feat(core): rebrand to @lossless.zone/objectstorage

- Rename from @lossless.zone/s3container to @lossless.zone/objectstorage
- Replace @push.rocks/smarts3 with @push.rocks/smartstorage
- Change env var prefix from S3_ to OBJST_
- Rename S3Container class to ObjectStorageContainer
- Update web component prefix from s3c- to objst-
- Update UI labels, CLI flags, documentation, and Docker config

ts/opsserver/classes.opsserver.ts

@@ -0,0 +1,63 @@
+import * as plugins from '../plugins.ts';
+import type { ObjectStorageContainer } from '../classes/objectstoragecontainer.ts';
+import * as handlers from './handlers/index.ts';
+import { files as bundledFiles } from '../../ts_bundled/bundle.ts';
+
+export class OpsServer {
+  public objectStorageRef: ObjectStorageContainer;
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+  public server!: plugins.typedserver.utilityservers.UtilityWebsiteServer;
+
+  // Handler instances
+  public adminHandler!: handlers.AdminHandler;
+  public statusHandler!: handlers.StatusHandler;
+  public bucketsHandler!: handlers.BucketsHandler;
+  public objectsHandler!: handlers.ObjectsHandler;
+  public configHandler!: handlers.ConfigHandler;
+  public credentialsHandler!: handlers.CredentialsHandler;
+  public policiesHandler!: handlers.PoliciesHandler;
+
+  constructor(objectStorageRef: ObjectStorageContainer) {
+    this.objectStorageRef = objectStorageRef;
+  }
+
+  public async start(port = 3000) {
+    this.server = new plugins.typedserver.utilityservers.UtilityWebsiteServer({
+      domain: 'localhost',
+      feedMetadata: undefined,
+      bundledContent: bundledFiles,
+    });
+
+    // Chain typedrouters: server -> opsServer -> individual handlers
+    this.server.typedrouter.addTypedRouter(this.typedrouter);
+
+    // Set up all handlers
+    await this.setupHandlers();
+
+    await this.server.start(port);
+    console.log(`OpsServer started on http://localhost:${port}`);
+  }
+
+  private async setupHandlers(): Promise<void> {
+    // AdminHandler requires async initialization for JWT key generation
+    this.adminHandler = new handlers.AdminHandler(this);
+    await this.adminHandler.initialize();
+
+    // All other handlers self-register in their constructors
+    this.statusHandler = new handlers.StatusHandler(this);
+    this.bucketsHandler = new handlers.BucketsHandler(this);
+    this.objectsHandler = new handlers.ObjectsHandler(this);
+    this.configHandler = new handlers.ConfigHandler(this);
+    this.credentialsHandler = new handlers.CredentialsHandler(this);
+    this.policiesHandler = new handlers.PoliciesHandler(this);
+
+    console.log('OpsServer TypedRequest handlers initialized');
+  }
+
+  public async stop() {
+    if (this.server) {
+      await this.server.stop();
+      console.log('OpsServer stopped');
+    }
+  }
+}

ts/opsserver/handlers/admin.handler.ts

@@ -0,0 +1,131 @@
+import * as plugins from '../../plugins.ts';
+import type { OpsServer } from '../classes.opsserver.ts';
+import * as interfaces from '../../../ts_interfaces/index.ts';
+
+export interface IJwtData {
+  userId: string;
+  status: 'loggedIn' | 'loggedOut';
+  expiresAt: number;
+}
+
+export class AdminHandler {
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+  public smartjwtInstance!: plugins.smartjwt.SmartJwt<IJwtData>;
+
+  constructor(private opsServerRef: OpsServer) {
+    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
+  }
+
+  public async initialize(): Promise<void> {
+    this.smartjwtInstance = new plugins.smartjwt.SmartJwt();
+    await this.smartjwtInstance.init();
+    await this.smartjwtInstance.createNewKeyPair();
+    this.registerHandlers();
+  }
+
+  private registerHandlers(): void {
+    // Login
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_AdminLoginWithUsernameAndPassword>(
+        'adminLoginWithUsernameAndPassword',
+        async (dataArg) => {
+          const adminPassword = this.opsServerRef.objectStorageRef.config.adminPassword;
+          if (dataArg.username !== 'admin' || dataArg.password !== adminPassword) {
+            throw new plugins.typedrequest.TypedResponseError('Invalid credentials');
+          }
+
+          const expiresAt = Date.now() + 24 * 3600 * 1000;
+          const userId = 'admin';
+          const jwt = await this.smartjwtInstance.createJWT({
+            userId,
+            status: 'loggedIn',
+            expiresAt,
+          });
+
+          console.log('Admin user logged in');
+
+          return {
+            identity: {
+              jwt,
+              userId,
+              username: 'admin',
+              expiresAt,
+              role: 'admin' as const,
+            },
+          };
+        },
+      ),
+    );
+
+    // Logout
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_AdminLogout>(
+        'adminLogout',
+        async (_dataArg) => {
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Verify Identity
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_VerifyIdentity>(
+        'verifyIdentity',
+        async (dataArg) => {
+          if (!dataArg.identity?.jwt) {
+            return { valid: false };
+          }
+          try {
+            const jwtData = await this.smartjwtInstance.verifyJWTAndGetData(dataArg.identity.jwt);
+            if (jwtData.expiresAt < Date.now()) return { valid: false };
+            if (jwtData.status !== 'loggedIn') return { valid: false };
+            return {
+              valid: true,
+              identity: {
+                jwt: dataArg.identity.jwt,
+                userId: jwtData.userId,
+                username: dataArg.identity.username,
+                expiresAt: jwtData.expiresAt,
+                role: dataArg.identity.role,
+              },
+            };
+          } catch {
+            return { valid: false };
+          }
+        },
+      ),
+    );
+  }
+
+  // Guard for valid identity
+  public validIdentityGuard = new plugins.smartguard.Guard<{
+    identity: interfaces.data.IIdentity;
+  }>(
+    async (dataArg) => {
+      if (!dataArg.identity?.jwt) return false;
+      try {
+        const jwtData = await this.smartjwtInstance.verifyJWTAndGetData(dataArg.identity.jwt);
+        if (jwtData.expiresAt < Date.now()) return false;
+        if (jwtData.status !== 'loggedIn') return false;
+        if (dataArg.identity.expiresAt !== jwtData.expiresAt) return false;
+        if (dataArg.identity.userId !== jwtData.userId) return false;
+        return true;
+      } catch {
+        return false;
+      }
+    },
+    { failedHint: 'identity is not valid', name: 'validIdentityGuard' },
+  );
+
+  // Guard for admin identity
+  public adminIdentityGuard = new plugins.smartguard.Guard<{
+    identity: interfaces.data.IIdentity;
+  }>(
+    async (dataArg) => {
+      const isValid = await this.validIdentityGuard.exec(dataArg);
+      if (!isValid) return false;
+      return dataArg.identity.role === 'admin';
+    },
+    { failedHint: 'user is not admin', name: 'adminIdentityGuard' },
+  );
+}

ts/opsserver/handlers/buckets.handler.ts

@@ -0,0 +1,94 @@
+import * as plugins from '../../plugins.ts';
+import type { OpsServer } from '../classes.opsserver.ts';
+import * as interfaces from '../../../ts_interfaces/index.ts';
+import { requireValidIdentity } from '../helpers/guards.ts';
+
+export class BucketsHandler {
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+
+  constructor(private opsServerRef: OpsServer) {
+    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
+    this.registerHandlers();
+  }
+
+  private registerHandlers(): void {
+    // List buckets
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ListBuckets>(
+        'listBuckets',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const buckets = await this.opsServerRef.objectStorageRef.listBuckets();
+          return { buckets };
+        },
+      ),
+    );
+
+    // Create bucket
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_CreateBucket>(
+        'createBucket',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await this.opsServerRef.objectStorageRef.createBucket(dataArg.bucketName);
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Delete bucket
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DeleteBucket>(
+        'deleteBucket',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await this.opsServerRef.objectStorageRef.deleteBucket(dataArg.bucketName);
+          await this.opsServerRef.objectStorageRef.policyManager.onBucketDeleted(dataArg.bucketName);
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Get bucket policy
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetBucketPolicy>(
+        'getBucketPolicy',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const policy = await this.opsServerRef.objectStorageRef.getBucketPolicy(dataArg.bucketName);
+          return { policy };
+        },
+      ),
+    );
+
+    // Put bucket policy
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_PutBucketPolicy>(
+        'putBucketPolicy',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          // Validate JSON
+          try {
+            JSON.parse(dataArg.policy);
+          } catch {
+            throw new Error('Invalid JSON policy document');
+          }
+          await this.opsServerRef.objectStorageRef.putBucketPolicy(dataArg.bucketName, dataArg.policy);
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Delete bucket policy
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DeleteBucketPolicy>(
+        'deleteBucketPolicy',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await this.opsServerRef.objectStorageRef.deleteBucketPolicy(dataArg.bucketName);
+          return { ok: true };
+        },
+      ),
+    );
+  }
+}

ts/opsserver/handlers/config.handler.ts

@@ -0,0 +1,34 @@
+import * as plugins from '../../plugins.ts';
+import type { OpsServer } from '../classes.opsserver.ts';
+import * as interfaces from '../../../ts_interfaces/index.ts';
+import { requireValidIdentity } from '../helpers/guards.ts';
+
+export class ConfigHandler {
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+
+  constructor(private opsServerRef: OpsServer) {
+    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
+    this.registerHandlers();
+  }
+
+  private registerHandlers(): void {
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetServerConfig>(
+        'getServerConfig',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const containerConfig = this.opsServerRef.objectStorageRef.config;
+          const config: interfaces.data.IServerConfig = {
+            objstPort: containerConfig.objstPort,
+            uiPort: containerConfig.uiPort,
+            region: containerConfig.region,
+            storageDirectory: containerConfig.storageDirectory,
+            authEnabled: true,
+            corsEnabled: false,
+          };
+          return { config };
+        },
+      ),
+    );
+  }
+}

ts/opsserver/handlers/credentials.handler.ts

@@ -0,0 +1,73 @@
+import * as plugins from '../../plugins.ts';
+import type { OpsServer } from '../classes.opsserver.ts';
+import * as interfaces from '../../../ts_interfaces/index.ts';
+import { requireValidIdentity } from '../helpers/guards.ts';
+
+export class CredentialsHandler {
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+
+  constructor(private opsServerRef: OpsServer) {
+    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
+    this.registerHandlers();
+  }
+
+  private registerHandlers(): void {
+    // Get credentials (secrets masked)
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetCredentials>(
+        'getCredentials',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const credentials = this.opsServerRef.objectStorageRef.config.accessCredentials.map(
+            (cred) => ({
+              accessKeyId: cred.accessKeyId,
+              secretAccessKey: cred.secretAccessKey.slice(0, 4) + '****',
+            }),
+          );
+          return { credentials };
+        },
+      ),
+    );
+
+    // Add credential
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_AddCredential>(
+        'addCredential',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          this.opsServerRef.objectStorageRef.config.accessCredentials.push({
+            accessKeyId: dataArg.accessKeyId,
+            secretAccessKey: dataArg.secretAccessKey,
+          });
+          // Update the smartstorage auth config
+          this.opsServerRef.objectStorageRef.smartstorageInstance.config.auth!.credentials =
+            this.opsServerRef.objectStorageRef.config.accessCredentials;
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Remove credential
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_RemoveCredential>(
+        'removeCredential',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const creds = this.opsServerRef.objectStorageRef.config.accessCredentials;
+          if (creds.length <= 1) {
+            throw new plugins.typedrequest.TypedResponseError(
+              'Cannot remove the last credential',
+            );
+          }
+          this.opsServerRef.objectStorageRef.config.accessCredentials = creds.filter(
+            (c) => c.accessKeyId !== dataArg.accessKeyId,
+          );
+          // Update the smartstorage auth config
+          this.opsServerRef.objectStorageRef.smartstorageInstance.config.auth!.credentials =
+            this.opsServerRef.objectStorageRef.config.accessCredentials;
+          return { ok: true };
+        },
+      ),
+    );
+  }
+}

ts/opsserver/handlers/index.ts

@@ -0,0 +1,7 @@
+export { AdminHandler } from './admin.handler.ts';
+export { StatusHandler } from './status.handler.ts';
+export { BucketsHandler } from './buckets.handler.ts';
+export { ObjectsHandler } from './objects.handler.ts';
+export { ConfigHandler } from './config.handler.ts';
+export { CredentialsHandler } from './credentials.handler.ts';
+export { PoliciesHandler } from './policies.handler.ts';

ts/opsserver/handlers/objects.handler.ts

@@ -0,0 +1,126 @@
+import * as plugins from '../../plugins.ts';
+import type { OpsServer } from '../classes.opsserver.ts';
+import * as interfaces from '../../../ts_interfaces/index.ts';
+import { requireValidIdentity } from '../helpers/guards.ts';
+
+export class ObjectsHandler {
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+
+  constructor(private opsServerRef: OpsServer) {
+    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
+    this.registerHandlers();
+  }
+
+  private registerHandlers(): void {
+    // List objects
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ListObjects>(
+        'listObjects',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const result = await this.opsServerRef.objectStorageRef.listObjects(
+            dataArg.bucketName,
+            dataArg.prefix,
+            dataArg.delimiter,
+            dataArg.maxKeys,
+          );
+          return { result };
+        },
+      ),
+    );
+
+    // Delete object
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DeleteObject>(
+        'deleteObject',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await this.opsServerRef.objectStorageRef.deleteObject(dataArg.bucketName, dataArg.key);
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Get object
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetObject>(
+        'getObject',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          return await this.opsServerRef.objectStorageRef.getObject(dataArg.bucketName, dataArg.key);
+        },
+      ),
+    );
+
+    // Put object
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_PutObject>(
+        'putObject',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await this.opsServerRef.objectStorageRef.putObject(
+            dataArg.bucketName,
+            dataArg.key,
+            dataArg.base64Content,
+            dataArg.contentType,
+          );
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Delete prefix (folder)
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DeletePrefix>(
+        'deletePrefix',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await this.opsServerRef.objectStorageRef.deletePrefix(dataArg.bucketName, dataArg.prefix);
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Get object URL
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetObjectUrl>(
+        'getObjectUrl',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const url = await this.opsServerRef.objectStorageRef.getObjectUrl(dataArg.bucketName, dataArg.key);
+          return { url };
+        },
+      ),
+    );
+
+    // Move object
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_MoveObject>(
+        'moveObject',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          return await this.opsServerRef.objectStorageRef.moveObject(
+            dataArg.bucketName,
+            dataArg.sourceKey,
+            dataArg.destKey,
+          );
+        },
+      ),
+    );
+
+    // Move prefix (folder)
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_MovePrefix>(
+        'movePrefix',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          return await this.opsServerRef.objectStorageRef.movePrefix(
+            dataArg.bucketName,
+            dataArg.sourcePrefix,
+            dataArg.destPrefix,
+          );
+        },
+      ),
+    );
+  }
+}

ts/opsserver/handlers/policies.handler.ts

@@ -0,0 +1,128 @@
+import * as plugins from '../../plugins.ts';
+import type { OpsServer } from '../classes.opsserver.ts';
+import * as interfaces from '../../../ts_interfaces/index.ts';
+import { requireValidIdentity } from '../helpers/guards.ts';
+
+export class PoliciesHandler {
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+
+  constructor(private opsServerRef: OpsServer) {
+    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
+    this.registerHandlers();
+  }
+
+  private registerHandlers(): void {
+    const pm = () => this.opsServerRef.objectStorageRef.policyManager;
+
+    // List named policies
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ListNamedPolicies>(
+        'listNamedPolicies',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          return { policies: pm().listPolicies() };
+        },
+      ),
+    );
+
+    // Create named policy
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_CreateNamedPolicy>(
+        'createNamedPolicy',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const policy = await pm().createPolicy(dataArg.name, dataArg.description, dataArg.statements);
+          return { policy };
+        },
+      ),
+    );
+
+    // Update named policy
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_UpdateNamedPolicy>(
+        'updateNamedPolicy',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const policy = await pm().updatePolicy(dataArg.policyId, dataArg.name, dataArg.description, dataArg.statements);
+          return { policy };
+        },
+      ),
+    );
+
+    // Delete named policy
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DeleteNamedPolicy>(
+        'deleteNamedPolicy',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await pm().deletePolicy(dataArg.policyId);
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Get bucket named policies (attached + available)
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetBucketNamedPolicies>(
+        'getBucketNamedPolicies',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          return pm().getBucketAttachments(dataArg.bucketName);
+        },
+      ),
+    );
+
+    // Attach policy to bucket
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_AttachPolicyToBucket>(
+        'attachPolicyToBucket',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await pm().attachPolicyToBucket(dataArg.policyId, dataArg.bucketName);
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Detach policy from bucket
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DetachPolicyFromBucket>(
+        'detachPolicyFromBucket',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await pm().detachPolicyFromBucket(dataArg.policyId, dataArg.bucketName);
+          return { ok: true };
+        },
+      ),
+    );
+
+    // Get policy buckets (attached + available)
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetPolicyBuckets>(
+        'getPolicyBuckets',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const attachedBuckets = pm().getBucketsForPolicy(dataArg.policyId);
+          const allBuckets = await this.opsServerRef.objectStorageRef.listBuckets();
+          const attachedSet = new Set(attachedBuckets);
+          const availableBuckets = allBuckets
+            .map((b) => b.name)
+            .filter((name) => !attachedSet.has(name));
+          return { attachedBuckets, availableBuckets };
+        },
+      ),
+    );
+
+    // Set policy buckets
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_SetPolicyBuckets>(
+        'setPolicyBuckets',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          await pm().setPolicyBuckets(dataArg.policyId, dataArg.bucketNames);
+          return { ok: true };
+        },
+      ),
+    );
+  }
+}

ts/opsserver/handlers/status.handler.ts

@@ -0,0 +1,27 @@
+import * as plugins from '../../plugins.ts';
+import type { OpsServer } from '../classes.opsserver.ts';
+import * as interfaces from '../../../ts_interfaces/index.ts';
+import { requireValidIdentity } from '../helpers/guards.ts';
+
+export class StatusHandler {
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+
+  constructor(private opsServerRef: OpsServer) {
+    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
+    this.registerHandlers();
+  }
+
+  private registerHandlers(): void {
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetServerStatus>(
+        'getServerStatus',
+        async (dataArg) => {
+          await requireValidIdentity(this.opsServerRef.adminHandler, dataArg);
+          const status = await this.opsServerRef.objectStorageRef.getServerStats();
+          const connectionInfo = await this.opsServerRef.objectStorageRef.getConnectionInfo();
+          return { status, connectionInfo };
+        },
+      ),
+    );
+  }
+}

ts/opsserver/helpers/guards.ts

@@ -0,0 +1,29 @@
+import * as plugins from '../../plugins.ts';
+import type { AdminHandler } from '../handlers/admin.handler.ts';
+import * as interfaces from '../../../ts_interfaces/index.ts';
+
+export async function requireValidIdentity<T extends { identity?: interfaces.data.IIdentity }>(
+  adminHandler: AdminHandler,
+  dataArg: T,
+): Promise<void> {
+  if (!dataArg.identity) {
+    throw new plugins.typedrequest.TypedResponseError('No identity provided');
+  }
+  const passed = await adminHandler.validIdentityGuard.exec({ identity: dataArg.identity });
+  if (!passed) {
+    throw new plugins.typedrequest.TypedResponseError('Valid identity required');
+  }
+}
+
+export async function requireAdminIdentity<T extends { identity?: interfaces.data.IIdentity }>(
+  adminHandler: AdminHandler,
+  dataArg: T,
+): Promise<void> {
+  if (!dataArg.identity) {
+    throw new plugins.typedrequest.TypedResponseError('No identity provided');
+  }
+  const passed = await adminHandler.adminIdentityGuard.exec({ identity: dataArg.identity });
+  if (!passed) {
+    throw new plugins.typedrequest.TypedResponseError('Admin access required');
+  }
+}

ts/opsserver/index.ts

@@ -0,0 +1 @@
+export { OpsServer } from './classes.opsserver.ts';