authzed 0.4.0 → 0.7.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (32) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +1 -2
  3. data/lib/authzed/api/v1/client.rb +8 -1
  4. data/lib/authzed/api/v1/core_pb.rb +29 -48
  5. data/lib/authzed/api/v1/debug_pb.rb +31 -29
  6. data/lib/authzed/api/v1/error_reason_pb.rb +40 -0
  7. data/lib/authzed/api/v1/experimental_service_pb.rb +61 -0
  8. data/lib/authzed/api/v1/experimental_service_services_pb.rb +43 -0
  9. data/lib/authzed/api/v1/openapi_pb.rb +25 -2
  10. data/lib/authzed/api/v1/permission_service_pb.rb +31 -100
  11. data/lib/authzed/api/v1/schema_service_pb.rb +26 -11
  12. data/lib/authzed/api/v1/watch_service_pb.rb +25 -9
  13. data/lib/authzed.rb +3 -5
  14. metadata +5 -20
  15. data/lib/authzed/api/v0/acl_service_pb.rb +0 -104
  16. data/lib/authzed/api/v0/acl_service_services_pb.rb +0 -31
  17. data/lib/authzed/api/v0/client.rb +0 -61
  18. data/lib/authzed/api/v0/core_pb.rb +0 -40
  19. data/lib/authzed/api/v0/developer_pb.rb +0 -132
  20. data/lib/authzed/api/v0/developer_services_pb.rb +0 -31
  21. data/lib/authzed/api/v0/namespace_pb.rb +0 -95
  22. data/lib/authzed/api/v0/namespace_service_pb.rb +0 -47
  23. data/lib/authzed/api/v0/namespace_service_services_pb.rb +0 -28
  24. data/lib/authzed/api/v0/watch_service_pb.rb +0 -29
  25. data/lib/authzed/api/v0/watch_service_services_pb.rb +0 -26
  26. data/lib/authzed/api/v1/schema_pb.rb +0 -30
  27. data/lib/authzed/api/v1/schema_services_pb.rb +0 -34
  28. data/lib/authzed/api/v1alpha1/client.rb +0 -25
  29. data/lib/authzed/api/v1alpha1/schema_pb.rb +0 -37
  30. data/lib/authzed/api/v1alpha1/schema_services_pb.rb +0 -36
  31. data/lib/authzed/api/v1alpha1/watchresources_service_pb.rb +0 -46
  32. data/lib/authzed/api/v1alpha1/watchresources_service_services_pb.rb +0 -30
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0211dcb4e1b7cfc4f5aecca853548da0d6eef6d0198dd97e0f2ff44dae373429
4
- data.tar.gz: 94e3b2c8cbd070654e88f0ce3ed02ecda045fe1156a14ceec210df5743b18a2e
3
+ metadata.gz: 471300e0b15428b18cc989e999dc0bfe4160a8d53bb1202b67297d9ec5e3372c
4
+ data.tar.gz: d907cf8be69946cc6c9e203fc25b8d0f093d55a8a591db2eaaba8c21e457be46
5
5
  SHA512:
6
- metadata.gz: 2192c05e51d8abb91baddf0b29e27477cc1de6f0922a4fb6d1fed9b39fb14870e4ad7a32dd87964cea8724890d947bf6726b8bf358808478f50e32f9b380cd70
7
- data.tar.gz: 3893665e9b69175317a990c6305166c3f25cb354bc04890ebf9b467dd0914d1c0a00943ac916cd183beddfae953b2653910d35060b121bfe32b69e19515205f9
6
+ metadata.gz: 02e864c03b388947db98cf344c6c4a7d4279332f8947069b7275641a159b63e08d47e888b542350ac7b74be4604b85295b6139d3bfe1757532306a14394de224
7
+ data.tar.gz: 3ba557b7abf4ffb568971821f18a36ccc05699cde69961ce82696a2a2b47a26aa73023df3c3e9c673dab7ca15186c3be9c440bd946ec173a328c21e7e2280d97
data/README.md CHANGED
@@ -18,7 +18,6 @@ Once stored, data can be performantly queried to answer questions such as "Does
18
18
 
19
19
  Supported client API versions:
20
20
  - [v1](https://buf.build/authzed/api/docs/main/authzed.api.v1)
21
- - [v1alpha1](https://buf.build/authzed/api/docs/main/authzed.api.v1alpha1)
22
21
 
23
22
  You can find more info about the API in the [Authzed Documentation API Reference] or the [Authzed API Buf Registry repository].
24
23
 
@@ -96,6 +95,6 @@ resp = client.permissions_service.check_permission(
96
95
  )
97
96
  )
98
97
  )
99
- can_read = Authzed::Api::V1::CheckPermissionResponse::Permissionship.resolve(resp.permissionship)) ==
98
+ can_read = Authzed::Api::V1::CheckPermissionResponse::Permissionship.resolve(resp.permissionship) ==
100
99
  Authzed::Api::V1::CheckPermissionResponse::Permissionship::PERMISSIONSHIP_HAS_PERMISSION
101
100
  ```
@@ -4,7 +4,7 @@ module Authzed
4
4
  module Api
5
5
  module V1
6
6
  class Client
7
- attr_reader :permissions_service, :schema_service, :watch_service
7
+ attr_reader :permissions_service, :schema_service, :watch_service, :experimental_service
8
8
 
9
9
  def initialize(target:, credentials: nil, interceptors: [], options: {}, timeout: nil)
10
10
  creds = credentials || GRPC::Core::ChannelCredentials.new
@@ -30,6 +30,13 @@ module Authzed
30
30
  interceptors: interceptors,
31
31
  channel_args: options,
32
32
  )
33
+ @experimental_service = Authzed::Api::V1::ExperimentalService::Stub.new(
34
+ target,
35
+ creds,
36
+ timeout: timeout,
37
+ interceptors: interceptors,
38
+ channel_args: options,
39
+ )
33
40
  end
34
41
  end
35
42
  end
@@ -1,75 +1,56 @@
1
+ # frozen_string_literal: true
1
2
  # Generated by the protocol buffer compiler. DO NOT EDIT!
2
3
  # source: authzed/api/v1/core.proto
3
4
 
4
5
  require 'google/protobuf'
5
6
 
7
+ require 'google/protobuf/struct_pb'
6
8
  require 'validate/validate_pb'
7
9
 
8
- Google::Protobuf::DescriptorPool.generated_pool.build do
9
- add_file("authzed/api/v1/core.proto", :syntax => :proto3) do
10
- add_message "authzed.api.v1.Relationship" do
11
- optional :resource, :message, 1, "authzed.api.v1.ObjectReference", json_name: "resource"
12
- optional :relation, :string, 2, json_name: "relation"
13
- optional :subject, :message, 3, "authzed.api.v1.SubjectReference", json_name: "subject"
14
- end
15
- add_message "authzed.api.v1.SubjectReference" do
16
- optional :object, :message, 1, "authzed.api.v1.ObjectReference", json_name: "object"
17
- optional :optional_relation, :string, 2, json_name: "optionalRelation"
18
- end
19
- add_message "authzed.api.v1.ObjectReference" do
20
- optional :object_type, :string, 1, json_name: "objectType"
21
- optional :object_id, :string, 2, json_name: "objectId"
22
- end
23
- add_message "authzed.api.v1.ZedToken" do
24
- optional :token, :string, 1, json_name: "token"
25
- end
26
- add_message "authzed.api.v1.RelationshipUpdate" do
27
- optional :operation, :enum, 1, "authzed.api.v1.RelationshipUpdate.Operation", json_name: "operation"
28
- optional :relationship, :message, 2, "authzed.api.v1.Relationship", json_name: "relationship"
29
- end
30
- add_enum "authzed.api.v1.RelationshipUpdate.Operation" do
31
- value :OPERATION_UNSPECIFIED, 0
32
- value :OPERATION_CREATE, 1
33
- value :OPERATION_TOUCH, 2
34
- value :OPERATION_DELETE, 3
35
- end
36
- add_message "authzed.api.v1.PermissionRelationshipTree" do
37
- optional :expanded_object, :message, 3, "authzed.api.v1.ObjectReference", json_name: "expandedObject"
38
- optional :expanded_relation, :string, 4, json_name: "expandedRelation"
39
- oneof :tree_type do
40
- optional :intermediate, :message, 1, "authzed.api.v1.AlgebraicSubjectSet", json_name: "intermediate"
41
- optional :leaf, :message, 2, "authzed.api.v1.DirectSubjectSet", json_name: "leaf"
42
- end
43
- end
44
- add_message "authzed.api.v1.AlgebraicSubjectSet" do
45
- optional :operation, :enum, 1, "authzed.api.v1.AlgebraicSubjectSet.Operation", json_name: "operation"
46
- repeated :children, :message, 2, "authzed.api.v1.PermissionRelationshipTree", json_name: "children"
47
- end
48
- add_enum "authzed.api.v1.AlgebraicSubjectSet.Operation" do
49
- value :OPERATION_UNSPECIFIED, 0
50
- value :OPERATION_UNION, 1
51
- value :OPERATION_INTERSECTION, 2
52
- value :OPERATION_EXCLUSION, 3
53
- end
54
- add_message "authzed.api.v1.DirectSubjectSet" do
55
- repeated :subjects, :message, 1, "authzed.api.v1.SubjectReference", json_name: "subjects"
10
+
11
+ descriptor_data = "\n\x19\x61uthzed/api/v1/core.proto\x12\x0e\x61uthzed.api.v1\x1a\x1cgoogle/protobuf/struct.proto\x1a\x17validate/validate.proto\"\xb9\x02\n\x0cRelationship\x12\x45\n\x08resource\x18\x01 \x01(\x0b\x32\x1f.authzed.api.v1.ObjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x08resource\x12\x43\n\x08relation\x18\x02 \x01(\tB\'\xfa\x42$r\"(@2\x1e^[a-z][a-z0-9_]{1,62}[a-z0-9]$R\x08relation\x12\x44\n\x07subject\x18\x03 \x01(\x0b\x32 .authzed.api.v1.SubjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x07subject\x12W\n\x0foptional_caveat\x18\x04 \x01(\x0b\x32$.authzed.api.v1.ContextualizedCaveatB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\x0eoptionalCaveat\"\xa6\x01\n\x14\x43ontextualizedCaveat\x12Q\n\x0b\x63\x61veat_name\x18\x01 \x01(\tB0\xfa\x42-r+(\x80\x01\x32&^([a-zA-Z0-9_][a-zA-Z0-9/_|-]{0,127})$R\ncaveatName\x12;\n\x07\x63ontext\x18\x02 \x01(\x0b\x32\x17.google.protobuf.StructB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\x07\x63ontext\"\xae\x01\n\x10SubjectReference\x12\x41\n\x06object\x18\x01 \x01(\x0b\x32\x1f.authzed.api.v1.ObjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x06object\x12W\n\x11optional_relation\x18\x02 \x01(\tB*\xfa\x42\'r%(@2!^([a-z][a-z0-9_]{1,62}[a-z0-9])?$R\x10optionalRelation\"\xc4\x01\n\x0fObjectReference\x12i\n\x0bobject_type\x18\x01 \x01(\tBH\xfa\x42\x45rC(\x80\x01\x32>^([a-z][a-z0-9_]{1,61}[a-z0-9]/)*[a-z][a-z0-9_]{1,62}[a-z0-9]$R\nobjectType\x12\x46\n\tobject_id\x18\x02 \x01(\tB)\xfa\x42&r$(\x80\x08\x32\x1f^(([a-zA-Z0-9/_|\\-=+]{1,})|\\*)$R\x08objectId\")\n\x08ZedToken\x12\x1d\n\x05token\x18\x01 \x01(\tB\x07\xfa\x42\x04r\x02 \x01R\x05token\"+\n\x06\x43ursor\x12!\n\x05token\x18\x01 \x01(\tB\x0b\xfa\x42\x08r\x06 \x01(\x80\xa0\x06R\x05token\"\xa1\x02\n\x12RelationshipUpdate\x12V\n\toperation\x18\x01 \x01(\x0e\x32,.authzed.api.v1.RelationshipUpdate.OperationB\n\xfa\x42\x07\x82\x01\x04\x10\x01 \x00R\toperation\x12J\n\x0crelationship\x18\x02 \x01(\x0b\x32\x1c.authzed.api.v1.RelationshipB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x0crelationship\"g\n\tOperation\x12\x19\n\x15OPERATION_UNSPECIFIED\x10\x00\x12\x14\n\x10OPERATION_CREATE\x10\x01\x12\x13\n\x0fOPERATION_TOUCH\x10\x02\x12\x14\n\x10OPERATION_DELETE\x10\x03\"\xa8\x02\n\x1aPermissionRelationshipTree\x12I\n\x0cintermediate\x18\x01 \x01(\x0b\x32#.authzed.api.v1.AlgebraicSubjectSetH\x00R\x0cintermediate\x12\x36\n\x04leaf\x18\x02 \x01(\x0b\x32 .authzed.api.v1.DirectSubjectSetH\x00R\x04leaf\x12H\n\x0f\x65xpanded_object\x18\x03 \x01(\x0b\x32\x1f.authzed.api.v1.ObjectReferenceR\x0e\x65xpandedObject\x12+\n\x11\x65xpanded_relation\x18\x04 \x01(\tR\x10\x65xpandedRelationB\x10\n\ttree_type\x12\x03\xf8\x42\x01\"\xb7\x02\n\x13\x41lgebraicSubjectSet\x12W\n\toperation\x18\x01 \x01(\x0e\x32-.authzed.api.v1.AlgebraicSubjectSet.OperationB\n\xfa\x42\x07\x82\x01\x04\x10\x01 \x00R\toperation\x12U\n\x08\x63hildren\x18\x02 \x03(\x0b\x32*.authzed.api.v1.PermissionRelationshipTreeB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\x08\x63hildren\"p\n\tOperation\x12\x19\n\x15OPERATION_UNSPECIFIED\x10\x00\x12\x13\n\x0fOPERATION_UNION\x10\x01\x12\x1a\n\x16OPERATION_INTERSECTION\x10\x02\x12\x17\n\x13OPERATION_EXCLUSION\x10\x03\"P\n\x10\x44irectSubjectSet\x12<\n\x08subjects\x18\x01 \x03(\x0b\x32 .authzed.api.v1.SubjectReferenceR\x08subjects\"W\n\x11PartialCaveatInfo\x12\x42\n\x18missing_required_context\x18\x01 \x03(\tB\x08\xfa\x42\x05\x92\x01\x02\x08\x01R\x16missingRequiredContextBH\n\x12\x63om.authzed.api.v1Z2github.com/authzed/authzed-go/proto/authzed/api/v1b\x06proto3"
12
+
13
+ pool = Google::Protobuf::DescriptorPool.generated_pool
14
+
15
+ begin
16
+ pool.add_serialized_file(descriptor_data)
17
+ rescue TypeError => e
18
+ # Compatibility code: will be removed in the next major version.
19
+ require 'google/protobuf/descriptor_pb'
20
+ parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
21
+ parsed.clear_dependency
22
+ serialized = parsed.class.encode(parsed)
23
+ file = pool.add_serialized_file(serialized)
24
+ warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
25
+ imports = [
26
+ ["google.protobuf.Struct", "google/protobuf/struct.proto"],
27
+ ]
28
+ imports.each do |type_name, expected_filename|
29
+ import_file = pool.lookup(type_name).file_descriptor
30
+ if import_file.name != expected_filename
31
+ warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
56
32
  end
57
33
  end
34
+ warn "Each proto file must use a consistent fully-qualified name."
35
+ warn "This will become an error in the next major version."
58
36
  end
59
37
 
60
38
  module Authzed
61
39
  module Api
62
40
  module V1
63
41
  Relationship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.Relationship").msgclass
42
+ ContextualizedCaveat = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ContextualizedCaveat").msgclass
64
43
  SubjectReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.SubjectReference").msgclass
65
44
  ObjectReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ObjectReference").msgclass
66
45
  ZedToken = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ZedToken").msgclass
46
+ Cursor = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.Cursor").msgclass
67
47
  RelationshipUpdate = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.RelationshipUpdate").msgclass
68
48
  RelationshipUpdate::Operation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.RelationshipUpdate.Operation").enummodule
69
49
  PermissionRelationshipTree = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.PermissionRelationshipTree").msgclass
70
50
  AlgebraicSubjectSet = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.AlgebraicSubjectSet").msgclass
71
51
  AlgebraicSubjectSet::Operation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.AlgebraicSubjectSet.Operation").enummodule
72
52
  DirectSubjectSet = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.DirectSubjectSet").msgclass
53
+ PartialCaveatInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.PartialCaveatInfo").msgclass
73
54
  end
74
55
  end
75
56
  end
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  # Generated by the protocol buffer compiler. DO NOT EDIT!
2
3
  # source: authzed/api/v1/debug.proto
3
4
 
@@ -5,38 +6,37 @@ require 'google/protobuf'
5
6
 
6
7
  require 'authzed/api/v1/core_pb'
7
8
  require 'validate/validate_pb'
9
+ require 'google/protobuf/struct_pb'
10
+ require 'google/protobuf/duration_pb'
8
11
 
9
- Google::Protobuf::DescriptorPool.generated_pool.build do
10
- add_file("authzed/api/v1/debug.proto", :syntax => :proto3) do
11
- add_message "authzed.api.v1.DebugInformation" do
12
- optional :check, :message, 1, "authzed.api.v1.CheckDebugTrace", json_name: "check"
13
- optional :schema_used, :string, 2, json_name: "schemaUsed"
14
- end
15
- add_message "authzed.api.v1.CheckDebugTrace" do
16
- optional :resource, :message, 1, "authzed.api.v1.ObjectReference", json_name: "resource"
17
- optional :permission, :string, 2, json_name: "permission"
18
- optional :permission_type, :enum, 3, "authzed.api.v1.CheckDebugTrace.PermissionType", json_name: "permissionType"
19
- optional :subject, :message, 4, "authzed.api.v1.SubjectReference", json_name: "subject"
20
- optional :result, :enum, 5, "authzed.api.v1.CheckDebugTrace.Permissionship", json_name: "result"
21
- oneof :resolution do
22
- optional :was_cached_result, :bool, 6, json_name: "wasCachedResult"
23
- optional :sub_problems, :message, 7, "authzed.api.v1.CheckDebugTrace.SubProblems", json_name: "subProblems"
24
- end
25
- end
26
- add_message "authzed.api.v1.CheckDebugTrace.SubProblems" do
27
- repeated :traces, :message, 1, "authzed.api.v1.CheckDebugTrace", json_name: "traces"
28
- end
29
- add_enum "authzed.api.v1.CheckDebugTrace.PermissionType" do
30
- value :PERMISSION_TYPE_UNSPECIFIED, 0
31
- value :PERMISSION_TYPE_RELATION, 1
32
- value :PERMISSION_TYPE_PERMISSION, 2
33
- end
34
- add_enum "authzed.api.v1.CheckDebugTrace.Permissionship" do
35
- value :PERMISSIONSHIP_UNSPECIFIED, 0
36
- value :PERMISSIONSHIP_NO_PERMISSION, 1
37
- value :PERMISSIONSHIP_HAS_PERMISSION, 2
12
+
13
+ descriptor_data = "\n\x1a\x61uthzed/api/v1/debug.proto\x12\x0e\x61uthzed.api.v1\x1a\x19\x61uthzed/api/v1/core.proto\x1a\x17validate/validate.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1egoogle/protobuf/duration.proto\"j\n\x10\x44\x65\x62ugInformation\x12\x35\n\x05\x63heck\x18\x01 \x01(\x0b\x32\x1f.authzed.api.v1.CheckDebugTraceR\x05\x63heck\x12\x1f\n\x0bschema_used\x18\x02 \x01(\tR\nschemaUsed\"\xf3\x07\n\x0f\x43heckDebugTrace\x12\x45\n\x08resource\x18\x01 \x01(\x0b\x32\x1f.authzed.api.v1.ObjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x08resource\x12\x1e\n\npermission\x18\x02 \x01(\tR\npermission\x12\x63\n\x0fpermission_type\x18\x03 \x01(\x0e\x32..authzed.api.v1.CheckDebugTrace.PermissionTypeB\n\xfa\x42\x07\x82\x01\x04\x10\x01 \x00R\x0epermissionType\x12\x44\n\x07subject\x18\x04 \x01(\x0b\x32 .authzed.api.v1.SubjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x07subject\x12R\n\x06result\x18\x05 \x01(\x0e\x32..authzed.api.v1.CheckDebugTrace.PermissionshipB\n\xfa\x42\x07\x82\x01\x04\x10\x01 \x00R\x06result\x12T\n\x16\x63\x61veat_evaluation_info\x18\x08 \x01(\x0b\x32\x1e.authzed.api.v1.CaveatEvalInfoR\x14\x63\x61veatEvaluationInfo\x12\x35\n\x08\x64uration\x18\t \x01(\x0b\x32\x19.google.protobuf.DurationR\x08\x64uration\x12,\n\x11was_cached_result\x18\x06 \x01(\x08H\x00R\x0fwasCachedResult\x12P\n\x0csub_problems\x18\x07 \x01(\x0b\x32+.authzed.api.v1.CheckDebugTrace.SubProblemsH\x00R\x0bsubProblems\x1a\x46\n\x0bSubProblems\x12\x37\n\x06traces\x18\x01 \x03(\x0b\x32\x1f.authzed.api.v1.CheckDebugTraceR\x06traces\"o\n\x0ePermissionType\x12\x1f\n\x1bPERMISSION_TYPE_UNSPECIFIED\x10\x00\x12\x1c\n\x18PERMISSION_TYPE_RELATION\x10\x01\x12\x1e\n\x1aPERMISSION_TYPE_PERMISSION\x10\x02\"\xa0\x01\n\x0ePermissionship\x12\x1e\n\x1aPERMISSIONSHIP_UNSPECIFIED\x10\x00\x12 \n\x1cPERMISSIONSHIP_NO_PERMISSION\x10\x01\x12!\n\x1dPERMISSIONSHIP_HAS_PERMISSION\x10\x02\x12)\n%PERMISSIONSHIP_CONDITIONAL_PERMISSION\x10\x03\x42\x11\n\nresolution\x12\x03\xf8\x42\x01\"\x94\x03\n\x0e\x43\x61veatEvalInfo\x12\x1e\n\nexpression\x18\x01 \x01(\tR\nexpression\x12=\n\x06result\x18\x02 \x01(\x0e\x32%.authzed.api.v1.CaveatEvalInfo.ResultR\x06result\x12\x31\n\x07\x63ontext\x18\x03 \x01(\x0b\x32\x17.google.protobuf.StructR\x07\x63ontext\x12Q\n\x13partial_caveat_info\x18\x04 \x01(\x0b\x32!.authzed.api.v1.PartialCaveatInfoR\x11partialCaveatInfo\x12\x1f\n\x0b\x63\x61veat_name\x18\x05 \x01(\tR\ncaveatName\"|\n\x06Result\x12\x16\n\x12RESULT_UNSPECIFIED\x10\x00\x12\x16\n\x12RESULT_UNEVALUATED\x10\x01\x12\x10\n\x0cRESULT_FALSE\x10\x02\x12\x0f\n\x0bRESULT_TRUE\x10\x03\x12\x1f\n\x1bRESULT_MISSING_SOME_CONTEXT\x10\x04\x42H\n\x12\x63om.authzed.api.v1Z2github.com/authzed/authzed-go/proto/authzed/api/v1b\x06proto3"
14
+
15
+ pool = Google::Protobuf::DescriptorPool.generated_pool
16
+
17
+ begin
18
+ pool.add_serialized_file(descriptor_data)
19
+ rescue TypeError => e
20
+ # Compatibility code: will be removed in the next major version.
21
+ require 'google/protobuf/descriptor_pb'
22
+ parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
23
+ parsed.clear_dependency
24
+ serialized = parsed.class.encode(parsed)
25
+ file = pool.add_serialized_file(serialized)
26
+ warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
27
+ imports = [
28
+ ["authzed.api.v1.ObjectReference", "authzed/api/v1/core.proto"],
29
+ ["google.protobuf.Duration", "google/protobuf/duration.proto"],
30
+ ["google.protobuf.Struct", "google/protobuf/struct.proto"],
31
+ ]
32
+ imports.each do |type_name, expected_filename|
33
+ import_file = pool.lookup(type_name).file_descriptor
34
+ if import_file.name != expected_filename
35
+ warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
38
36
  end
39
37
  end
38
+ warn "Each proto file must use a consistent fully-qualified name."
39
+ warn "This will become an error in the next major version."
40
40
  end
41
41
 
42
42
  module Authzed
@@ -47,6 +47,8 @@ module Authzed
47
47
  CheckDebugTrace::SubProblems = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace.SubProblems").msgclass
48
48
  CheckDebugTrace::PermissionType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace.PermissionType").enummodule
49
49
  CheckDebugTrace::Permissionship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace.Permissionship").enummodule
50
+ CaveatEvalInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CaveatEvalInfo").msgclass
51
+ CaveatEvalInfo::Result = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CaveatEvalInfo.Result").enummodule
50
52
  end
51
53
  end
52
54
  end
@@ -0,0 +1,40 @@
1
+ # frozen_string_literal: true
2
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
3
+ # source: authzed/api/v1/error_reason.proto
4
+
5
+ require 'google/protobuf'
6
+
7
+
8
+ descriptor_data = "\n!authzed/api/v1/error_reason.proto\x12\x0e\x61uthzed.api.v1*\xf0\x06\n\x0b\x45rrorReason\x12\x1c\n\x18\x45RROR_REASON_UNSPECIFIED\x10\x00\x12#\n\x1f\x45RROR_REASON_SCHEMA_PARSE_ERROR\x10\x01\x12\"\n\x1e\x45RROR_REASON_SCHEMA_TYPE_ERROR\x10\x02\x12#\n\x1f\x45RROR_REASON_UNKNOWN_DEFINITION\x10\x03\x12/\n+ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION\x10\x04\x12,\n(ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST\x10\x05\x12\x32\n.ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST\x10\x06\x12\x35\n1ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE\x10\x07\x12\"\n\x1e\x45RROR_REASON_SERVICE_READ_ONLY\x10\x08\x12\x1f\n\x1b\x45RROR_REASON_UNKNOWN_CAVEAT\x10\t\x12%\n!ERROR_REASON_INVALID_SUBJECT_TYPE\x10\n\x12,\n(ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR\x10\x0b\x12-\n)ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP\x10\x0c\x12)\n%ERROR_REASON_CANNOT_UPDATE_PERMISSION\x10\r\x12(\n$ERROR_REASON_CAVEAT_EVALUATION_ERROR\x10\x0e\x12\x1f\n\x1b\x45RROR_REASON_INVALID_CURSOR\x10\x0f\x12@\n<ERROR_REASON_TOO_MANY_RELATIONSHIPS_FOR_TRANSACTIONAL_DELETE\x10\x10\x12.\n*ERROR_REASON_MAX_RELATIONSHIP_CONTEXT_SIZE\x10\x11\x12\x31\n-ERROR_REASON_ATTEMPT_TO_RECREATE_RELATIONSHIP\x10\x12\x12\'\n#ERROR_REASON_MAXIMUM_DEPTH_EXCEEDED\x10\x13\x42H\n\x12\x63om.authzed.api.v1Z2github.com/authzed/authzed-go/proto/authzed/api/v1b\x06proto3"
9
+
10
+ pool = Google::Protobuf::DescriptorPool.generated_pool
11
+
12
+ begin
13
+ pool.add_serialized_file(descriptor_data)
14
+ rescue TypeError => e
15
+ # Compatibility code: will be removed in the next major version.
16
+ require 'google/protobuf/descriptor_pb'
17
+ parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
18
+ parsed.clear_dependency
19
+ serialized = parsed.class.encode(parsed)
20
+ file = pool.add_serialized_file(serialized)
21
+ warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
22
+ imports = [
23
+ ]
24
+ imports.each do |type_name, expected_filename|
25
+ import_file = pool.lookup(type_name).file_descriptor
26
+ if import_file.name != expected_filename
27
+ warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
28
+ end
29
+ end
30
+ warn "Each proto file must use a consistent fully-qualified name."
31
+ warn "This will become an error in the next major version."
32
+ end
33
+
34
+ module Authzed
35
+ module Api
36
+ module V1
37
+ ErrorReason = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ErrorReason").enummodule
38
+ end
39
+ end
40
+ end
@@ -0,0 +1,61 @@
1
+ # frozen_string_literal: true
2
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
3
+ # source: authzed/api/v1/experimental_service.proto
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'google/api/annotations_pb'
8
+ require 'validate/validate_pb'
9
+ require 'google/protobuf/struct_pb'
10
+ require 'google/rpc/status_pb'
11
+ require 'authzed/api/v1/core_pb'
12
+ require 'authzed/api/v1/permission_service_pb'
13
+
14
+
15
+ descriptor_data = "\n)authzed/api/v1/experimental_service.proto\x12\x0e\x61uthzed.api.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17validate/validate.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x17google/rpc/status.proto\x1a\x19\x61uthzed/api/v1/core.proto\x1a\'authzed/api/v1/permission_service.proto\"\xb9\x01\n#StreamingBulkCheckPermissionRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12S\n\x05items\x18\x02 \x03(\x0b\x32..authzed.api.v1.BulkCheckPermissionRequestItemB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\x05items\"\xb0\x01\n\x1a\x42ulkCheckPermissionRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12S\n\x05items\x18\x02 \x03(\x0b\x32..authzed.api.v1.BulkCheckPermissionRequestItemB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\x05items\"\xb6\x02\n\x1e\x42ulkCheckPermissionRequestItem\x12\x45\n\x08resource\x18\x01 \x01(\x0b\x32\x1f.authzed.api.v1.ObjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x08resource\x12J\n\npermission\x18\x02 \x01(\tB*\xfa\x42\'r%(@2!^([a-z][a-z0-9_]{1,62}[a-z0-9])?$R\npermission\x12\x44\n\x07subject\x18\x03 \x01(\x0b\x32 .authzed.api.v1.SubjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x07subject\x12;\n\x07\x63ontext\x18\x04 \x01(\x0b\x32\x17.google.protobuf.StructB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\x07\x63ontext\"\xae\x01\n\x1b\x42ulkCheckPermissionResponse\x12\x41\n\nchecked_at\x18\x01 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\tcheckedAt\x12L\n\x05pairs\x18\x02 \x03(\x0b\x32\'.authzed.api.v1.BulkCheckPermissionPairB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\x05pairs\"\xb7\x01\n$StreamingBulkCheckPermissionResponse\x12\x41\n\nchecked_at\x18\x01 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\tcheckedAt\x12L\n\x05pairs\x18\x02 \x03(\x0b\x32\'.authzed.api.v1.BulkCheckPermissionPairB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\x05pairs\"\xe2\x01\n\x17\x42ulkCheckPermissionPair\x12H\n\x07request\x18\x01 \x01(\x0b\x32..authzed.api.v1.BulkCheckPermissionRequestItemR\x07request\x12\x45\n\x04item\x18\x02 \x01(\x0b\x32/.authzed.api.v1.BulkCheckPermissionResponseItemH\x00R\x04item\x12*\n\x05\x65rror\x18\x03 \x01(\x0b\x32\x12.google.rpc.StatusH\x00R\x05\x65rrorB\n\n\x08response\"\xea\x01\n\x1f\x42ulkCheckPermissionResponseItem\x12j\n\x0epermissionship\x18\x01 \x01(\x0e\x32\x36.authzed.api.v1.CheckPermissionResponse.PermissionshipB\n\xfa\x42\x07\x82\x01\x04\x10\x01 \x00R\x0epermissionship\x12[\n\x13partial_caveat_info\x18\x02 \x01(\x0b\x32!.authzed.api.v1.PartialCaveatInfoB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\x11partialCaveatInfo\"s\n\x1e\x42ulkImportRelationshipsRequest\x12Q\n\rrelationships\x18\x01 \x03(\x0b\x32\x1c.authzed.api.v1.RelationshipB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\rrelationships\"@\n\x1f\x42ulkImportRelationshipsResponse\x12\x1d\n\nnum_loaded\x18\x01 \x01(\x04R\tnumLoaded\"\xd3\x01\n\x1e\x42ulkExportRelationshipsRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12\x31\n\x0eoptional_limit\x18\x02 \x01(\rB\n\xfa\x42\x07*\x05\x18\x90N(\x00R\roptionalLimit\x12?\n\x0foptional_cursor\x18\x03 \x01(\x0b\x32\x16.authzed.api.v1.CursorR\x0eoptionalCursor\"\xad\x01\n\x1f\x42ulkExportRelationshipsResponse\x12\x46\n\x13\x61\x66ter_result_cursor\x18\x01 \x01(\x0b\x32\x16.authzed.api.v1.CursorR\x11\x61\x66terResultCursor\x12\x42\n\rrelationships\x18\x02 \x03(\x0b\x32\x1c.authzed.api.v1.RelationshipR\rrelationships2\x81\x06\n\x13\x45xperimentalService\x12\xb2\x01\n\x17\x42ulkImportRelationships\x12..authzed.api.v1.BulkImportRelationshipsRequest\x1a/.authzed.api.v1.BulkImportRelationshipsResponse\"4\x82\xd3\xe4\x93\x02.:\x01*\")/v1/experimental/relationships/bulkimport(\x01\x12\xb2\x01\n\x17\x42ulkExportRelationships\x12..authzed.api.v1.BulkExportRelationshipsRequest\x1a/.authzed.api.v1.BulkExportRelationshipsResponse\"4\x82\xd3\xe4\x93\x02.:\x01*\")/v1/experimental/relationships/bulkexport0\x01\x12\xd1\x01\n\x1cStreamingBulkCheckPermission\x12\x33.authzed.api.v1.StreamingBulkCheckPermissionRequest\x1a\x34.authzed.api.v1.StreamingBulkCheckPermissionResponse\"D\x82\xd3\xe4\x93\x02>:\x01*\"9/v1/experimental/permissions/streamingbulkcheckpermission0\x01\x12\xab\x01\n\x13\x42ulkCheckPermission\x12*.authzed.api.v1.BulkCheckPermissionRequest\x1a+.authzed.api.v1.BulkCheckPermissionResponse\";\x82\xd3\xe4\x93\x02\x35:\x01*\"0/v1/experimental/permissions/bulkcheckpermissionBH\n\x12\x63om.authzed.api.v1Z2github.com/authzed/authzed-go/proto/authzed/api/v1b\x06proto3"
16
+
17
+ pool = Google::Protobuf::DescriptorPool.generated_pool
18
+
19
+ begin
20
+ pool.add_serialized_file(descriptor_data)
21
+ rescue TypeError => e
22
+ # Compatibility code: will be removed in the next major version.
23
+ require 'google/protobuf/descriptor_pb'
24
+ parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
25
+ parsed.clear_dependency
26
+ serialized = parsed.class.encode(parsed)
27
+ file = pool.add_serialized_file(serialized)
28
+ warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
29
+ imports = [
30
+ ["authzed.api.v1.Consistency", "authzed/api/v1/permission_service.proto"],
31
+ ["authzed.api.v1.ObjectReference", "authzed/api/v1/core.proto"],
32
+ ["google.protobuf.Struct", "google/protobuf/struct.proto"],
33
+ ["google.rpc.Status", "google/rpc/status.proto"],
34
+ ]
35
+ imports.each do |type_name, expected_filename|
36
+ import_file = pool.lookup(type_name).file_descriptor
37
+ if import_file.name != expected_filename
38
+ warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
39
+ end
40
+ end
41
+ warn "Each proto file must use a consistent fully-qualified name."
42
+ warn "This will become an error in the next major version."
43
+ end
44
+
45
+ module Authzed
46
+ module Api
47
+ module V1
48
+ StreamingBulkCheckPermissionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.StreamingBulkCheckPermissionRequest").msgclass
49
+ BulkCheckPermissionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkCheckPermissionRequest").msgclass
50
+ BulkCheckPermissionRequestItem = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkCheckPermissionRequestItem").msgclass
51
+ BulkCheckPermissionResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkCheckPermissionResponse").msgclass
52
+ StreamingBulkCheckPermissionResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.StreamingBulkCheckPermissionResponse").msgclass
53
+ BulkCheckPermissionPair = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkCheckPermissionPair").msgclass
54
+ BulkCheckPermissionResponseItem = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkCheckPermissionResponseItem").msgclass
55
+ BulkImportRelationshipsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkImportRelationshipsRequest").msgclass
56
+ BulkImportRelationshipsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkImportRelationshipsResponse").msgclass
57
+ BulkExportRelationshipsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkExportRelationshipsRequest").msgclass
58
+ BulkExportRelationshipsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkExportRelationshipsResponse").msgclass
59
+ end
60
+ end
61
+ end
@@ -0,0 +1,43 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # Source: authzed/api/v1/experimental_service.proto for package 'authzed.api.v1'
3
+
4
+ require 'grpc'
5
+ require 'authzed/api/v1/experimental_service_pb'
6
+
7
+ module Authzed
8
+ module Api
9
+ module V1
10
+ module ExperimentalService
11
+ # ExperimentalService exposes a number of APIs that are currently being
12
+ # prototyped and tested for future inclusion in the stable API.
13
+ class Service
14
+
15
+ include ::GRPC::GenericService
16
+
17
+ self.marshal_class_method = :encode
18
+ self.unmarshal_class_method = :decode
19
+ self.service_name = 'authzed.api.v1.ExperimentalService'
20
+
21
+ # BulkImportRelationships is a faster path to writing a large number of
22
+ # relationships at once. It is both batched and streaming. For maximum
23
+ # performance, the caller should attempt to write relationships in as close
24
+ # to relationship sort order as possible: (resource.object_type,
25
+ # resource.object_id, relation, subject.object.object_type,
26
+ # subject.object.object_id, subject.optional_relation)
27
+ #
28
+ # EXPERIMENTAL
29
+ # https://github.com/authzed/spicedb/issues/1303
30
+ rpc :BulkImportRelationships, stream(::Authzed::Api::V1::BulkImportRelationshipsRequest), ::Authzed::Api::V1::BulkImportRelationshipsResponse
31
+ # BulkExportRelationships is the fastest path available to exporting
32
+ # relationships from the server. It is resumable, and will return results
33
+ # in an order determined by the server.
34
+ rpc :BulkExportRelationships, ::Authzed::Api::V1::BulkExportRelationshipsRequest, stream(::Authzed::Api::V1::BulkExportRelationshipsResponse)
35
+ rpc :StreamingBulkCheckPermission, ::Authzed::Api::V1::StreamingBulkCheckPermissionRequest, stream(::Authzed::Api::V1::StreamingBulkCheckPermissionResponse)
36
+ rpc :BulkCheckPermission, ::Authzed::Api::V1::BulkCheckPermissionRequest, ::Authzed::Api::V1::BulkCheckPermissionResponse
37
+ end
38
+
39
+ Stub = Service.rpc_stub_class
40
+ end
41
+ end
42
+ end
43
+ end
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  # Generated by the protocol buffer compiler. DO NOT EDIT!
2
3
  # source: authzed/api/v1/openapi.proto
3
4
 
@@ -5,9 +6,31 @@ require 'google/protobuf'
5
6
 
6
7
  require 'protoc-gen-openapiv2/options/annotations_pb'
7
8
 
8
- Google::Protobuf::DescriptorPool.generated_pool.build do
9
- add_file("authzed/api/v1/openapi.proto", :syntax => :proto3) do
9
+
10
+ descriptor_data = "\n\x1c\x61uthzed/api/v1/openapi.proto\x12\x0e\x61uthzed.api.v1\x1a.protoc-gen-openapiv2/options/annotations.protoB\x80\x03\n\x12\x63om.authzed.api.v1Z2github.com/authzed/authzed-go/proto/authzed/api/v1\x92\x41\xb4\x02\x12\x9c\x01\n\x07\x41uthzed\"D\n\rAuthzed, Inc.\x12\x1ehttps://github.com/authzed/api\x1a\x13support@authzed.com*F\n\x12\x41pache 2.0 License\x12\x30https://github.com/authzed/api/blob/main/LICENSE2\x03\x31.0*\x03\x01\x02\x04\x32\x10\x61pplication/json:\x10\x61pplication/jsonZ#\n!\n\nApiKeyAuth\x12\x13\x08\x02\x1a\rAuthorization \x02rE\n\x1bMore about the Authzed API.\x12&https://docs.authzed.com/reference/apib\x06proto3"
11
+
12
+ pool = Google::Protobuf::DescriptorPool.generated_pool
13
+
14
+ begin
15
+ pool.add_serialized_file(descriptor_data)
16
+ rescue TypeError => e
17
+ # Compatibility code: will be removed in the next major version.
18
+ require 'google/protobuf/descriptor_pb'
19
+ parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
20
+ parsed.clear_dependency
21
+ serialized = parsed.class.encode(parsed)
22
+ file = pool.add_serialized_file(serialized)
23
+ warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
24
+ imports = [
25
+ ]
26
+ imports.each do |type_name, expected_filename|
27
+ import_file = pool.lookup(type_name).file_descriptor
28
+ if import_file.name != expected_filename
29
+ warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
30
+ end
10
31
  end
32
+ warn "Each proto file must use a consistent fully-qualified name."
33
+ warn "This will become an error in the next major version."
11
34
  end
12
35
 
13
36
  module Authzed