Skip to content

#81 feat: add command-level security configuration#91

Merged
RAprogramm merged 6 commits into80-examples-supportfrom
81-security-config
Jan 7, 2026
Merged

#81 feat: add command-level security configuration#91
RAprogramm merged 6 commits into80-examples-supportfrom
81-security-config

Conversation

@RAprogramm
Copy link
Owner

@RAprogramm RAprogramm commented Jan 7, 2026

Summary

  • Add security = "..." option to #[command(...)] for per-command security override
  • Support "none" to make specific commands public
  • Priority: command override > entity public list > entity default

Usage

#[entity(api(
    tag = "Users",
    security = "bearer",      // Default for all
    public = [Register]       // These are public
))]
#[command(AdminDelete, requires_id, security = "admin")]  // Custom security
#[command(PublicList, security = "none")]                 // No auth
pub struct User { ... }

Test plan

  • 3 unit tests for security parsing
  • clippy clean
  • All 98 tests pass

Closes #81

@RAprogramm
#81 feat: add command-level security configuration
b3e2ff0 
- Add security field to CommandDef for per-command override
- Parse security = "..." option in #[command(...)] attributes
- Support "none" value to make specific commands public
- Update handler generation to use command security with priority:
  1. Command-level security override
  2. Entity-level public commands list
  3. Entity-level default security
- Add security_scheme_name helper for mapping schemes
- Add 3 unit tests for security parsing

Closes #81
@RAprogramm
#82 feat: add EntityError derive macro for OpenAPI error docs
39cf5b7 
- Create error.rs module with EntityError derive macro
- Parse #[status(code)] attributes for HTTP status codes
- Use doc comments as error descriptions
- Generate {Error}Responses struct with helper methods:
  - status_codes() - all error status codes
  - descriptions() - all error descriptions
  - utoipa_responses() - tuples for OpenAPI
- Add 4 unit tests for error parsing

Closes #82
@RAprogramm
#83 feat: add API versioning and deprecation support
bea4279 
- Wire up deprecated_in config to generate deprecated = true in utoipa
- Version is already supported via full_path_prefix()
- Add 5 unit tests for security scheme name mapping

Closes #83
@RAprogramm
Merge branch '80-examples-support' into 81-security-config
4f56e4b
@RAprogramm
Merge branch '81-security-config' into 82-error-docs
51d16ef
@RAprogramm
Merge branch '82-error-docs' into 83-api-versioning
9c923e4
@codecov
Copy link

codecov bot commented Jan 7, 2026

Codecov Report

❌ Patch coverage is 72.72727% with 15 lines in your changes missing coverage. Please review.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
...ates/entity-derive-impl/src/entity/api/handlers.rs 11.76% 15 Missing ⚠️

📢 Thoughts on this report? Let us know!

@RAprogramm RAprogramm merged commit 9c923e4 into 80-examples-support Jan 7, 2026
35 checks passed
@RAprogramm RAprogramm deleted the 81-security-config branch January 7, 2026 04:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@RAprogramm