Add permission-aware help surface

2026-03-21 14:37:42 +00:00
parent 25114aa17c
commit 69287d5a49
4 changed files with 218 additions and 147 deletions
--- a/cmd/hf/main.go
+++ b/cmd/hf/main.go
@@ -17,15 +17,15 @@ func main() {
 	args = parseGlobalFlags(args)

 	if len(args) == 0 {
-		fmt.Print(help.RenderTopHelp(commands.Version, topGroups()))
+		fmt.Print(help.RenderTopHelp(commands.Version, help.CommandSurface()))
 		return
 	}

 	switch args[0] {
 	case "--help", "-h":
-		fmt.Print(help.RenderTopHelp(commands.Version, topGroups()))
+		fmt.Print(help.RenderTopHelp(commands.Version, help.CommandSurface()))
 	case "--help-brief":
-		fmt.Print(help.RenderTopHelpBrief(commands.Version, topGroups()))
+		fmt.Print(help.RenderTopHelpBrief(commands.Version, help.CommandSurface()))
 	case "version":
 		handleLeafOrRun("version", args[1:], commands.RunVersion)
 	case "health":
@@ -240,7 +240,7 @@ func isHelpFlagOnly(args []string) bool {
 }

 func findGroup(name string) (help.Group, bool) {
-	for _, group := range topGroups() {
+	for _, group := range help.CommandSurface() {
 		if group.Name == name {
 			return group, true
 		}
@@ -256,144 +256,3 @@ func findSubCommand(group help.Group, name string) (help.Command, bool) {
 	}
 	return help.Command{}, false
 }
-
-// topGroups returns the full command tree for help rendering.
-// TODO: permission awareness will be added when auth introspection is available.
-func topGroups() []help.Group {
-	return []help.Group{
-		{Name: "version", Description: "Show CLI version", Permitted: true},
-		{Name: "health", Description: "Check API health", Permitted: true},
-		{Name: "config", Description: "View and manage CLI configuration", Permitted: true},
-		{
-			Name:        "user",
-			Description: "Manage users",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "create", Description: "Create a user account (uses account-manager token flow)", Permitted: true},
-				{Name: "list", Description: "List users", Permitted: true},
-				{Name: "get", Description: "Show a user by username", Permitted: true},
-				{Name: "update", Description: "Update a user", Permitted: true},
-				{Name: "activate", Description: "Activate a user", Permitted: true},
-				{Name: "deactivate", Description: "Deactivate a user", Permitted: true},
-				{Name: "delete", Description: "Delete a user", Permitted: true},
-			},
-		},
-		{
-			Name:        "role",
-			Description: "Manage roles and permissions",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "list", Description: "List roles", Permitted: false},
-				{Name: "get", Description: "Show a role by name", Permitted: false},
-				{Name: "create", Description: "Create a role", Permitted: false},
-				{Name: "update", Description: "Update a role", Permitted: false},
-				{Name: "delete", Description: "Delete a role", Permitted: false},
-				{Name: "set-permissions", Description: "Replace role permissions", Permitted: false},
-				{Name: "add-permissions", Description: "Add permissions to a role", Permitted: false},
-				{Name: "remove-permissions", Description: "Remove permissions from a role", Permitted: false},
-			},
-		},
-		{
-			Name:        "permission",
-			Description: "List permissions",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "list", Description: "List permissions", Permitted: false},
-			},
-		},
-		{
-			Name:        "project",
-			Description: "Manage projects",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "list", Description: "List projects", Permitted: false},
-				{Name: "get", Description: "Show a project by code", Permitted: false},
-				{Name: "create", Description: "Create a project", Permitted: false},
-				{Name: "update", Description: "Update a project", Permitted: false},
-				{Name: "delete", Description: "Delete a project", Permitted: false},
-				{Name: "members", Description: "List project members", Permitted: false},
-				{Name: "add-member", Description: "Add a project member", Permitted: false},
-				{Name: "remove-member", Description: "Remove a project member", Permitted: false},
-			},
-		},
-		{
-			Name:        "milestone",
-			Description: "Manage milestones",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "list", Description: "List milestones", Permitted: false},
-				{Name: "get", Description: "Show a milestone by code", Permitted: false},
-				{Name: "create", Description: "Create a milestone", Permitted: false},
-				{Name: "update", Description: "Update a milestone", Permitted: false},
-				{Name: "delete", Description: "Delete a milestone", Permitted: false},
-				{Name: "progress", Description: "Show milestone progress", Permitted: false},
-			},
-		},
-		{
-			Name:        "task",
-			Description: "Manage tasks",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "list", Description: "List tasks", Permitted: false},
-				{Name: "get", Description: "Show a task by code", Permitted: false},
-				{Name: "create", Description: "Create a task", Permitted: false},
-				{Name: "update", Description: "Update a task", Permitted: false},
-				{Name: "transition", Description: "Transition a task to a new status", Permitted: false},
-				{Name: "take", Description: "Assign a task to the current user", Permitted: false},
-				{Name: "delete", Description: "Delete a task", Permitted: false},
-				{Name: "search", Description: "Search tasks", Permitted: false},
-			},
-		},
-		{
-			Name:        "meeting",
-			Description: "Manage meetings",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "list", Description: "List meetings", Permitted: false},
-				{Name: "get", Description: "Show a meeting by code", Permitted: false},
-				{Name: "create", Description: "Create a meeting", Permitted: false},
-				{Name: "update", Description: "Update a meeting", Permitted: false},
-				{Name: "attend", Description: "Attend a meeting", Permitted: false},
-				{Name: "delete", Description: "Delete a meeting", Permitted: false},
-			},
-		},
-		{
-			Name:        "support",
-			Description: "Manage support tickets",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "list", Description: "List support tickets", Permitted: false},
-				{Name: "get", Description: "Show a support ticket by code", Permitted: false},
-				{Name: "create", Description: "Create a support ticket", Permitted: false},
-				{Name: "update", Description: "Update a support ticket", Permitted: false},
-				{Name: "take", Description: "Assign a support ticket to the current user", Permitted: false},
-				{Name: "transition", Description: "Transition a support ticket to a new status", Permitted: false},
-				{Name: "delete", Description: "Delete a support ticket", Permitted: false},
-			},
-		},
-		{
-			Name:        "propose",
-			Description: "Manage proposals",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "list", Description: "List proposals", Permitted: false},
-				{Name: "get", Description: "Show a proposal by code", Permitted: false},
-				{Name: "create", Description: "Create a proposal", Permitted: false},
-				{Name: "update", Description: "Update a proposal", Permitted: false},
-				{Name: "accept", Description: "Accept a proposal", Permitted: false},
-				{Name: "reject", Description: "Reject a proposal", Permitted: false},
-				{Name: "reopen", Description: "Reopen a proposal", Permitted: false},
-			},
-		},
-		{
-			Name:        "monitor",
-			Description: "Monitor servers and API keys",
-			Permitted:   true,
-			SubCommands: []help.Command{
-				{Name: "overview", Description: "Show monitor overview", Permitted: false},
-				{Name: "server", Description: "Manage monitor servers", Permitted: false},
-				{Name: "api-key", Description: "Manage monitor API keys", Permitted: false},
-			},
-		},
-	}
-}