Beginning of object manipulation framework.

Cargo.lock

@@ -71,6 +71,54 @@ dependencies = [
  "libc",
 ]
 
+[[package]]
+name = "anstream"
+version = "0.6.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d96bd03f33fe50a863e394ee9718a706f988b9079b20c3784fb726e7678b62fb"
+dependencies = [
+ "anstyle",
+ "anstyle-parse",
+ "anstyle-query",
+ "anstyle-wincon",
+ "colorchoice",
+ "utf8parse",
+]
+
+[[package]]
+name = "anstyle"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8901269c6307e8d93993578286ac0edf7f195079ffff5ebdeea6a59ffb7e36bc"
+
+[[package]]
+name = "anstyle-parse"
+version = "0.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c75ac65da39e5fe5ab759307499ddad880d724eed2f6ce5b5e8a26f4f387928c"
+dependencies = [
+ "utf8parse",
+]
+
+[[package]]
+name = "anstyle-query"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e28923312444cdd728e4738b3f9c9cac739500909bb3d3c94b43551b16517648"
+dependencies = [
+ "windows-sys 0.52.0",
+]
+
+[[package]]
+name = "anstyle-wincon"
+version = "3.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1cd54b81ec8d6180e24654d0b371ad22fc3dd083b6ff8ba325b72e00c87660a7"
+dependencies = [
+ "anstyle",
+ "windows-sys 0.52.0",
+]
+
 [[package]]
 name = "anyhow"
 version = "1.0.80"
@@ -222,7 +270,7 @@ dependencies = [
  "event-listener 3.0.0",
  "futures-lite",
  "rustix 0.38.19",
- "windows-sys",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -261,7 +309,7 @@ dependencies = [
  "rustix 0.38.19",
  "signal-hook-registry",
  "slab",
- "windows-sys",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -484,7 +532,7 @@ dependencies = [
  "num-traits",
  "serde",
  "wasm-bindgen",
- "windows-targets",
+ "windows-targets 0.48.5",
 ]
 
 [[package]]
@@ -498,42 +546,49 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "3.2.25"
+version = "4.5.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4ea181bf566f71cb9a5d17a59e1871af638180a18fb0035c92ae62b705207123"
+checksum = "b230ab84b0ffdf890d5a10abdbc8b83ae1c4918275daea1ab8801f71536b2651"
 dependencies = [
- "atty",
- "bitflags 1.3.2",
+ "clap_builder",
  "clap_derive",
+]
+
+[[package]]
+name = "clap_builder"
+version = "4.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ae129e2e766ae0ec03484e609954119f123cc1fe650337e155d03b022f24f7b4"
+dependencies = [
+ "anstream",
+ "anstyle",
  "clap_lex",
- "indexmap 1.9.3",
- "once_cell",
  "strsim",
- "termcolor",
- "textwrap",
 ]
 
 [[package]]
 name = "clap_derive"
-version = "3.2.25"
+version = "4.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ae6371b8bdc8b7d3959e9cf7b22d4435ef3e79e138688421ec654acf8c81b008"
+checksum = "307bc0538d5f0f83b8248db3087aa92fe504e4691294d0c96c0eabc33f47ba47"
 dependencies = [
  "heck",
- "proc-macro-error",
  "proc-macro2",
  "quote",
- "syn 1.0.109",
+ "syn 2.0.51",
 ]
 
 [[package]]
 name = "clap_lex"
-version = "0.2.4"
+version = "0.7.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5"
-dependencies = [
- "os_str_bytes",
-]
+checksum = "98cc8fbded0c607b7ba9dd60cd98df59af97e84d24e49c8557331cfc26d301ce"
+
+[[package]]
+name = "colorchoice"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7"
 
 [[package]]
 name = "concurrent-queue"
@@ -730,7 +785,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ac3e13f66a2f95e32a39eaa81f6b95d42878ca0e1db0c7543723dfe12557e860"
 dependencies = [
  "libc",
- "windows-sys",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -926,12 +981,6 @@ dependencies = [
  "walkdir",
 ]
 
-[[package]]
-name = "hashbrown"
-version = "0.12.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888"
-
 [[package]]
 name = "hashbrown"
 version = "0.14.1"
@@ -1071,16 +1120,6 @@ dependencies = [
  "unicode-normalization",
 ]
 
-[[package]]
-name = "indexmap"
-version = "1.9.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99"
-dependencies = [
- "autocfg",
- "hashbrown 0.12.3",
-]
-
 [[package]]
 name = "indexmap"
 version = "2.0.2"
@@ -1088,7 +1127,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8adf3ddd720272c6ea8bf59463c04e0f93d0bbf7c5439b691bca2987e0270897"
 dependencies = [
  "equivalent",
- "hashbrown 0.14.1",
+ "hashbrown",
 ]
 
 [[package]]
@@ -1114,7 +1153,7 @@ checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2"
 dependencies = [
  "hermit-abi 0.3.3",
  "libc",
- "windows-sys",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -1236,7 +1275,7 @@ dependencies = [
  "libc",
  "log",
  "wasi 0.11.0+wasi-snapshot-preview1",
- "windows-sys",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -1266,12 +1305,6 @@ version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
 
-[[package]]
-name = "os_str_bytes"
-version = "6.6.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e2355d85b9a3786f481747ced0e0ff2ba35213a1f9bd406ed906554d7af805a1"
-
 [[package]]
 name = "parking"
 version = "2.1.1"
@@ -1298,7 +1331,7 @@ dependencies = [
  "libc",
  "redox_syscall",
  "smallvec",
- "windows-targets",
+ "windows-targets 0.48.5",
 ]
 
 [[package]]
@@ -1420,7 +1453,7 @@ dependencies = [
  "libc",
  "log",
  "pin-project-lite 0.2.13",
- "windows-sys",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -1446,30 +1479,6 @@ version = "0.2.17"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de"
 
-[[package]]
-name = "proc-macro-error"
-version = "1.0.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c"
-dependencies = [
- "proc-macro-error-attr",
- "proc-macro2",
- "quote",
- "syn 1.0.109",
- "version_check",
-]
-
-[[package]]
-name = "proc-macro-error-attr"
-version = "1.0.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869"
-dependencies = [
- "proc-macro2",
- "quote",
- "version_check",
-]
-
 [[package]]
 name = "proc-macro-hack"
 version = "0.5.20+deprecated"
@@ -1646,7 +1655,7 @@ dependencies = [
  "io-lifetimes",
  "libc",
  "linux-raw-sys 0.3.8",
- "windows-sys",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -1659,7 +1668,7 @@ dependencies = [
  "errno",
  "libc",
  "linux-raw-sys 0.4.10",
- "windows-sys",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -1989,9 +1998,9 @@ checksum = "213701ba3370744dcd1a12960caa4843b3d68b4d1c0a5d575e0d65b2ee9d16c0"
 
 [[package]]
 name = "strsim"
-version = "0.10.0"
+version = "0.11.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
+checksum = "5ee073c9e4cd00e28217186dbe12796d692868f432bf2e97ee73bed0c56dfa01"
 
 [[package]]
 name = "subtle"
@@ -2098,12 +2107,6 @@ dependencies = [
  "winapi-util",
 ]
 
-[[package]]
-name = "textwrap"
-version = "0.16.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "222a222a5bfe1bba4a77b45ec488a741b3cb8872e5e499451fd7d0129c9c7c3d"
-
 [[package]]
 name = "thiserror"
 version = "1.0.57"
@@ -2268,7 +2271,7 @@ version = "0.20.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "396e4d48bbb2b7554c944bde63101b5ae446cff6ec4a24227428f15eb72ef338"
 dependencies = [
- "indexmap 2.0.2",
+ "indexmap",
  "serde",
  "serde_spanned",
  "toml_datetime",
@@ -2385,6 +2388,12 @@ dependencies = [
  "serde",
 ]
 
+[[package]]
+name = "utf8parse"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a"
+
 [[package]]
 name = "value-bag"
 version = "1.4.1"
@@ -2576,7 +2585,7 @@ version = "0.51.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f1f8cf84f35d2db49a46868f947758c7a1138116f7fac3bc844f43ade1292e64"
 dependencies = [
- "windows-targets",
+ "windows-targets 0.48.5",
 ]
 
 [[package]]
@@ -2585,7 +2594,16 @@ version = "0.48.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9"
 dependencies = [
- "windows-targets",
+ "windows-targets 0.48.5",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.52.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d"
+dependencies = [
+ "windows-targets 0.52.4",
 ]
 
 [[package]]
@@ -2594,13 +2612,28 @@ version = "0.48.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c"
 dependencies = [
- "windows_aarch64_gnullvm",
- "windows_aarch64_msvc",
- "windows_i686_gnu",
- "windows_i686_msvc",
- "windows_x86_64_gnu",
- "windows_x86_64_gnullvm",
- "windows_x86_64_msvc",
+ "windows_aarch64_gnullvm 0.48.5",
+ "windows_aarch64_msvc 0.48.5",
+ "windows_i686_gnu 0.48.5",
+ "windows_i686_msvc 0.48.5",
+ "windows_x86_64_gnu 0.48.5",
+ "windows_x86_64_gnullvm 0.48.5",
+ "windows_x86_64_msvc 0.48.5",
+]
+
+[[package]]
+name = "windows-targets"
+version = "0.52.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7dd37b7e5ab9018759f893a1952c9420d060016fc19a472b4bb20d1bdd694d1b"
+dependencies = [
+ "windows_aarch64_gnullvm 0.52.4",
+ "windows_aarch64_msvc 0.52.4",
+ "windows_i686_gnu 0.52.4",
+ "windows_i686_msvc 0.52.4",
+ "windows_x86_64_gnu 0.52.4",
+ "windows_x86_64_gnullvm 0.52.4",
+ "windows_x86_64_msvc 0.52.4",
 ]
 
 [[package]]
@@ -2609,42 +2642,84 @@ version = "0.48.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8"
 
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.52.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bcf46cf4c365c6f2d1cc93ce535f2c8b244591df96ceee75d8e83deb70a9cac9"
+
 [[package]]
 name = "windows_aarch64_msvc"
 version = "0.48.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc"
 
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.52.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "da9f259dd3bcf6990b55bffd094c4f7235817ba4ceebde8e6d11cd0c5633b675"
+
 [[package]]
 name = "windows_i686_gnu"
 version = "0.48.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e"
 
+[[package]]
+name = "windows_i686_gnu"
+version = "0.52.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b474d8268f99e0995f25b9f095bc7434632601028cf86590aea5c8a5cb7801d3"
+
 [[package]]
 name = "windows_i686_msvc"
 version = "0.48.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406"
 
+[[package]]
+name = "windows_i686_msvc"
+version = "0.52.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1515e9a29e5bed743cb4415a9ecf5dfca648ce85ee42e15873c3cd8610ff8e02"
+
 [[package]]
 name = "windows_x86_64_gnu"
 version = "0.48.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e"
 
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.52.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5eee091590e89cc02ad514ffe3ead9eb6b660aedca2183455434b93546371a03"
+
 [[package]]
 name = "windows_x86_64_gnullvm"
 version = "0.48.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc"
 
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.52.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "77ca79f2451b49fa9e2af39f0747fe999fcda4f5e241b2898624dca97a1f2177"
+
 [[package]]
 name = "windows_x86_64_msvc"
 version = "0.48.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538"
 
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.52.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32b752e52a2da0ddfbdbcc6fceadfeede4c939ed16d13e648833a61dfb611ed8"
+
 [[package]]
 name = "winnow"
 version = "0.5.17"

Cargo.toml

@@ -34,7 +34,7 @@ handlebars = { version = "4.3", features = ["dir_source"] }
 serde_json = "1.0"
 
 # CLI dependencies
-clap = { version = "3.1.15", features = ["derive", "env"] }
+clap = { version = "4.5", features = ["derive", "env", "string"] }
 rpassword = "6.0"
 stderrlog = "0.5"
 qr2term = "0.3.1"

src/cli.rs

@@ -1,5 +1,6 @@
 use crate::{
     schema::{self, UIDCDatabase},
+    object::ClapInterface,
     config,
     UIDCError,
     key::{self, KeyType}, user_management, client_management, scope_management, group_management, token_management, server,
@@ -462,37 +463,12 @@ enum RoleCommand {
 #[derive(Debug, Parser)]
 struct RoleArgs {
     #[clap(subcommand)]
-    command: RoleCommand,
+    command: ClapInterface<schema::Role>,
 }
 
 impl RoleArgs {
     async fn run(&self, args: RunArgs) -> Result<(), UIDCError> {
-        match &self.command {
-            RoleCommand::List => {
-                for role in args.realm.roles.get()? {
-                    println!(" - {}", role.shortname);
-                }
-            },
-            RoleCommand::Create { name } => {
-                let add_result = args.realm.roles.insert(schema::Role {
-                    shortname: name.clone(),
-                    groups: Default::default(),
-                });
-
-                match add_result {
-                    Ok(_role_id) => {
-                        println!("Added role {}", name);
-                    }
-                    Err(_) => {
-                        println!("Failed to add role {}!", name);
-                    }
-                }
-            }
-            RoleCommand::Delete { name } => {
-                args.realm.roles.unique(name).delete()?;
-            }
-        }
-        Ok(())
+        self.command.perform(&args.realm.roles, &args.realm.roles)
     }
 }
 
@@ -505,10 +481,10 @@ enum UserCommand {
     Auth {
         username: String,
 
-        #[clap(short = 'p', long, parse(from_occurrences))]
+        #[clap(short = 'p', long, action = clap::ArgAction::Count)]
         change_password: usize,
 
-        #[clap(short = 't', long, parse(from_occurrences))]
+        #[clap(short = 't', long, action = clap::ArgAction::Count)]
         change_totp: usize,
     },
     Inspect {
@@ -519,12 +495,20 @@ enum UserCommand {
 #[derive(Debug, Parser)]
 struct UserArgs {
     #[clap(subcommand)]
-    command: UserCommand,
+    // command: UserCommand,
+    command: ClapInterface<schema::User>,
+
+    /*
+    #[clap(subcommand)]
+    extra_command: UserCommand,
+    */
+    // command: ClapInterface<schema::User>,
 }
 
 impl UserArgs {
     async fn run(&self, args: RunArgs) -> Result<(), UIDCError> {
-        match &self.command {
+        self.command.perform(&args.realm.users, &args.realm.users)
+        /*match &self.command {
             UserCommand::List => user_management::list(&args.realm),
             UserCommand::Create { username } => {
                 user_management::create(&args.realm, username)
@@ -542,7 +526,7 @@ impl UserArgs {
             UserCommand::Inspect { username } => {
                 user_management::inspect(&args.realm, username)
             }
-        }
+        }*/
     }
 }
 

src/config/helper.rs

@@ -1,6 +1,7 @@
 #![allow(unused_variables)]
 
 use crate::schema;
+use microrm::prelude::*;
 
 use super::Config;
 

src/error.rs

@@ -10,6 +10,8 @@ pub enum UIDCError {
     /// database access issue or violated constraint
     DatabaseError(microrm::Error),
 
+    CliError(clap::Error),
+
     /// error with key generation or message signing
     KeyError(KeyError),
 
@@ -36,6 +38,12 @@ impl From<microrm::Error> for UIDCError {
     }
 }
 
+impl From<clap::Error> for UIDCError {
+    fn from(value: clap::Error) -> Self {
+        Self::CliError(value)
+    }
+}
+
 macro_rules! error_converter {
     ($toconv:ident) => {
         impl From<$toconv> for UIDCError {

src/main.rs

@@ -16,6 +16,8 @@ mod token_management;
 mod user;
 mod user_management;
 
+mod object;
+
 pub use error::UIDCError;
 
 fn main() {

src/object.rs

@@ -0,0 +1,216 @@
+use clap::{FromArgMatches, Subcommand};
+use microrm::prelude::*;
+use microrm::schema::datum::{Datum, DatumDiscriminatorRef};
+use microrm::schema::entity::{Entity, EntityPartList, EntityPartVisitor, EntityID};
+
+use crate::UIDCError;
+use crate::schema::UIDCDatabase;
+
+mod role;
+mod user;
+
+pub trait Object: Sized + Entity + std::fmt::Debug {
+    type CreateParameters : clap::Parser + std::fmt::Debug;
+    fn create_from_params(_: &Self::CreateParameters) -> Result<Self, UIDCError>;
+    fn extra_commands() -> impl Iterator<Item = clap::Command> { vec![].into_iter() }
+
+    /// get the relevant IDMap from the database
+    fn db_object(db: &UIDCDatabase) -> &IDMap<Self> where Self: Sized;
+    fn build_uniques(strings: &Vec<String>) -> <Self::Uniques as EntityPartList>::DatumList;
+
+    fn shortname(&self) -> &str;
+}
+
+pub trait ObjectExt: Sized + Object {
+    fn create(ctx: &impl Insertable<Self>, cp: &Self::CreateParameters) -> Result<(), UIDCError> {
+        ctx.insert(Self::create_from_params(cp)?)?;
+        Ok(())
+    }
+
+    fn delete(ctx: impl microrm::prelude::Queryable<EntityOutput = Self>,
+               which: <Self::Uniques as EntityPartList>::DatumList)
+        -> Result<(), UIDCError> {
+        ctx.unique(which).delete()?;
+        Ok(())
+    }
+
+    fn list_all(ctx: impl microrm::prelude::Queryable<EntityOutput = Self>) -> Result<(), UIDCError> {
+        println!("Listing all {}(s): ({})", Self::entity_name(), ctx.clone().count()?);
+        for obj in ctx.get()?.into_iter() {
+            println!(" - {}", obj.shortname());
+        }
+
+        Ok(())
+    }
+
+    fn inspect(ctx: impl microrm::prelude::Queryable<EntityOutput = Self>,
+               which: <Self::Uniques as EntityPartList>::DatumList) -> Result<(), UIDCError> {
+
+        let obj = ctx.unique(which).get()?.ok_or(UIDCError::Abort("no such element, cannot inspect"))?;
+        println!("{:#?}", obj.as_ref());
+
+        fn inspect_ai<AI: AssocInterface>(name: &'static str, ai: &AI) {
+            println!("{}: ({})", name, ai.count().unwrap());
+            for a in ai.get().expect("couldn't get object associations") {
+                println!("[#{:3}]: {:?}", a.id().into_raw(), a.wrapped());
+            }
+        }
+
+        struct AssocFieldWalker;
+        impl EntityPartVisitor for AssocFieldWalker {
+            fn visit_datum<EP: microrm::schema::entity::EntityPart>(&mut self, datum: &EP::Datum) {
+                struct Discriminator<'l, D: Datum>(&'l D, &'static str);
+
+                impl<'l, D: Datum> DatumDiscriminatorRef for Discriminator<'l, D> {
+                    fn visit_serialized<T: serde::Serialize + serde::de::DeserializeOwned>(&mut self, _: &T) {}
+                    fn visit_bare_field<T: Datum>(&mut self, _: &T) {}
+                    fn visit_entity_id<E: Entity>(&mut self, _: &E::ID) {}
+                    fn visit_assoc_map<E: Entity>(&mut self, amap: &AssocMap<E>) {
+                        inspect_ai(self.1, amap);
+                    }
+                    fn visit_assoc_domain<R: microrm::schema::Relation>(&mut self, adomain: &microrm::schema::AssocDomain<R>) {
+                        inspect_ai(self.1, adomain);
+                    }
+                    fn visit_assoc_range<R: microrm::schema::Relation>(&mut self, arange: &microrm::schema::AssocRange<R>) {
+                        inspect_ai(self.1, arange);
+                    }
+                }
+
+                datum.accept_discriminator_ref(&mut Discriminator(datum, EP::part_name()));
+            }
+        }
+
+        obj.accept_part_visitor_ref(&mut AssocFieldWalker);
+
+        Ok(())
+    }
+}
+
+impl<T: Object + std::fmt::Debug> ObjectExt for T {}
+
+#[derive(Clone, Debug)]
+enum InterfaceVerb<O: ObjectExt> {
+    Attach,
+    Create(O::CreateParameters),
+    Delete(Vec<String>),
+    Detach,
+    ListAll,
+    Inspect(Vec<String>),
+}
+
+impl<O: ObjectExt> InterfaceVerb<O> {
+    fn from_matches(matches: &clap::ArgMatches) -> Result<Self, clap::Error> {
+        let (subcommand, matches) =
+            matches.subcommand().ok_or(clap::Error::new(clap::error::ErrorKind::MissingSubcommand)).unwrap();
+
+        let parse_uniques = || {
+            struct UVisitor<'a>(&'a clap::ArgMatches, &'a mut Vec<String>);
+            impl<'a> EntityPartVisitor for UVisitor<'a> {
+                fn visit<EP: microrm::schema::entity::EntityPart>(&mut self) {
+                    self.1.push(self.0.get_one::<std::string::String>(EP::part_name()).unwrap().clone());
+                }
+            }
+
+            let mut unique_values = vec![];
+            <O::Uniques as EntityPartList>::accept_part_visitor(&mut UVisitor(matches, &mut unique_values));
+            unique_values
+        };
+
+        Ok(match subcommand {
+            "attach" => InterfaceVerb::Attach,
+            "create" => InterfaceVerb::Create(
+                <O::CreateParameters as clap::FromArgMatches>::from_arg_matches(matches)?
+            ),
+            "delete" => InterfaceVerb::Delete(parse_uniques()),
+            "detach" => InterfaceVerb::Detach,
+            "list" => InterfaceVerb::ListAll,
+            "inspect" => InterfaceVerb::Inspect(parse_uniques()),
+            _ => unreachable!()
+        })
+    }
+}
+
+#[derive(Debug)]
+pub struct ClapInterface<O: ObjectExt> {
+    verb: InterfaceVerb<O>,
+    // uniques: Vec<String>,
+    _ghost: std::marker::PhantomData<O>,
+}
+
+impl<O: ObjectExt> ClapInterface<O> {
+    pub fn perform(&self, query_ctx: impl microrm::prelude::Queryable::<EntityOutput = O>, insert_ctx: &impl microrm::prelude::Insertable<O>) 
+        -> Result<(), UIDCError> {
+        match &self.verb {
+            InterfaceVerb::Attach => {
+                todo!()
+            },
+            InterfaceVerb::Create(params) => {
+                O::create(insert_ctx, &params)?;
+            },
+            InterfaceVerb::Delete(uniques) => {
+                O::delete(query_ctx, O::build_uniques(uniques))?;
+            },
+            InterfaceVerb::Detach => {
+                todo!()
+            },
+            InterfaceVerb::ListAll => {
+                O::list_all(query_ctx)?;
+            },
+            InterfaceVerb::Inspect(uniques) => {
+                O::inspect(query_ctx, O::build_uniques(uniques))?;
+            },
+        }
+        Ok(())
+    }
+
+    /// iterate across the list of unique parts (O::Uniques) and add args for each
+    fn add_uniques(mut cmd: clap::Command) -> clap::Command {
+        struct UVisitor<'a>(&'a mut clap::Command);
+        impl<'a> EntityPartVisitor for UVisitor<'a> {
+            fn visit<EP: microrm::schema::entity::EntityPart>(&mut self) {
+                let arg = clap::Arg::new(EP::part_name())
+                    .required(true)
+                    .help(EP::desc());
+                *self.0 = self.0.clone().arg(arg);
+            }
+        }
+
+        <O::Uniques as EntityPartList>::accept_part_visitor(&mut UVisitor(&mut cmd));
+
+        cmd
+    }
+}
+
+impl<O: ObjectExt> FromArgMatches for ClapInterface<O> {
+    fn from_arg_matches(matches: &clap::ArgMatches) -> Result<Self, clap::Error> {
+        let verb = InterfaceVerb::from_matches(matches);
+
+        Ok(Self {
+            verb: verb?,
+            _ghost: Default::default(),
+        })
+    }
+
+    fn update_from_arg_matches(&mut self, matches: &clap::ArgMatches) -> Result<(), clap::Error> {
+        todo!()
+    }
+}
+
+impl<O: ObjectExt> Subcommand for ClapInterface<O> {
+    fn has_subcommand(name: &str) -> bool {
+        todo!()
+    }
+
+    fn augment_subcommands(cmd: clap::Command) -> clap::Command {
+        cmd
+            .subcommand(<O::CreateParameters as clap::CommandFactory>::command().name("create"))
+            .subcommand(Self::add_uniques(clap::Command::new("delete")))
+            .subcommand(Self::add_uniques(clap::Command::new("inspect")))
+            .subcommand(clap::Command::new("list"))
+            .subcommands(O::extra_commands())
+    }
+
+    fn augment_subcommands_for_update(cmd: clap::Command) -> clap::Command {
+        todo!()
+    }
+}

src/object/role.rs

@@ -0,0 +1,32 @@
+use microrm::schema::entity::EntityPartList;
+
+use crate::{schema, UIDCError};
+use super::Object;
+
+#[derive(clap::Parser, Debug)]
+pub struct CreateParameters {
+    shortname: String,
+}
+
+impl Object for schema::Role {
+    type CreateParameters = CreateParameters;
+
+    fn create_from_params(cp: &Self::CreateParameters) -> Result<Self, UIDCError> {
+        Ok(Self {
+            shortname: cp.shortname.clone(),
+            groups: Default::default(),
+        })
+    }
+
+    fn db_object(db: &schema::UIDCDatabase) -> &microrm::prelude::IDMap<Self> where Self: Sized {
+        todo!()
+    }
+
+    fn build_uniques(strings: &Vec<String>) -> <Self::Uniques as EntityPartList>::DatumList {
+        strings[0].clone()
+    }
+
+    fn shortname(&self) -> &str {
+        &self.shortname
+    }
+}

src/object/user.rs

@@ -0,0 +1,33 @@
+use microrm::schema::entity::EntityPartList;
+
+use crate::{schema, UIDCError};
+use super::Object;
+
+#[derive(clap::Parser, Debug)]
+pub struct CreateParameters {
+    username: String,
+}
+
+impl Object for schema::User {
+    type CreateParameters = CreateParameters;
+
+    fn create_from_params(cp: &Self::CreateParameters) -> Result<Self, UIDCError> {
+        Ok(Self {
+            username: cp.username.clone(),
+            auth: Default::default(),
+            groups: Default::default(),
+        })
+    }
+
+    fn db_object(db: &schema::UIDCDatabase) -> &microrm::prelude::IDMap<Self> where Self: Sized {
+        todo!()
+    }
+
+    fn build_uniques(strings: &Vec<String>) -> <Self::Uniques as EntityPartList>::DatumList {
+        strings[0].clone()
+    }
+
+    fn shortname(&self) -> &str {
+        &self.username
+    }
+}

src/schema.rs

@@ -51,7 +51,9 @@ pub enum AuthChallengeType {
 pub struct AuthChallenge {
     #[unique]
     pub challenge_type: Serialized<AuthChallengeType>,
+    #[elide]
     pub public: Vec<u8>,
+    #[elide]
     pub secret: Vec<u8>,
     pub enabled: bool,
 }
@@ -115,6 +117,7 @@ pub struct Group {
 
 #[derive(Entity)]
 pub struct Role {
+    /// unique publicly-visible name for role
     #[unique]
     pub shortname: String,
     pub groups: AssocRange<GroupRoleRelation>,