Pure query functions over AppSurface data.
Usable in tests, the adversarial auth runner, and future surface explorer UI.
Replaces duplicated inline .filter() patterns.
TODO @surface-explorer Used by test utilities (test_auth_surface, adversarial_input, surface_invariants) and SurfaceExplorer.svelte (surface_auth_summary, format_route_key). Several query functions (filter_authenticated_routes, filter_keeper_routes, routes_by_auth_type, filter_routes_by_prefix) are pre-built for richer surface explorer features and consumer test suites — leverage more as the surface UI matures.
15 declarations
http/surface_query.ts view source
(surface: AppSurface): (AppSurfaceRoute & { auth: { type: "authenticated"; }; })[] Filter routes that require basic authentication (no specific role).
surface(AppSurfaceRoute & { auth: { type: "authenticated"; }; })[] http/surface_query.ts view source
(surface: AppSurface): (AppSurfaceRoute & { auth: { type: "keeper"; }; })[] Filter routes that require keeper credentials.
surface(AppSurfaceRoute & { auth: { type: "keeper"; }; })[] http/surface_query.ts view source
(surface: AppSurface): AppSurfaceRoute[] Filter routes that are mutations (POST, PUT, DELETE, PATCH).
surfaceAppSurfaceRoute[] http/surface_query.ts view source
(surface: AppSurface): AppSurfaceRoute[] Filter routes that require any form of authentication.
surfaceAppSurfaceRoute[] http/surface_query.ts view source
(surface: AppSurface): AppSurfaceRoute[] Filter routes that are publicly accessible (no auth).
surfaceAppSurfaceRoute[] http/surface_query.ts view source
(surface: AppSurface): AppSurfaceRoute[] Filter routes that declare rate limiting.
surfaceAppSurfaceRoute[] http/surface_query.ts view source
(surface: AppSurface): (AppSurfaceRoute & { auth: { type: "role"; role: string; }; })[] Filter all role-guarded routes (any role).
surface(AppSurfaceRoute & { auth: { type: "role"; role: string; }; })[] http/surface_query.ts view source
(surface: AppSurface, prefix: string): AppSurfaceRoute[] Filter routes whose path starts with prefix.
surfaceprefixstringAppSurfaceRoute[] http/surface_query.ts view source
(surface: AppSurface, role: string): (AppSurfaceRoute & { auth: { type: "role"; role: string; }; })[] Filter routes that require a specific named role.
surfacerolestring(AppSurfaceRoute & { auth: { type: "role"; role: string; }; })[] http/surface_query.ts view source
(surface: AppSurface): AppSurfaceRoute[] Filter routes that have a non-null input schema.
surfaceAppSurfaceRoute[] http/surface_query.ts view source
(surface: AppSurface): AppSurfaceRoute[] Filter routes that have a non-null params schema.
surfaceAppSurfaceRoute[] http/surface_query.ts view source
(surface: AppSurface): AppSurfaceRoute[] Filter routes that have a non-null query schema.
surfaceAppSurfaceRoute[] http/surface_query.ts view source
(route: AppSurfaceRoute): string Format a route as 'METHOD /path' (e.g. 'GET /health').
routestring http/surface_query.ts view source
(surface: AppSurface): Map<string, AppSurfaceRoute[]> Group routes by auth type.
surfaceMap<string, AppSurfaceRoute[]> a map from auth type string to route arrays, with role routes keyed as 'role:name'
http/surface_query.ts view source
(surface: AppSurface): { none: number; authenticated: number; role: Map<string, number>; keeper: number; } Summarize route auth distribution across the surface.
surface{ none: number; authenticated: number; role: Map<string, number>; keeper: number; } counts by auth type, with role counts broken out by role name