internal/modules/users/module.go

package users

import (
	"nadir/internal/rbac"

	"github.com/danielgtaylor/huma/v2"
)

const ModuleID = "users"

// sessionStore is the subset of SessionStore that password changes need:
// invalidate all existing sessions for a user whose password just changed.
type sessionStore interface {
	DeleteByUsername(username string) error
}

type Module struct {
	sessions sessionStore
}

func New(sessions sessionStore) *Module { return &Module{sessions: sessions} }

func (m *Module) ID() string   { return ModuleID }

// Permissions: read to list/inspect accounts; write to create and change
// passwords; root to delete (irreversible).
func (m *Module) Permissions() []rbac.Permission {
	return []rbac.Permission{rbac.Read, rbac.Write, rbac.Root}
}

func (m *Module) Register(api huma.API) {
	registerUsers(api, m.sessions)
}

func op(permission string) map[string]any {
	return map[string]any{"module": ModuleID, "permission": permission}
}
first commit 2026-06-22 16:06:57 +02:00			`package users`

			`import (`
			`"nadir/internal/rbac"`

			`"github.com/danielgtaylor/huma/v2"`
			`)`

			`const ModuleID = "users"`

fix: remove terminal module and implement concurrent log stream limiting 2026-06-24 17:29:45 +02:00			`// sessionStore is the subset of SessionStore that password changes need:`
			`// invalidate all existing sessions for a user whose password just changed.`
			`type sessionStore interface {`
			`DeleteByUsername(username string) error`
			`}`

			`type Module struct {`
			`sessions sessionStore`
			`}`
first commit 2026-06-22 16:06:57 +02:00
fix: remove terminal module and implement concurrent log stream limiting 2026-06-24 17:29:45 +02:00			`func New(sessions sessionStore) *Module { return &Module{sessions: sessions} }`
first commit 2026-06-22 16:06:57 +02:00
			`func (m *Module) ID() string { return ModuleID }`

			`// Permissions: read to list/inspect accounts; write to create and change`
			`// passwords; root to delete (irreversible).`
			`func (m *Module) Permissions() []rbac.Permission {`
			`return []rbac.Permission{rbac.Read, rbac.Write, rbac.Root}`
			`}`

			`func (m *Module) Register(api huma.API) {`
fix: remove terminal module and implement concurrent log stream limiting 2026-06-24 17:29:45 +02:00			`registerUsers(api, m.sessions)`
first commit 2026-06-22 16:06:57 +02:00			`}`

			`func op(permission string) map[string]any {`
			`return map[string]any{"module": ModuleID, "permission": permission}`
			`}`