Restore approved state (tree of 4effcc7 "Added LICENSE")

Roll the working tree back to the last approved shape, before the post-LICENSE span that false-greened the AFI parity matrix with symbol-presence probes and smuggled an unauthorized SQLAlchemy dependency into FastAPI's Shapes binding. Forward commit, not a history rewrite — the six commits since 4effcc7 stay in the log as the record of what happened. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-04 14:59:53 -04:00
parent adcc027894
commit ae684a36cb
126 changed files with 1711 additions and 13265 deletions
--- a/cores/mizan-rust-macros/src/function.rs
+++ b/cores/mizan-rust-macros/src/function.rs
@@ -26,15 +26,6 @@ pub struct FunctionArgs {
    pub merge: Vec<Path>,
    pub websocket: bool,
    pub private: bool,
-    /// `auth = "required" | "staff" | "superuser"` (or bare `auth` ⇒
-    /// "required") — the `@client(auth=...)` guard. Bare-true and the string
-    /// `"required"` both mean "must be authenticated".
-    pub auth: Option<String>,
-    /// `form_name = "..."` + `form_role = "schema"|"validate"|"submit"` — the
-    /// Forms binding's per-endpoint metadata, mirroring the Django form
-    /// `_meta` keys. Carried into the IR (`is-form`/`form-name`/`form-role`).
-    pub form_name: Option<String>,
-    pub form_role: Option<String>,
 }

 impl FunctionArgs {
@@ -54,16 +45,10 @@ impl FunctionArgs {
                        out.affects = collect_paths(&nv.value)?;
                    } else if nv.path.is_ident("merge") {
                        out.merge = collect_paths(&nv.value)?;
-                    } else if nv.path.is_ident("auth") {
-                        out.auth = Some(expect_str(&nv.value)?);
-                    } else if nv.path.is_ident("form_name") {
-                        out.form_name = Some(expect_str(&nv.value)?);
-                    } else if nv.path.is_ident("form_role") {
-                        out.form_role = Some(expect_str(&nv.value)?);
                    } else {
                        return Err(syn::Error::new_spanned(
                            nv.path,
-                            "unknown attribute key; expected one of: context, affects, merge, auth, form_name, form_role",
+                            "unknown attribute key; expected one of: context, affects, merge",
                        ));
                    }
                }
@@ -72,12 +57,10 @@ impl FunctionArgs {
                        out.websocket = true;
                    } else if p.is_ident("private") {
                        out.private = true;
-                    } else if p.is_ident("auth") {
-                        out.auth = Some("required".to_string());
                    } else {
                        return Err(syn::Error::new_spanned(
                            p,
-                            "unknown flag; expected `websocket`, `private`, or `auth`",
+                            "unknown flag; expected `websocket` or `private`",
                        ));
                    }
                }
@@ -116,21 +99,6 @@ fn expect_path(expr: &Expr) -> syn::Result<Path> {
    }
 }

-fn expect_str(expr: &Expr) -> syn::Result<String> {
-    if let Expr::Lit(syn::ExprLit {
-        lit: syn::Lit::Str(s),
-        ..
-    }) = expr
-    {
-        Ok(s.value())
-    } else {
-        Err(syn::Error::new_spanned(
-            expr,
-            "expected a string literal (e.g. `\"staff\"`)",
-        ))
-    }
-}
-
 fn collect_paths(expr: &Expr) -> syn::Result<Vec<Path>> {
    match expr {
        Expr::Path(_) => Ok(vec![expect_path(expr)?]),
@@ -215,11 +183,7 @@ pub fn expand(args: FunctionArgs, item: ItemFn) -> TokenStream {
            });
        }
        quote! {
-            // The synthetic Input is only ever *deserialized* (from the call's
-            // JSON args by the dispatch wrapper); it is never serialized, so it
-            // derives `Deserialize` only. Dropping `Serialize` lets binary
-            // field types like `Upload` (deserialize-only) participate.
-            #[derive(::std::fmt::Debug, ::std::clone::Clone, ::serde::Deserialize)]
+            #[derive(::std::fmt::Debug, ::std::clone::Clone, ::serde::Serialize, ::serde::Deserialize)]
            pub struct #input_type_ident {
                #(#field_defs)*
            }
@@ -389,20 +353,6 @@ pub fn expand(args: FunctionArgs, item: ItemFn) -> TokenStream {
    let output_nullable = analysis.nullable;
    let private = args.private;

-    let auth_value = match &args.auth {
-        Some(a) => quote! { ::std::option::Option::Some(#a) },
-        None => quote! { ::std::option::Option::None },
-    };
-    let is_form = args.form_name.is_some() || args.form_role.is_some();
-    let form_name_value = match &args.form_name {
-        Some(n) => quote! { ::std::option::Option::Some(#n) },
-        None => quote! { ::std::option::Option::None },
-    };
-    let form_role_value = match &args.form_role {
-        Some(r) => quote! { ::std::option::Option::Some(#r) },
-        None => quote! { ::std::option::Option::None },
-    };
-
    let dispatch_body = build_dispatch(
        &item,
        &input_args,
@@ -439,10 +389,6 @@ pub fn expand(args: FunctionArgs, item: ItemFn) -> TokenStream {
            fn merge(&self) -> &'static [&'static str] { #merge_static }
            fn transport(&self) -> ::mizan_core::Transport { #transport_value }
            fn private(&self) -> bool { #private }
-            fn auth(&self) -> ::std::option::Option<&'static str> { #auth_value }
-            fn is_form(&self) -> bool { #is_form }
-            fn form_name(&self) -> ::std::option::Option<&'static str> { #form_name_value }
-            fn form_role(&self) -> ::std::option::Option<&'static str> { #form_role_value }
            fn input_params(&self) -> &'static [::mizan_core::InputParam] { #params_static }

            fn dispatch<'a>(