- The `rad id` command will provide a better error message when a non-delegate

  attempts to modify the identity document.

Alice has created a new repository `rad:z42hL2jL4XNk6K8oHQaSWfMgCL7ji` with only herself as the sole delegate. After Bob has cloned it, let's ensure he can't add himself as a delegate too:

``` ~bob (fail)

$ rad id update --repo rad:z42hL2jL4XNk6K8oHQaSWfMgCL7ji --title "Add myself!" --delegate did:key:z6Mkt67GdsW7715MEfRuP4pSZxJRJh6kj6Y48WRqVv4N1tRk --no-confirm

✗ Error: did:key:z6Mkt67GdsW7715MEfRuP4pSZxJRJh6kj6Y48WRqVv4N1tRk is not a delegate, and only delegates are allowed to create a revision

✗ Hint: bob (you) is attempting to modify the identity document but is not a delegate!

```

use crate::terminal::format::Author;

            let revision = update(

                title,

                description,

                proposal,

                &mut identity,

                &signer,

                &profile,

            )?;

    profile: &Profile,

        let id = current

            .update(title, description, &doc, signer)

            .map_err(|e| on_identity_err(e, profile))?;

fn on_identity_err(e: identity::Error, profile: &Profile) -> anyhow::Error {

    let e = anyhow::Error::from(e);

    e.chain()

        .find_map(|c| c.downcast_ref::<identity::ApplyError>())

        .map(|e| on_apply_err(e, profile))

        .unwrap_or(e)

}

fn on_apply_err(e: &identity::ApplyError, profile: &Profile) -> anyhow::Error {

    match e {

        e @ identity::ApplyError::NonDelegateUnauthorized { author, .. } => {

            let nid = NodeId::from(*author);

            let labels = Author::new(&nid, profile, false).labels();

            Error::with_hint(

                anyhow!(e.to_string()),

                format!(

                    "{} {} is attempting to modify the identity document but is not a delegate!",

                    labels.0, labels.1

                ),

            )

            .into()

        }

        e @ radicle::cob::identity::ApplyError::Missing(_)

        | e @ radicle::cob::identity::ApplyError::Init(_)

        | e @ radicle::cob::identity::ApplyError::InvalidSignature(..)

        | e @ radicle::cob::identity::ApplyError::NotAuthorized

        | e @ radicle::cob::identity::ApplyError::MissingParent

        | e @ radicle::cob::identity::ApplyError::DuplicateVerdict

        | e @ radicle::cob::identity::ApplyError::UnexpectedState

        | e @ radicle::cob::identity::ApplyError::Redacted

        | e @ radicle::cob::identity::ApplyError::DocUnchanged

        | e @ radicle::cob::identity::ApplyError::Git(_)

        | e @ radicle::cob::identity::ApplyError::Doc(_) => {

            anyhow!(e.to_string())

        }

    }

}

fn rad_id_unauthorized_delegate() {

    let mut environment = Environment::new();

    let alice = environment.node("alice");

    let bob = environment.node("bob");

    let acme = RepoId::from_str("z42hL2jL4XNk6K8oHQaSWfMgCL7ji").unwrap();

    environment.repository(&alice);

    test(

        "examples/rad-init.md",

        environment.work(&alice),

        Some(&alice.home),

        [],

    )

    .unwrap();

    let mut alice = alice.spawn();

    let mut bob = bob.spawn();

    // Alice sets up the seed

    alice.handle.seed(acme, Scope::Followed).unwrap();

    bob.connect(&alice).converge([&alice]);

    bob.rad(

        "clone",

        &[acme.to_string().as_str()],

        environment.work(&bob),

    )

    .unwrap();

    formula(

        &environment.tempdir(),

        "examples/rad-id-unauthorized-delegate.md",

    )

    .unwrap()

    .home(

        "alice",

        environment.work(&alice),

        [("RAD_HOME", alice.home.path().display())],

    )

    .home(

        "bob",

        environment.work(&bob),

        [("RAD_HOME", bob.home.path().display())],

    )

    .run()

    .unwrap();

}

#[test]