From 2f8fcb866e4709511ea6b948d7ceb08309ebe83c Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Tue, 7 Apr 2026 23:07:57 +0200
Subject: [PATCH] feat: add ClaimMappingRule domain model and repository
 interface

- AssignmentOrigin enum (direct/managed)
- ClaimMappingRule record with match type and action enums
- ClaimMappingRepository interface for CRUD operations

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../server/core/rbac/AssignmentOrigin.java     |  5 +++++
 .../core/rbac/ClaimMappingRepository.java      | 13 +++++++++++++
 .../server/core/rbac/ClaimMappingRule.java     | 18 ++++++++++++++++++
 3 files changed, 36 insertions(+)
 create mode 100644 cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/AssignmentOrigin.java
 create mode 100644 cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/ClaimMappingRepository.java
 create mode 100644 cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/ClaimMappingRule.java

diff --git a/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/AssignmentOrigin.java b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/AssignmentOrigin.java
new file mode 100644
index 00000000..1ec842f8
--- /dev/null
+++ b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/AssignmentOrigin.java
@@ -0,0 +1,5 @@
+package com.cameleer3.server.core.rbac;
+
+public enum AssignmentOrigin {
+    direct, managed
+}
diff --git a/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/ClaimMappingRepository.java b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/ClaimMappingRepository.java
new file mode 100644
index 00000000..8e76cae9
--- /dev/null
+++ b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/ClaimMappingRepository.java
@@ -0,0 +1,13 @@
+package com.cameleer3.server.core.rbac;
+
+import java.util.List;
+import java.util.Optional;
+import java.util.UUID;
+
+public interface ClaimMappingRepository {
+    List<ClaimMappingRule> findAll();
+    Optional<ClaimMappingRule> findById(UUID id);
+    UUID create(String claim, String matchType, String matchValue, String action, String target, int priority);
+    void update(UUID id, String claim, String matchType, String matchValue, String action, String target, int priority);
+    void delete(UUID id);
+}
diff --git a/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/ClaimMappingRule.java b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/ClaimMappingRule.java
new file mode 100644
index 00000000..fe13d840
--- /dev/null
+++ b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/ClaimMappingRule.java
@@ -0,0 +1,18 @@
+package com.cameleer3.server.core.rbac;
+
+import java.time.Instant;
+import java.util.UUID;
+
+public record ClaimMappingRule(
+        UUID id,
+        String claim,
+        String matchType,
+        String matchValue,
+        String action,
+        String target,
+        int priority,
+        Instant createdAt
+) {
+    public enum MatchType { equals, contains, regex }
+    public enum Action { assignRole, addToGroup }
+}