Lockspire.Admin.ServerPolicy (lockspire v1.0.0)

Copy Markdown

Query and command boundary for Lockspire server policy.

Summary

Types

error_detail()
private_key_jwt_registration_truth()

Functions

get_dcr_policy()

Returns the current DCR policy view as a %Domain.ServerPolicy{} (the same struct used by get_server_policy/0 — DCR fields land on the singleton row per D-04).

get_server_policy()
private_key_jwt_registration_truth(policy)
put_dcr_policy(attrs)

Persists the DCR-shaped fields onto the server-policy singleton row, preserving any non-DCR fields (notably par_policy) on the same row.

put_dpop_policy(mode)
put_max_delegation_depth(depth)
put_security_profile(profile)
put_server_policy(mode)

Types

error_detail()

@type error_detail() :: %{field: atom(), reason: atom(), detail: term()}

private_key_jwt_registration_truth()

@type private_key_jwt_registration_truth() :: %{
  self_registration_allowed?: boolean(),
  supported_assertion_signing_algorithms: [String.t()]
}

Functions

get_dcr_policy()

@spec get_dcr_policy() :: {:ok, Lockspire.Domain.ServerPolicy.t()} | {:error, term()}

Returns the current DCR policy view as a %Domain.ServerPolicy{} (the same struct used by get_server_policy/0 — DCR fields land on the singleton row per D-04).

Phase 28 admin LiveView consumes this; Phase 26 intake validator and Lockspire.Protocol.DcrPolicy.resolve/3 consume the same struct.

get_server_policy()

@spec get_server_policy() ::
  {:ok, Lockspire.Domain.ServerPolicy.t()} | {:error, term()}

private_key_jwt_registration_truth(policy)

@spec private_key_jwt_registration_truth(Lockspire.Domain.ServerPolicy.t()) ::
  private_key_jwt_registration_truth()

put_dcr_policy(attrs)

@spec put_dcr_policy(map()) ::
  {:ok, Lockspire.Domain.ServerPolicy.t()}
  | {:error, [error_detail()]}
  | {:error, term()}

Persists the DCR-shaped fields onto the server-policy singleton row, preserving any non-DCR fields (notably par_policy) on the same row.

Accepts a map keyed by atoms or strings. Unknown keys are ignored. Validates the :registration_policy value is :disabled | :initial_access_token | :open.

Returns {:ok, %Domain.ServerPolicy{}} on success or a list-shaped error per the error_detail typespec.

put_dpop_policy(mode)

@spec put_dpop_policy(atom() | String.t()) ::
  {:ok, Lockspire.Domain.ServerPolicy.t()}
  | {:error, [error_detail()]}
  | {:error, term()}

put_max_delegation_depth(depth)

@spec put_max_delegation_depth(integer()) ::
  {:ok, Lockspire.Domain.ServerPolicy.t()}
  | {:error, Ecto.Changeset.t()}
  | {:error, term()}

put_security_profile(profile)

@spec put_security_profile(atom() | String.t()) ::
  {:ok, Lockspire.Domain.ServerPolicy.t()}
  | {:error, [error_detail()]}
  | {:error, term()}

put_server_policy(mode)

@spec put_server_policy(atom() | String.t()) ::
  {:ok, Lockspire.Domain.ServerPolicy.t()}
  | {:error, [error_detail()]}
  | {:error, term()}