authzed 0.9.0 → 0.11.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 06fee830047d0a0872c26a1086c664ab7ff7c105efbf6dc650d241c544f9929a
4
- data.tar.gz: f57aafea6b086cfa6271dc51b00a307dd7059b52b362864811b9102658911c90
3
+ metadata.gz: 516df1c52e6e42f0f8ebd5103628a20befc5bfcdf0c13f9733ba22c0f84f3503
4
+ data.tar.gz: 61bdb369aebfdc2ace36a6c23bffe5f9f709ec90d7ced9c2388a499136c48567
5
5
  SHA512:
6
- metadata.gz: 92fb4acc875397ad462282680870d54bc4c77ec61b390e35717722b3e3121769e7dfe70a9003b56bab6e8b2da6a04d7c2ca429e16adfe8776dae44c068699194
7
- data.tar.gz: 44f4333eb682cf54b621f445fd5f29874e58d5c527fd99598735b60b2e7156d050eca3e1e043005cd529326404b53538253783ced784139730eacba9c8ee1a09
6
+ metadata.gz: 282bb55ed79c4fdbf63e77eae105eb503615918a11a689604b71e018c644767a1fda1ea601072255357ee6f0ef46e6ffda603230834bc24308af2d60cbd038b6
7
+ data.tar.gz: e5ecd25e72223094460ddd50acc47ba728af1f2244fbbc35b99c3187308f3b6837cd7e8e21bda19e7b5be445f9e713ba46aca4f4c0268a0a0fbe2b130ca5c390
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
3
+ # source: authzed/api/materialize/v0/watchpermissions.proto
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'authzed/api/v1/core_pb'
8
+
9
+
10
+ descriptor_data = "\n1authzed/api/materialize/v0/watchpermissions.proto\x12\x1a\x61uthzed.api.materialize.v0\x1a\x19\x61uthzed/api/v1/core.proto\"\xbc\x01\n\x17WatchPermissionsRequest\x12O\n\x0bpermissions\x18\x01 \x03(\x0b\x32-.authzed.api.materialize.v0.WatchedPermissionR\x0bpermissions\x12P\n\x17optional_starting_after\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x15optionalStartingAfter\"\xb7\x01\n\x11WatchedPermission\x12#\n\rresource_type\x18\x01 \x01(\tR\x0cresourceType\x12\x1e\n\npermission\x18\x02 \x01(\tR\npermission\x12!\n\x0csubject_type\x18\x03 \x01(\tR\x0bsubjectType\x12:\n\x19optional_subject_relation\x18\x04 \x01(\tR\x17optionalSubjectRelation\"\xb9\x01\n\x18WatchPermissionsResponse\x12\x46\n\x06\x63hange\x18\x01 \x01(\x0b\x32,.authzed.api.materialize.v0.PermissionChangeH\x00R\x06\x63hange\x12I\n\x12\x63ompleted_revision\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenH\x00R\x11\x63ompletedRevisionB\n\n\x08response\"\xe9\x03\n\x10PermissionChange\x12\x34\n\x08revision\x18\x01 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x08revision\x12;\n\x08resource\x18\x02 \x01(\x0b\x32\x1f.authzed.api.v1.ObjectReferenceR\x08resource\x12\x1e\n\npermission\x18\x03 \x01(\tR\npermission\x12:\n\x07subject\x18\x04 \x01(\x0b\x32 .authzed.api.v1.SubjectReferenceR\x07subject\x12\x63\n\x0epermissionship\x18\x05 \x01(\x0e\x32;.authzed.api.materialize.v0.PermissionChange.PermissionshipR\x0epermissionship\"\xa0\x01\n\x0ePermissionship\x12\x1e\n\x1aPERMISSIONSHIP_UNSPECIFIED\x10\x00\x12 \n\x1cPERMISSIONSHIP_NO_PERMISSION\x10\x01\x12!\n\x1dPERMISSIONSHIP_HAS_PERMISSION\x10\x02\x12)\n%PERMISSIONSHIP_CONDITIONAL_PERMISSION\x10\x03\x32\x9d\x01\n\x17WatchPermissionsService\x12\x81\x01\n\x10WatchPermissions\x12\x33.authzed.api.materialize.v0.WatchPermissionsRequest\x1a\x34.authzed.api.materialize.v0.WatchPermissionsResponse\"\x00\x30\x01\x42\x62\n\x1e\x63om.authzed.api.materialize.v0P\x01Z>github.com/authzed/authzed-go/proto/authzed/api/materialize/v0b\x06proto3"
11
+
12
+ pool = Google::Protobuf::DescriptorPool.generated_pool
13
+ pool.add_serialized_file(descriptor_data)
14
+
15
+ module Authzed
16
+ module Api
17
+ module Materialize
18
+ module V0
19
+ WatchPermissionsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.WatchPermissionsRequest").msgclass
20
+ WatchedPermission = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.WatchedPermission").msgclass
21
+ WatchPermissionsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.WatchPermissionsResponse").msgclass
22
+ PermissionChange = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.PermissionChange").msgclass
23
+ PermissionChange::Permissionship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.PermissionChange.Permissionship").enummodule
24
+ end
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,43 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # Source: authzed/api/materialize/v0/watchpermissions.proto for package 'authzed.api.materialize.v0'
3
+
4
+ require 'grpc'
5
+ require 'authzed/api/materialize/v0/watchpermissions_pb'
6
+
7
+ module Authzed
8
+ module Api
9
+ module Materialize
10
+ module V0
11
+ module WatchPermissionsService
12
+ class Service
13
+
14
+ include ::GRPC::GenericService
15
+
16
+ self.marshal_class_method = :encode
17
+ self.unmarshal_class_method = :decode
18
+ self.service_name = 'authzed.api.materialize.v0.WatchPermissionsService'
19
+
20
+ # WatchPermissions returns a stream of PermissionChange events for the given permissions.
21
+ #
22
+ # WatchPermissions is a long-running RPC, and will stream events until the client
23
+ # closes the connection or the server terminates the stream. The consumer is responsible of
24
+ # keeping track of the last seen revision and resuming the stream from that point in the event
25
+ # of disconnection or client-side restarts.
26
+ #
27
+ # The API does not offer a sharding mechanism and thus there should only be one consumer per target system.
28
+ # Implementing an active-active HA consumer setup over the same target system will require coordinating which
29
+ # revisions have been consumed in order to prevent transitioning to an inconsistent state.
30
+ #
31
+ # Usage of WatchPermissions requires to be explicitly enabled on the service, including the permissions to be
32
+ # watched. It requires more resources and is less performant than WatchPermissionsSets. It's usage
33
+ # is only recommended when performing the set intersections of WatchPermissionSets in the client side is not viable
34
+ # or there is a strict application requirement to use consume the computed permissions.
35
+ rpc :WatchPermissions, ::Authzed::Api::Materialize::V0::WatchPermissionsRequest, stream(::Authzed::Api::Materialize::V0::WatchPermissionsResponse)
36
+ end
37
+
38
+ Stub = Service.rpc_stub_class
39
+ end
40
+ end
41
+ end
42
+ end
43
+ end
@@ -0,0 +1,33 @@
1
+ # frozen_string_literal: true
2
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
3
+ # source: authzed/api/materialize/v0/watchpermissionsets.proto
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'authzed/api/v1/core_pb'
8
+
9
+
10
+ descriptor_data = "\n4authzed/api/materialize/v0/watchpermissionsets.proto\x12\x1a\x61uthzed.api.materialize.v0\x1a\x19\x61uthzed/api/v1/core.proto\"n\n\x1aWatchPermissionSetsRequest\x12P\n\x17optional_starting_after\x18\x01 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x15optionalStartingAfter\"\xad\x03\n\x1bWatchPermissionSetsResponse\x12I\n\x06\x63hange\x18\x01 \x01(\x0b\x32/.authzed.api.materialize.v0.PermissionSetChangeH\x00R\x06\x63hange\x12I\n\x12\x63ompleted_revision\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenH\x00R\x11\x63ompletedRevision\x12\x81\x01\n\x1flookup_permission_sets_required\x18\x03 \x01(\x0b\x32\x38.authzed.api.materialize.v0.LookupPermissionSetsRequiredH\x00R\x1clookupPermissionSetsRequired\x12h\n\x16\x62reaking_schema_change\x18\x04 \x01(\x0b\x32\x30.authzed.api.materialize.v0.BreakingSchemaChangeH\x00R\x14\x62reakingSchemaChangeB\n\n\x08response\"\xc5\x01\n\x06\x43ursor\x12\x14\n\x05limit\x18\x01 \x01(\rR\x05limit\x12.\n\x05token\x18\x04 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x05token\x12%\n\x0estarting_index\x18\x05 \x01(\rR\rstartingIndex\x12+\n\x11\x63ompleted_members\x18\x06 \x01(\x08R\x10\x63ompletedMembers\x12!\n\x0cstarting_key\x18\x07 \x01(\tR\x0bstartingKey\"\xe8\x01\n\x1bLookupPermissionSetsRequest\x12\x14\n\x05limit\x18\x01 \x01(\rR\x05limit\x12J\n\x14optional_at_revision\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x12optionalAtRevision\x12g\n\x1eoptional_starting_after_cursor\x18\x04 \x01(\x0b\x32\".authzed.api.materialize.v0.CursorR\x1boptionalStartingAfterCursor\"\xa3\x01\n\x1cLookupPermissionSetsResponse\x12G\n\x06\x63hange\x18\x01 \x01(\x0b\x32/.authzed.api.materialize.v0.PermissionSetChangeR\x06\x63hange\x12:\n\x06\x63ursor\x18\x02 \x01(\x0b\x32\".authzed.api.materialize.v0.CursorR\x06\x63ursor\"\xfc\x03\n\x13PermissionSetChange\x12\x39\n\x0b\x61t_revision\x18\x01 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\natRevision\x12Z\n\toperation\x18\x02 \x01(\x0e\x32<.authzed.api.materialize.v0.PermissionSetChange.SetOperationR\toperation\x12G\n\nparent_set\x18\x03 \x01(\x0b\x32(.authzed.api.materialize.v0.SetReferenceR\tparentSet\x12G\n\tchild_set\x18\x04 \x01(\x0b\x32(.authzed.api.materialize.v0.SetReferenceH\x00R\x08\x63hildSet\x12P\n\x0c\x63hild_member\x18\x05 \x01(\x0b\x32+.authzed.api.materialize.v0.MemberReferenceH\x00R\x0b\x63hildMember\"a\n\x0cSetOperation\x12\x1d\n\x19SET_OPERATION_UNSPECIFIED\x10\x00\x12\x17\n\x13SET_OPERATION_ADDED\x10\x01\x12\x19\n\x15SET_OPERATION_REMOVED\x10\x02\x42\x07\n\x05\x63hild\"\x82\x01\n\x0cSetReference\x12\x1f\n\x0bobject_type\x18\x01 \x01(\tR\nobjectType\x12\x1b\n\tobject_id\x18\x02 \x01(\tR\x08objectId\x12\x34\n\x16permission_or_relation\x18\x03 \x01(\tR\x14permissionOrRelation\"\x96\x01\n\x0fMemberReference\x12\x1f\n\x0bobject_type\x18\x01 \x01(\tR\nobjectType\x12\x1b\n\tobject_id\x18\x02 \x01(\tR\x08objectId\x12\x45\n\x1foptional_permission_or_relation\x18\x03 \x01(\tR\x1coptionalPermissionOrRelation\"f\n\x1cLookupPermissionSetsRequired\x12\x46\n\x12required_lookup_at\x18\x01 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x10requiredLookupAt\"M\n\x14\x42reakingSchemaChange\x12\x35\n\tchange_at\x18\x01 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x08\x63hangeAt2\xb9\x02\n\x1aWatchPermissionSetsService\x12\x8a\x01\n\x13WatchPermissionSets\x12\x36.authzed.api.materialize.v0.WatchPermissionSetsRequest\x1a\x37.authzed.api.materialize.v0.WatchPermissionSetsResponse\"\x00\x30\x01\x12\x8d\x01\n\x14LookupPermissionSets\x12\x37.authzed.api.materialize.v0.LookupPermissionSetsRequest\x1a\x38.authzed.api.materialize.v0.LookupPermissionSetsResponse\"\x00\x30\x01\x42\x62\n\x1e\x63om.authzed.api.materialize.v0P\x01Z>github.com/authzed/authzed-go/proto/authzed/api/materialize/v0b\x06proto3"
11
+
12
+ pool = Google::Protobuf::DescriptorPool.generated_pool
13
+ pool.add_serialized_file(descriptor_data)
14
+
15
+ module Authzed
16
+ module Api
17
+ module Materialize
18
+ module V0
19
+ WatchPermissionSetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.WatchPermissionSetsRequest").msgclass
20
+ WatchPermissionSetsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.WatchPermissionSetsResponse").msgclass
21
+ Cursor = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.Cursor").msgclass
22
+ LookupPermissionSetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.LookupPermissionSetsRequest").msgclass
23
+ LookupPermissionSetsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.LookupPermissionSetsResponse").msgclass
24
+ PermissionSetChange = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.PermissionSetChange").msgclass
25
+ PermissionSetChange::SetOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.PermissionSetChange.SetOperation").enummodule
26
+ SetReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.SetReference").msgclass
27
+ MemberReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.MemberReference").msgclass
28
+ LookupPermissionSetsRequired = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.LookupPermissionSetsRequired").msgclass
29
+ BreakingSchemaChange = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.materialize.v0.BreakingSchemaChange").msgclass
30
+ end
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,72 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # Source: authzed/api/materialize/v0/watchpermissionsets.proto for package 'authzed.api.materialize.v0'
3
+
4
+ require 'grpc'
5
+ require 'authzed/api/materialize/v0/watchpermissionsets_pb'
6
+
7
+ module Authzed
8
+ module Api
9
+ module Materialize
10
+ module V0
11
+ module WatchPermissionSetsService
12
+ class Service
13
+
14
+ include ::GRPC::GenericService
15
+
16
+ self.marshal_class_method = :encode
17
+ self.unmarshal_class_method = :decode
18
+ self.service_name = 'authzed.api.materialize.v0.WatchPermissionSetsService'
19
+
20
+ # WatchPermissionSets returns a stream of changes to the sets which can be used to compute the watched permissions.
21
+ #
22
+ # WatchPermissionSets lets consumers achieve the same thing as WatchPermissions, but trades off a simpler usage model with
23
+ # significantly lower computational requirements. Unlike WatchPermissions, this method returns changes to the sets of permissions,
24
+ # rather than the individual permissions. Permission sets are a normalized form of the computed permissions, which
25
+ # means that the consumer must perform an extra computation over this representation to obtain the final computed
26
+ # permissions, typically by intersecting the provided sets.
27
+ #
28
+ # For example, this would look like a JOIN between the
29
+ # materialize permission sets table in a target relation database, the table with the resources to authorize access
30
+ # to, and the table with the subject (e.g. a user).
31
+ #
32
+ # In exchange, the number of changes issued by WatchPermissionSets will be several orders of magnitude less than those
33
+ # emitted by WatchPermissions, which has several implications:
34
+ # - significantly less resources to compute the sets
35
+ # - significantly less messages to stream over the network
36
+ # - significantly less events to ingest on the consumer side
37
+ # - less ingestion lag from the origin SpiceDB mutation
38
+ #
39
+ # The type of scenarios WatchPermissionSets is particularly well suited is when a single change
40
+ # in the origin SpiceDB can yield millions of changes. For example, in the GitHub authorization model, assigning a role
41
+ # to a top-level team of an organization with hundreds of thousands of employees can lead to an explosion of
42
+ # permission change events that would require a lot of computational resources to process, both on Materialize and
43
+ # the consumer side.
44
+ #
45
+ # WatchPermissionSets is thus recommended for any larger scale use case where the fan-out in permission changes that
46
+ # emerges from a specific schema and data shape is too large to handle effectively.
47
+ #
48
+ # The API does not offer a sharding mechanism and thus there should only be one consumer per target system.
49
+ # Implementing an active-active HA consumer setup over the same target system will require coordinating which
50
+ # revisions have been consumed in order to prevent transitioning to an inconsistent state.
51
+ rpc :WatchPermissionSets, ::Authzed::Api::Materialize::V0::WatchPermissionSetsRequest, stream(::Authzed::Api::Materialize::V0::WatchPermissionSetsResponse)
52
+ # LookupPermissionSets returns the current state of the permission sets which can be used to derive the computed permissions.
53
+ # It's typically used to backfill the state of the permission sets in the consumer side.
54
+ #
55
+ # It's a cursored API and the consumer is responsible to keep track of the cursor and use it on each subsequent call.
56
+ # Each stream will return <N> permission sets defined by the specified request limit. The server will keep streaming until
57
+ # the sets per stream is hit, or the current state of the sets is reached,
58
+ # whatever happens first, and then close the stream. The server will indicate there are no more changes to stream
59
+ # through the `completed_members` in the cursor.
60
+ #
61
+ # There may be many elements to stream, and so the consumer should be prepared to resume the stream from the last
62
+ # cursor received. Once completed, the consumer may start streaming permission set changes using WatchPermissionSets
63
+ # and the revision token from the last LookupPermissionSets response.
64
+ rpc :LookupPermissionSets, ::Authzed::Api::Materialize::V0::LookupPermissionSetsRequest, stream(::Authzed::Api::Materialize::V0::LookupPermissionSetsResponse)
65
+ end
66
+
67
+ Stub = Service.rpc_stub_class
68
+ end
69
+ end
70
+ end
71
+ end
72
+ end
@@ -5,7 +5,7 @@
5
5
  require 'google/protobuf'
6
6
 
7
7
 
8
- descriptor_data = "\n!authzed/api/v1/error_reason.proto\x12\x0e\x61uthzed.api.v1*\xf4\x08\n\x0b\x45rrorReason\x12\x1c\n\x18\x45RROR_REASON_UNSPECIFIED\x10\x00\x12#\n\x1f\x45RROR_REASON_SCHEMA_PARSE_ERROR\x10\x01\x12\"\n\x1e\x45RROR_REASON_SCHEMA_TYPE_ERROR\x10\x02\x12#\n\x1f\x45RROR_REASON_UNKNOWN_DEFINITION\x10\x03\x12/\n+ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION\x10\x04\x12,\n(ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST\x10\x05\x12\x32\n.ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST\x10\x06\x12\x35\n1ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE\x10\x07\x12\"\n\x1e\x45RROR_REASON_SERVICE_READ_ONLY\x10\x08\x12\x1f\n\x1b\x45RROR_REASON_UNKNOWN_CAVEAT\x10\t\x12%\n!ERROR_REASON_INVALID_SUBJECT_TYPE\x10\n\x12,\n(ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR\x10\x0b\x12-\n)ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP\x10\x0c\x12)\n%ERROR_REASON_CANNOT_UPDATE_PERMISSION\x10\r\x12(\n$ERROR_REASON_CAVEAT_EVALUATION_ERROR\x10\x0e\x12\x1f\n\x1b\x45RROR_REASON_INVALID_CURSOR\x10\x0f\x12@\n<ERROR_REASON_TOO_MANY_RELATIONSHIPS_FOR_TRANSACTIONAL_DELETE\x10\x10\x12.\n*ERROR_REASON_MAX_RELATIONSHIP_CONTEXT_SIZE\x10\x11\x12\x31\n-ERROR_REASON_ATTEMPT_TO_RECREATE_RELATIONSHIP\x10\x12\x12\'\n#ERROR_REASON_MAXIMUM_DEPTH_EXCEEDED\x10\x13\x12&\n\"ERROR_REASON_SERIALIZATION_FAILURE\x10\x14\x12+\n\'ERROR_REASON_TOO_MANY_CHECKS_IN_REQUEST\x10\x15\x12\x30\n,ERROR_REASON_EXCEEDS_MAXIMUM_ALLOWABLE_LIMIT\x10\x16\x12\x1f\n\x1b\x45RROR_REASON_INVALID_FILTER\x10\x17\x12\x35\n1ERROR_REASON_INMEMORY_TOO_MANY_CONCURRENT_UPDATES\x10\x18\x12#\n\x1f\x45RROR_REASON_EMPTY_PRECONDITION\x10\x19\x42J\n\x12\x63om.authzed.api.v1P\x01Z2github.com/authzed/authzed-go/proto/authzed/api/v1b\x06proto3"
8
+ descriptor_data = "\n!authzed/api/v1/error_reason.proto\x12\x0e\x61uthzed.api.v1*\xf1\t\n\x0b\x45rrorReason\x12\x1c\n\x18\x45RROR_REASON_UNSPECIFIED\x10\x00\x12#\n\x1f\x45RROR_REASON_SCHEMA_PARSE_ERROR\x10\x01\x12\"\n\x1e\x45RROR_REASON_SCHEMA_TYPE_ERROR\x10\x02\x12#\n\x1f\x45RROR_REASON_UNKNOWN_DEFINITION\x10\x03\x12/\n+ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION\x10\x04\x12,\n(ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST\x10\x05\x12\x32\n.ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST\x10\x06\x12\x35\n1ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE\x10\x07\x12\"\n\x1e\x45RROR_REASON_SERVICE_READ_ONLY\x10\x08\x12\x1f\n\x1b\x45RROR_REASON_UNKNOWN_CAVEAT\x10\t\x12%\n!ERROR_REASON_INVALID_SUBJECT_TYPE\x10\n\x12,\n(ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR\x10\x0b\x12-\n)ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP\x10\x0c\x12)\n%ERROR_REASON_CANNOT_UPDATE_PERMISSION\x10\r\x12(\n$ERROR_REASON_CAVEAT_EVALUATION_ERROR\x10\x0e\x12\x1f\n\x1b\x45RROR_REASON_INVALID_CURSOR\x10\x0f\x12@\n<ERROR_REASON_TOO_MANY_RELATIONSHIPS_FOR_TRANSACTIONAL_DELETE\x10\x10\x12.\n*ERROR_REASON_MAX_RELATIONSHIP_CONTEXT_SIZE\x10\x11\x12\x31\n-ERROR_REASON_ATTEMPT_TO_RECREATE_RELATIONSHIP\x10\x12\x12\'\n#ERROR_REASON_MAXIMUM_DEPTH_EXCEEDED\x10\x13\x12&\n\"ERROR_REASON_SERIALIZATION_FAILURE\x10\x14\x12+\n\'ERROR_REASON_TOO_MANY_CHECKS_IN_REQUEST\x10\x15\x12\x30\n,ERROR_REASON_EXCEEDS_MAXIMUM_ALLOWABLE_LIMIT\x10\x16\x12\x1f\n\x1b\x45RROR_REASON_INVALID_FILTER\x10\x17\x12\x35\n1ERROR_REASON_INMEMORY_TOO_MANY_CONCURRENT_UPDATES\x10\x18\x12#\n\x1f\x45RROR_REASON_EMPTY_PRECONDITION\x10\x19\x12+\n\'ERROR_REASON_COUNTER_ALREADY_REGISTERED\x10\x1a\x12\'\n#ERROR_REASON_COUNTER_NOT_REGISTERED\x10\x1b\x12%\n!ERROR_REASON_WILDCARD_NOT_ALLOWED\x10\x1c\x42J\n\x12\x63om.authzed.api.v1P\x01Z2github.com/authzed/authzed-go/proto/authzed/api/v1b\x06proto3"
9
9
 
10
10
  pool = Google::Protobuf::DescriptorPool.generated_pool
11
11
  pool.add_serialized_file(descriptor_data)
@@ -12,7 +12,7 @@ require 'authzed/api/v1/core_pb'
12
12
  require 'authzed/api/v1/permission_service_pb'
13
13
 
14
14
 
15
- descriptor_data = "\n)authzed/api/v1/experimental_service.proto\x12\x0e\x61uthzed.api.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17validate/validate.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x17google/rpc/status.proto\x1a\x19\x61uthzed/api/v1/core.proto\x1a\'authzed/api/v1/permission_service.proto\"\xb2\x01\n\x1a\x42ulkCheckPermissionRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12U\n\x05items\x18\x02 \x03(\x0b\x32..authzed.api.v1.BulkCheckPermissionRequestItemB\x0f\x18\x01\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\x05items\"\xb6\x02\n\x1e\x42ulkCheckPermissionRequestItem\x12\x45\n\x08resource\x18\x01 \x01(\x0b\x32\x1f.authzed.api.v1.ObjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x08resource\x12J\n\npermission\x18\x02 \x01(\tB*\xfa\x42\'r%(@2!^([a-z][a-z0-9_]{1,62}[a-z0-9])?$R\npermission\x12\x44\n\x07subject\x18\x03 \x01(\x0b\x32 .authzed.api.v1.SubjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x07subject\x12;\n\x07\x63ontext\x18\x04 \x01(\x0b\x32\x17.google.protobuf.StructB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\x07\x63ontext\"\xae\x01\n\x1b\x42ulkCheckPermissionResponse\x12\x41\n\nchecked_at\x18\x01 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\tcheckedAt\x12L\n\x05pairs\x18\x02 \x03(\x0b\x32\'.authzed.api.v1.BulkCheckPermissionPairB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\x05pairs\"\xe2\x01\n\x17\x42ulkCheckPermissionPair\x12H\n\x07request\x18\x01 \x01(\x0b\x32..authzed.api.v1.BulkCheckPermissionRequestItemR\x07request\x12\x45\n\x04item\x18\x02 \x01(\x0b\x32/.authzed.api.v1.BulkCheckPermissionResponseItemH\x00R\x04item\x12*\n\x05\x65rror\x18\x03 \x01(\x0b\x32\x12.google.rpc.StatusH\x00R\x05\x65rrorB\n\n\x08response\"\xea\x01\n\x1f\x42ulkCheckPermissionResponseItem\x12j\n\x0epermissionship\x18\x01 \x01(\x0e\x32\x36.authzed.api.v1.CheckPermissionResponse.PermissionshipB\n\xfa\x42\x07\x82\x01\x04\x10\x01 \x00R\x0epermissionship\x12[\n\x13partial_caveat_info\x18\x02 \x01(\x0b\x32!.authzed.api.v1.PartialCaveatInfoB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\x11partialCaveatInfo\"s\n\x1e\x42ulkImportRelationshipsRequest\x12Q\n\rrelationships\x18\x01 \x03(\x0b\x32\x1c.authzed.api.v1.RelationshipB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\rrelationships\"@\n\x1f\x42ulkImportRelationshipsResponse\x12\x1d\n\nnum_loaded\x18\x01 \x01(\x04R\tnumLoaded\"\xb6\x02\n\x1e\x42ulkExportRelationshipsRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12.\n\x0eoptional_limit\x18\x02 \x01(\rB\x07\xfa\x42\x04*\x02(\x00R\roptionalLimit\x12?\n\x0foptional_cursor\x18\x03 \x01(\x0b\x32\x16.authzed.api.v1.CursorR\x0eoptionalCursor\x12\x64\n\x1coptional_relationship_filter\x18\x04 \x01(\x0b\x32\".authzed.api.v1.RelationshipFilterR\x1aoptionalRelationshipFilter\"\xad\x01\n\x1f\x42ulkExportRelationshipsResponse\x12\x46\n\x13\x61\x66ter_result_cursor\x18\x01 \x01(\x0b\x32\x16.authzed.api.v1.CursorR\x11\x61\x66terResultCursor\x12\x42\n\rrelationships\x18\x02 \x03(\x0b\x32\x1c.authzed.api.v1.RelationshipR\rrelationships\"\xad\x01\n ExperimentalReflectSchemaRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12J\n\x10optional_filters\x18\x02 \x03(\x0b\x32\x1f.authzed.api.v1.ExpSchemaFilterR\x0foptionalFilters\"\xcc\x01\n!ExperimentalReflectSchemaResponse\x12?\n\x0b\x64\x65\x66initions\x18\x01 \x03(\x0b\x32\x1d.authzed.api.v1.ExpDefinitionR\x0b\x64\x65\x66initions\x12\x33\n\x07\x63\x61veats\x18\x02 \x03(\x0b\x32\x19.authzed.api.v1.ExpCaveatR\x07\x63\x61veats\x12\x31\n\x07read_at\x18\x03 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x06readAt\"\xa1\x02\n\x0f\x45xpSchemaFilter\x12\x45\n\x1foptional_definition_name_filter\x18\x01 \x01(\tR\x1coptionalDefinitionNameFilter\x12=\n\x1boptional_caveat_name_filter\x18\x02 \x01(\tR\x18optionalCaveatNameFilter\x12\x41\n\x1doptional_relation_name_filter\x18\x03 \x01(\tR\x1aoptionalRelationNameFilter\x12\x45\n\x1foptional_permission_name_filter\x18\x04 \x01(\tR\x1coptionalPermissionNameFilter\"\xb9\x01\n\rExpDefinition\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n\x07\x63omment\x18\x02 \x01(\tR\x07\x63omment\x12\x39\n\trelations\x18\x03 \x03(\x0b\x32\x1b.authzed.api.v1.ExpRelationR\trelations\x12?\n\x0bpermissions\x18\x04 \x03(\x0b\x32\x1d.authzed.api.v1.ExpPermissionR\x0bpermissions\"\x9d\x01\n\tExpCaveat\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n\x07\x63omment\x18\x02 \x01(\tR\x07\x63omment\x12\x42\n\nparameters\x18\x03 \x03(\x0b\x32\".authzed.api.v1.ExpCaveatParameterR\nparameters\x12\x1e\n\nexpression\x18\x04 \x01(\tR\nexpression\"j\n\x12\x45xpCaveatParameter\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x12\n\x04type\x18\x02 \x01(\tR\x04type\x12,\n\x12parent_caveat_name\x18\x03 \x01(\tR\x10parentCaveatName\"\xb8\x01\n\x0b\x45xpRelation\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n\x07\x63omment\x18\x02 \x01(\tR\x07\x63omment\x12\x34\n\x16parent_definition_name\x18\x03 \x01(\tR\x14parentDefinitionName\x12\x45\n\rsubject_types\x18\x04 \x03(\x0b\x32 .authzed.api.v1.ExpTypeReferenceR\x0csubjectTypes\"\xa1\x02\n\x10\x45xpTypeReference\x12\x36\n\x17subject_definition_name\x18\x01 \x01(\tR\x15subjectDefinitionName\x12\x30\n\x14optional_caveat_name\x18\x02 \x01(\tR\x12optionalCaveatName\x12\x30\n\x13is_terminal_subject\x18\x03 \x01(\x08H\x00R\x11isTerminalSubject\x12\x36\n\x16optional_relation_name\x18\x04 \x01(\tH\x00R\x14optionalRelationName\x12.\n\x12is_public_wildcard\x18\x05 \x01(\x08H\x00R\x10isPublicWildcardB\t\n\x07typeref\"s\n\rExpPermission\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n\x07\x63omment\x18\x02 \x01(\tR\x07\x63omment\x12\x34\n\x16parent_definition_name\x18\x03 \x01(\tR\x14parentDefinitionName\"\xfe\x01\n(ExperimentalComputablePermissionsRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12\'\n\x0f\x64\x65\x66inition_name\x18\x02 \x01(\tR\x0e\x64\x65\x66initionName\x12#\n\rrelation_name\x18\x03 \x01(\tR\x0crelationName\x12\x45\n\x1foptional_definition_name_filter\x18\x04 \x01(\tR\x1coptionalDefinitionNameFilter\"\x89\x01\n\x14\x45xpRelationReference\x12\'\n\x0f\x64\x65\x66inition_name\x18\x01 \x01(\tR\x0e\x64\x65\x66initionName\x12#\n\rrelation_name\x18\x02 \x01(\tR\x0crelationName\x12#\n\ris_permission\x18\x03 \x01(\x08R\x0cisPermission\"\xa6\x01\n)ExperimentalComputablePermissionsResponse\x12\x46\n\x0bpermissions\x18\x01 \x03(\x0b\x32$.authzed.api.v1.ExpRelationReferenceR\x0bpermissions\x12\x31\n\x07read_at\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x06readAt\"\xb8\x01\n%ExperimentalDependentRelationsRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12\'\n\x0f\x64\x65\x66inition_name\x18\x02 \x01(\tR\x0e\x64\x65\x66initionName\x12\'\n\x0fpermission_name\x18\x03 \x01(\tR\x0epermissionName\"\x9f\x01\n&ExperimentalDependentRelationsResponse\x12\x42\n\trelations\x18\x01 \x03(\x0b\x32$.authzed.api.v1.ExpRelationReferenceR\trelations\x12\x31\n\x07read_at\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x06readAt\"\x8b\x01\n\x1d\x45xperimentalDiffSchemaRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12+\n\x11\x63omparison_schema\x18\x02 \x01(\tR\x10\x63omparisonSchema\"\x88\x01\n\x1e\x45xperimentalDiffSchemaResponse\x12\x33\n\x05\x64iffs\x18\x01 \x03(\x0b\x32\x1d.authzed.api.v1.ExpSchemaDiffR\x05\x64iffs\x12\x31\n\x07read_at\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x06readAt\"\xab\x01\n\x1c\x45xpRelationSubjectTypeChange\x12\x37\n\x08relation\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ExpRelationR\x08relation\x12R\n\x14\x63hanged_subject_type\x18\x02 \x01(\x0b\x32 .authzed.api.v1.ExpTypeReferenceR\x12\x63hangedSubjectType\"\x85\x01\n\x1c\x45xpCaveatParameterTypeChange\x12@\n\tparameter\x18\x01 \x01(\x0b\x32\".authzed.api.v1.ExpCaveatParameterR\tparameter\x12#\n\rprevious_type\x18\x02 \x01(\tR\x0cpreviousType\"\xa0\r\n\rExpSchemaDiff\x12J\n\x10\x64\x65\x66inition_added\x18\x01 \x01(\x0b\x32\x1d.authzed.api.v1.ExpDefinitionH\x00R\x0f\x64\x65\x66initionAdded\x12N\n\x12\x64\x65\x66inition_removed\x18\x02 \x01(\x0b\x32\x1d.authzed.api.v1.ExpDefinitionH\x00R\x11\x64\x65\x66initionRemoved\x12\x64\n\x1e\x64\x65\x66inition_doc_comment_changed\x18\x03 \x01(\x0b\x32\x1d.authzed.api.v1.ExpDefinitionH\x00R\x1b\x64\x65\x66initionDocCommentChanged\x12\x44\n\x0erelation_added\x18\x04 \x01(\x0b\x32\x1b.authzed.api.v1.ExpRelationH\x00R\rrelationAdded\x12H\n\x10relation_removed\x18\x05 \x01(\x0b\x32\x1b.authzed.api.v1.ExpRelationH\x00R\x0frelationRemoved\x12^\n\x1crelation_doc_comment_changed\x18\x06 \x01(\x0b\x32\x1b.authzed.api.v1.ExpRelationH\x00R\x19relationDocCommentChanged\x12m\n\x1brelation_subject_type_added\x18\x07 \x01(\x0b\x32,.authzed.api.v1.ExpRelationSubjectTypeChangeH\x00R\x18relationSubjectTypeAdded\x12q\n\x1drelation_subject_type_removed\x18\x08 \x01(\x0b\x32,.authzed.api.v1.ExpRelationSubjectTypeChangeH\x00R\x1arelationSubjectTypeRemoved\x12J\n\x10permission_added\x18\t \x01(\x0b\x32\x1d.authzed.api.v1.ExpPermissionH\x00R\x0fpermissionAdded\x12N\n\x12permission_removed\x18\n \x01(\x0b\x32\x1d.authzed.api.v1.ExpPermissionH\x00R\x11permissionRemoved\x12\x64\n\x1epermission_doc_comment_changed\x18\x0b \x01(\x0b\x32\x1d.authzed.api.v1.ExpPermissionH\x00R\x1bpermissionDocCommentChanged\x12W\n\x17permission_expr_changed\x18\x0c \x01(\x0b\x32\x1d.authzed.api.v1.ExpPermissionH\x00R\x15permissionExprChanged\x12>\n\x0c\x63\x61veat_added\x18\r \x01(\x0b\x32\x19.authzed.api.v1.ExpCaveatH\x00R\x0b\x63\x61veatAdded\x12\x42\n\x0e\x63\x61veat_removed\x18\x0e \x01(\x0b\x32\x19.authzed.api.v1.ExpCaveatH\x00R\rcaveatRemoved\x12X\n\x1a\x63\x61veat_doc_comment_changed\x18\x0f \x01(\x0b\x32\x19.authzed.api.v1.ExpCaveatH\x00R\x17\x63\x61veatDocCommentChanged\x12K\n\x13\x63\x61veat_expr_changed\x18\x10 \x01(\x0b\x32\x19.authzed.api.v1.ExpCaveatH\x00R\x11\x63\x61veatExprChanged\x12Z\n\x16\x63\x61veat_parameter_added\x18\x11 \x01(\x0b\x32\".authzed.api.v1.ExpCaveatParameterH\x00R\x14\x63\x61veatParameterAdded\x12^\n\x18\x63\x61veat_parameter_removed\x18\x12 \x01(\x0b\x32\".authzed.api.v1.ExpCaveatParameterH\x00R\x16\x63\x61veatParameterRemoved\x12q\n\x1d\x63\x61veat_parameter_type_changed\x18\x13 \x01(\x0b\x32,.authzed.api.v1.ExpCaveatParameterTypeChangeH\x00R\x1a\x63\x61veatParameterTypeChangedB\x06\n\x04\x64iff2\x94\n\n\x13\x45xperimentalService\x12\xb2\x01\n\x17\x42ulkImportRelationships\x12..authzed.api.v1.BulkImportRelationshipsRequest\x1a/.authzed.api.v1.BulkImportRelationshipsResponse\"4\x82\xd3\xe4\x93\x02.\")/v1/experimental/relationships/bulkimport:\x01*(\x01\x12\xb2\x01\n\x17\x42ulkExportRelationships\x12..authzed.api.v1.BulkExportRelationshipsRequest\x1a/.authzed.api.v1.BulkExportRelationshipsResponse\"4\x82\xd3\xe4\x93\x02.\")/v1/experimental/relationships/bulkexport:\x01*0\x01\x12\xae\x01\n\x13\x42ulkCheckPermission\x12*.authzed.api.v1.BulkCheckPermissionRequest\x1a+.authzed.api.v1.BulkCheckPermissionResponse\">\x88\x02\x01\x82\xd3\xe4\x93\x02\x35\"0/v1/experimental/permissions/bulkcheckpermission:\x01*\x12\xab\x01\n\x19\x45xperimentalReflectSchema\x12\x30.authzed.api.v1.ExperimentalReflectSchemaRequest\x1a\x31.authzed.api.v1.ExperimentalReflectSchemaResponse\")\x82\xd3\xe4\x93\x02#\"\x1e/v1/experimental/reflectschema:\x01*\x12\xcc\x01\n!ExperimentalComputablePermissions\x12\x38.authzed.api.v1.ExperimentalComputablePermissionsRequest\x1a\x39.authzed.api.v1.ExperimentalComputablePermissionsResponse\"2\x82\xd3\xe4\x93\x02,\"\'/v1/experimental/permissions/computable:\x01*\x12\xc2\x01\n\x1e\x45xperimentalDependentRelations\x12\x35.authzed.api.v1.ExperimentalDependentRelationsRequest\x1a\x36.authzed.api.v1.ExperimentalDependentRelationsResponse\"1\x82\xd3\xe4\x93\x02+\"&/v1/experimental/permissions/dependent:\x01*\x12\x9f\x01\n\x16\x45xperimentalDiffSchema\x12-.authzed.api.v1.ExperimentalDiffSchemaRequest\x1a..authzed.api.v1.ExperimentalDiffSchemaResponse\"&\x82\xd3\xe4\x93\x02 \"\x1b/v1/experimental/diffschema:\x01*BJ\n\x12\x63om.authzed.api.v1P\x01Z2github.com/authzed/authzed-go/proto/authzed/api/v1b\x06proto3"
15
+ descriptor_data = "\n)authzed/api/v1/experimental_service.proto\x12\x0e\x61uthzed.api.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17validate/validate.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x17google/rpc/status.proto\x1a\x19\x61uthzed/api/v1/core.proto\x1a\'authzed/api/v1/permission_service.proto\"\xcf\x01\n.ExperimentalRegisterRelationshipCounterRequest\x12>\n\x04name\x18\x01 \x01(\tB*\xfa\x42\'r%(@2!^([a-z][a-z0-9_]{1,62}[a-z0-9])?$R\x04name\x12]\n\x13relationship_filter\x18\x02 \x01(\x0b\x32\".authzed.api.v1.RelationshipFilterB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x12relationshipFilter\"1\n/ExperimentalRegisterRelationshipCounterResponse\"g\n%ExperimentalCountRelationshipsRequest\x12>\n\x04name\x18\x01 \x01(\tB*\xfa\x42\'r%(@2!^([a-z][a-z0-9_]{1,62}[a-z0-9])?$R\x04name\"\xca\x01\n&ExperimentalCountRelationshipsResponse\x12<\n\x19\x63ounter_still_calculating\x18\x01 \x01(\x08H\x00R\x17\x63ounterStillCalculating\x12P\n\x12read_counter_value\x18\x02 \x01(\x0b\x32 .authzed.api.v1.ReadCounterValueH\x00R\x10readCounterValueB\x10\n\x0e\x63ounter_result\"~\n\x10ReadCounterValue\x12-\n\x12relationship_count\x18\x01 \x01(\x04R\x11relationshipCount\x12;\n\x07read_at\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x06readAt\"r\n0ExperimentalUnregisterRelationshipCounterRequest\x12>\n\x04name\x18\x01 \x01(\tB*\xfa\x42\'r%(@2!^([a-z][a-z0-9_]{1,62}[a-z0-9])?$R\x04name\"3\n1ExperimentalUnregisterRelationshipCounterResponse\"\xb2\x01\n\x1a\x42ulkCheckPermissionRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12U\n\x05items\x18\x02 \x03(\x0b\x32..authzed.api.v1.BulkCheckPermissionRequestItemB\x0f\x18\x01\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\x05items\"\xb6\x02\n\x1e\x42ulkCheckPermissionRequestItem\x12\x45\n\x08resource\x18\x01 \x01(\x0b\x32\x1f.authzed.api.v1.ObjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x08resource\x12J\n\npermission\x18\x02 \x01(\tB*\xfa\x42\'r%(@2!^([a-z][a-z0-9_]{1,62}[a-z0-9])?$R\npermission\x12\x44\n\x07subject\x18\x03 \x01(\x0b\x32 .authzed.api.v1.SubjectReferenceB\x08\xfa\x42\x05\x8a\x01\x02\x10\x01R\x07subject\x12;\n\x07\x63ontext\x18\x04 \x01(\x0b\x32\x17.google.protobuf.StructB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\x07\x63ontext\"\xae\x01\n\x1b\x42ulkCheckPermissionResponse\x12\x41\n\nchecked_at\x18\x01 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\tcheckedAt\x12L\n\x05pairs\x18\x02 \x03(\x0b\x32\'.authzed.api.v1.BulkCheckPermissionPairB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\x05pairs\"\xe2\x01\n\x17\x42ulkCheckPermissionPair\x12H\n\x07request\x18\x01 \x01(\x0b\x32..authzed.api.v1.BulkCheckPermissionRequestItemR\x07request\x12\x45\n\x04item\x18\x02 \x01(\x0b\x32/.authzed.api.v1.BulkCheckPermissionResponseItemH\x00R\x04item\x12*\n\x05\x65rror\x18\x03 \x01(\x0b\x32\x12.google.rpc.StatusH\x00R\x05\x65rrorB\n\n\x08response\"\xea\x01\n\x1f\x42ulkCheckPermissionResponseItem\x12j\n\x0epermissionship\x18\x01 \x01(\x0e\x32\x36.authzed.api.v1.CheckPermissionResponse.PermissionshipB\n\xfa\x42\x07\x82\x01\x04\x10\x01 \x00R\x0epermissionship\x12[\n\x13partial_caveat_info\x18\x02 \x01(\x0b\x32!.authzed.api.v1.PartialCaveatInfoB\x08\xfa\x42\x05\x8a\x01\x02\x10\x00R\x11partialCaveatInfo\"s\n\x1e\x42ulkImportRelationshipsRequest\x12Q\n\rrelationships\x18\x01 \x03(\x0b\x32\x1c.authzed.api.v1.RelationshipB\r\xfa\x42\n\x92\x01\x07\"\x05\x8a\x01\x02\x10\x01R\rrelationships\"@\n\x1f\x42ulkImportRelationshipsResponse\x12\x1d\n\nnum_loaded\x18\x01 \x01(\x04R\tnumLoaded\"\xb6\x02\n\x1e\x42ulkExportRelationshipsRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12.\n\x0eoptional_limit\x18\x02 \x01(\rB\x07\xfa\x42\x04*\x02(\x00R\roptionalLimit\x12?\n\x0foptional_cursor\x18\x03 \x01(\x0b\x32\x16.authzed.api.v1.CursorR\x0eoptionalCursor\x12\x64\n\x1coptional_relationship_filter\x18\x04 \x01(\x0b\x32\".authzed.api.v1.RelationshipFilterR\x1aoptionalRelationshipFilter\"\xad\x01\n\x1f\x42ulkExportRelationshipsResponse\x12\x46\n\x13\x61\x66ter_result_cursor\x18\x01 \x01(\x0b\x32\x16.authzed.api.v1.CursorR\x11\x61\x66terResultCursor\x12\x42\n\rrelationships\x18\x02 \x03(\x0b\x32\x1c.authzed.api.v1.RelationshipR\rrelationships\"\xad\x01\n ExperimentalReflectSchemaRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12J\n\x10optional_filters\x18\x02 \x03(\x0b\x32\x1f.authzed.api.v1.ExpSchemaFilterR\x0foptionalFilters\"\xcc\x01\n!ExperimentalReflectSchemaResponse\x12?\n\x0b\x64\x65\x66initions\x18\x01 \x03(\x0b\x32\x1d.authzed.api.v1.ExpDefinitionR\x0b\x64\x65\x66initions\x12\x33\n\x07\x63\x61veats\x18\x02 \x03(\x0b\x32\x19.authzed.api.v1.ExpCaveatR\x07\x63\x61veats\x12\x31\n\x07read_at\x18\x03 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x06readAt\"\xa1\x02\n\x0f\x45xpSchemaFilter\x12\x45\n\x1foptional_definition_name_filter\x18\x01 \x01(\tR\x1coptionalDefinitionNameFilter\x12=\n\x1boptional_caveat_name_filter\x18\x02 \x01(\tR\x18optionalCaveatNameFilter\x12\x41\n\x1doptional_relation_name_filter\x18\x03 \x01(\tR\x1aoptionalRelationNameFilter\x12\x45\n\x1foptional_permission_name_filter\x18\x04 \x01(\tR\x1coptionalPermissionNameFilter\"\xb9\x01\n\rExpDefinition\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n\x07\x63omment\x18\x02 \x01(\tR\x07\x63omment\x12\x39\n\trelations\x18\x03 \x03(\x0b\x32\x1b.authzed.api.v1.ExpRelationR\trelations\x12?\n\x0bpermissions\x18\x04 \x03(\x0b\x32\x1d.authzed.api.v1.ExpPermissionR\x0bpermissions\"\x9d\x01\n\tExpCaveat\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n\x07\x63omment\x18\x02 \x01(\tR\x07\x63omment\x12\x42\n\nparameters\x18\x03 \x03(\x0b\x32\".authzed.api.v1.ExpCaveatParameterR\nparameters\x12\x1e\n\nexpression\x18\x04 \x01(\tR\nexpression\"j\n\x12\x45xpCaveatParameter\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x12\n\x04type\x18\x02 \x01(\tR\x04type\x12,\n\x12parent_caveat_name\x18\x03 \x01(\tR\x10parentCaveatName\"\xb8\x01\n\x0b\x45xpRelation\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n\x07\x63omment\x18\x02 \x01(\tR\x07\x63omment\x12\x34\n\x16parent_definition_name\x18\x03 \x01(\tR\x14parentDefinitionName\x12\x45\n\rsubject_types\x18\x04 \x03(\x0b\x32 .authzed.api.v1.ExpTypeReferenceR\x0csubjectTypes\"\xa1\x02\n\x10\x45xpTypeReference\x12\x36\n\x17subject_definition_name\x18\x01 \x01(\tR\x15subjectDefinitionName\x12\x30\n\x14optional_caveat_name\x18\x02 \x01(\tR\x12optionalCaveatName\x12\x30\n\x13is_terminal_subject\x18\x03 \x01(\x08H\x00R\x11isTerminalSubject\x12\x36\n\x16optional_relation_name\x18\x04 \x01(\tH\x00R\x14optionalRelationName\x12.\n\x12is_public_wildcard\x18\x05 \x01(\x08H\x00R\x10isPublicWildcardB\t\n\x07typeref\"s\n\rExpPermission\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n\x07\x63omment\x18\x02 \x01(\tR\x07\x63omment\x12\x34\n\x16parent_definition_name\x18\x03 \x01(\tR\x14parentDefinitionName\"\xfe\x01\n(ExperimentalComputablePermissionsRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12\'\n\x0f\x64\x65\x66inition_name\x18\x02 \x01(\tR\x0e\x64\x65\x66initionName\x12#\n\rrelation_name\x18\x03 \x01(\tR\x0crelationName\x12\x45\n\x1foptional_definition_name_filter\x18\x04 \x01(\tR\x1coptionalDefinitionNameFilter\"\x89\x01\n\x14\x45xpRelationReference\x12\'\n\x0f\x64\x65\x66inition_name\x18\x01 \x01(\tR\x0e\x64\x65\x66initionName\x12#\n\rrelation_name\x18\x02 \x01(\tR\x0crelationName\x12#\n\ris_permission\x18\x03 \x01(\x08R\x0cisPermission\"\xa6\x01\n)ExperimentalComputablePermissionsResponse\x12\x46\n\x0bpermissions\x18\x01 \x03(\x0b\x32$.authzed.api.v1.ExpRelationReferenceR\x0bpermissions\x12\x31\n\x07read_at\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x06readAt\"\xb8\x01\n%ExperimentalDependentRelationsRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12\'\n\x0f\x64\x65\x66inition_name\x18\x02 \x01(\tR\x0e\x64\x65\x66initionName\x12\'\n\x0fpermission_name\x18\x03 \x01(\tR\x0epermissionName\"\x9f\x01\n&ExperimentalDependentRelationsResponse\x12\x42\n\trelations\x18\x01 \x03(\x0b\x32$.authzed.api.v1.ExpRelationReferenceR\trelations\x12\x31\n\x07read_at\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x06readAt\"\x8b\x01\n\x1d\x45xperimentalDiffSchemaRequest\x12=\n\x0b\x63onsistency\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ConsistencyR\x0b\x63onsistency\x12+\n\x11\x63omparison_schema\x18\x02 \x01(\tR\x10\x63omparisonSchema\"\x88\x01\n\x1e\x45xperimentalDiffSchemaResponse\x12\x33\n\x05\x64iffs\x18\x01 \x03(\x0b\x32\x1d.authzed.api.v1.ExpSchemaDiffR\x05\x64iffs\x12\x31\n\x07read_at\x18\x02 \x01(\x0b\x32\x18.authzed.api.v1.ZedTokenR\x06readAt\"\xab\x01\n\x1c\x45xpRelationSubjectTypeChange\x12\x37\n\x08relation\x18\x01 \x01(\x0b\x32\x1b.authzed.api.v1.ExpRelationR\x08relation\x12R\n\x14\x63hanged_subject_type\x18\x02 \x01(\x0b\x32 .authzed.api.v1.ExpTypeReferenceR\x12\x63hangedSubjectType\"\x85\x01\n\x1c\x45xpCaveatParameterTypeChange\x12@\n\tparameter\x18\x01 \x01(\x0b\x32\".authzed.api.v1.ExpCaveatParameterR\tparameter\x12#\n\rprevious_type\x18\x02 \x01(\tR\x0cpreviousType\"\xa0\r\n\rExpSchemaDiff\x12J\n\x10\x64\x65\x66inition_added\x18\x01 \x01(\x0b\x32\x1d.authzed.api.v1.ExpDefinitionH\x00R\x0f\x64\x65\x66initionAdded\x12N\n\x12\x64\x65\x66inition_removed\x18\x02 \x01(\x0b\x32\x1d.authzed.api.v1.ExpDefinitionH\x00R\x11\x64\x65\x66initionRemoved\x12\x64\n\x1e\x64\x65\x66inition_doc_comment_changed\x18\x03 \x01(\x0b\x32\x1d.authzed.api.v1.ExpDefinitionH\x00R\x1b\x64\x65\x66initionDocCommentChanged\x12\x44\n\x0erelation_added\x18\x04 \x01(\x0b\x32\x1b.authzed.api.v1.ExpRelationH\x00R\rrelationAdded\x12H\n\x10relation_removed\x18\x05 \x01(\x0b\x32\x1b.authzed.api.v1.ExpRelationH\x00R\x0frelationRemoved\x12^\n\x1crelation_doc_comment_changed\x18\x06 \x01(\x0b\x32\x1b.authzed.api.v1.ExpRelationH\x00R\x19relationDocCommentChanged\x12m\n\x1brelation_subject_type_added\x18\x07 \x01(\x0b\x32,.authzed.api.v1.ExpRelationSubjectTypeChangeH\x00R\x18relationSubjectTypeAdded\x12q\n\x1drelation_subject_type_removed\x18\x08 \x01(\x0b\x32,.authzed.api.v1.ExpRelationSubjectTypeChangeH\x00R\x1arelationSubjectTypeRemoved\x12J\n\x10permission_added\x18\t \x01(\x0b\x32\x1d.authzed.api.v1.ExpPermissionH\x00R\x0fpermissionAdded\x12N\n\x12permission_removed\x18\n \x01(\x0b\x32\x1d.authzed.api.v1.ExpPermissionH\x00R\x11permissionRemoved\x12\x64\n\x1epermission_doc_comment_changed\x18\x0b \x01(\x0b\x32\x1d.authzed.api.v1.ExpPermissionH\x00R\x1bpermissionDocCommentChanged\x12W\n\x17permission_expr_changed\x18\x0c \x01(\x0b\x32\x1d.authzed.api.v1.ExpPermissionH\x00R\x15permissionExprChanged\x12>\n\x0c\x63\x61veat_added\x18\r \x01(\x0b\x32\x19.authzed.api.v1.ExpCaveatH\x00R\x0b\x63\x61veatAdded\x12\x42\n\x0e\x63\x61veat_removed\x18\x0e \x01(\x0b\x32\x19.authzed.api.v1.ExpCaveatH\x00R\rcaveatRemoved\x12X\n\x1a\x63\x61veat_doc_comment_changed\x18\x0f \x01(\x0b\x32\x19.authzed.api.v1.ExpCaveatH\x00R\x17\x63\x61veatDocCommentChanged\x12K\n\x13\x63\x61veat_expr_changed\x18\x10 \x01(\x0b\x32\x19.authzed.api.v1.ExpCaveatH\x00R\x11\x63\x61veatExprChanged\x12Z\n\x16\x63\x61veat_parameter_added\x18\x11 \x01(\x0b\x32\".authzed.api.v1.ExpCaveatParameterH\x00R\x14\x63\x61veatParameterAdded\x12^\n\x18\x63\x61veat_parameter_removed\x18\x12 \x01(\x0b\x32\".authzed.api.v1.ExpCaveatParameterH\x00R\x16\x63\x61veatParameterRemoved\x12q\n\x1d\x63\x61veat_parameter_type_changed\x18\x13 \x01(\x0b\x32,.authzed.api.v1.ExpCaveatParameterTypeChangeH\x00R\x1a\x63\x61veatParameterTypeChangedB\x06\n\x04\x64iff2\xaa\x0f\n\x13\x45xperimentalService\x12\xb2\x01\n\x17\x42ulkImportRelationships\x12..authzed.api.v1.BulkImportRelationshipsRequest\x1a/.authzed.api.v1.BulkImportRelationshipsResponse\"4\x82\xd3\xe4\x93\x02.\")/v1/experimental/relationships/bulkimport:\x01*(\x01\x12\xb2\x01\n\x17\x42ulkExportRelationships\x12..authzed.api.v1.BulkExportRelationshipsRequest\x1a/.authzed.api.v1.BulkExportRelationshipsResponse\"4\x82\xd3\xe4\x93\x02.\")/v1/experimental/relationships/bulkexport:\x01*0\x01\x12\xae\x01\n\x13\x42ulkCheckPermission\x12*.authzed.api.v1.BulkCheckPermissionRequest\x1a+.authzed.api.v1.BulkCheckPermissionResponse\">\x88\x02\x01\x82\xd3\xe4\x93\x02\x35\"0/v1/experimental/permissions/bulkcheckpermission:\x01*\x12\xab\x01\n\x19\x45xperimentalReflectSchema\x12\x30.authzed.api.v1.ExperimentalReflectSchemaRequest\x1a\x31.authzed.api.v1.ExperimentalReflectSchemaResponse\")\x82\xd3\xe4\x93\x02#\"\x1e/v1/experimental/reflectschema:\x01*\x12\xcc\x01\n!ExperimentalComputablePermissions\x12\x38.authzed.api.v1.ExperimentalComputablePermissionsRequest\x1a\x39.authzed.api.v1.ExperimentalComputablePermissionsResponse\"2\x82\xd3\xe4\x93\x02,\"\'/v1/experimental/permissions/computable:\x01*\x12\xc2\x01\n\x1e\x45xperimentalDependentRelations\x12\x35.authzed.api.v1.ExperimentalDependentRelationsRequest\x1a\x36.authzed.api.v1.ExperimentalDependentRelationsResponse\"1\x82\xd3\xe4\x93\x02+\"&/v1/experimental/permissions/dependent:\x01*\x12\x9f\x01\n\x16\x45xperimentalDiffSchema\x12-.authzed.api.v1.ExperimentalDiffSchemaRequest\x1a..authzed.api.v1.ExperimentalDiffSchemaResponse\"&\x82\xd3\xe4\x93\x02 \"\x1b/v1/experimental/diffschema:\x01*\x12\xe3\x01\n\'ExperimentalRegisterRelationshipCounter\x12>.authzed.api.v1.ExperimentalRegisterRelationshipCounterRequest\x1a?.authzed.api.v1.ExperimentalRegisterRelationshipCounterResponse\"7\x82\xd3\xe4\x93\x02\x31\",/v1/experimental/registerrelationshipcounter:\x01*\x12\xbf\x01\n\x1e\x45xperimentalCountRelationships\x12\x35.authzed.api.v1.ExperimentalCountRelationshipsRequest\x1a\x36.authzed.api.v1.ExperimentalCountRelationshipsResponse\".\x82\xd3\xe4\x93\x02(\"#/v1/experimental/countrelationships:\x01*\x12\xeb\x01\n)ExperimentalUnregisterRelationshipCounter\x12@.authzed.api.v1.ExperimentalUnregisterRelationshipCounterRequest\x1a\x41.authzed.api.v1.ExperimentalUnregisterRelationshipCounterResponse\"9\x82\xd3\xe4\x93\x02\x33\"./v1/experimental/unregisterrelationshipcounter:\x01*BJ\n\x12\x63om.authzed.api.v1P\x01Z2github.com/authzed/authzed-go/proto/authzed/api/v1b\x06proto3"
16
16
 
17
17
  pool = Google::Protobuf::DescriptorPool.generated_pool
18
18
  pool.add_serialized_file(descriptor_data)
@@ -20,6 +20,13 @@ pool.add_serialized_file(descriptor_data)
20
20
  module Authzed
21
21
  module Api
22
22
  module V1
23
+ ExperimentalRegisterRelationshipCounterRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExperimentalRegisterRelationshipCounterRequest").msgclass
24
+ ExperimentalRegisterRelationshipCounterResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExperimentalRegisterRelationshipCounterResponse").msgclass
25
+ ExperimentalCountRelationshipsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExperimentalCountRelationshipsRequest").msgclass
26
+ ExperimentalCountRelationshipsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExperimentalCountRelationshipsResponse").msgclass
27
+ ReadCounterValue = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ReadCounterValue").msgclass
28
+ ExperimentalUnregisterRelationshipCounterRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExperimentalUnregisterRelationshipCounterRequest").msgclass
29
+ ExperimentalUnregisterRelationshipCounterResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExperimentalUnregisterRelationshipCounterResponse").msgclass
23
30
  BulkCheckPermissionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkCheckPermissionRequest").msgclass
24
31
  BulkCheckPermissionRequestItem = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkCheckPermissionRequestItem").msgclass
25
32
  BulkCheckPermissionResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.BulkCheckPermissionResponse").msgclass
@@ -51,6 +51,13 @@ module Authzed
51
51
  # specified schema and the schema stored in SpiceDB. This is useful for clients that need to
52
52
  # introspect the schema of a SpiceDB instance.
53
53
  rpc :ExperimentalDiffSchema, ::Authzed::Api::V1::ExperimentalDiffSchemaRequest, ::Authzed::Api::V1::ExperimentalDiffSchemaResponse
54
+ # EXPERIMENTAL: RegisterRelationshipCounter registers a new filter for counting relationships. A filter must be registered before
55
+ # a count can be requested.
56
+ rpc :ExperimentalRegisterRelationshipCounter, ::Authzed::Api::V1::ExperimentalRegisterRelationshipCounterRequest, ::Authzed::Api::V1::ExperimentalRegisterRelationshipCounterResponse
57
+ # EXPERIMENTAL: CountRelationships returns the count of relationships for *pre-registered* filter.
58
+ rpc :ExperimentalCountRelationships, ::Authzed::Api::V1::ExperimentalCountRelationshipsRequest, ::Authzed::Api::V1::ExperimentalCountRelationshipsResponse
59
+ # EXPERIMENTAL: UnregisterRelationshipCounter unregisters an existing filter for counting relationships.
60
+ rpc :ExperimentalUnregisterRelationshipCounter, ::Authzed::Api::V1::ExperimentalUnregisterRelationshipCounterRequest, ::Authzed::Api::V1::ExperimentalUnregisterRelationshipCounterResponse
54
61
  end
55
62
 
56
63
  Stub = Service.rpc_stub_class
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authzed
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.0
4
+ version: 0.11.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Authzed
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-05-25 00:00:00.000000000 Z
11
+ date: 2024-08-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: grpc
@@ -62,6 +62,10 @@ files:
62
62
  - LICENSE
63
63
  - README.md
64
64
  - lib/authzed.rb
65
+ - lib/authzed/api/materialize/v0/watchpermissions_pb.rb
66
+ - lib/authzed/api/materialize/v0/watchpermissions_services_pb.rb
67
+ - lib/authzed/api/materialize/v0/watchpermissionsets_pb.rb
68
+ - lib/authzed/api/materialize/v0/watchpermissionsets_services_pb.rb
65
69
  - lib/authzed/api/v1/client.rb
66
70
  - lib/authzed/api/v1/core_pb.rb
67
71
  - lib/authzed/api/v1/debug_pb.rb
@@ -105,7 +109,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
105
109
  - !ruby/object:Gem::Version
106
110
  version: '0'
107
111
  requirements: []
108
- rubygems_version: 3.5.9
112
+ rubygems_version: 3.5.11
109
113
  signing_key:
110
114
  specification_version: 4
111
115
  summary: Ruby bindings for Authzed API