add experimental permission HttpApi slice#22385
Merged
kitlangton merged 21 commits intodevfrom Apr 15, 2026
Merged
Conversation
kitlangton
force-pushed
the
kit/permission-httpapi-spike
branch
2 times, most recently
from
1347327 to
a91eba5
Compare
Move the shared permission route DTOs to Effect Schema, mount a parallel permission HttpApi surface, and cover the new list/reply/docs flow with a server test.
Share the permission reply field definition between the transport body and service input schemas and align the list contract with the readonly response style used by the question slice.
Build the permission HttpApi handlers with an effectful group callback so the permission service is resolved once at layer construction time and the endpoint handlers close over the resulting service methods.
Move the permission slice onto the parallel Effect-native experimental HttpApi server, stop extending the Hono mount path for this PR, and keep the question and permission groups served through the direct Effect server boundary.
Keep the experimental Effect-native HttpApi server as an internal implementation detail for now instead of exposing it through the CLI serve command or a public env flag.
Replace the ad hoc URL and header parsing in the experimental Effect-native HttpApi server with HttpServerRequest schema decoders so the auth and instance middleware stay schema-driven and easier to reason about.
Keep only the auth_token normalization as custom router middleware and move the actual credential enforcement onto HttpApiSecurity.basic so the parallel experimental server follows the Effect-native auth pattern.
Expose the experimental permission and question HttpApi server as Effect layers and test it through NodeHttpServer.layerTest and HttpClient instead of an imperative listen API.
kitlangton
force-pushed
the
kit/permission-httpapi-spike
branch
from
8a1796d to
94bd58f
Compare
…shape
- Detect string literal unions and emit z.enum() instead of z.union(z.literal())
so JSON Schema produces { enum: [...] } not { anyOf: [{ const: ... }] }
- Add ZodOverride annotation for branded ID types so pattern constraints
(e.g. startsWith) carry through when the walker encounters them in
composite schemas
- Annotate all 9 ID schemas (SessionID, MessageID, PermissionID, etc.)
with ZodOverride so patterns like ^per.* appear in OpenAPI output
- Inline Permission tool struct to avoid introducing a new named
- Remove unnecessary identifier annotation from PermissionReplied event
- Add comprehensive tests comparing bridge output to native Zod equivalents
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Verification