authzed 0.1.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e1495a99e8306e5ccba16daa977fa824fced295ee98913e36c73617c18def744
4
- data.tar.gz: 74763f19757bce03b40e4362f89c0499f1a55661324701ad387b1a61453d0f96
3
+ metadata.gz: 745773cee685ac83d572bb8a772f0f25825147e9e55092aa66ee36a29a578341
4
+ data.tar.gz: a6a59d5a14bca9c4340717a261fa2bd59edf6f503bb4d1abba07cae496a0e0c2
5
5
  SHA512:
6
- metadata.gz: 859a8f38ab1ce0cf71c06f827333facf4701520341e2d3fe50a174b7639a9c7843d93f46cfacd623eb086d28f3ec66e9cbf96a3bf977bdb914fb73d136ae4a46
7
- data.tar.gz: 7147f721b18f217dcb3dbf00f6d3ba96e87d1f21ccd4c6f5b9880f23c032bc08d89aef319800fd289b74f694872c597eaa1b94b20a547eb4f49aa675ca766016
6
+ metadata.gz: e93362eddda43c3d16194640a7090dbbc324e44bc79f8632ab450a950b412eb0921ad17981e502864d1fec106622d7ad9d9f39c2e6ef78395ec0d6e42f81a1a5
7
+ data.tar.gz: 69e91b80c6c2d9c8e7934923629f063a63b41ebaed4416d89186fd3128c07d5b4d7f7249d540722cfdf1bd66d30e7a4d04cff6bddb3b615ad7f9bec8990ec325
data/README.md CHANGED
@@ -14,6 +14,7 @@ This repository houses the Ruby client library for Authzed.
14
14
  Developers create a schema that models their permissions requirements and use a client library, such as this one, to apply the schema to the database, insert data into the database, and query the data to efficiently check permissions in their applications.
15
15
 
16
16
  Supported client API versions:
17
+ - [v1](https://docs.authzed.com/reference/api#authzedapiv1)
17
18
  - [v1alpha1](https://docs.authzed.com/reference/api#authzedapiv1alpha1)
18
19
  - [v0](https://docs.authzed.com/reference/api#authzedapiv0)
19
20
 
@@ -31,10 +32,10 @@ See [CONTRIBUTING.md] for instructions on how to contribute and perform common t
31
32
 
32
33
  We highly recommend following the **[Protecting Your First App]** guide to learn the latest best practice to integrate an application with Authzed.
33
34
 
34
- If you're interested in examples of a specific version of the API, they can be found in their respective folders in the [examples directory].
35
+ If you're interested in example uses of the API, see the spec files in the [spec directory].
35
36
 
36
37
  [Protecting Your First App]: https://docs.authzed.com/guides/first-app
37
- [examples directory]: /examples
38
+ [spec directory]: /spec
38
39
 
39
40
  ## Basic Usage
40
41
 
@@ -61,9 +62,10 @@ In order to successfully connect, you will have to provide a [Bearer Token] with
61
62
  require 'authzed'
62
63
 
63
64
 
64
- client = Authzed::Api::V0::Client.new(
65
- target: 'grpc.authzed.com:443',
66
- interceptors: [Authzed::GrpcUtil::BearerToken.new(token: 't_your_token_here_1234567deadbeef')],
65
+ client = Authzed::Api::V1::Client.new(
66
+ target: "localhost:50051",
67
+ credentials: :this_channel_is_insecure,
68
+ interceptors: [Authzed::GrpcUtil::BearerToken.new(token: "somerandomkeyhere")],
67
69
  )
68
70
  ```
69
71
 
@@ -72,15 +74,19 @@ client = Authzed::Api::V0::Client.new(
72
74
  ```rb
73
75
  require 'authzed'
74
76
 
75
- emilia = Authzed::Api::V0::User.new(namespace: 'blog/user', object_id: 'emilia')
76
- read_first_post = Authzed::Api::V0::ObjectAndRelation.new(
77
- namespace: 'blog/post',
78
- object_id: '1',
79
- relation: 'read'
80
- )
81
-
82
77
  # Is Emilia in the set of users that can read post #1?
83
- resp = client.acl_service.check(
84
- Authzed::Api::V0::CheckRequest.new(test_userset: read_first_post, user: emilia)
78
+ resp = client.permissions_service.check_permission(
79
+ Authzed::Api::V1::CheckPermissionRequest.new(
80
+ consistency: Authzed::Api::V1::Consistency.new(
81
+ at_least_as_fresh: Authzed::Api::V1::ZedToken.new(token: zed_token)
82
+ ),
83
+ resource: Authzed::Api::V1::ObjectReference.new(object_type: 'blog/post', object_id: '1'),
84
+ permission: 'read',
85
+ subject: Authzed::Api::V1::SubjectReference.new(
86
+ object: Authzed::Api::V1::ObjectReference.new(object_type: 'blog/user', object_id: 'emilia')
87
+ )
88
+ )
85
89
  )
90
+ can_read = Authzed::Api::V1::CheckPermissionResponse::Permissionship.resolve(resp.permissionship)) ==
91
+ Authzed::Api::V1::CheckPermissionResponse::Permissionship::PERMISSIONSHIP_HAS_PERMISSION
86
92
  ```
@@ -7,6 +7,13 @@ require 'authzed/api/v0/core_pb'
7
7
  require 'authzed/api/v0/namespace_pb'
8
8
  Google::Protobuf::DescriptorPool.generated_pool.build do
9
9
  add_file("authzed/api/v0/developer.proto", :syntax => :proto3) do
10
+ add_message "authzed.api.v0.FormatSchemaRequest" do
11
+ optional :schema, :string, 1, json_name: "schema"
12
+ end
13
+ add_message "authzed.api.v0.FormatSchemaResponse" do
14
+ optional :error, :message, 1, "authzed.api.v0.DeveloperError", json_name: "error"
15
+ optional :formatted_schema, :string, 2, json_name: "formattedSchema"
16
+ end
10
17
  add_message "authzed.api.v0.UpgradeSchemaRequest" do
11
18
  repeated :namespace_configs, :string, 1, json_name: "namespaceConfigs"
12
19
  end
@@ -42,6 +49,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
42
49
  add_message "authzed.api.v0.RequestContext" do
43
50
  optional :schema, :string, 1, json_name: "schema"
44
51
  repeated :relationships, :message, 2, "authzed.api.v0.RelationTuple", json_name: "relationships"
52
+ repeated :legacy_ns_configs, :message, 3, "authzed.api.v0.NamespaceDefinition", json_name: "legacyNsConfigs"
45
53
  end
46
54
  add_message "authzed.api.v0.EditCheckRequest" do
47
55
  optional :context, :message, 1, "authzed.api.v0.RequestContext", json_name: "context"
@@ -102,6 +110,8 @@ end
102
110
  module Authzed
103
111
  module Api
104
112
  module V0
113
+ FormatSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.FormatSchemaRequest").msgclass
114
+ FormatSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.FormatSchemaResponse").msgclass
105
115
  UpgradeSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.UpgradeSchemaRequest").msgclass
106
116
  UpgradeSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.UpgradeSchemaResponse").msgclass
107
117
  ShareRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ShareRequest").msgclass
@@ -21,6 +21,7 @@ module Authzed
21
21
  rpc :Share, ::Authzed::Api::V0::ShareRequest, ::Authzed::Api::V0::ShareResponse
22
22
  rpc :LookupShared, ::Authzed::Api::V0::LookupShareRequest, ::Authzed::Api::V0::LookupShareResponse
23
23
  rpc :UpgradeSchema, ::Authzed::Api::V0::UpgradeSchemaRequest, ::Authzed::Api::V0::UpgradeSchemaResponse
24
+ rpc :FormatSchema, ::Authzed::Api::V0::FormatSchemaRequest, ::Authzed::Api::V0::FormatSchemaResponse
24
25
  end
25
26
 
26
27
  Stub = Service.rpc_stub_class
@@ -22,6 +22,12 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
22
22
  add_message "authzed.api.v0.WriteConfigResponse" do
23
23
  optional :revision, :message, 1, "authzed.api.v0.Zookie", json_name: "revision"
24
24
  end
25
+ add_message "authzed.api.v0.DeleteConfigsRequest" do
26
+ repeated :namespaces, :string, 1, json_name: "namespaces"
27
+ end
28
+ add_message "authzed.api.v0.DeleteConfigsResponse" do
29
+ optional :revision, :message, 1, "authzed.api.v0.Zookie", json_name: "revision"
30
+ end
25
31
  end
26
32
  end
27
33
 
@@ -32,6 +38,8 @@ module Authzed
32
38
  ReadConfigResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ReadConfigResponse").msgclass
33
39
  WriteConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.WriteConfigRequest").msgclass
34
40
  WriteConfigResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.WriteConfigResponse").msgclass
41
+ DeleteConfigsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.DeleteConfigsRequest").msgclass
42
+ DeleteConfigsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.DeleteConfigsResponse").msgclass
35
43
  end
36
44
  end
37
45
  end
@@ -18,6 +18,7 @@ module Authzed
18
18
 
19
19
  rpc :ReadConfig, ::Authzed::Api::V0::ReadConfigRequest, ::Authzed::Api::V0::ReadConfigResponse
20
20
  rpc :WriteConfig, ::Authzed::Api::V0::WriteConfigRequest, ::Authzed::Api::V0::WriteConfigResponse
21
+ rpc :DeleteConfigs, ::Authzed::Api::V0::DeleteConfigsRequest, ::Authzed::Api::V0::DeleteConfigsResponse
21
22
  end
22
23
 
23
24
  Stub = Service.rpc_stub_class
@@ -0,0 +1,37 @@
1
+ require 'grpc'
2
+
3
+ module Authzed
4
+ module Api
5
+ module V1
6
+ class Client
7
+ attr_reader :permissions_service, :schema_service, :watch_service
8
+
9
+ def initialize(target:, credentials: nil, interceptors: [], options: {}, timeout: nil)
10
+ creds = credentials || GRPC::Core::ChannelCredentials.new
11
+
12
+ @permissions_service = Authzed::Api::V1::PermissionsService::Stub.new(
13
+ target,
14
+ creds,
15
+ timeout: timeout,
16
+ interceptors: interceptors,
17
+ channel_args: options,
18
+ )
19
+ @schema_service = Authzed::Api::V1::SchemaService::Stub.new(
20
+ target,
21
+ creds,
22
+ timeout: timeout,
23
+ interceptors: interceptors,
24
+ channel_args: options,
25
+ )
26
+ @watch_service = Authzed::Api::V1::WatchService::Stub.new(
27
+ target,
28
+ creds,
29
+ timeout: timeout,
30
+ interceptors: interceptors,
31
+ channel_args: options,
32
+ )
33
+ end
34
+ end
35
+ end
36
+ end
37
+ end
@@ -0,0 +1,73 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: authzed/api/v1/core.proto
3
+
4
+ require 'google/protobuf'
5
+
6
+ Google::Protobuf::DescriptorPool.generated_pool.build do
7
+ add_file("authzed/api/v1/core.proto", :syntax => :proto3) do
8
+ add_message "authzed.api.v1.Relationship" do
9
+ optional :resource, :message, 1, "authzed.api.v1.ObjectReference", json_name: "resource"
10
+ optional :relation, :string, 2, json_name: "relation"
11
+ optional :subject, :message, 3, "authzed.api.v1.SubjectReference", json_name: "subject"
12
+ end
13
+ add_message "authzed.api.v1.SubjectReference" do
14
+ optional :object, :message, 1, "authzed.api.v1.ObjectReference", json_name: "object"
15
+ optional :optional_relation, :string, 2, json_name: "optionalRelation"
16
+ end
17
+ add_message "authzed.api.v1.ObjectReference" do
18
+ optional :object_type, :string, 1, json_name: "objectType"
19
+ optional :object_id, :string, 2, json_name: "objectId"
20
+ end
21
+ add_message "authzed.api.v1.ZedToken" do
22
+ optional :token, :string, 1, json_name: "token"
23
+ end
24
+ add_message "authzed.api.v1.RelationshipUpdate" do
25
+ optional :operation, :enum, 1, "authzed.api.v1.RelationshipUpdate.Operation", json_name: "operation"
26
+ optional :relationship, :message, 2, "authzed.api.v1.Relationship", json_name: "relationship"
27
+ end
28
+ add_enum "authzed.api.v1.RelationshipUpdate.Operation" do
29
+ value :OPERATION_UNSPECIFIED, 0
30
+ value :OPERATION_CREATE, 1
31
+ value :OPERATION_TOUCH, 2
32
+ value :OPERATION_DELETE, 3
33
+ end
34
+ add_message "authzed.api.v1.PermissionRelationshipTree" do
35
+ optional :expanded_object, :message, 3, "authzed.api.v1.ObjectReference", json_name: "expandedObject"
36
+ optional :expanded_relation, :string, 4, json_name: "expandedRelation"
37
+ oneof :tree_type do
38
+ optional :intermediate, :message, 1, "authzed.api.v1.AlgebraicSubjectSet", json_name: "intermediate"
39
+ optional :leaf, :message, 2, "authzed.api.v1.DirectSubjectSet", json_name: "leaf"
40
+ end
41
+ end
42
+ add_message "authzed.api.v1.AlgebraicSubjectSet" do
43
+ optional :operation, :enum, 1, "authzed.api.v1.AlgebraicSubjectSet.Operation", json_name: "operation"
44
+ repeated :children, :message, 2, "authzed.api.v1.PermissionRelationshipTree", json_name: "children"
45
+ end
46
+ add_enum "authzed.api.v1.AlgebraicSubjectSet.Operation" do
47
+ value :OPERATION_UNSPECIFIED, 0
48
+ value :OPERATION_UNION, 1
49
+ value :OPERATION_INTERSECTION, 2
50
+ value :OPERATION_EXCLUSION, 3
51
+ end
52
+ add_message "authzed.api.v1.DirectSubjectSet" do
53
+ repeated :subjects, :message, 1, "authzed.api.v1.SubjectReference", json_name: "subjects"
54
+ end
55
+ end
56
+ end
57
+
58
+ module Authzed
59
+ module Api
60
+ module V1
61
+ Relationship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.Relationship").msgclass
62
+ SubjectReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.SubjectReference").msgclass
63
+ ObjectReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ObjectReference").msgclass
64
+ ZedToken = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ZedToken").msgclass
65
+ RelationshipUpdate = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.RelationshipUpdate").msgclass
66
+ RelationshipUpdate::Operation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.RelationshipUpdate.Operation").enummodule
67
+ PermissionRelationshipTree = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.PermissionRelationshipTree").msgclass
68
+ AlgebraicSubjectSet = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.AlgebraicSubjectSet").msgclass
69
+ AlgebraicSubjectSet::Operation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.AlgebraicSubjectSet.Operation").enummodule
70
+ DirectSubjectSet = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.DirectSubjectSet").msgclass
71
+ end
72
+ end
73
+ end
@@ -0,0 +1,123 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: authzed/api/v1/permission_service.proto
3
+
4
+ require 'google/protobuf'
5
+
6
+ require 'authzed/api/v1/core_pb'
7
+ Google::Protobuf::DescriptorPool.generated_pool.build do
8
+ add_file("authzed/api/v1/permission_service.proto", :syntax => :proto3) do
9
+ add_message "authzed.api.v1.Consistency" do
10
+ oneof :requirement do
11
+ optional :minimize_latency, :bool, 1, json_name: "minimizeLatency"
12
+ optional :at_least_as_fresh, :message, 2, "authzed.api.v1.ZedToken", json_name: "atLeastAsFresh"
13
+ optional :at_exact_snapshot, :message, 3, "authzed.api.v1.ZedToken", json_name: "atExactSnapshot"
14
+ optional :fully_consistent, :bool, 4, json_name: "fullyConsistent"
15
+ end
16
+ end
17
+ add_message "authzed.api.v1.RelationshipFilter" do
18
+ optional :resource_type, :string, 1, json_name: "resourceType"
19
+ optional :optional_resource_id, :string, 2, json_name: "optionalResourceId"
20
+ optional :optional_relation, :string, 3, json_name: "optionalRelation"
21
+ optional :optional_subject_filter, :message, 4, "authzed.api.v1.SubjectFilter", json_name: "optionalSubjectFilter"
22
+ end
23
+ add_message "authzed.api.v1.SubjectFilter" do
24
+ optional :subject_type, :string, 1, json_name: "subjectType"
25
+ optional :optional_subject_id, :string, 2, json_name: "optionalSubjectId"
26
+ optional :optional_relation, :message, 3, "authzed.api.v1.SubjectFilter.RelationFilter", json_name: "optionalRelation"
27
+ end
28
+ add_message "authzed.api.v1.SubjectFilter.RelationFilter" do
29
+ optional :relation, :string, 1, json_name: "relation"
30
+ end
31
+ add_message "authzed.api.v1.ReadRelationshipsRequest" do
32
+ optional :consistency, :message, 1, "authzed.api.v1.Consistency", json_name: "consistency"
33
+ optional :relationship_filter, :message, 2, "authzed.api.v1.RelationshipFilter", json_name: "relationshipFilter"
34
+ end
35
+ add_message "authzed.api.v1.ReadRelationshipsResponse" do
36
+ optional :read_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "readAt"
37
+ optional :relationship, :message, 2, "authzed.api.v1.Relationship", json_name: "relationship"
38
+ end
39
+ add_message "authzed.api.v1.Precondition" do
40
+ optional :operation, :enum, 1, "authzed.api.v1.Precondition.Operation", json_name: "operation"
41
+ optional :filter, :message, 2, "authzed.api.v1.RelationshipFilter", json_name: "filter"
42
+ end
43
+ add_enum "authzed.api.v1.Precondition.Operation" do
44
+ value :OPERATION_UNSPECIFIED, 0
45
+ value :OPERATION_MUST_NOT_MATCH, 1
46
+ value :OPERATION_MUST_MATCH, 2
47
+ end
48
+ add_message "authzed.api.v1.WriteRelationshipsRequest" do
49
+ repeated :updates, :message, 1, "authzed.api.v1.RelationshipUpdate", json_name: "updates"
50
+ repeated :optional_preconditions, :message, 2, "authzed.api.v1.Precondition", json_name: "optionalPreconditions"
51
+ end
52
+ add_message "authzed.api.v1.WriteRelationshipsResponse" do
53
+ optional :written_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "writtenAt"
54
+ end
55
+ add_message "authzed.api.v1.DeleteRelationshipsRequest" do
56
+ optional :relationship_filter, :message, 1, "authzed.api.v1.RelationshipFilter", json_name: "relationshipFilter"
57
+ repeated :optional_preconditions, :message, 2, "authzed.api.v1.Precondition", json_name: "optionalPreconditions"
58
+ end
59
+ add_message "authzed.api.v1.DeleteRelationshipsResponse" do
60
+ optional :deleted_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "deletedAt"
61
+ end
62
+ add_message "authzed.api.v1.CheckPermissionRequest" do
63
+ optional :consistency, :message, 1, "authzed.api.v1.Consistency", json_name: "consistency"
64
+ optional :resource, :message, 2, "authzed.api.v1.ObjectReference", json_name: "resource"
65
+ optional :permission, :string, 3, json_name: "permission"
66
+ optional :subject, :message, 4, "authzed.api.v1.SubjectReference", json_name: "subject"
67
+ end
68
+ add_message "authzed.api.v1.CheckPermissionResponse" do
69
+ optional :checked_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "checkedAt"
70
+ optional :permissionship, :enum, 2, "authzed.api.v1.CheckPermissionResponse.Permissionship", json_name: "permissionship"
71
+ end
72
+ add_enum "authzed.api.v1.CheckPermissionResponse.Permissionship" do
73
+ value :PERMISSIONSHIP_UNSPECIFIED, 0
74
+ value :PERMISSIONSHIP_NO_PERMISSION, 1
75
+ value :PERMISSIONSHIP_HAS_PERMISSION, 2
76
+ end
77
+ add_message "authzed.api.v1.ExpandPermissionTreeRequest" do
78
+ optional :consistency, :message, 1, "authzed.api.v1.Consistency", json_name: "consistency"
79
+ optional :resource, :message, 2, "authzed.api.v1.ObjectReference", json_name: "resource"
80
+ optional :permission, :string, 3, json_name: "permission"
81
+ end
82
+ add_message "authzed.api.v1.ExpandPermissionTreeResponse" do
83
+ optional :expanded_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "expandedAt"
84
+ optional :tree_root, :message, 2, "authzed.api.v1.PermissionRelationshipTree", json_name: "treeRoot"
85
+ end
86
+ add_message "authzed.api.v1.LookupResourcesRequest" do
87
+ optional :consistency, :message, 1, "authzed.api.v1.Consistency", json_name: "consistency"
88
+ optional :resource_object_type, :string, 2, json_name: "resourceObjectType"
89
+ optional :permission, :string, 3, json_name: "permission"
90
+ optional :subject, :message, 4, "authzed.api.v1.SubjectReference", json_name: "subject"
91
+ end
92
+ add_message "authzed.api.v1.LookupResourcesResponse" do
93
+ optional :looked_up_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "lookedUpAt"
94
+ optional :resource_object_id, :string, 2, json_name: "resourceObjectId"
95
+ end
96
+ end
97
+ end
98
+
99
+ module Authzed
100
+ module Api
101
+ module V1
102
+ Consistency = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.Consistency").msgclass
103
+ RelationshipFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.RelationshipFilter").msgclass
104
+ SubjectFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.SubjectFilter").msgclass
105
+ SubjectFilter::RelationFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.SubjectFilter.RelationFilter").msgclass
106
+ ReadRelationshipsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ReadRelationshipsRequest").msgclass
107
+ ReadRelationshipsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ReadRelationshipsResponse").msgclass
108
+ Precondition = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.Precondition").msgclass
109
+ Precondition::Operation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.Precondition.Operation").enummodule
110
+ WriteRelationshipsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.WriteRelationshipsRequest").msgclass
111
+ WriteRelationshipsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.WriteRelationshipsResponse").msgclass
112
+ DeleteRelationshipsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.DeleteRelationshipsRequest").msgclass
113
+ DeleteRelationshipsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.DeleteRelationshipsResponse").msgclass
114
+ CheckPermissionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckPermissionRequest").msgclass
115
+ CheckPermissionResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckPermissionResponse").msgclass
116
+ CheckPermissionResponse::Permissionship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckPermissionResponse.Permissionship").enummodule
117
+ ExpandPermissionTreeRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExpandPermissionTreeRequest").msgclass
118
+ ExpandPermissionTreeResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExpandPermissionTreeResponse").msgclass
119
+ LookupResourcesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupResourcesRequest").msgclass
120
+ LookupResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupResourcesResponse").msgclass
121
+ end
122
+ end
123
+ end
@@ -0,0 +1,47 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # Source: authzed/api/v1/permission_service.proto for package 'authzed.api.v1'
3
+
4
+ require 'grpc'
5
+ require 'authzed/api/v1/permission_service_pb'
6
+
7
+ module Authzed
8
+ module Api
9
+ module V1
10
+ module PermissionsService
11
+ # PermissionsService is used to perform permissions and relationship
12
+ # operations.
13
+ class Service
14
+
15
+ include ::GRPC::GenericService
16
+
17
+ self.marshal_class_method = :encode
18
+ self.unmarshal_class_method = :decode
19
+ self.service_name = 'authzed.api.v1.PermissionsService'
20
+
21
+ # ReadRelationships reads a set of the relationships matching one or more
22
+ # filters.
23
+ rpc :ReadRelationships, ::Authzed::Api::V1::ReadRelationshipsRequest, stream(::Authzed::Api::V1::ReadRelationshipsResponse)
24
+ # WriteRelationships writes and/or deletes a set of specified relationships,
25
+ # with an optional set of precondition relationships that must exist before
26
+ # the operation can commit.
27
+ rpc :WriteRelationships, ::Authzed::Api::V1::WriteRelationshipsRequest, ::Authzed::Api::V1::WriteRelationshipsResponse
28
+ # DeleteRelationships deletes relationships matching one or more filters, in
29
+ # bulk.
30
+ rpc :DeleteRelationships, ::Authzed::Api::V1::DeleteRelationshipsRequest, ::Authzed::Api::V1::DeleteRelationshipsResponse
31
+ # CheckPermission checks whether a subject has a particular permission or is
32
+ # a member of a particular relation, on a given resource.
33
+ rpc :CheckPermission, ::Authzed::Api::V1::CheckPermissionRequest, ::Authzed::Api::V1::CheckPermissionResponse
34
+ # ExpandPermissionTree expands the relationships reachable from a particular
35
+ # permission or relation of a given resource.
36
+ rpc :ExpandPermissionTree, ::Authzed::Api::V1::ExpandPermissionTreeRequest, ::Authzed::Api::V1::ExpandPermissionTreeResponse
37
+ # LookupResources returns the IDs of all resources on which the specified
38
+ # subject has permission or on which the specified subject is a member of the
39
+ # relation.
40
+ rpc :LookupResources, ::Authzed::Api::V1::LookupResourcesRequest, stream(::Authzed::Api::V1::LookupResourcesResponse)
41
+ end
42
+
43
+ Stub = Service.rpc_stub_class
44
+ end
45
+ end
46
+ end
47
+ end
@@ -0,0 +1,30 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: authzed/api/v1/schema.proto
3
+
4
+ require 'google/protobuf'
5
+
6
+ Google::Protobuf::DescriptorPool.generated_pool.build do
7
+ add_file("authzed/api/v1/schema.proto", :syntax => :proto3) do
8
+ add_message "authzed.api.v1.ReadSchemaRequest" do
9
+ end
10
+ add_message "authzed.api.v1.ReadSchemaResponse" do
11
+ optional :schema_text, :string, 1, json_name: "schemaText"
12
+ end
13
+ add_message "authzed.api.v1.WriteSchemaRequest" do
14
+ optional :schema, :string, 1, json_name: "schema"
15
+ end
16
+ add_message "authzed.api.v1.WriteSchemaResponse" do
17
+ end
18
+ end
19
+ end
20
+
21
+ module Authzed
22
+ module Api
23
+ module V1
24
+ ReadSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ReadSchemaRequest").msgclass
25
+ ReadSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ReadSchemaResponse").msgclass
26
+ WriteSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.WriteSchemaRequest").msgclass
27
+ WriteSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.WriteSchemaResponse").msgclass
28
+ end
29
+ end
30
+ end
@@ -0,0 +1,34 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # Source: authzed/api/v1/schema.proto for package 'authzed.api.v1'
3
+
4
+ require 'grpc'
5
+ require 'authzed/api/v1/schema_pb'
6
+
7
+ module Authzed
8
+ module Api
9
+ module V1
10
+ module SchemaService
11
+ # SchemaService implements operations on a Permissions System's Schema.
12
+ class Service
13
+
14
+ include ::GRPC::GenericService
15
+
16
+ self.marshal_class_method = :encode
17
+ self.unmarshal_class_method = :decode
18
+ self.service_name = 'authzed.api.v1.SchemaService'
19
+
20
+ # Read returns the current Object Definitions for a Permissions System.
21
+ #
22
+ # Errors include:
23
+ # - INVALID_ARGUMENT: a provided value has failed to semantically validate
24
+ # - NOT_FOUND: no schema has been defined
25
+ rpc :ReadSchema, ::Authzed::Api::V1::ReadSchemaRequest, ::Authzed::Api::V1::ReadSchemaResponse
26
+ # Write overwrites the current Object Definitions for a Permissions System.
27
+ rpc :WriteSchema, ::Authzed::Api::V1::WriteSchemaRequest, ::Authzed::Api::V1::WriteSchemaResponse
28
+ end
29
+
30
+ Stub = Service.rpc_stub_class
31
+ end
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,27 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: authzed/api/v1/watch_service.proto
3
+
4
+ require 'google/protobuf'
5
+
6
+ require 'authzed/api/v1/core_pb'
7
+ Google::Protobuf::DescriptorPool.generated_pool.build do
8
+ add_file("authzed/api/v1/watch_service.proto", :syntax => :proto3) do
9
+ add_message "authzed.api.v1.WatchRequest" do
10
+ repeated :object_types, :string, 1, json_name: "objectTypes"
11
+ optional :optional_start_cursor, :message, 2, "authzed.api.v1.ZedToken", json_name: "optionalStartCursor"
12
+ end
13
+ add_message "authzed.api.v1.WatchResponse" do
14
+ repeated :updates, :message, 1, "authzed.api.v1.RelationshipUpdate", json_name: "updates"
15
+ optional :changes_through, :message, 2, "authzed.api.v1.ZedToken", json_name: "changesThrough"
16
+ end
17
+ end
18
+ end
19
+
20
+ module Authzed
21
+ module Api
22
+ module V1
23
+ WatchRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.WatchRequest").msgclass
24
+ WatchResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.WatchResponse").msgclass
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,26 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # Source: authzed/api/v1/watch_service.proto for package 'authzed.api.v1'
3
+
4
+ require 'grpc'
5
+ require 'authzed/api/v1/watch_service_pb'
6
+
7
+ module Authzed
8
+ module Api
9
+ module V1
10
+ module WatchService
11
+ class Service
12
+
13
+ include ::GRPC::GenericService
14
+
15
+ self.marshal_class_method = :encode
16
+ self.unmarshal_class_method = :decode
17
+ self.service_name = 'authzed.api.v1.WatchService'
18
+
19
+ rpc :Watch, ::Authzed::Api::V1::WatchRequest, stream(::Authzed::Api::V1::WatchResponse)
20
+ end
21
+
22
+ Stub = Service.rpc_stub_class
23
+ end
24
+ end
25
+ end
26
+ end
data/lib/authzed.rb CHANGED
@@ -12,6 +12,10 @@ require 'authzed/api/v0/client'
12
12
  require 'authzed/api/v1alpha1/schema_pb'
13
13
  require 'authzed/api/v1alpha1/schema_services_pb'
14
14
  require 'authzed/api/v1alpha1/client'
15
+ require 'authzed/api/v1/schema_services_pb'
16
+ require 'authzed/api/v1/watch_service_services_pb'
17
+ require 'authzed/api/v1/permission_service_services_pb'
18
+ require 'authzed/api/v1/client'
15
19
  require 'grpcutil/bearer_token'
16
20
 
17
21
  module Authzed
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authzed
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Authzed
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-25 00:00:00.000000000 Z
11
+ date: 2021-10-26 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Authzed is the best way to build robust and scalable permissions systems.
14
14
  See https://authzed.com for more details.
@@ -31,6 +31,14 @@ files:
31
31
  - lib/authzed/api/v0/namespace_service_services_pb.rb
32
32
  - lib/authzed/api/v0/watch_service_pb.rb
33
33
  - lib/authzed/api/v0/watch_service_services_pb.rb
34
+ - lib/authzed/api/v1/client.rb
35
+ - lib/authzed/api/v1/core_pb.rb
36
+ - lib/authzed/api/v1/permission_service_pb.rb
37
+ - lib/authzed/api/v1/permission_service_services_pb.rb
38
+ - lib/authzed/api/v1/schema_pb.rb
39
+ - lib/authzed/api/v1/schema_services_pb.rb
40
+ - lib/authzed/api/v1/watch_service_pb.rb
41
+ - lib/authzed/api/v1/watch_service_services_pb.rb
34
42
  - lib/authzed/api/v1alpha1/client.rb
35
43
  - lib/authzed/api/v1alpha1/schema_pb.rb
36
44
  - lib/authzed/api/v1alpha1/schema_services_pb.rb