|
|
.route("/manage/remove", post(handlers::manage_remove))
|
|
|
|
|
.route("/actions", get(handlers::actions_page))
|
|
|
|
|
.route("/actions/run", post(handlers::actions_run))
|
|
|
|
|
.route("/qa", get(handlers::qa_page))
|
|
|
|
|
.route("/qa/delete", post(handlers::qa_delete))
|
|
|
|
|
.route("/qa/update", post(handlers::qa_update))
|
2026-03-16 01:48:17 +00:00
|
|
|
.route("/search/bookmark/add", post(handlers::search_bookmark_add))
|
|
|
|
|
.route(
|
|
|
|
|
"/search/bookmark/delete",
|
|
|
|
|
post(handlers::search_bookmark_delete),
|
|
|
|
|
)
|
2026-03-13 00:18:14 +00:00
|
|
|
.with_state(state)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn multi_router(state: AppState) -> axum::Router {
|
|
|
|
|
use axum::routing::{get, post};
|
|
|
|
|
axum::Router::new()
|
|
|
|
|
// Project picker and management at root
|
|
|
|
|
.route("/", get(handlers::project_picker))
|
|
|
|
|
.route("/manage", get(handlers::manage_page_guarded))
|
|
|
|
|
.route("/manage/add", post(handlers::manage_add_guarded))
|
|
|
|
|
.route("/manage/remove", post(handlers::manage_remove_guarded))
|
feat: unified auth model, project onboarding, install pipeline, config management
The full scope across this batch: POST /sessions key→token exchange, SessionStore dual-index with revoke_by_id, CLI Bearer injection (ONTOREF_TOKEN), ontoref setup
--gen-keys, install scripts, daemon config form roundtrip, ADR-004/005, on+re self-description update (fully-self-described), and landing page refresh.
2026-03-13 20:56:31 +00:00
|
|
|
.route(
|
|
|
|
|
"/manage/login",
|
|
|
|
|
get(login::manage_login_page).post(login::manage_login_submit),
|
|
|
|
|
)
|
|
|
|
|
.route("/manage/logout", get(handlers::manage_logout))
|
2026-03-13 00:18:14 +00:00
|
|
|
// Per-project routes — AuthUser extractor enforces auth per project
|
|
|
|
|
.route("/{slug}/", get(handlers::dashboard_mp))
|
|
|
|
|
.route("/{slug}/graph", get(handlers::graph_mp))
|
|
|
|
|
.route("/{slug}/sessions", get(handlers::sessions_mp))
|
|
|
|
|
.route("/{slug}/notifications", get(handlers::notifications_mp))
|
|
|
|
|
.route("/{slug}/modes", get(handlers::modes_mp))
|
|
|
|
|
.route("/{slug}/logout", get(login::logout))
|
|
|
|
|
.route("/{slug}/search", get(handlers::search_page_mp))
|
|
|
|
|
.route("/{slug}/assets/{*path}", get(handlers::serve_asset_mp))
|
|
|
|
|
.route("/{slug}/public/{*path}", get(handlers::serve_public_mp))
|
|
|
|
|
.route("/{slug}/backlog", get(handlers::backlog_page_mp))
|
|
|
|
|
.route(
|
|
|
|
|
"/{slug}/backlog/status",
|
|
|
|
|
post(handlers::backlog_update_status_mp),
|
|
|
|
|
)
|
|
|
|
|
.route("/{slug}/backlog/add", post(handlers::backlog_add_mp))
|
|
|
|
|
.route(
|
|
|
|
|
"/{slug}/notifications/{id}/action",
|
|
|
|
|
post(handlers::notification_action_mp),
|
|
|
|
|
)
|
|
|
|
|
.route(
|
|
|
|
|
"/{slug}/notifications/emit",
|
|
|
|
|
post(handlers::emit_notification_mp),
|
|
|
|
|
)
|
|
|
|
|
.route("/{slug}/compose", get(handlers::compose_page_mp))
|
|
|
|
|
.route(
|
|
|
|
|
"/{slug}/compose/form/{form_id}",
|
|
|
|
|
get(handlers::compose_form_schema_mp),
|
|
|
|
|
)
|
|
|
|
|
.route("/{slug}/compose/send", post(handlers::compose_send_mp))
|
---
feat: API catalog surface, protocol v2 tooling, MCP expansion, on+re update
## Summary
Session 2026-03-23. Closes the loop between handler code and discoverability
across all three surfaces (browser, CLI, MCP agent) via compile-time inventory
registration. Adds protocol v2 update tooling, extends MCP from 21 to 29 tools,
and brings the self-description up to date.
## API Catalog Surface (#[onto_api] proc-macro)
- crates/ontoref-derive: new proc-macro crate; `#[onto_api(method, path,
description, auth, actors, params, tags)]` emits `inventory::submit!(ApiRouteEntry{...})`
at link time
- crates/ontoref-daemon/src/api_catalog.rs: `catalog()` — pure fn over
`inventory::iter::<ApiRouteEntry>()`, zero runtime allocation
- GET /api/catalog: returns full annotated HTTP surface as JSON
- templates/pages/api_catalog.html: new page with client-side filtering by
method, auth, path/description; detail panel per route (params table,
feature flag); linked from dashboard card and nav
- UI nav: "API" link (</> icon) added to mobile dropdown and desktop bar
- inventory = "0.3" added to workspace.dependencies (MIT, zero transitive deps)
## Protocol Update Mode
- reflection/modes/update_ontoref.ncl: 9-step DAG (5 detect parallel, 2 update
idempotent, 2 validate, 1 report) — brings any project from protocol v1 to v2
by adding manifest.ncl and connections.ncl if absent, scanning ADRs for
deprecated check_hint, validating with nickel export
- reflection/templates/update-ontology-prompt.md: 8-phase reusable prompt for
agent-driven ontology enrichment (infrastructure → audit → core.ncl →
state.ncl → manifest.ncl → connections.ncl → ADR migration → validation)
## CLI — describe group extensions
- reflection/bin/ontoref.nu: `describe diff [--fmt] [--file]` and
`describe api [--actor] [--tag] [--auth] [--fmt]` registered as canonical
subcommands with log-action; aliases `df` and `da` added; QUICK REFERENCE
and ALIASES sections updated
## MCP — two new tools (21 → 29 total)
- ontoref_api_catalog: filters catalog() output by actor/tag/auth; returns
{ routes, total } — no HTTP roundtrip, calls inventory directly
- ontoref_file_versions: reads ProjectContext.file_versions DashMap per slug;
returns BTreeMap<filename, u64> reload counters
- insert_mcp_ctx: audited and updated from 15 to 28 entries in 6 groups
- HelpTool JSON: 8 new entries (validate_adrs, validate, impact, guides,
bookmark_list, bookmark_add, api_catalog, file_versions)
- ServerHandler::get_info instructions updated to mention new tools
## Web UI — dashboard additions
- Dashboard: "API Catalog" card (9th); "Ontology File Versions" section showing
per-file reload counters from file_versions DashMap
- dashboard_mp: builds BTreeMap<String, u64> from ctx.file_versions and injects
into Tera context
## on+re update
- .ontology/core.ncl: describe-query-layer and adopt-ontoref-tooling descriptions
updated; ontoref-daemon updated ("11 pages", "29 tools", API catalog,
per-file versioning, #[onto_api]); new node api-catalog-surface (Yang/Practice)
with 3 edges; artifact_paths extended across 3 nodes
- .ontology/state.ncl: protocol-maturity blocker updated (protocol v2 complete);
self-description-coverage catalyst updated with session 2026-03-23 additions
- ADR-007: "API Surface Discoverability via #[onto_api] Proc-Macro" — Accepted
## Documentation
- README.md: crates table updated (11 pages, 29 MCP tools, ontoref-derive row);
MCP representative table expanded; API Catalog, Semantic Diff, Per-File
Versioning paragraphs added; update_ontoref onboarding section added
- CHANGELOG.md: [Unreleased] section with 4 change groups
- assets/web/src/index.html: tool counts 19→29 (EN+ES), page counts 12→11
(EN+ES), daemon description paragraph updated with API catalog + #[onto_api]
2026-03-23 00:58:27 +01:00
|
|
|
.route("/{slug}/api", get(handlers::api_catalog_page_mp))
|
2026-03-13 00:18:14 +00:00
|
|
|
.route("/{slug}/actions", get(handlers::actions_page_mp))
|
|
|
|
|
.route("/{slug}/actions/run", post(handlers::actions_run_mp))
|
|
|
|
|
.route("/{slug}/qa", get(handlers::qa_page_mp))
|
|
|
|
|
.route("/{slug}/qa/delete", post(handlers::qa_delete))
|
|
|
|
|
.route("/{slug}/qa/update", post(handlers::qa_update))
|
2026-03-16 01:48:17 +00:00
|
|
|
.route(
|
|
|
|
|
"/{slug}/search/bookmark/add",
|
|
|
|
|
post(handlers::search_bookmark_add),
|
|
|
|
|
)
|
|
|
|
|
.route(
|
|
|
|
|
"/{slug}/search/bookmark/delete",
|
|
|
|
|
post(handlers::search_bookmark_delete),
|
|
|
|
|
)
|
2026-03-13 00:18:14 +00:00
|
|
|
// Login is public — no AuthUser extractor
|
|
|
|
|
.route(
|
|
|
|
|
"/{slug}/login",
|
|
|
|
|
get(login::login_page).post(login::login_submit),
|
|
|
|
|
)
|
|
|
|
|
.with_state(state)
|
|
|
|
|
}
|