authzed 0.3.1 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e9d840b7d113a43fc53a03857a6b720788d1fc5be90eb48b010e8ceb8f479b09
-  data.tar.gz: 2832d57d9fdfc64e796deaddcd5b2fe86323b8ef873ec1aa5663bc52a80e4fef
+  metadata.gz: 0211dcb4e1b7cfc4f5aecca853548da0d6eef6d0198dd97e0f2ff44dae373429
+  data.tar.gz: 94e3b2c8cbd070654e88f0ce3ed02ecda045fe1156a14ceec210df5743b18a2e
 SHA512:
-  metadata.gz: adbbb7803d5649ed683e853402de43d631856889601d4429cb1a442b34b99cc462faa96a7ec3a5acfa102bf6734563b7a80c921da074f32c10ea1f63bb6ea5c1
-  data.tar.gz: f17f316735b3ab2ec3e77b3043b5fa5033b08c83bade7af4a859054a9e24bb49986c03a4837880ca0a77709ef451eca01e08370bd71efcd41fd19a51f59e7bea
+  metadata.gz: 2192c05e51d8abb91baddf0b29e27477cc1de6f0922a4fb6d1fed9b39fb14870e4ad7a32dd87964cea8724890d947bf6726b8bf358808478f50e32f9b380cd70
+  data.tar.gz: 3893665e9b69175317a990c6305166c3f25cb354bc04890ebf9b467dd0914d1c0a00943ac916cd183beddfae953b2653910d35060b121bfe32b69e19515205f9

data/README.md

@@ -1,32 +1,41 @@
 # Authzed Ruby Client
 
 [![Ruby Gems](https://img.shields.io/gem/v/authzed?include_prereleases)](https://rubygems.org/gems/authzed)
+[![Docs](https://img.shields.io/badge/docs-authzed.com-%234B4B6C "Authzed Documentation")](https://docs.authzed.com)
 [![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0.html)
 [![Build Status](https://github.com/authzed/authzed-rb/workflows/build/badge.svg)](https://github.com/authzed/authzed-rb/actions)
-[![Mailing List](https://img.shields.io/badge/email-google%20groups-4285F4)](https://groups.google.com/g/authzed-oss)
 [![Discord Server](https://img.shields.io/discord/844600078504951838?color=7289da&logo=discord "Discord Server")](https://discord.gg/jTysUaxXzM)
 [![Twitter](https://img.shields.io/twitter/follow/authzed?color=%23179CF0&logo=twitter&style=flat-square)](https://twitter.com/authzed)
 
-This repository houses the Ruby client library for Authzed.
+This repository houses the official Ruby client library for Authzed and SpiceDB.
 
-[Authzed] is a database and service that stores, computes, and validates your application's permissions.
+[SpiceDB] is a database system for managing security-critical permissions checking.
 
-Developers create a schema that models their permissions requirements and use a client library, such as this one, to apply the schema to the database, insert data into the database, and query the data to efficiently check permissions in their applications.
+SpiceDB acts as a centralized service that stores authorization data.
+Once stored, data can be performantly queried to answer questions such as "Does this user have access to this resource?" and "What are all the resources this user has access to?".
+
+[Authzed] operates the globally available, serverless database platform for SpiceDB.
 
 Supported client API versions:
-- [v1](https://docs.authzed.com/reference/api#authzedapiv1)
-- [v1alpha1](https://docs.authzed.com/reference/api#authzedapiv1alpha1)
-- "v0" - deprecated
+- [v1](https://buf.build/authzed/api/docs/main/authzed.api.v1)
+- [v1alpha1](https://buf.build/authzed/api/docs/main/authzed.api.v1alpha1)
 
-You can find more info on each API on the [Authzed API reference documentation].
-Additionally, Protobuf API documentation can be found on the [Buf Registry Authzed API repository].
+You can find more info about the API in the [Authzed Documentation API Reference] or the [Authzed API Buf Registry repository].
 
 See [CONTRIBUTING.md] for instructions on how to contribute and perform common tasks like building the project and running tests.
 
+[SpiceDB]: https://github.com/authzed/spicedb
 [Authzed]: https://authzed.com
-[Authzed API Reference documentation]: https://docs.authzed.com/reference/api
-[Buf Registry Authzed API repository]: https://buf.build/authzed/api/docs/main
+[Authzed Documentation API Reference]: https://docs.authzed.com/reference/api
+[Authzed API Buf Registry repository]: https://buf.build/authzed/api
 [CONTRIBUTING.md]: CONTRIBUTING.md
+[Discord]: https://authzed.com/discord
+[Urgent]: https://github.com/authzed/authzed-rb/labels/priority%2F0%20urgent
+[High]: https://github.com/authzed/authzed-rb/labels/priority%2F1%20high
+[Medium]: https://github.com/authzed/authzed-rb/labels/priority%2F2%20medium
+[Low]: https://github.com/authzed/authzed-rb/labels/priority%2F3%20low
+[Maybe]: https://github.com/authzed/authzed-rb/labels/priority%2F4%20maybe
+[good first issues]: https://github.com/authzed-rb/spicedb/labels/hint%2Fgood%20first%20issue
 
 ## Getting Started
 

data/lib/authzed/api/v0/core_pb.rb

@@ -25,39 +25,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
         optional :userset, :message, 2, "authzed.api.v0.ObjectAndRelation", json_name: "userset"
       end
     end
-    add_message "authzed.api.v0.Zookie" do
-      optional :token, :string, 1, json_name: "token"
-    end
-    add_message "authzed.api.v0.RelationTupleUpdate" do
-      optional :operation, :enum, 1, "authzed.api.v0.RelationTupleUpdate.Operation", json_name: "operation"
-      optional :tuple, :message, 2, "authzed.api.v0.RelationTuple", json_name: "tuple"
-    end
-    add_enum "authzed.api.v0.RelationTupleUpdate.Operation" do
-      value :UNKNOWN, 0
-      value :CREATE, 1
-      value :TOUCH, 2
-      value :DELETE, 3
-    end
-    add_message "authzed.api.v0.RelationTupleTreeNode" do
-      optional :expanded, :message, 3, "authzed.api.v0.ObjectAndRelation", json_name: "expanded"
-      oneof :node_type do
-        optional :intermediate_node, :message, 1, "authzed.api.v0.SetOperationUserset", json_name: "intermediateNode"
-        optional :leaf_node, :message, 2, "authzed.api.v0.DirectUserset", json_name: "leafNode"
-      end
-    end
-    add_message "authzed.api.v0.SetOperationUserset" do
-      optional :operation, :enum, 1, "authzed.api.v0.SetOperationUserset.Operation", json_name: "operation"
-      repeated :child_nodes, :message, 2, "authzed.api.v0.RelationTupleTreeNode", json_name: "childNodes"
-    end
-    add_enum "authzed.api.v0.SetOperationUserset.Operation" do
-      value :INVALID, 0
-      value :UNION, 1
-      value :INTERSECTION, 2
-      value :EXCLUSION, 3
-    end
-    add_message "authzed.api.v0.DirectUserset" do
-      repeated :users, :message, 1, "authzed.api.v0.User", json_name: "users"
-    end
   end
 end
 
@@ -68,13 +35,6 @@ module Authzed
       ObjectAndRelation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.ObjectAndRelation").msgclass
       RelationReference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationReference").msgclass
       User = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.User").msgclass
-      Zookie = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.Zookie").msgclass
-      RelationTupleUpdate = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationTupleUpdate").msgclass
-      RelationTupleUpdate::Operation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationTupleUpdate.Operation").enummodule
-      RelationTupleTreeNode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.RelationTupleTreeNode").msgclass
-      SetOperationUserset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.SetOperationUserset").msgclass
-      SetOperationUserset::Operation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.SetOperationUserset.Operation").enummodule
-      DirectUserset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v0.DirectUserset").msgclass
     end
   end
 end

data/lib/authzed/api/v0/developer_pb.rb

@@ -4,7 +4,6 @@
 require 'google/protobuf'
 
 require 'authzed/api/v0/core_pb'
-require 'authzed/api/v0/namespace_pb'
 
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("authzed/api/v0/developer.proto", :syntax => :proto3) do
@@ -50,7 +49,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "authzed.api.v0.RequestContext" do
       optional :schema, :string, 1, json_name: "schema"
       repeated :relationships, :message, 2, "authzed.api.v0.RelationTuple", json_name: "relationships"
-      repeated :legacy_ns_configs, :message, 3, "authzed.api.v0.NamespaceDefinition", json_name: "legacyNsConfigs"
     end
     add_message "authzed.api.v0.EditCheckRequest" do
       optional :context, :message, 1, "authzed.api.v0.RequestContext", json_name: "context"

data/lib/authzed/api/v1/debug_pb.rb

@@ -0,0 +1,52 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: authzed/api/v1/debug.proto
+
+require 'google/protobuf'
+
+require 'authzed/api/v1/core_pb'
+require 'validate/validate_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("authzed/api/v1/debug.proto", :syntax => :proto3) do
+    add_message "authzed.api.v1.DebugInformation" do
+      optional :check, :message, 1, "authzed.api.v1.CheckDebugTrace", json_name: "check"
+      optional :schema_used, :string, 2, json_name: "schemaUsed"
+    end
+    add_message "authzed.api.v1.CheckDebugTrace" do
+      optional :resource, :message, 1, "authzed.api.v1.ObjectReference", json_name: "resource"
+      optional :permission, :string, 2, json_name: "permission"
+      optional :permission_type, :enum, 3, "authzed.api.v1.CheckDebugTrace.PermissionType", json_name: "permissionType"
+      optional :subject, :message, 4, "authzed.api.v1.SubjectReference", json_name: "subject"
+      optional :result, :enum, 5, "authzed.api.v1.CheckDebugTrace.Permissionship", json_name: "result"
+      oneof :resolution do
+        optional :was_cached_result, :bool, 6, json_name: "wasCachedResult"
+        optional :sub_problems, :message, 7, "authzed.api.v1.CheckDebugTrace.SubProblems", json_name: "subProblems"
+      end
+    end
+    add_message "authzed.api.v1.CheckDebugTrace.SubProblems" do
+      repeated :traces, :message, 1, "authzed.api.v1.CheckDebugTrace", json_name: "traces"
+    end
+    add_enum "authzed.api.v1.CheckDebugTrace.PermissionType" do
+      value :PERMISSION_TYPE_UNSPECIFIED, 0
+      value :PERMISSION_TYPE_RELATION, 1
+      value :PERMISSION_TYPE_PERMISSION, 2
+    end
+    add_enum "authzed.api.v1.CheckDebugTrace.Permissionship" do
+      value :PERMISSIONSHIP_UNSPECIFIED, 0
+      value :PERMISSIONSHIP_NO_PERMISSION, 1
+      value :PERMISSIONSHIP_HAS_PERMISSION, 2
+    end
+  end
+end
+
+module Authzed
+  module Api
+    module V1
+      DebugInformation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.DebugInformation").msgclass
+      CheckDebugTrace = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace").msgclass
+      CheckDebugTrace::SubProblems = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace.SubProblems").msgclass
+      CheckDebugTrace::PermissionType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace.PermissionType").enummodule
+      CheckDebugTrace::Permissionship = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.CheckDebugTrace.Permissionship").enummodule
+    end
+  end
+end

data/lib/authzed/api/v1/permission_service_pb.rb

@@ -96,6 +96,18 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :looked_up_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "lookedUpAt"
       optional :resource_object_id, :string, 2, json_name: "resourceObjectId"
     end
+    add_message "authzed.api.v1.LookupSubjectsRequest" do
+      optional :consistency, :message, 1, "authzed.api.v1.Consistency", json_name: "consistency"
+      optional :resource, :message, 2, "authzed.api.v1.ObjectReference", json_name: "resource"
+      optional :permission, :string, 3, json_name: "permission"
+      optional :subject_object_type, :string, 4, json_name: "subjectObjectType"
+      optional :optional_subject_relation, :string, 5, json_name: "optionalSubjectRelation"
+    end
+    add_message "authzed.api.v1.LookupSubjectsResponse" do
+      optional :looked_up_at, :message, 1, "authzed.api.v1.ZedToken", json_name: "lookedUpAt"
+      optional :subject_object_id, :string, 2, json_name: "subjectObjectId"
+      repeated :excluded_subject_ids, :string, 3, json_name: "excludedSubjectIds"
+    end
   end
 end
 
@@ -121,6 +133,8 @@ module Authzed
       ExpandPermissionTreeResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.ExpandPermissionTreeResponse").msgclass
       LookupResourcesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupResourcesRequest").msgclass
       LookupResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupResourcesResponse").msgclass
+      LookupSubjectsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupSubjectsRequest").msgclass
+      LookupSubjectsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("authzed.api.v1.LookupSubjectsResponse").msgclass
     end
   end
 end

data/lib/authzed/api/v1/permission_service_services_pb.rb

@@ -25,8 +25,9 @@ module Authzed
           # relationships. An optional set of preconditions can be provided that must
           # be satisfied for the operation to commit.
           rpc :WriteRelationships, ::Authzed::Api::V1::WriteRelationshipsRequest, ::Authzed::Api::V1::WriteRelationshipsResponse
-          # DeleteRelationships atomically bulk deletes relationships matching one or
-          # more filters. An optional set of preconditions can be provided that must
+          # DeleteRelationships atomically bulk deletes all relationships matching the
+          # provided filter. If no relationships match, none will be deleted and the
+          # operation will succeed. An optional set of preconditions can be provided that must
           # be satisfied for the operation to commit.
           rpc :DeleteRelationships, ::Authzed::Api::V1::DeleteRelationshipsRequest, ::Authzed::Api::V1::DeleteRelationshipsResponse
           # CheckPermission determines for a given resource whether a subject computes
@@ -39,6 +40,9 @@ module Authzed
           # LookupResources returns all the resources of a given type that a subject
           # can access whether via a computed permission or relation membership.
           rpc :LookupResources, ::Authzed::Api::V1::LookupResourcesRequest, stream(::Authzed::Api::V1::LookupResourcesResponse)
+          # LookupSubjects returns all the subjects of a given type that
+          # have access whether via a computed permission or relation membership.
+          rpc :LookupSubjects, ::Authzed::Api::V1::LookupSubjectsRequest, stream(::Authzed::Api::V1::LookupSubjectsResponse)
         end
 
         Stub = Service.rpc_stub_class

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authzed
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.4.0
 platform: ruby
 authors:
 - Authzed
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-07-18 00:00:00.000000000 Z
+date: 2022-09-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -75,6 +75,7 @@ files:
 - lib/authzed/api/v0/watch_service_services_pb.rb
 - lib/authzed/api/v1/client.rb
 - lib/authzed/api/v1/core_pb.rb
+- lib/authzed/api/v1/debug_pb.rb
 - lib/authzed/api/v1/openapi_pb.rb
 - lib/authzed/api/v1/permission_service_pb.rb
 - lib/authzed/api/v1/permission_service_services_pb.rb
@@ -99,7 +100,7 @@ metadata:
   github_repo: ssh://github.com/authzed/authzed-rb
   homepage_uri: https://authzed.com
   source_code_uri: https://github.com/authzed/authzed-rb
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -114,8 +115,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
-signing_key:
+rubygems_version: 3.0.1
+signing_key: 
 specification_version: 4
 summary: Ruby bindings for Authzed API
 test_files: []