feat(todo-api): add full-stack POC demonstrating micro-lib v0.9.0

Runnable REST API exercising every micro-lib tier in a containerless setup: N-layer architecture, SQLite persistence, header-based auth simulating Firebase output, and bit-mask RBAC enforcement. What's included: - cmd/todo-api: minimal main delegating to application.Run - internal/application: full object graph wiring — launcher, sqlite, httpserver, httpmw stack, routes in BeforeStart - internal/domain: User entity, ResourceTodos constant, PermReadTodo/PermWriteTodo bit positions - internal/repository: TodoRepository, UserRepository, DBPermissionProvider (SQLite via modernc) - internal/service: TodoService, UserService with interface-based dependencies - internal/handler: TodoHandler, UserHandler using httputil adapters and valid for input validation - internal/middleware: Auth (X-User-ID → rbac.Identity) and Require (bit-mask permission gate) - logAdapter: bridges logz.Logger.With return type to httpmw.Logger interface - SQLite schema: users, user_role (bitmask), todos; migrations run in BeforeStart - Routes: POST /users (open), GET+POST /todos (RBAC), GET /users (RBAC) Tested-via: todo-api POC integration Reviewed-against: docs/adr/
2026-03-19 13:55:08 +00:00
commit 3fcba82448
23 changed files with 1143 additions and 0 deletions
--- a/internal/domain/user.go
+++ b/internal/domain/user.go
@@ -0,0 +1,25 @@
+package domain
+
+import (
+	"time"
+
+	"code.nochebuena.dev/go/rbac"
+)
+
+// User is the core user entity.
+type User struct {
+	ID        string    `json:"id"`
+	Name      string    `json:"name"`
+	Email     string    `json:"email"`
+	CreatedAt time.Time `json:"created_at"`
+}
+
+// ResourceTodos is the resource key stored in the user_role table for todo permissions.
+const ResourceTodos = "todos"
+
+// Permission bits for the todos resource.
+// Each constant is a bit position (0-based); the stored value is 1 << bit.
+const (
+	PermReadTodo  rbac.Permission = 0 // bit 0 → mask value 1
+	PermWriteTodo rbac.Permission = 1 // bit 1 → mask value 2
+)