pub async fn get_sessions(
infra: &InfraContext<'_>,
token: &str,
params: &GetSessionParams,
) -> Result<Vec<CfsSessionGetResponse>, Error>Expand description
List CFS sessions visible to the caller, applying every filter on
params.
The backend rejects mixing group and xname filters: an explicit
params.xnames list wins and the group set is left empty;
otherwise the request is scoped to params.group (single label)
or to every group the token already grants access to. Group
access and xname membership are validated before the backend
call so the response can never leak rows the caller couldn’t
have listed directly.