getService<T> method
Get a service with proper access control
Implementation
T? getService<T>(String serviceName, {required String callerModuleId}) {
final descriptor = _services[serviceName];
if (descriptor == null) {
AirLogger.warning('Service not found: $serviceName');
return null;
}
// Check if caller is allowed (simple isolation)
final isAllowedByDescriptor =
descriptor.isPublic ||
descriptor.allowedCallers.contains(callerModuleId);
// Check permission checker
final isAllowedByPermission = PermissionChecker().checkPermission(
callerModuleId,
Permission.serviceCall,
resource: serviceName,
);
final isAllowed = isAllowedByDescriptor && isAllowedByPermission;
// Audit the access attempt
AirAudit().logServiceAccess(
serviceName: serviceName,
callerModuleId: callerModuleId,
ownerModuleId: descriptor.ownerModuleId,
granted: isAllowed,
);
if (!isAllowed) {
AirLogger.security(
'Access denied: $callerModuleId not authorized to call $serviceName',
);
return null;
}
// Record interaction for AirGraph
recordInteraction(
ModuleInteraction(
sourceId: callerModuleId,
targetId: descriptor.ownerModuleId,
type: InteractionType.service,
detail: serviceName,
),
);
AirLogger.debug(
'Service access granted',
context: {'caller': callerModuleId, 'service': serviceName},
);
return descriptor.service as T?;
}