- Symbolic references can now be handled by canonical references by coding them

  in the payload `xyz.radicle.crefs` under the key `symbolic`.

    ReadRepository, ReadStorage as _, RefUpdate, RemoteRepository, WriteRepository as _,

    const LOG_MESSAGE: &str = "set-canonical from fetch (radicle)";

    let crefs = identity.doc().canonical_refs()?;

    for (name, target) in crefs.symbolic().iter() {

        if let Err(e) = repo.set_symbolic_ref(name, target, LOG_MESSAGE) {

            log::warn!(

                target: "worker",

                "Failed to set canonical symbolic reference {name}->{target}: {e}"

            );

        }

    }

    let rules = crefs.rules().clone();

                if let Err(e) =

                    repo.backend

                        .reference(refname.clone().as_str(), *oid, true, LOG_MESSAGE)

                {

    const LOG_MESSAGE: &str = "set-canonical from push (radicle)";

        stored.set_canonical_symbolic_refs(LOG_MESSAGE)?;

                    stored

                        .backend

                        .reference(refname.as_str(), *oid, true, LOG_MESSAGE)?;

pub mod symbolic;

    /// Allows creation without any checking. Callers must ensure that

    /// `reflike` is indeed unprotected!

    #[inline]

    const fn new_unchecked(reflike: T) -> Self {

        Self(reflike)

    }

    use crate::git::{

        refname, refs::branch, refspec::QualifiedPattern, Qualified, RefStr, RefString,

    };

    impl Unprotected<RefString> {

        /// The reference name `HEAD`.

        // We would like to have a `pub const HEAD`, but

        // [`crate::git::RefStr::from_str`] is private.

        #[inline]

        pub fn head() -> Self {

            // Calling [`Unprotected::new_unchecked`] here is legal,

            // because we know statically that `HEAD` is not protected.

            Unprotected::new_unchecked(refname!("HEAD"))

        }

    }

    /// [`Qualified`] is a restriction on [`RefString`].

    impl RefLike for Qualified<'_> {}

    impl Unprotected<Qualified<'_>> {

        /// Construct a qualified reference name for given branch, i.e.,

        /// return `/refs/heads/<name>`

        pub fn branch(name: &RefStr) -> Self {

            Self::new(branch(name)).expect("branches are never protected")

        }

        pub fn to_ref_string(&self) -> Unprotected<RefString> {

            Unprotected::new_unchecked(self.0.to_ref_string())

        }

    }

impl std::fmt::Display for Allowed {

    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {

        match self {

            Allowed::Delegates => f.write_str("\"allowed\""),

            Allowed::Set(dids) => {

                let dids = dids

                    .iter()

                    .map(|did| did.to_string())

                    .collect::<Vec<_>>()

                    .join("\", \"");

                f.write_fmt(format_args!("[\"{dids}\"]"))

            }

        }

    }

}

//! Symbolic references, which link neither to nor from protected references.

//! The prototypical example is `HEAD → refs/heads/main`.

use std::collections::BTreeMap;

use serde::{Deserialize, Serialize};

use thiserror::Error;

use crate::git::fmt::RefString;

use super::protect::{self, Unprotected};

use reachability::reachable;

pub type RawName = RefString;

/// Names of symbolic references are unprotected references.

/// Requiring [`Unprotected`] makes symbolic references that link *from*

/// protected references unrepresentable.

pub(super) type Name = Unprotected<RefString>;

impl std::cmp::Ord for Name {

    fn cmp(&self, other: &Self) -> std::cmp::Ordering {

        self.as_ref().cmp(other.as_ref())

    }

}

impl std::cmp::PartialOrd for Name {

    fn partial_cmp(&self, other: &Self) -> Option<std::cmp::Ordering> {

        Some(self.cmp(other))

    }

}

pub type RawTarget = RefString;

/// Targets for symbolic references are unprotected references.

/// Requiring [`Unprotected`] makes symbolic references that link *to*

/// protected references unrepresentable.

pub(super) type Target = Unprotected<RefString>;

/// Maintains a cycle-free set of symbolic references.

/// Note that dangling references are not detected.

#[derive(Clone, Debug, Default, PartialEq, Eq, Serialize, Deserialize)]

#[serde(try_from = "BTreeMap<Name, Target>")]

pub struct SymbolicRefs(BTreeMap<Name, Target>);

// Read-only access.

impl SymbolicRefs {

    /// Returns an iterator over all contained symbolic references, as pairs of

    /// their name [`RawName`] and [`RawTarget`].

    pub fn iter(&self) -> impl Iterator<Item = (&RawName, &RawTarget)> {

        self.0

            .iter()

            .map(|(name, target)| (name.as_ref(), target.as_ref()))

    }

    /// Returns an iterator over all contained symbolic references, as pairs of

    /// their name [`RawName`] and resolved [`RawTarget`].

    pub fn iter_resolved(&self) -> impl Iterator<Item = (&RawName, &RawTarget)> {

        self.iter_resolved_unprotected()

            .map(|(name, target)| (name.as_ref(), target.as_ref()))

    }

    pub(super) fn iter_resolved_unprotected(&self) -> impl Iterator<Item = (&Name, &Target)> {

        self.0

            .keys()

            .filter_map(|name| self.resolve_unprotected(name).map(|target| (name, target)))

    }

    fn resolve_unprotected<'a, 'b>(&'a self, mut name: &'b Name) -> Option<&'a Target>

    where

        'a: 'b,

    {

        while let Some(target) = self.0.get(name) {

            match self.0.get(target) {

                Some(next) => {

                    name = next;

                }

                None => return Some(target),

            }

        }

        None

    }

    /// Returns `true` if the set of symbolic references is empty.

    pub fn is_empty(&self) -> bool {

        self.0.is_empty()

    }

}

// Utilities for handling of `HEAD`.

impl SymbolicRefs {

    /// Construct [`SymbolicRefs`] for the single symbolic reference `HEAD`

    /// targeting `/refs/heads/<branch_name>`.

    // This exists to encapsulate [`Unprotected`].

    pub fn head(branch_name: &RefString) -> Self {

        let mut result = Self::default();

        result

            .try_insert_unprotected(

                Unprotected::head().to_owned(),

                Unprotected::branch(branch_name).to_ref_string(),

            )

            .expect("not creating cycle");

        result

    }

    /// Convenience method to get the target of the `HEAD` reference.

    /// See also [`SymbolicRefs::head`].

    pub fn resolve_head(&self) -> Option<&RawTarget> {

        self.resolve_unprotected(&Unprotected::head())

            .map(|target| target.as_ref())

    }

}

#[derive(Debug, Error)]

pub enum InsertionError {

    #[error("inserting symbolic reference '{name} → {target}' would create a cycle")]

    Cyclic { name: RawName, target: RawTarget },

    #[error(transparent)]

    Protected(#[from] protect::Error),

}

// Mutability.

impl SymbolicRefs {

    /// Insert a symbolic reference.

    /// Even though this method will never return [`InsertionError::Protected`]

    /// we opt to return that (slightly more general) error, as it allows

    /// construction of [`InsertionError::Cyclic`] by consuming `name` and

    /// `target`, avoiding an early copy in [`Self::try_insert`].

    pub(super) fn try_insert_unprotected(

        &mut self,

        name: Name,

        target: Target,

    ) -> Result<(), InsertionError> {

        if reachable(&self.0, &target, &name) {

            return Err(InsertionError::Cyclic {

                name: name.into_inner(),

                target: target.into_inner(),

            });

        }

        self.0.insert(name, target);

        Ok(())

    }

    /// Try to insert a symbolic reference.

    /// Errors if `name` or `target` is protected (see [`protect`]) or would

    /// cause infinite recursion (e.g. `A → B` and `B → A`).

    pub fn try_insert(&mut self, name: RawName, target: RawTarget) -> Result<(), InsertionError> {

        self.try_insert_unprotected(Unprotected::new(name)?, Unprotected::new(target)?)

    }

    /// Consume `other` by iteratively inserting into self.

    pub fn combine(&mut self, other: SymbolicRefs) -> Result<(), InsertionError> {

        for (name, target) in other.0 {

            self.try_insert_unprotected(name, target)?;

        }

        Ok(())

    }

}

#[derive(Debug, Error)]

#[error("symbolic reference '{name}' is cyclic")]

pub struct Cyclic {

    name: RawName,

}

impl TryFrom<BTreeMap<Name, Target>> for SymbolicRefs {

    type Error = Cyclic;

    fn try_from(map: BTreeMap<Name, Target>) -> Result<Self, Self::Error> {

        for (name, target) in map.iter() {

            if reachable(&map, target, name) {

                return Err(Cyclic {

                    name: name.to_owned().into_inner(),

                });

            }

        }

        Ok(Self(map))

    }

}

mod reachability {

    pub(super) trait Get<'a, 'b, K, V> {

        fn get(&'a self, key: &'b K) -> Option<&'a V>;

    }

    impl<'a, 'b, K: Ord, V> Get<'a, 'b, K, V> for std::collections::BTreeMap<K, V> {

        fn get(&'a self, key: &'b K) -> Option<&'a V> {

            std::collections::BTreeMap::get(self, key)

        }

    }

    impl<'a, 'b, K: Eq + std::hash::Hash, V> Get<'a, 'b, K, V> for std::collections::HashMap<K, V> {

        fn get(&'a self, key: &'b K) -> Option<&'a V> {

            std::collections::HashMap::get(self, key)

        }

    }

    impl<'a, 'b, K: Eq + std::hash::Hash, V> Get<'a, 'b, K, V> for indexmap::IndexMap<K, V> {

        fn get(&'a self, key: &'b K) -> Option<&'a V> {

            indexmap::IndexMap::get(self, key)

        }

    }

    /// A reachability check linking

    /// from `K` to `V` using [`Get`], and

    /// from `V` to `K` using [`Into`].

    /// Note that the bound is trivial if `K = V`.

    ///

    /// This can be used to check whether inserting `key → val`

    /// would create a cycle.

    ///

    /// # Returns

    ///

    /// Whether `key == val` (under [`Into::into`]) or

    /// `key` is reachable from `val` (under [`Into::into`] and [`Get::get`]).

    pub(super) fn reachable<'a, 'b, K: PartialEq, V: 'a>(

        map: &'a impl Get<'a, 'b, K, V>,

        val: &'b V,

        key: &'b K,

    ) -> bool

    where

        'a: 'b,

        &'b V: Into<&'b K>,

    {

        // Self-Reference

        let src = val.into();

        if *src == *key {

            return true;

        }

        // Chase

        let mut src = src;

        while let Some(tmp) = map.get(src).map(|value| value.into()) {

            if *tmp == *key {

                return true;

            }

            src = tmp;

        }

        false

    }

}

#[cfg(test)]

#[allow(clippy::unwrap_used)]

mod test {

    use crate::assert_matches;

    use crate::git::refname;

    use super::*;

    #[test]

    fn infinite_single() {

        let mut symbolic = SymbolicRefs::default();

        assert_matches!(

            symbolic.try_insert(refname!("a"), refname!("a")),

            Err(InsertionError::Cyclic { .. })

        );

        assert!(symbolic.is_empty());

    }

    #[test]

    fn infinite_multi() {

        let mut symbolic = SymbolicRefs::default();

        assert_matches!(symbolic.try_insert(refname!("a"), refname!("b")), Ok(()));

        assert_matches!(symbolic.try_insert(refname!("b"), refname!("c")), Ok(()));

        assert_matches!(

            symbolic.try_insert(refname!("c"), refname!("a")),

            Err(InsertionError::Cyclic { .. })

        );

    }

    #[test]

    fn deserialize_valid() {

        assert_matches!(

            serde_json::from_value::<SymbolicRefs>(serde_json::json!({

                "refs/heads/a": "refs/heads/b",

            })),

            Ok(_)

        );

    }

    #[test]

    fn deserialize_infinite() {

        assert_matches!(

            serde_json::from_value::<SymbolicRefs>(serde_json::json!({

                "refs/heads/a": "refs/heads/a",

            })),

            Err(_)

        );

        assert_matches!(

            serde_json::from_value::<SymbolicRefs>(serde_json::json!({

                "refs/heads/a": "refs/heads/b",

                "refs/heads/b": "refs/heads/c",

                "refs/heads/c": "refs/heads/a",

            })),

            Err(_)

        );

    }

    /// Motivates why we cannot simply delegate to [`BTreeMap::extend`]

    /// for combining [`SymbolicRefs`].

    #[test]

    fn infinite_extend() {

        let mut a = SymbolicRefs::default();

        assert_matches!(a.try_insert(refname!("a"), refname!("b")), Ok(()));

        let mut b = SymbolicRefs::default();

        assert_matches!(b.try_insert(refname!("b"), refname!("a")), Ok(()));

        assert_matches!(a.combine(b), Err(InsertionError::Cyclic { .. }));

    }

}

use thiserror::Error;

use crate::git::canonical::rules::{self, RawRules, Rules};

use crate::git::canonical::symbolic::{self, SymbolicRefs};

use crate::git::Qualified;

#[derive(Debug, Error)]

pub enum ValidationError {

    #[error(transparent)]

    Rules(#[from] rules::ValidationError),

    #[error("the target of the symbolic reference '{name} → {target}' is not matched by any rule")]

    Dangling {

        name: symbolic::RawName,

        target: symbolic::RawTarget,

    },

    #[error("the symbolic reference name '{name}' is also matched by rule(s) with pattern(s) {patterns:?}")]

    Clash {

        patterns: Vec<String>,

        name: Qualified<'static>,

    },

}

    #[serde(default)] // Default to empty for backwards compatibility.

    symbolic: SymbolicRefs,

    pub fn new(rules: RawRules, symbolic: SymbolicRefs) -> Self {

        Self { rules, symbolic }

    /// Return the [`RawRules`] for mutation.

    pub fn raw_rules_mut(&mut self) -> &mut RawRules {

        &mut self.rules

    }

    /// Return the [`SymbolicRefs`].

    pub fn symbolic(&self) -> &SymbolicRefs {

        &self.symbolic

    }

    /// Return the [`SymbolicRefs`] for mutation.

    pub fn symbolic_mut(&mut self) -> &mut SymbolicRefs {

        &mut self.symbolic

    }

        CanonicalRefs::new(rules, self.symbolic)

#[derive(Debug, Clone, Default, PartialEq, Eq, Serialize)]

    #[serde(default, skip_serializing_if = "SymbolicRefs::is_empty")]

    symbolic: SymbolicRefs,

    /// Construct a new [`CanonicalRefs`] from a set of [`Rules`] and

    /// [`SymbolicRefs`], validating that these may be evaluated to a well

    /// formed set of references when interpreted together.

    pub fn new(rules: Rules, symbolic: SymbolicRefs) -> Result<Self, ValidationError> {

        for (name, target) in symbolic.iter_resolved() {

            if Qualified::from_refstr(target)

                .and_then(|qualified| rules.matches(&qualified).next())

                .is_none()

            {

                return Err(ValidationError::Dangling {

                    name: name.to_owned(),

                    target: target.to_owned(),

                });

            }

            let Some(name) = Qualified::from_refstr(name) else {

                continue;

            };

            let patterns = rules

                .matches(&name)

                .map(|(pattern, _)| pattern.to_string())

                .collect::<Vec<_>>();

            if !patterns.is_empty() {

                return Err(ValidationError::Clash {

                    patterns,

                    name: name.to_owned(),

                });

            }

        }

        Ok(CanonicalRefs { rules, symbolic })

    /// Return the [`SymbolicRefs`].

    pub fn symbolic(&self) -> &SymbolicRefs {

        &self.symbolic

    }

}

impl Extend<(rules::RawPattern, rules::RawRule)> for RawCanonicalRefs {

    fn extend<T: IntoIterator<Item = (rules::RawPattern, rules::RawRule)>>(&mut self, iter: T) {

        self.rules.extend(iter)

    }

#[cfg(test)]

#[allow(clippy::unwrap_used)]

mod tests {

    use serde_json::json;

    use crate::assert_matches;

    use super::{ValidationError::*, *};

    fn from(value: serde_json::Value) -> Result<CanonicalRefs, super::ValidationError> {

        let delegates: Delegates = crate::test::arbitrary::gen::<crate::prelude::Did>(1).into();

        serde_json::from_value::<RawCanonicalRefs>(value)

            .unwrap()

            .try_into_canonical_refs(&mut || delegates.clone())

    }

    /// Backwards compatibility to before addition of symbolic references.

    #[test]

    fn omit_symbolic() {

        assert_matches!(

            from(json!({

                "rules": {},

            })),

            Ok(_)

        );

    }

    #[test]

    fn invalid_dangling() {

        assert_matches!(

            from(json!({

                "symbolic": {

                    "HEAD": "refs/heads/master"

                },

                "rules": {},

            })),

            Err(Dangling { .. })

        );

    }

    #[test]

    fn invalid_clash() {

        assert_matches!(

            from(json!({

                "symbolic": {

                    "refs/heads/foo": "refs/heads/bar",

                },

                "rules": {

                    "refs/heads/foo": {

                        "allow": "delegates",

                        "threshold": 1,

                    },

                    "refs/heads/bar": {

                        "allow": "delegates",

                        "threshold": 1,

                    },

                },

            })),

            Err(Clash { .. })

        );

    }

    #[test]

    fn invalid_clash_asterisk_name() {

        assert_matches!(

            from(json!({

                "symbolic": {

                    "refs/heads/foo": "refs/heads/bar",

                },

                "rules": {

                    "refs/heads/*": {

                        "allow": "delegates",

                        "threshold": 1,

                    },

                },

            })),

            Err(Clash { .. })

        );

    }

    #[test]

    fn valid_asterisk_target() {

        assert_matches!(

            from(json!({

                "symbolic": {

                    "HEAD": "refs/heads/master",

                },

                "rules": {

                    "refs/heads/*": {

                        "allow": "delegates",

                        "threshold": 1,

                    },

                },

            })),

            Ok(_)

        );

    }

    #[test]

    fn valid() {

        assert_matches!(

            from(json!({

                "symbolic": {

                    "refs/heads/foo": "refs/heads/ruled/bar",

                },

                "rules": {

                    "refs/heads/ruled/*": {

                        "allow": "delegates",

                        "threshold": 1,

                    },

                },

            })),

            Ok(_)

        );

    }

}

use crate::git::canonical::rules;

use crate::git::canonical::symbolic;

use crate::git::Qualified;

use crate::identity::crefs;

pub enum DefaultBranchError {

    ///

    /// Starts by obtaining the payload identified by

    /// [`PayloadId::canonical_refs`].

    ///

    /// If the payload exists, and it contains both a symbolic reference with

    /// the name `HEAD` and a rule matching the corresponding target branch,

    /// then this rule is verified to be backwards compatible, i.e. that the

    /// value for `allowed` is [`rules::Allowed::Delegates`] and the threshold

    /// matches [`Self::threshold`].

    ///

    /// If the payload is missing, canonical references are synthesized from 

    /// the payload identified by [`PayloadId::project`]:

    /// - A rule exactly matching [`Project::default_branch`]

    ///   that is compatible with self.

    /// - A symbolic reference with name `HEAD`

    ///   (see [`symbolic::SymbolicRefs::head`]) that targets the same branch.

    ///

    /// The resulting [`CanonicalRefs`] must pass validation, and there are

    /// cases where the payload is valid as such, but invalid in combination

    /// with the synthesized rule and symbolic reference. For example, if

    /// there is a symbolic reference already, with the name of the default

    /// branch, this will clash with the synthesized rule.

        let resolve = &mut || self.delegates.clone();

        // If there is a symbolic reference with name `HEAD` in the crefs

        // payload, we do not need to access the project payload to obtain

        // the name of the default branch from there.

        // However, we must still ensure that the crefs payload, in particular

        // the rule matching the target brach of the symbolic reference with

        // name `HEAD`, is backwards compatible with the rest of the identity

        // document.

        // These conditions may only be relaxed by introducing a new version of

        // the identity document.

        if let Some(default_branch) = raw_crefs.symbolic().resolve_head() {

            if let Some(default_branch) = Qualified::from_refstr(default_branch) {

                if let Some((pattern, rule)) = raw_crefs.raw_rules().matches(&default_branch).next()

                {

                    if *rule.allowed() != rules::Allowed::Delegates {

                        return Err(CanonicalRefsError::DefaultBranchRuleError(

                            DefaultBranchRuleError::Allowed {

                                pattern: pattern.to_string(),

                                actual: rule.allowed().to_string(),

                            },

                        ));

                    }

                    if *rule.threshold() != self.threshold() {

                        return Err(CanonicalRefsError::DefaultBranchRuleError(

                            DefaultBranchRuleError::Threshold {

                                pattern: pattern.to_string(),

                                actual: *rule.threshold(),

                                expected: self.threshold(),

                            },

                        ));

                    }

                } else {

                    // There is a symbolic reference for `HEAD`, but not matching

                    // canonical reference rule. `HEAD` is dangling!

                    // `raw_crefs` is malformed and will not pass validation below.

                }

            }

            return Ok(raw_crefs.try_into_canonical_refs(resolve)?);

        }

        // Since there is no symbolic reference with name `HEAD`, we fall back

        // to the project payload for obtaining the default branch.

        let project = self.project().map_err(CanonicalRefsError::DefaultBranch)?;

        // Only now, once we know that we will be synthesizing, and have a

        // project to do so, make `raw_crefs` mutable.

        let mut raw_crefs = raw_crefs;

        let default_branch = project.default_branch_ref();

        if raw_crefs

            .raw_rules()

            .matches(default_branch.as_ref())

            .next()

            .is_none()

        {

            let rule = rules::Rule::new(rules::Allowed::Delegates, self.threshold());

            raw_crefs.raw_rules_mut().insert(

                git::refspec::QualifiedPattern::from(default_branch.to_owned()),

                rule,

            );

        }

        raw_crefs

            .symbolic_mut()

            .combine(symbolic::SymbolicRefs::head(project.default_branch()))?;

        Ok(raw_crefs.try_into_canonical_refs(resolve)?)

    }

    /// Gets the qualified reference name of the default branch,

    /// according to the cref or project payload in this document.

    pub fn default_branch(&self) -> Result<git::Qualified, CanonicalRefsError> {

        self.canonical_refs()?

            .symbolic()

            .resolve_head()

            .cloned()

            .and_then(Qualified::from_refstr)

            .ok_or(CanonicalRefsError::MissingHead)

pub enum RawCanonicalRefsError {

    #[error(transparent)]

    Json(#[from] serde_json::Error),

}

#[derive(Debug, Error)]

    CanonicalRefs(#[from] crefs::ValidationError),

    #[error("could not load `xyz.radicle.project` to get default branch name: {0}")]

    DefaultBranch(PayloadError),

    #[error("no symbolic reference with name `HEAD` is defined")]

    MissingHead,

    DefaultBranchRuleError(#[from] DefaultBranchRuleError),

    #[error("synthesizing canonical references from project payload failed: {0}")]

    Synthesis(#[from] symbolic::InsertionError),

pub enum DefaultBranchRuleError {

    #[error("rule for pattern '{pattern}' which matches the target of symbolic reference 'HEAD' (possibly synthesized from payload 'xyz.radicle.project') must use 'allow' value of \"delegates\" but uses {actual}")]

    Allowed { pattern: String, actual: String },

    #[error("rule for pattern '{pattern}' which matches the target of symbolic reference 'HEAD' (possibly synthesized from payload 'xyz.radicle.project') must use a threshold of {expected} as required by the identity document but uses {actual}")]

    Threshold {

        pattern: String,

        actual: usize,

        expected: usize,

    },

    #[test]

    fn test_default_branch_without_project() {

        let value = serde_json::json!(

            {

                "payload": {

                    "xyz.radicle.crefs": {

                        "symbolic": {

                            "HEAD": "refs/heads/main",

                        },

                        "rules": {

                            "refs/heads/main": {

                                "allow": "delegates",

                                "threshold": 1,

                            }

                        }

                    }

                },

                "delegates": [

                    "did:key:z6MkireRatUThvd3qzfKht1S44wpm4FEWSSa4PRMTSQZ3voM"

                ],

                "threshold": 1

            }

        );

        let doc = serde_json::from_value::<Doc>(value).unwrap();

        assert_eq!(doc.default_branch().unwrap().as_str(), "refs/heads/main");

    }

    // If we have both payloads `xyz.radicle.{project,crefs}` ensure that,

    // in the `crefs` payload there is no …

    //  1. … rule that matches the default branch from the  `project` payload.

    //     (This rule must be synthesized!)

    //  2. … symbolic reference with the name `HEAD`.

    //     (This reference must be synthesized!)

                return Err(error::DocVerification::DisallowDefaultBranchRule { matches, default });

            }

            if let Some(symbolic) = crefs.symbolic().resolve_head() {

                return Err(error::DocVerification::DisallowDefaultBranchSymbolic {

                    symbolic: symbolic.to_owned(),

                    default,

                });

                Err(error::DocVerification::DisallowDefaultBranchRule { .. })

    DisallowDefaultBranchRule {

    #[error("incompatible payloads: The symbolic reference xyz.radicle.crefs.symbolic.HEAD → '{symbolic}' conflicts with xyz.radicle.project.defaultBranch ('{default}'). Possible resolutions: Remove either of the two.")]

    DisallowDefaultBranchSymbolic {

        symbolic: RefString,

        default: git::Qualified<'static>,

    },

use crate::git::{refs::branch, Qualified};

    #[inline]

    pub fn default_branch_ref(&self) -> Qualified {

        branch(&self.default_branch)

    }

    stored.set_canonical_symbolic_refs("set-canonical from init (radicle)")?;

    #[error("missing canonical symbolic reference for default branch (`HEAD`)")]

    MissingBranchSymbolic,

    DefaultBranchRule(#[from] doc::DefaultBranchError),

    /// according to the identity document.

    /// Sets the canonical symbolic references.

    ///

    /// This only depends on the cref payload in the identity document, and does

    /// not require the targeted canonical references to be computed, or even

    /// exist.

    fn set_canonical_symbolic_refs(&self, message: &str) -> Result<(), RepositoryError> {

        for (name, target) in self.identity_doc()?.canonical_refs()?.symbolic().iter() {

            self.set_symbolic_ref(name, target, message)?;

        }

        Ok(())

    }

    /// Sets a symbolic reference, if it does not exist or its target is different

    /// from the given one.

    fn set_symbolic_ref(

        &self,

        name: &RefStr,

        target: &RefStr,

        message: &str,

    ) -> Result<(), RepositoryError>;

    ext, raw, refname, refspec, Oid, PatternStr, Qualified, RefError, RefStr, RefString, UserInfo,

        let Some(refname) = crefs.symbolic().resolve_head().and_then(Qualified::from_refstr) else {

            return Err(RepositoryError::MissingBranchSymbolic);

        };

            .canonical(refname.to_owned(), self)

    fn set_symbolic_ref(

        &self,

        name: &RefStr,

        target: &RefStr,

        message: &str,

    ) -> Result<(), RepositoryError> {

        match self.raw().find_reference(name.as_str()) {

                    .is_some_and(|t| t != target.as_str())

                    head_ref.symbolic_set_target(target.as_str(), message)?;

                self.raw()

                    .reference_symbolic(name.as_str(), target.as_str(), true, message)?;

            Err(err) => return Err(err.into()),

        Ok(())

    repo.set_canonical_symbolic_refs("set-canonical test (radicle)")?;

    fn set_symbolic_ref(

        &self,

        _name: &fmt::RefStr,

        _target: &fmt::RefStr,

        _message: &str,

    ) -> Result<(), RepositoryError> {