authzed 0.3.1 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +20 -12
- data/lib/authzed/api/v0/core_pb.rb +0 -40
- data/lib/authzed/api/v0/developer_pb.rb +0 -2
- data/lib/authzed/api/v1/core_pb.rb +7 -0
- data/lib/authzed/api/v1/debug_pb.rb +52 -0
- data/lib/authzed/api/v1/error_reason_pb.rb +33 -0
- data/lib/authzed/api/v1/permission_service_pb.rb +42 -0
- data/lib/authzed/api/v1/permission_service_services_pb.rb +6 -2
- data/lib/authzed.rb +1 -4
- metadata +4 -11
- data/lib/authzed/api/v0/acl_service_pb.rb +0 -104
- data/lib/authzed/api/v0/acl_service_services_pb.rb +0 -31
- data/lib/authzed/api/v0/namespace_pb.rb +0 -95
- data/lib/authzed/api/v0/namespace_service_pb.rb +0 -47
- data/lib/authzed/api/v0/namespace_service_services_pb.rb +0 -28
- data/lib/authzed/api/v0/watch_service_pb.rb +0 -29
- data/lib/authzed/api/v0/watch_service_services_pb.rb +0 -26
- data/lib/authzed/api/v1/schema_pb.rb +0 -30
- data/lib/authzed/api/v1/schema_services_pb.rb +0 -34
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 15813ae9db8960ecc8b197c72815f7616af6e8bf2f55f03f1fbb2596803eb60f
|
4
|
+
data.tar.gz: f6d366acc89687282ac8abbafaf00cef2dfb310a65ad371122c9a557800d00ff
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fabc4ba9080269a4be1cf63a17bb12898a3c73b35407e6fb72b47b092b03f64751b5dd20ddef30b57fa1854af5935cd5d1ab64a6bb8a0d812d4bf039add4b407
|
7
|
+
data.tar.gz: 2a207739872b068df8c1d8d0548e64f8bfd2eec2f3741d7c4c91013d2dea78d14aceae9c4d40cdb9fda44b3a34c239b5c5638f796d9411a6245cc1b4ded6cb90
|
data/README.md
CHANGED
@@ -1,32 +1,40 @@
|
|
1
1
|
# Authzed Ruby Client
|
2
2
|
|
3
3
|
[![Ruby Gems](https://img.shields.io/gem/v/authzed?include_prereleases)](https://rubygems.org/gems/authzed)
|
4
|
+
[![Docs](https://img.shields.io/badge/docs-authzed.com-%234B4B6C "Authzed Documentation")](https://docs.authzed.com)
|
4
5
|
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0.html)
|
5
6
|
[![Build Status](https://github.com/authzed/authzed-rb/workflows/build/badge.svg)](https://github.com/authzed/authzed-rb/actions)
|
6
|
-
[![Mailing List](https://img.shields.io/badge/email-google%20groups-4285F4)](https://groups.google.com/g/authzed-oss)
|
7
7
|
[![Discord Server](https://img.shields.io/discord/844600078504951838?color=7289da&logo=discord "Discord Server")](https://discord.gg/jTysUaxXzM)
|
8
8
|
[![Twitter](https://img.shields.io/twitter/follow/authzed?color=%23179CF0&logo=twitter&style=flat-square)](https://twitter.com/authzed)
|
9
9
|
|
10
|
-
This repository houses the Ruby client library for Authzed.
|
10
|
+
This repository houses the official Ruby client library for Authzed and SpiceDB.
|
11
11
|
|
12
|
-
[
|
12
|
+
[SpiceDB] is a database system for managing security-critical permissions checking.
|
13
13
|
|
14
|
-
|
14
|
+
SpiceDB acts as a centralized service that stores authorization data.
|
15
|
+
Once stored, data can be performantly queried to answer questions such as "Does this user have access to this resource?" and "What are all the resources this user has access to?".
|
16
|
+
|
17
|
+
[Authzed] operates the globally available, serverless database platform for SpiceDB.
|
15
18
|
|
16
19
|
Supported client API versions:
|
17
|
-
- [v1](https://
|
18
|
-
- [v1alpha1](https://docs.authzed.com/reference/api#authzedapiv1alpha1)
|
19
|
-
- "v0" - deprecated
|
20
|
+
- [v1](https://buf.build/authzed/api/docs/main/authzed.api.v1)
|
20
21
|
|
21
|
-
You can find more info
|
22
|
-
Additionally, Protobuf API documentation can be found on the [Buf Registry Authzed API repository].
|
22
|
+
You can find more info about the API in the [Authzed Documentation API Reference] or the [Authzed API Buf Registry repository].
|
23
23
|
|
24
24
|
See [CONTRIBUTING.md] for instructions on how to contribute and perform common tasks like building the project and running tests.
|
25
25
|
|
26
|
+
[SpiceDB]: https://github.com/authzed/spicedb
|
26
27
|
[Authzed]: https://authzed.com
|
27
|
-
[Authzed API Reference
|
28
|
-
[Buf Registry
|
28
|
+
[Authzed Documentation API Reference]: https://docs.authzed.com/reference/api
|
29
|
+
[Authzed API Buf Registry repository]: https://buf.build/authzed/api
|
29
30
|
[CONTRIBUTING.md]: CONTRIBUTING.md
|
31
|
+
[Discord]: https://authzed.com/discord
|
32
|
+
[Urgent]: https://github.com/authzed/authzed-rb/labels/priority%2F0%20urgent
|
33
|
+
[High]: https://github.com/authzed/authzed-rb/labels/priority%2F1%20high
|
34
|
+
[Medium]: https://github.com/authzed/authzed-rb/labels/priority%2F2%20medium
|
35
|
+
[Low]: https://github.com/authzed/authzed-rb/labels/priority%2F3%20low
|
36
|
+
[Maybe]: https://github.com/authzed/authzed-rb/labels/priority%2F4%20maybe
|
37
|
+
[good first issues]: https://github.com/authzed-rb/spicedb/labels/hint%2Fgood%20first%20issue
|
30
38
|
|
31
39
|
## Getting Started
|
32
40
|
|
@@ -87,6 +95,6 @@ resp = client.permissions_service.check_permission(
|
|
87
95
|
)
|
88
96
|
)
|
89
97
|
)
|
90
|
-
can_read = Authzed::Api::V1::CheckPermissionResponse::Permissionship.resolve(resp.permissionship)
|
98
|
+
can_read = Authzed::Api::V1::CheckPermissionResponse::Permissionship.resolve(resp.permissionship) ==
|
91
99
|
Authzed::Api::V1::CheckPermissionResponse::Permissionship::PERMISSIONSHIP_HAS_PERMISSION
|
92
100
|
```
|
@@ -25,39 +25,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
25
25
|
optional :userset, :message, 2, "authzed.api.v0.ObjectAndRelation", json_name: "userset"
|
26
26
|
end
|
27
27
|
end
|
28
|
-
add_message "authzed.api.v0.Zookie" do
|
29
|
-
optional :token, :string, 1, json_name: "token"
|
30
|
-
end
|
31
|
-
add_message "authzed.api.v0.RelationTupleUpdate" do
|
32
|
-
optional :operation, :enum, 1, "authzed.api.v0.RelationTupleUpdate.Operation", json_name: "operation"
|
33
|
-
optional :tuple, :message, 2, "authzed.api.v0.RelationTuple", json_name: "tuple"
|
34
|
-
end
|
35
|
-
add_enum "authzed.api.v0.RelationTupleUpdate.Operation" do
|
36
|
-
value :UNKNOWN, 0
|
37
|
-
value :CREATE, 1
|
38
|
-
value :TOUCH, 2
|
39
|
-
value :DELETE, 3
|
40
|
-
end
|
41
|
-
add_message "authzed.api.v0.RelationTupleTreeNode" do
|
42
|
-
optional :expanded, :message, 3, "authzed.api.v0.ObjectAndRelation", json_name: "expanded"
|
43
|
-
oneof :node_type do
|
44
|
-
optional :intermediate_node, :message, 1, "authzed.api.v0.SetOperationUserset", json_name: "intermediateNode"
|
45
|
-
optional :leaf_node, :message, 2, "authzed.api.v0.DirectUserset", json_name: "leafNode"
|
46
|
-
end
|
47
|
-
end
|
48
|
-
add_message "authzed.api.v0.SetOperationUserset" do
|
49
|
-
optional :operation, :enum, 1, "authzed.api.v0.SetOperationUserset.Operation", json_name: "operation"
|
50
|
-
repeated :child_nodes, :message, 2, "authzed.api.v0.RelationTupleTreeNode", json_name: "childNodes"
|
51
|
-
end
|
52
|
-
add_enum "authzed.api.v0.SetOperationUserset.Operation" do
|
53
|
-
value :INVALID, 0
|
54
|
-
value :UNION, 1
|
55
|
-
value :INTERSECTION, 2
|
56
|
-
value :EXCLUSION, 3
|
57
|
-
end
|
58
|
-
add_message "authzed.api.v0.DirectUserset" do
|
59
|
-
repeated :users, :message, 1, "authzed.api.v0.User", json_name: "users"
|
60
|
-
end
|
61
28
|
end
|
62
29
|
end
|
63
30
|
|
@@ -68,13 +35,6 @@ module Authzed
|
|
68
35
|
ObjectAndRelation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ObjectAndRelation").msgclass
|
69
36
|
RelationReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationReference").msgclass
|
70
37
|
User = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.User").msgclass
|
71
|
-
Zookie = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.Zookie").msgclass
|
72
|
-
RelationTupleUpdate = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationTupleUpdate").msgclass
|
73
|
-
RelationTupleUpdate::Operation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationTupleUpdate.Operation").enummodule
|
74
|
-
RelationTupleTreeNode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationTupleTreeNode").msgclass
|
75
|
-
SetOperationUserset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.SetOperationUserset").msgclass
|
76
|
-
SetOperationUserset::Operation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.SetOperationUserset.Operation").enummodule
|
77
|
-
DirectUserset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.DirectUserset").msgclass
|
78
38
|
end
|
79
39
|
end
|
80
40
|
end
|
@@ -4,7 +4,6 @@
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
6
|
require 'authzed/api/v0/core_pb'
|
7
|
-
require 'authzed/api/v0/namespace_pb'
|
8
7
|
|
9
8
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
10
9
|
add_file("authzed/api/v0/developer.proto", :syntax => :proto3) do
|
@@ -50,7 +49,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
50
49
|
add_message "authzed.api.v0.RequestContext" do
|
51
50
|
optional :schema, :string, 1, json_name: "schema"
|
52
51
|
repeated :relationships, :message, 2, "authzed.api.v0.RelationTuple", json_name: "relationships"
|
53
|
-
repeated :legacy_ns_configs, :message, 3, "authzed.api.v0.NamespaceDefinition", json_name: "legacyNsConfigs"
|
54
52
|
end
|
55
53
|
add_message "authzed.api.v0.EditCheckRequest" do
|
56
54
|
optional :context, :message, 1, "authzed.api.v0.RequestContext", json_name: "context"
|
@@ -3,6 +3,7 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
+
require 'google/protobuf/struct_pb'
|
6
7
|
require 'validate/validate_pb'
|
7
8
|
|
8
9
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
@@ -11,6 +12,11 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
11
12
|
optional :resource, :message, 1, "authzed.api.v1.ObjectReference", json_name: "resource"
|
12
13
|
optional :relation, :string, 2, json_name: "relation"
|
13
14
|
optional :subject, :message, 3, "authzed.api.v1.SubjectReference", json_name: "subject"
|
15
|
+
optional :optional_caveat, :message, 4, "authzed.api.v1.ContextualizedCaveat", json_name: "optionalCaveat"
|
16
|
+
end
|
17
|
+
add_message "authzed.api.v1.ContextualizedCaveat" do
|
18
|
+
optional :caveat_name, :string, 1, json_name: "caveatName"
|
19
|
+
optional :context, :message, 2, "google.protobuf.Struct", json_name: "context"
|
14
20
|
end
|
15
21
|
add_message "authzed.api.v1.SubjectReference" do
|
16
22
|
optional :object, :message, 1, "authzed.api.v1.ObjectReference", json_name: "object"
|
@@ -61,6 +67,7 @@ module Authzed
|
|
61
67
|
module Api
|
62
68
|
module V1
|
63
69
|
Relationship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.Relationship").msgclass
|
70
|
+
ContextualizedCaveat = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ContextualizedCaveat").msgclass
|
64
71
|
SubjectReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.SubjectReference").msgclass
|
65
72
|
ObjectReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ObjectReference").msgclass
|
66
73
|
ZedToken = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ZedToken").msgclass
|
@@ -0,0 +1,52 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: authzed/api/v1/debug.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'authzed/api/v1/core_pb'
|
7
|
+
require 'validate/validate_pb'
|
8
|
+
|
9
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
10
|
+
add_file("authzed/api/v1/debug.proto", :syntax => :proto3) do
|
11
|
+
add_message "authzed.api.v1.DebugInformation" do
|
12
|
+
optional :check, :message, 1, "authzed.api.v1.CheckDebugTrace", json_name: "check"
|
13
|
+
optional :schema_used, :string, 2, json_name: "schemaUsed"
|
14
|
+
end
|
15
|
+
add_message "authzed.api.v1.CheckDebugTrace" do
|
16
|
+
optional :resource, :message, 1, "authzed.api.v1.ObjectReference", json_name: "resource"
|
17
|
+
optional :permission, :string, 2, json_name: "permission"
|
18
|
+
optional :permission_type, :enum, 3, "authzed.api.v1.CheckDebugTrace.PermissionType", json_name: "permissionType"
|
19
|
+
optional :subject, :message, 4, "authzed.api.v1.SubjectReference", json_name: "subject"
|
20
|
+
optional :result, :enum, 5, "authzed.api.v1.CheckDebugTrace.Permissionship", json_name: "result"
|
21
|
+
oneof :resolution do
|
22
|
+
optional :was_cached_result, :bool, 6, json_name: "wasCachedResult"
|
23
|
+
optional :sub_problems, :message, 7, "authzed.api.v1.CheckDebugTrace.SubProblems", json_name: "subProblems"
|
24
|
+
end
|
25
|
+
end
|
26
|
+
add_message "authzed.api.v1.CheckDebugTrace.SubProblems" do
|
27
|
+
repeated :traces, :message, 1, "authzed.api.v1.CheckDebugTrace", json_name: "traces"
|
28
|
+
end
|
29
|
+
add_enum "authzed.api.v1.CheckDebugTrace.PermissionType" do
|
30
|
+
value :PERMISSION_TYPE_UNSPECIFIED, 0
|
31
|
+
value :PERMISSION_TYPE_RELATION, 1
|
32
|
+
value :PERMISSION_TYPE_PERMISSION, 2
|
33
|
+
end
|
34
|
+
add_enum "authzed.api.v1.CheckDebugTrace.Permissionship" do
|
35
|
+
value :PERMISSIONSHIP_UNSPECIFIED, 0
|
36
|
+
value :PERMISSIONSHIP_NO_PERMISSION, 1
|
37
|
+
value :PERMISSIONSHIP_HAS_PERMISSION, 2
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
module Authzed
|
43
|
+
module Api
|
44
|
+
module V1
|
45
|
+
DebugInformation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.DebugInformation").msgclass
|
46
|
+
CheckDebugTrace = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace").msgclass
|
47
|
+
CheckDebugTrace::SubProblems = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace.SubProblems").msgclass
|
48
|
+
CheckDebugTrace::PermissionType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace.PermissionType").enummodule
|
49
|
+
CheckDebugTrace::Permissionship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace.Permissionship").enummodule
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: authzed/api/v1/error_reason.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
7
|
+
add_file("authzed/api/v1/error_reason.proto", :syntax => :proto3) do
|
8
|
+
add_enum "authzed.api.v1.ErrorReason" do
|
9
|
+
value :ERROR_REASON_UNSPECIFIED, 0
|
10
|
+
value :ERROR_REASON_SCHEMA_PARSE_ERROR, 1
|
11
|
+
value :ERROR_REASON_SCHEMA_TYPE_ERROR, 2
|
12
|
+
value :ERROR_REASON_UNKNOWN_DEFINITION, 3
|
13
|
+
value :ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION, 4
|
14
|
+
value :ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST, 5
|
15
|
+
value :ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST, 6
|
16
|
+
value :ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE, 7
|
17
|
+
value :ERROR_REASON_SERVICE_READ_ONLY, 8
|
18
|
+
value :ERROR_REASON_UNKNOWN_CAVEAT, 9
|
19
|
+
value :ERROR_REASON_INVALID_SUBJECT_TYPE, 10
|
20
|
+
value :ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR, 11
|
21
|
+
value :ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP, 12
|
22
|
+
value :ERROR_REASON_CANNOT_UPDATE_PERMISSION, 13
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
module Authzed
|
28
|
+
module Api
|
29
|
+
module V1
|
30
|
+
ErrorReason = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ErrorReason").enummodule
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -3,6 +3,7 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
+
require 'google/protobuf/struct_pb'
|
6
7
|
require 'google/api/annotations_pb'
|
7
8
|
require 'validate/validate_pb'
|
8
9
|
require 'authzed/api/v1/core_pb'
|
@@ -67,15 +68,21 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
67
68
|
optional :resource, :message, 2, "authzed.api.v1.ObjectReference", json_name: "resource"
|
68
69
|
optional :permission, :string, 3, json_name: "permission"
|
69
70
|
optional :subject, :message, 4, "authzed.api.v1.SubjectReference", json_name: "subject"
|
71
|
+
optional :context, :message, 5, "google.protobuf.Struct", json_name: "context"
|
72
|
+
end
|
73
|
+
add_message "authzed.api.v1.PartialCaveatInfo" do
|
74
|
+
repeated :missing_required_context, :string, 1, json_name: "missingRequiredContext"
|
70
75
|
end
|
71
76
|
add_message "authzed.api.v1.CheckPermissionResponse" do
|
72
77
|
optional :checked_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "checkedAt"
|
73
78
|
optional :permissionship, :enum, 2, "authzed.api.v1.CheckPermissionResponse.Permissionship", json_name: "permissionship"
|
79
|
+
optional :partial_caveat_info, :message, 3, "authzed.api.v1.PartialCaveatInfo", json_name: "partialCaveatInfo"
|
74
80
|
end
|
75
81
|
add_enum "authzed.api.v1.CheckPermissionResponse.Permissionship" do
|
76
82
|
value :PERMISSIONSHIP_UNSPECIFIED, 0
|
77
83
|
value :PERMISSIONSHIP_NO_PERMISSION, 1
|
78
84
|
value :PERMISSIONSHIP_HAS_PERMISSION, 2
|
85
|
+
value :PERMISSIONSHIP_CONDITIONAL_PERMISSION, 3
|
79
86
|
end
|
80
87
|
add_message "authzed.api.v1.ExpandPermissionTreeRequest" do
|
81
88
|
optional :consistency, :message, 1, "authzed.api.v1.Consistency", json_name: "consistency"
|
@@ -91,10 +98,40 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
91
98
|
optional :resource_object_type, :string, 2, json_name: "resourceObjectType"
|
92
99
|
optional :permission, :string, 3, json_name: "permission"
|
93
100
|
optional :subject, :message, 4, "authzed.api.v1.SubjectReference", json_name: "subject"
|
101
|
+
optional :context, :message, 5, "google.protobuf.Struct", json_name: "context"
|
94
102
|
end
|
95
103
|
add_message "authzed.api.v1.LookupResourcesResponse" do
|
96
104
|
optional :looked_up_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "lookedUpAt"
|
97
105
|
optional :resource_object_id, :string, 2, json_name: "resourceObjectId"
|
106
|
+
optional :permissionship, :enum, 3, "authzed.api.v1.LookupPermissionship", json_name: "permissionship"
|
107
|
+
optional :partial_caveat_info, :message, 4, "authzed.api.v1.PartialCaveatInfo", json_name: "partialCaveatInfo"
|
108
|
+
end
|
109
|
+
add_message "authzed.api.v1.LookupSubjectsRequest" do
|
110
|
+
optional :consistency, :message, 1, "authzed.api.v1.Consistency", json_name: "consistency"
|
111
|
+
optional :resource, :message, 2, "authzed.api.v1.ObjectReference", json_name: "resource"
|
112
|
+
optional :permission, :string, 3, json_name: "permission"
|
113
|
+
optional :subject_object_type, :string, 4, json_name: "subjectObjectType"
|
114
|
+
optional :optional_subject_relation, :string, 5, json_name: "optionalSubjectRelation"
|
115
|
+
optional :context, :message, 6, "google.protobuf.Struct", json_name: "context"
|
116
|
+
end
|
117
|
+
add_message "authzed.api.v1.LookupSubjectsResponse" do
|
118
|
+
optional :looked_up_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "lookedUpAt"
|
119
|
+
optional :subject_object_id, :string, 2, json_name: "subjectObjectId"
|
120
|
+
repeated :excluded_subject_ids, :string, 3, json_name: "excludedSubjectIds"
|
121
|
+
optional :permissionship, :enum, 4, "authzed.api.v1.LookupPermissionship", json_name: "permissionship"
|
122
|
+
optional :partial_caveat_info, :message, 5, "authzed.api.v1.PartialCaveatInfo", json_name: "partialCaveatInfo"
|
123
|
+
optional :subject, :message, 6, "authzed.api.v1.ResolvedSubject", json_name: "subject"
|
124
|
+
repeated :excluded_subjects, :message, 7, "authzed.api.v1.ResolvedSubject", json_name: "excludedSubjects"
|
125
|
+
end
|
126
|
+
add_message "authzed.api.v1.ResolvedSubject" do
|
127
|
+
optional :subject_object_id, :string, 1, json_name: "subjectObjectId"
|
128
|
+
optional :permissionship, :enum, 2, "authzed.api.v1.LookupPermissionship", json_name: "permissionship"
|
129
|
+
optional :partial_caveat_info, :message, 3, "authzed.api.v1.PartialCaveatInfo", json_name: "partialCaveatInfo"
|
130
|
+
end
|
131
|
+
add_enum "authzed.api.v1.LookupPermissionship" do
|
132
|
+
value :LOOKUP_PERMISSIONSHIP_UNSPECIFIED, 0
|
133
|
+
value :LOOKUP_PERMISSIONSHIP_HAS_PERMISSION, 1
|
134
|
+
value :LOOKUP_PERMISSIONSHIP_CONDITIONAL_PERMISSION, 2
|
98
135
|
end
|
99
136
|
end
|
100
137
|
end
|
@@ -115,12 +152,17 @@ module Authzed
|
|
115
152
|
DeleteRelationshipsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.DeleteRelationshipsRequest").msgclass
|
116
153
|
DeleteRelationshipsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.DeleteRelationshipsResponse").msgclass
|
117
154
|
CheckPermissionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckPermissionRequest").msgclass
|
155
|
+
PartialCaveatInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.PartialCaveatInfo").msgclass
|
118
156
|
CheckPermissionResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckPermissionResponse").msgclass
|
119
157
|
CheckPermissionResponse::Permissionship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckPermissionResponse.Permissionship").enummodule
|
120
158
|
ExpandPermissionTreeRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExpandPermissionTreeRequest").msgclass
|
121
159
|
ExpandPermissionTreeResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExpandPermissionTreeResponse").msgclass
|
122
160
|
LookupResourcesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupResourcesRequest").msgclass
|
123
161
|
LookupResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupResourcesResponse").msgclass
|
162
|
+
LookupSubjectsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupSubjectsRequest").msgclass
|
163
|
+
LookupSubjectsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupSubjectsResponse").msgclass
|
164
|
+
ResolvedSubject = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ResolvedSubject").msgclass
|
165
|
+
LookupPermissionship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupPermissionship").enummodule
|
124
166
|
end
|
125
167
|
end
|
126
168
|
end
|
@@ -25,8 +25,9 @@ module Authzed
|
|
25
25
|
# relationships. An optional set of preconditions can be provided that must
|
26
26
|
# be satisfied for the operation to commit.
|
27
27
|
rpc :WriteRelationships, ::Authzed::Api::V1::WriteRelationshipsRequest, ::Authzed::Api::V1::WriteRelationshipsResponse
|
28
|
-
# DeleteRelationships atomically bulk deletes relationships matching
|
29
|
-
#
|
28
|
+
# DeleteRelationships atomically bulk deletes all relationships matching the
|
29
|
+
# provided filter. If no relationships match, none will be deleted and the
|
30
|
+
# operation will succeed. An optional set of preconditions can be provided that must
|
30
31
|
# be satisfied for the operation to commit.
|
31
32
|
rpc :DeleteRelationships, ::Authzed::Api::V1::DeleteRelationshipsRequest, ::Authzed::Api::V1::DeleteRelationshipsResponse
|
32
33
|
# CheckPermission determines for a given resource whether a subject computes
|
@@ -39,6 +40,9 @@ module Authzed
|
|
39
40
|
# LookupResources returns all the resources of a given type that a subject
|
40
41
|
# can access whether via a computed permission or relation membership.
|
41
42
|
rpc :LookupResources, ::Authzed::Api::V1::LookupResourcesRequest, stream(::Authzed::Api::V1::LookupResourcesResponse)
|
43
|
+
# LookupSubjects returns all the subjects of a given type that
|
44
|
+
# have access whether via a computed permission or relation membership.
|
45
|
+
rpc :LookupSubjects, ::Authzed::Api::V1::LookupSubjectsRequest, stream(::Authzed::Api::V1::LookupSubjectsResponse)
|
42
46
|
end
|
43
47
|
|
44
48
|
Stub = Service.rpc_stub_class
|
data/lib/authzed.rb
CHANGED
@@ -1,7 +1,4 @@
|
|
1
|
-
require 'authzed/api/
|
2
|
-
require 'authzed/api/v1alpha1/schema_services_pb'
|
3
|
-
require 'authzed/api/v1alpha1/client'
|
4
|
-
require 'authzed/api/v1/schema_services_pb'
|
1
|
+
require 'authzed/api/v1/schema_service_services_pb'
|
5
2
|
require 'authzed/api/v1/watch_service_services_pb'
|
6
3
|
require 'authzed/api/v1/permission_service_services_pb'
|
7
4
|
require 'authzed/api/v1/client'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authzed
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Authzed
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-11-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: grpc
|
@@ -62,26 +62,19 @@ files:
|
|
62
62
|
- LICENSE
|
63
63
|
- README.md
|
64
64
|
- lib/authzed.rb
|
65
|
-
- lib/authzed/api/v0/acl_service_pb.rb
|
66
|
-
- lib/authzed/api/v0/acl_service_services_pb.rb
|
67
65
|
- lib/authzed/api/v0/client.rb
|
68
66
|
- lib/authzed/api/v0/core_pb.rb
|
69
67
|
- lib/authzed/api/v0/developer_pb.rb
|
70
68
|
- lib/authzed/api/v0/developer_services_pb.rb
|
71
|
-
- lib/authzed/api/v0/namespace_pb.rb
|
72
|
-
- lib/authzed/api/v0/namespace_service_pb.rb
|
73
|
-
- lib/authzed/api/v0/namespace_service_services_pb.rb
|
74
|
-
- lib/authzed/api/v0/watch_service_pb.rb
|
75
|
-
- lib/authzed/api/v0/watch_service_services_pb.rb
|
76
69
|
- lib/authzed/api/v1/client.rb
|
77
70
|
- lib/authzed/api/v1/core_pb.rb
|
71
|
+
- lib/authzed/api/v1/debug_pb.rb
|
72
|
+
- lib/authzed/api/v1/error_reason_pb.rb
|
78
73
|
- lib/authzed/api/v1/openapi_pb.rb
|
79
74
|
- lib/authzed/api/v1/permission_service_pb.rb
|
80
75
|
- lib/authzed/api/v1/permission_service_services_pb.rb
|
81
|
-
- lib/authzed/api/v1/schema_pb.rb
|
82
76
|
- lib/authzed/api/v1/schema_service_pb.rb
|
83
77
|
- lib/authzed/api/v1/schema_service_services_pb.rb
|
84
|
-
- lib/authzed/api/v1/schema_services_pb.rb
|
85
78
|
- lib/authzed/api/v1/watch_service_pb.rb
|
86
79
|
- lib/authzed/api/v1/watch_service_services_pb.rb
|
87
80
|
- lib/authzed/api/v1alpha1/client.rb
|
@@ -1,104 +0,0 @@
|
|
1
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
-
# source: authzed/api/v0/acl_service.proto
|
3
|
-
|
4
|
-
require 'google/protobuf'
|
5
|
-
|
6
|
-
require 'validate/validate_pb'
|
7
|
-
require 'authzed/api/v0/core_pb'
|
8
|
-
|
9
|
-
Google::Protobuf::DescriptorPool.generated_pool.build do
|
10
|
-
add_file("authzed/api/v0/acl_service.proto", :syntax => :proto3) do
|
11
|
-
add_message "authzed.api.v0.RelationTupleFilter" do
|
12
|
-
optional :namespace, :string, 1, json_name: "namespace"
|
13
|
-
optional :object_id, :string, 2, json_name: "objectId"
|
14
|
-
optional :relation, :string, 3, json_name: "relation"
|
15
|
-
optional :userset, :message, 5, "authzed.api.v0.ObjectAndRelation", json_name: "userset"
|
16
|
-
repeated :filters, :enum, 6, "authzed.api.v0.RelationTupleFilter.Filter", json_name: "filters"
|
17
|
-
end
|
18
|
-
add_enum "authzed.api.v0.RelationTupleFilter.Filter" do
|
19
|
-
value :UNKNOWN, 0
|
20
|
-
value :OBJECT_ID, 1
|
21
|
-
value :RELATION, 2
|
22
|
-
value :USERSET, 4
|
23
|
-
end
|
24
|
-
add_message "authzed.api.v0.ReadRequest" do
|
25
|
-
repeated :tuplesets, :message, 1, "authzed.api.v0.RelationTupleFilter", json_name: "tuplesets"
|
26
|
-
optional :at_revision, :message, 2, "authzed.api.v0.Zookie", json_name: "atRevision"
|
27
|
-
end
|
28
|
-
add_message "authzed.api.v0.ReadResponse" do
|
29
|
-
repeated :tuplesets, :message, 1, "authzed.api.v0.ReadResponse.Tupleset", json_name: "tuplesets"
|
30
|
-
optional :revision, :message, 2, "authzed.api.v0.Zookie", json_name: "revision"
|
31
|
-
end
|
32
|
-
add_message "authzed.api.v0.ReadResponse.Tupleset" do
|
33
|
-
repeated :tuples, :message, 1, "authzed.api.v0.RelationTuple", json_name: "tuples"
|
34
|
-
end
|
35
|
-
add_message "authzed.api.v0.WriteRequest" do
|
36
|
-
repeated :write_conditions, :message, 1, "authzed.api.v0.RelationTuple", json_name: "writeConditions"
|
37
|
-
repeated :updates, :message, 2, "authzed.api.v0.RelationTupleUpdate", json_name: "updates"
|
38
|
-
end
|
39
|
-
add_message "authzed.api.v0.WriteResponse" do
|
40
|
-
optional :revision, :message, 1, "authzed.api.v0.Zookie", json_name: "revision"
|
41
|
-
end
|
42
|
-
add_message "authzed.api.v0.CheckRequest" do
|
43
|
-
optional :test_userset, :message, 1, "authzed.api.v0.ObjectAndRelation", json_name: "testUserset"
|
44
|
-
optional :user, :message, 2, "authzed.api.v0.User", json_name: "user"
|
45
|
-
optional :at_revision, :message, 3, "authzed.api.v0.Zookie", json_name: "atRevision"
|
46
|
-
end
|
47
|
-
add_message "authzed.api.v0.ContentChangeCheckRequest" do
|
48
|
-
optional :test_userset, :message, 1, "authzed.api.v0.ObjectAndRelation", json_name: "testUserset"
|
49
|
-
optional :user, :message, 2, "authzed.api.v0.User", json_name: "user"
|
50
|
-
end
|
51
|
-
add_message "authzed.api.v0.CheckResponse" do
|
52
|
-
optional :is_member, :bool, 1, json_name: "isMember"
|
53
|
-
optional :revision, :message, 2, "authzed.api.v0.Zookie", json_name: "revision"
|
54
|
-
optional :membership, :enum, 3, "authzed.api.v0.CheckResponse.Membership", json_name: "membership"
|
55
|
-
end
|
56
|
-
add_enum "authzed.api.v0.CheckResponse.Membership" do
|
57
|
-
value :UNKNOWN, 0
|
58
|
-
value :NOT_MEMBER, 1
|
59
|
-
value :MEMBER, 2
|
60
|
-
end
|
61
|
-
add_message "authzed.api.v0.ExpandRequest" do
|
62
|
-
optional :userset, :message, 1, "authzed.api.v0.ObjectAndRelation", json_name: "userset"
|
63
|
-
optional :at_revision, :message, 2, "authzed.api.v0.Zookie", json_name: "atRevision"
|
64
|
-
end
|
65
|
-
add_message "authzed.api.v0.ExpandResponse" do
|
66
|
-
optional :tree_node, :message, 1, "authzed.api.v0.RelationTupleTreeNode", json_name: "treeNode"
|
67
|
-
optional :revision, :message, 3, "authzed.api.v0.Zookie", json_name: "revision"
|
68
|
-
end
|
69
|
-
add_message "authzed.api.v0.LookupRequest" do
|
70
|
-
optional :object_relation, :message, 1, "authzed.api.v0.RelationReference", json_name: "objectRelation"
|
71
|
-
optional :user, :message, 2, "authzed.api.v0.ObjectAndRelation", json_name: "user"
|
72
|
-
optional :at_revision, :message, 3, "authzed.api.v0.Zookie", json_name: "atRevision"
|
73
|
-
optional :page_reference, :string, 4, json_name: "pageReference"
|
74
|
-
optional :limit, :uint32, 5, json_name: "limit"
|
75
|
-
end
|
76
|
-
add_message "authzed.api.v0.LookupResponse" do
|
77
|
-
repeated :resolved_object_ids, :string, 1, json_name: "resolvedObjectIds"
|
78
|
-
optional :next_page_reference, :string, 2, json_name: "nextPageReference"
|
79
|
-
optional :revision, :message, 3, "authzed.api.v0.Zookie", json_name: "revision"
|
80
|
-
end
|
81
|
-
end
|
82
|
-
end
|
83
|
-
|
84
|
-
module Authzed
|
85
|
-
module Api
|
86
|
-
module V0
|
87
|
-
RelationTupleFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationTupleFilter").msgclass
|
88
|
-
RelationTupleFilter::Filter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationTupleFilter.Filter").enummodule
|
89
|
-
ReadRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ReadRequest").msgclass
|
90
|
-
ReadResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ReadResponse").msgclass
|
91
|
-
ReadResponse::Tupleset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ReadResponse.Tupleset").msgclass
|
92
|
-
WriteRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.WriteRequest").msgclass
|
93
|
-
WriteResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.WriteResponse").msgclass
|
94
|
-
CheckRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.CheckRequest").msgclass
|
95
|
-
ContentChangeCheckRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ContentChangeCheckRequest").msgclass
|
96
|
-
CheckResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.CheckResponse").msgclass
|
97
|
-
CheckResponse::Membership = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.CheckResponse.Membership").enummodule
|
98
|
-
ExpandRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ExpandRequest").msgclass
|
99
|
-
ExpandResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ExpandResponse").msgclass
|
100
|
-
LookupRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.LookupRequest").msgclass
|
101
|
-
LookupResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.LookupResponse").msgclass
|
102
|
-
end
|
103
|
-
end
|
104
|
-
end
|
@@ -1,31 +0,0 @@
|
|
1
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
-
# Source: authzed/api/v0/acl_service.proto for package 'authzed.api.v0'
|
3
|
-
|
4
|
-
require 'grpc'
|
5
|
-
require 'authzed/api/v0/acl_service_pb'
|
6
|
-
|
7
|
-
module Authzed
|
8
|
-
module Api
|
9
|
-
module V0
|
10
|
-
module ACLService
|
11
|
-
class Service
|
12
|
-
|
13
|
-
include ::GRPC::GenericService
|
14
|
-
|
15
|
-
self.marshal_class_method = :encode
|
16
|
-
self.unmarshal_class_method = :decode
|
17
|
-
self.service_name = 'authzed.api.v0.ACLService'
|
18
|
-
|
19
|
-
rpc :Read, ::Authzed::Api::V0::ReadRequest, ::Authzed::Api::V0::ReadResponse
|
20
|
-
rpc :Write, ::Authzed::Api::V0::WriteRequest, ::Authzed::Api::V0::WriteResponse
|
21
|
-
rpc :Check, ::Authzed::Api::V0::CheckRequest, ::Authzed::Api::V0::CheckResponse
|
22
|
-
rpc :ContentChangeCheck, ::Authzed::Api::V0::ContentChangeCheckRequest, ::Authzed::Api::V0::CheckResponse
|
23
|
-
rpc :Expand, ::Authzed::Api::V0::ExpandRequest, ::Authzed::Api::V0::ExpandResponse
|
24
|
-
rpc :Lookup, ::Authzed::Api::V0::LookupRequest, ::Authzed::Api::V0::LookupResponse
|
25
|
-
end
|
26
|
-
|
27
|
-
Stub = Service.rpc_stub_class
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
31
|
-
end
|
@@ -1,95 +0,0 @@
|
|
1
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
-
# source: authzed/api/v0/namespace.proto
|
3
|
-
|
4
|
-
require 'google/protobuf'
|
5
|
-
|
6
|
-
require 'google/protobuf/any_pb'
|
7
|
-
require 'validate/validate_pb'
|
8
|
-
require 'authzed/api/v0/core_pb'
|
9
|
-
|
10
|
-
Google::Protobuf::DescriptorPool.generated_pool.build do
|
11
|
-
add_file("authzed/api/v0/namespace.proto", :syntax => :proto3) do
|
12
|
-
add_message "authzed.api.v0.Metadata" do
|
13
|
-
repeated :metadata_message, :message, 1, "google.protobuf.Any", json_name: "metadataMessage"
|
14
|
-
end
|
15
|
-
add_message "authzed.api.v0.NamespaceDefinition" do
|
16
|
-
optional :name, :string, 1, json_name: "name"
|
17
|
-
repeated :relation, :message, 2, "authzed.api.v0.Relation", json_name: "relation"
|
18
|
-
optional :metadata, :message, 3, "authzed.api.v0.Metadata", json_name: "metadata"
|
19
|
-
end
|
20
|
-
add_message "authzed.api.v0.Relation" do
|
21
|
-
optional :name, :string, 1, json_name: "name"
|
22
|
-
optional :userset_rewrite, :message, 2, "authzed.api.v0.UsersetRewrite", json_name: "usersetRewrite"
|
23
|
-
optional :type_information, :message, 3, "authzed.api.v0.TypeInformation", json_name: "typeInformation"
|
24
|
-
optional :metadata, :message, 4, "authzed.api.v0.Metadata", json_name: "metadata"
|
25
|
-
end
|
26
|
-
add_message "authzed.api.v0.TypeInformation" do
|
27
|
-
repeated :allowed_direct_relations, :message, 1, "authzed.api.v0.AllowedRelation", json_name: "allowedDirectRelations"
|
28
|
-
end
|
29
|
-
add_message "authzed.api.v0.AllowedRelation" do
|
30
|
-
optional :namespace, :string, 1, json_name: "namespace"
|
31
|
-
oneof :relation_or_wildcard do
|
32
|
-
optional :relation, :string, 3, json_name: "relation"
|
33
|
-
optional :public_wildcard, :message, 4, "authzed.api.v0.AllowedRelation.PublicWildcard", json_name: "publicWildcard"
|
34
|
-
end
|
35
|
-
end
|
36
|
-
add_message "authzed.api.v0.AllowedRelation.PublicWildcard" do
|
37
|
-
end
|
38
|
-
add_message "authzed.api.v0.UsersetRewrite" do
|
39
|
-
oneof :rewrite_operation do
|
40
|
-
optional :union, :message, 1, "authzed.api.v0.SetOperation", json_name: "union"
|
41
|
-
optional :intersection, :message, 2, "authzed.api.v0.SetOperation", json_name: "intersection"
|
42
|
-
optional :exclusion, :message, 3, "authzed.api.v0.SetOperation", json_name: "exclusion"
|
43
|
-
end
|
44
|
-
end
|
45
|
-
add_message "authzed.api.v0.SetOperation" do
|
46
|
-
repeated :child, :message, 1, "authzed.api.v0.SetOperation.Child", json_name: "child"
|
47
|
-
end
|
48
|
-
add_message "authzed.api.v0.SetOperation.Child" do
|
49
|
-
oneof :child_type do
|
50
|
-
optional :_this, :message, 1, "authzed.api.v0.SetOperation.Child.This", json_name: "This"
|
51
|
-
optional :computed_userset, :message, 2, "authzed.api.v0.ComputedUserset", json_name: "computedUserset"
|
52
|
-
optional :tuple_to_userset, :message, 3, "authzed.api.v0.TupleToUserset", json_name: "tupleToUserset"
|
53
|
-
optional :userset_rewrite, :message, 4, "authzed.api.v0.UsersetRewrite", json_name: "usersetRewrite"
|
54
|
-
end
|
55
|
-
end
|
56
|
-
add_message "authzed.api.v0.SetOperation.Child.This" do
|
57
|
-
end
|
58
|
-
add_message "authzed.api.v0.TupleToUserset" do
|
59
|
-
optional :tupleset, :message, 1, "authzed.api.v0.TupleToUserset.Tupleset", json_name: "tupleset"
|
60
|
-
optional :computed_userset, :message, 2, "authzed.api.v0.ComputedUserset", json_name: "computedUserset"
|
61
|
-
end
|
62
|
-
add_message "authzed.api.v0.TupleToUserset.Tupleset" do
|
63
|
-
optional :relation, :string, 1, json_name: "relation"
|
64
|
-
end
|
65
|
-
add_message "authzed.api.v0.ComputedUserset" do
|
66
|
-
optional :object, :enum, 1, "authzed.api.v0.ComputedUserset.Object", json_name: "object"
|
67
|
-
optional :relation, :string, 2, json_name: "relation"
|
68
|
-
end
|
69
|
-
add_enum "authzed.api.v0.ComputedUserset.Object" do
|
70
|
-
value :TUPLE_OBJECT, 0
|
71
|
-
value :TUPLE_USERSET_OBJECT, 1
|
72
|
-
end
|
73
|
-
end
|
74
|
-
end
|
75
|
-
|
76
|
-
module Authzed
|
77
|
-
module Api
|
78
|
-
module V0
|
79
|
-
Metadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.Metadata").msgclass
|
80
|
-
NamespaceDefinition = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.NamespaceDefinition").msgclass
|
81
|
-
Relation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.Relation").msgclass
|
82
|
-
TypeInformation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.TypeInformation").msgclass
|
83
|
-
AllowedRelation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.AllowedRelation").msgclass
|
84
|
-
AllowedRelation::PublicWildcard = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.AllowedRelation.PublicWildcard").msgclass
|
85
|
-
UsersetRewrite = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.UsersetRewrite").msgclass
|
86
|
-
SetOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.SetOperation").msgclass
|
87
|
-
SetOperation::Child = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.SetOperation.Child").msgclass
|
88
|
-
SetOperation::Child::This = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.SetOperation.Child.This").msgclass
|
89
|
-
TupleToUserset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.TupleToUserset").msgclass
|
90
|
-
TupleToUserset::Tupleset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.TupleToUserset.Tupleset").msgclass
|
91
|
-
ComputedUserset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ComputedUserset").msgclass
|
92
|
-
ComputedUserset::Object = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ComputedUserset.Object").enummodule
|
93
|
-
end
|
94
|
-
end
|
95
|
-
end
|
@@ -1,47 +0,0 @@
|
|
1
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
-
# source: authzed/api/v0/namespace_service.proto
|
3
|
-
|
4
|
-
require 'google/protobuf'
|
5
|
-
|
6
|
-
require 'validate/validate_pb'
|
7
|
-
require 'authzed/api/v0/core_pb'
|
8
|
-
require 'authzed/api/v0/namespace_pb'
|
9
|
-
|
10
|
-
Google::Protobuf::DescriptorPool.generated_pool.build do
|
11
|
-
add_file("authzed/api/v0/namespace_service.proto", :syntax => :proto3) do
|
12
|
-
add_message "authzed.api.v0.ReadConfigRequest" do
|
13
|
-
optional :namespace, :string, 1, json_name: "namespace"
|
14
|
-
optional :at_revision, :message, 2, "authzed.api.v0.Zookie", json_name: "atRevision"
|
15
|
-
end
|
16
|
-
add_message "authzed.api.v0.ReadConfigResponse" do
|
17
|
-
optional :namespace, :string, 1, json_name: "namespace"
|
18
|
-
optional :config, :message, 2, "authzed.api.v0.NamespaceDefinition", json_name: "config"
|
19
|
-
optional :revision, :message, 4, "authzed.api.v0.Zookie", json_name: "revision"
|
20
|
-
end
|
21
|
-
add_message "authzed.api.v0.WriteConfigRequest" do
|
22
|
-
repeated :configs, :message, 2, "authzed.api.v0.NamespaceDefinition", json_name: "configs"
|
23
|
-
end
|
24
|
-
add_message "authzed.api.v0.WriteConfigResponse" do
|
25
|
-
optional :revision, :message, 1, "authzed.api.v0.Zookie", json_name: "revision"
|
26
|
-
end
|
27
|
-
add_message "authzed.api.v0.DeleteConfigsRequest" do
|
28
|
-
repeated :namespaces, :string, 1, json_name: "namespaces"
|
29
|
-
end
|
30
|
-
add_message "authzed.api.v0.DeleteConfigsResponse" do
|
31
|
-
optional :revision, :message, 1, "authzed.api.v0.Zookie", json_name: "revision"
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|
35
|
-
|
36
|
-
module Authzed
|
37
|
-
module Api
|
38
|
-
module V0
|
39
|
-
ReadConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ReadConfigRequest").msgclass
|
40
|
-
ReadConfigResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ReadConfigResponse").msgclass
|
41
|
-
WriteConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.WriteConfigRequest").msgclass
|
42
|
-
WriteConfigResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.WriteConfigResponse").msgclass
|
43
|
-
DeleteConfigsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.DeleteConfigsRequest").msgclass
|
44
|
-
DeleteConfigsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.DeleteConfigsResponse").msgclass
|
45
|
-
end
|
46
|
-
end
|
47
|
-
end
|
@@ -1,28 +0,0 @@
|
|
1
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
-
# Source: authzed/api/v0/namespace_service.proto for package 'authzed.api.v0'
|
3
|
-
|
4
|
-
require 'grpc'
|
5
|
-
require 'authzed/api/v0/namespace_service_pb'
|
6
|
-
|
7
|
-
module Authzed
|
8
|
-
module Api
|
9
|
-
module V0
|
10
|
-
module NamespaceService
|
11
|
-
class Service
|
12
|
-
|
13
|
-
include ::GRPC::GenericService
|
14
|
-
|
15
|
-
self.marshal_class_method = :encode
|
16
|
-
self.unmarshal_class_method = :decode
|
17
|
-
self.service_name = 'authzed.api.v0.NamespaceService'
|
18
|
-
|
19
|
-
rpc :ReadConfig, ::Authzed::Api::V0::ReadConfigRequest, ::Authzed::Api::V0::ReadConfigResponse
|
20
|
-
rpc :WriteConfig, ::Authzed::Api::V0::WriteConfigRequest, ::Authzed::Api::V0::WriteConfigResponse
|
21
|
-
rpc :DeleteConfigs, ::Authzed::Api::V0::DeleteConfigsRequest, ::Authzed::Api::V0::DeleteConfigsResponse
|
22
|
-
end
|
23
|
-
|
24
|
-
Stub = Service.rpc_stub_class
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|
28
|
-
end
|
@@ -1,29 +0,0 @@
|
|
1
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
-
# source: authzed/api/v0/watch_service.proto
|
3
|
-
|
4
|
-
require 'google/protobuf'
|
5
|
-
|
6
|
-
require 'validate/validate_pb'
|
7
|
-
require 'authzed/api/v0/core_pb'
|
8
|
-
|
9
|
-
Google::Protobuf::DescriptorPool.generated_pool.build do
|
10
|
-
add_file("authzed/api/v0/watch_service.proto", :syntax => :proto3) do
|
11
|
-
add_message "authzed.api.v0.WatchRequest" do
|
12
|
-
repeated :namespaces, :string, 1, json_name: "namespaces"
|
13
|
-
optional :start_revision, :message, 2, "authzed.api.v0.Zookie", json_name: "startRevision"
|
14
|
-
end
|
15
|
-
add_message "authzed.api.v0.WatchResponse" do
|
16
|
-
repeated :updates, :message, 1, "authzed.api.v0.RelationTupleUpdate", json_name: "updates"
|
17
|
-
optional :end_revision, :message, 2, "authzed.api.v0.Zookie", json_name: "endRevision"
|
18
|
-
end
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
module Authzed
|
23
|
-
module Api
|
24
|
-
module V0
|
25
|
-
WatchRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.WatchRequest").msgclass
|
26
|
-
WatchResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.WatchResponse").msgclass
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
@@ -1,26 +0,0 @@
|
|
1
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
-
# Source: authzed/api/v0/watch_service.proto for package 'authzed.api.v0'
|
3
|
-
|
4
|
-
require 'grpc'
|
5
|
-
require 'authzed/api/v0/watch_service_pb'
|
6
|
-
|
7
|
-
module Authzed
|
8
|
-
module Api
|
9
|
-
module V0
|
10
|
-
module WatchService
|
11
|
-
class Service
|
12
|
-
|
13
|
-
include ::GRPC::GenericService
|
14
|
-
|
15
|
-
self.marshal_class_method = :encode
|
16
|
-
self.unmarshal_class_method = :decode
|
17
|
-
self.service_name = 'authzed.api.v0.WatchService'
|
18
|
-
|
19
|
-
rpc :Watch, ::Authzed::Api::V0::WatchRequest, stream(::Authzed::Api::V0::WatchResponse)
|
20
|
-
end
|
21
|
-
|
22
|
-
Stub = Service.rpc_stub_class
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|
26
|
-
end
|
@@ -1,30 +0,0 @@
|
|
1
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
-
# source: authzed/api/v1/schema.proto
|
3
|
-
|
4
|
-
require 'google/protobuf'
|
5
|
-
|
6
|
-
Google::Protobuf::DescriptorPool.generated_pool.build do
|
7
|
-
add_file("authzed/api/v1/schema.proto", :syntax => :proto3) do
|
8
|
-
add_message "authzed.api.v1.ReadSchemaRequest" do
|
9
|
-
end
|
10
|
-
add_message "authzed.api.v1.ReadSchemaResponse" do
|
11
|
-
optional :schema_text, :string, 1, json_name: "schemaText"
|
12
|
-
end
|
13
|
-
add_message "authzed.api.v1.WriteSchemaRequest" do
|
14
|
-
optional :schema, :string, 1, json_name: "schema"
|
15
|
-
end
|
16
|
-
add_message "authzed.api.v1.WriteSchemaResponse" do
|
17
|
-
end
|
18
|
-
end
|
19
|
-
end
|
20
|
-
|
21
|
-
module Authzed
|
22
|
-
module Api
|
23
|
-
module V1
|
24
|
-
ReadSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ReadSchemaRequest").msgclass
|
25
|
-
ReadSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ReadSchemaResponse").msgclass
|
26
|
-
WriteSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.WriteSchemaRequest").msgclass
|
27
|
-
WriteSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.WriteSchemaResponse").msgclass
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
@@ -1,34 +0,0 @@
|
|
1
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
-
# Source: authzed/api/v1/schema.proto for package 'authzed.api.v1'
|
3
|
-
|
4
|
-
require 'grpc'
|
5
|
-
require 'authzed/api/v1/schema_pb'
|
6
|
-
|
7
|
-
module Authzed
|
8
|
-
module Api
|
9
|
-
module V1
|
10
|
-
module SchemaService
|
11
|
-
# SchemaService implements operations on a Permissions System's Schema.
|
12
|
-
class Service
|
13
|
-
|
14
|
-
include ::GRPC::GenericService
|
15
|
-
|
16
|
-
self.marshal_class_method = :encode
|
17
|
-
self.unmarshal_class_method = :decode
|
18
|
-
self.service_name = 'authzed.api.v1.SchemaService'
|
19
|
-
|
20
|
-
# Read returns the current Object Definitions for a Permissions System.
|
21
|
-
#
|
22
|
-
# Errors include:
|
23
|
-
# - INVALID_ARGUMENT: a provided value has failed to semantically validate
|
24
|
-
# - NOT_FOUND: no schema has been defined
|
25
|
-
rpc :ReadSchema, ::Authzed::Api::V1::ReadSchemaRequest, ::Authzed::Api::V1::ReadSchemaResponse
|
26
|
-
# Write overwrites the current Object Definitions for a Permissions System.
|
27
|
-
rpc :WriteSchema, ::Authzed::Api::V1::WriteSchemaRequest, ::Authzed::Api::V1::WriteSchemaResponse
|
28
|
-
end
|
29
|
-
|
30
|
-
Stub = Service.rpc_stub_class
|
31
|
-
end
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|