cerbos 0.1.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +21 -1
- data/README.md +0 -12
- data/cerbos.gemspec +1 -1
- data/lib/cerbos/client.rb +53 -5
- data/lib/cerbos/error.rb +16 -1
- data/lib/cerbos/input/resource_query.rb +1 -1
- data/lib/cerbos/output/check_resources.rb +18 -1
- data/lib/cerbos/protobuf/cerbos/audit/v1/audit_pb.rb +16 -0
- data/lib/cerbos/protobuf/cerbos/engine/v1/engine_pb.rb +63 -33
- data/lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb +1 -1
- data/lib/cerbos/protobuf/cerbos/response/v1/response_pb.rb +2 -27
- data/lib/cerbos/protobuf/cerbos/telemetry/v1/telemetry_pb.rb +65 -41
- data/lib/cerbos/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 53df88d33685d6761feb0c4f8c25453012d615ddb6d5158fbabb34594c905a64
|
|
4
|
+
data.tar.gz: 81b5a8f937915c33a11a130124b8e1a14a83d6327e0416568873062afc250b01
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1e8cf9388d67af42d55b8cd4a5dc312ffc689fb5facb27384144dd6bd7982dc3d7a7f2211aea94fc6773d173970aaf5264ddc1f8f72dd0bf320c9e043db8871d
|
|
7
|
+
data.tar.gz: 884c774cca17408a0f16ac5d00d2efd8833035291bc422190bafd266ec3e9354d8571c9c3f93e7a04545a7b0f85eec73507a481bc0f49462f61de75970b4c19c
|
data/CHANGELOG.md
CHANGED
|
@@ -1,9 +1,29 @@
|
|
|
1
1
|
## [Unreleased]
|
|
2
2
|
No notable changes.
|
|
3
3
|
|
|
4
|
+
## [0.4.0] - 2022-06-03
|
|
5
|
+
### Added
|
|
6
|
+
- `on_validation_error` option to `Cerbos::Client#initialize` ([#22](https://github.com/cerbos/cerbos-sdk-ruby/pull/22))
|
|
7
|
+
|
|
8
|
+
### Changed
|
|
9
|
+
- Minor documentation fixes ([#21](https://github.com/cerbos/cerbos-sdk-ruby/pull/21))
|
|
10
|
+
|
|
11
|
+
## [0.3.0] - 2022-05-13
|
|
12
|
+
### Added
|
|
13
|
+
- More helper methods ([#11](https://github.com/cerbos/cerbos-sdk-ruby/pull/11))
|
|
14
|
+
- `Cerbos::Client#allow?` for checking a single action on a resource
|
|
15
|
+
- `Cerbos::Output::CheckResources#allow_all?` and `Cerbos::Output::CheckResources::Result#allow_all?` for checking if all input actions were allowed
|
|
16
|
+
|
|
17
|
+
## [0.2.0] - 2022-05-12
|
|
18
|
+
### Changed
|
|
19
|
+
- Increased `grpc` version requirement to 1.46+ to avoid [installing a native gem compiled for `x86_64-darwin` on `arm64-darwin`](https://github.com/grpc/grpc/issues/29100) ([#8](https://github.com/cerbos/cerbos-sdk-ruby/pull/8))
|
|
20
|
+
|
|
4
21
|
## [0.1.0] - 2022-05-12
|
|
5
22
|
### Added
|
|
6
23
|
- Initial implementation of `Cerbos::Client` ([#2](https://github.com/cerbos/cerbos-sdk-ruby/pull/2))
|
|
7
24
|
|
|
8
|
-
[Unreleased]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.
|
|
25
|
+
[Unreleased]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.4.0...HEAD
|
|
26
|
+
[0.4.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.3.0...v0.4.0
|
|
27
|
+
[0.3.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.2.0...v0.3.0
|
|
28
|
+
[0.2.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.1.0...v0.2.0
|
|
9
29
|
[0.1.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/4481009e9dec2e1e6a2df8ea2f828690ceabbefc...v0.1.0
|
data/README.md
CHANGED
|
@@ -28,18 +28,6 @@ If you're not using Bundler to manage dependencies, install the gem by running
|
|
|
28
28
|
$ gem install cerbos
|
|
29
29
|
```
|
|
30
30
|
|
|
31
|
-
### Note for M1 Mac users
|
|
32
|
-
|
|
33
|
-
Unfortunately, the `grpc` gem currently ships a `universal-darwin` native gem which doesn't actually work on `arm64-darwin` platforms ([grpc/grpc#29100](https://github.com/grpc/grpc/issues/29100)).
|
|
34
|
-
If you install the precompiled gem on an M1 Mac, you'll get a `LoadError` including the message "incompatible architecture (have 'x86_64', need 'arm64e')" when you attempt to load the `cerbos` gem.
|
|
35
|
-
|
|
36
|
-
Until that issue is resolved, you can work around it by compiling native extensions from source.
|
|
37
|
-
Configure Bundler to do so by running
|
|
38
|
-
|
|
39
|
-
```console
|
|
40
|
-
$ bundle config set --local force_ruby_platform true
|
|
41
|
-
```
|
|
42
|
-
|
|
43
31
|
## Example usage
|
|
44
32
|
|
|
45
33
|
```ruby
|
data/cerbos.gemspec
CHANGED
data/lib/cerbos/client.rb
CHANGED
|
@@ -9,9 +9,10 @@ module Cerbos
|
|
|
9
9
|
class Client
|
|
10
10
|
# Create a client for interacting with the Cerbos PDP server over gRPC.
|
|
11
11
|
#
|
|
12
|
-
# @param target [String] Cerbos PDP server address (`"host"
|
|
12
|
+
# @param target [String] Cerbos PDP server address (`"host"`, `"host:port"`, or `"unix:/path/to/socket"`).
|
|
13
13
|
# @param tls [TLS, MutualTLS, false] gRPC connection encryption settings (`false` for plaintext).
|
|
14
14
|
# @param grpc_channel_args [Hash{String, Symbol => String, Integer}] low-level settings for the gRPC channel (see [available keys in the gRPC documentation](https://grpc.github.io/grpc/core/group__grpc__arg__keys.html)).
|
|
15
|
+
# @param on_validation_error [:return, :raise, #call] action to take when input fails schema validation (`:return` to return the validation errors in the response, `:raise` to raise {Error::ValidationFailed}, or a callback to invoke).
|
|
15
16
|
# @param playground_instance [String, nil] identifier of the playground instance to use when prototyping against the hosted demo PDP.
|
|
16
17
|
# @param timeout [Numeric, nil] timeout for gRPC calls, in seconds (`nil` to never time out).
|
|
17
18
|
#
|
|
@@ -23,7 +24,15 @@ module Cerbos
|
|
|
23
24
|
#
|
|
24
25
|
# @example Connect to the hosted demo PDP to experiment [in the playground](https://play.cerbos.dev)
|
|
25
26
|
# client = Cerbos::Client.new("demo-pdp.cerbos.cloud", tls: Cerbos::TLS.new, playground_instance: "gE623b0180QlsG5a4QIN6UOZ6f3iSFW2")
|
|
26
|
-
|
|
27
|
+
#
|
|
28
|
+
# @example Raise an error when input fails schema validation
|
|
29
|
+
# client = Cerbos::Client.new("localhost:3593", tls: false, on_validation_error: :raise)
|
|
30
|
+
#
|
|
31
|
+
# @example Invoke a callback when input fails schema validation
|
|
32
|
+
# client = Cerbos::Client.new("localhost:3593", tls: false, on_validation_error: ->(validation_errors) { do_something_with validation_errors })
|
|
33
|
+
def initialize(target, tls:, grpc_channel_args: {}, on_validation_error: :return, playground_instance: nil, timeout: nil)
|
|
34
|
+
@on_validation_error = on_validation_error
|
|
35
|
+
|
|
27
36
|
handle_errors do
|
|
28
37
|
credentials = tls ? tls.to_channel_credentials : :this_channel_is_insecure
|
|
29
38
|
|
|
@@ -44,11 +53,37 @@ module Cerbos
|
|
|
44
53
|
end
|
|
45
54
|
end
|
|
46
55
|
|
|
56
|
+
# Check if a principal is allowed to perform an action on a resource.
|
|
57
|
+
#
|
|
58
|
+
# @param principal [Input::Principal, Hash] the principal to check.
|
|
59
|
+
# @param resource [Input::Resource, Hash] the resource to check.
|
|
60
|
+
# @param action [String] the action to check.
|
|
61
|
+
# @param aux_data [Input::AuxData, Hash, nil] auxiliary data.
|
|
62
|
+
# @param request_id [String] identifier for tracing the request.
|
|
63
|
+
#
|
|
64
|
+
# @return [Boolean]
|
|
65
|
+
#
|
|
66
|
+
# @example
|
|
67
|
+
# client.allow?(
|
|
68
|
+
# principal: {id: "user@example.com", roles: ["USER"]},
|
|
69
|
+
# resource: {kind: "document", id: "1"},
|
|
70
|
+
# action: "view"
|
|
71
|
+
# ) # => true
|
|
72
|
+
def allow?(principal:, resource:, action:, aux_data: nil, request_id: SecureRandom.uuid)
|
|
73
|
+
check_resource(
|
|
74
|
+
principal: principal,
|
|
75
|
+
resource: resource,
|
|
76
|
+
actions: [action],
|
|
77
|
+
aux_data: aux_data,
|
|
78
|
+
request_id: request_id
|
|
79
|
+
).allow?(action)
|
|
80
|
+
end
|
|
81
|
+
|
|
47
82
|
# Check a principal's permissions on a resource.
|
|
48
83
|
#
|
|
49
84
|
# @param principal [Input::Principal, Hash] the principal to check.
|
|
50
85
|
# @param resource [Input::Resource, Hash] the resource to check.
|
|
51
|
-
# @param actions [
|
|
86
|
+
# @param actions [Array<String>] the actions to check.
|
|
52
87
|
# @param aux_data [Input::AuxData, Hash, nil] auxiliary data.
|
|
53
88
|
# @param include_metadata [Boolean] `true` to include additional metadata ({Output::CheckResources::Result::Metadata}) in the results.
|
|
54
89
|
# @param request_id [String] identifier for tracing the request.
|
|
@@ -100,7 +135,7 @@ module Cerbos
|
|
|
100
135
|
# ]
|
|
101
136
|
# )
|
|
102
137
|
#
|
|
103
|
-
#
|
|
138
|
+
# decision.allow?(resource: {kind: "document", id: "1"}, action: "view") # => true
|
|
104
139
|
def check_resources(principal:, resources:, aux_data: nil, include_metadata: false, request_id: SecureRandom.uuid)
|
|
105
140
|
handle_errors do
|
|
106
141
|
request = Protobuf::Cerbos::Request::V1::CheckResourcesRequest.new(
|
|
@@ -113,7 +148,9 @@ module Cerbos
|
|
|
113
148
|
|
|
114
149
|
response = perform_request(@cerbos_service, :check_resources, request)
|
|
115
150
|
|
|
116
|
-
Output::CheckResources.from_protobuf(response)
|
|
151
|
+
Output::CheckResources.from_protobuf(response).tap do |output|
|
|
152
|
+
handle_validation_errors output
|
|
153
|
+
end
|
|
117
154
|
end
|
|
118
155
|
end
|
|
119
156
|
|
|
@@ -181,6 +218,17 @@ module Cerbos
|
|
|
181
218
|
raise Error, error.message
|
|
182
219
|
end
|
|
183
220
|
|
|
221
|
+
def handle_validation_errors(output)
|
|
222
|
+
return if @on_validation_error == :return
|
|
223
|
+
|
|
224
|
+
validation_errors = output.results.flat_map(&:validation_errors)
|
|
225
|
+
return if validation_errors.empty?
|
|
226
|
+
|
|
227
|
+
raise Error::ValidationFailed.new(validation_errors) if @on_validation_error == :raise
|
|
228
|
+
|
|
229
|
+
@on_validation_error.call validation_errors
|
|
230
|
+
end
|
|
231
|
+
|
|
184
232
|
def perform_request(service, rpc, request)
|
|
185
233
|
service.public_send(rpc, request)
|
|
186
234
|
end
|
data/lib/cerbos/error.rb
CHANGED
|
@@ -3,6 +3,21 @@
|
|
|
3
3
|
module Cerbos
|
|
4
4
|
# Base type for errors thrown by the `cerbos` gem.
|
|
5
5
|
class Error < StandardError
|
|
6
|
+
# Input failed schema validation.
|
|
7
|
+
class ValidationFailed < Error
|
|
8
|
+
# The validation errors that occurred.
|
|
9
|
+
#
|
|
10
|
+
# @return [Array<Output::CheckResources::Result::ValidationError>]
|
|
11
|
+
attr_reader :validation_errors
|
|
12
|
+
|
|
13
|
+
# @private
|
|
14
|
+
def initialize(validation_errors)
|
|
15
|
+
super "Input failed schema validation"
|
|
16
|
+
|
|
17
|
+
@validation_errors = validation_errors
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
6
21
|
# An error indicating an unsuccessful gRPC operation.
|
|
7
22
|
class NotOK < Error
|
|
8
23
|
# The gRPC status code.
|
|
@@ -33,7 +48,7 @@ module Cerbos
|
|
|
33
48
|
|
|
34
49
|
# @private
|
|
35
50
|
def initialize(code:, details:, metadata: {})
|
|
36
|
-
super
|
|
51
|
+
super "gRPC error #{code}: #{details}"
|
|
37
52
|
|
|
38
53
|
@code = code
|
|
39
54
|
@details = details
|
|
@@ -43,7 +43,7 @@ module Cerbos
|
|
|
43
43
|
|
|
44
44
|
# @private
|
|
45
45
|
def to_protobuf
|
|
46
|
-
Protobuf::Cerbos::Engine::V1::
|
|
46
|
+
Protobuf::Cerbos::Engine::V1::PlanResourcesInput::Resource.new(
|
|
47
47
|
kind: kind,
|
|
48
48
|
attr: attributes.to_protobuf,
|
|
49
49
|
policy_version: policy_version,
|
|
@@ -23,7 +23,7 @@ module Cerbos
|
|
|
23
23
|
)
|
|
24
24
|
end
|
|
25
25
|
|
|
26
|
-
# Check the policy decision was that an action should be allowed for a resource.
|
|
26
|
+
# Check if the policy decision was that an action should be allowed for a resource.
|
|
27
27
|
#
|
|
28
28
|
# @param resource [Input::Resource, Hash] the resource search criteria (see {#find_result}).
|
|
29
29
|
# @param action [String] the action to check.
|
|
@@ -34,6 +34,16 @@ module Cerbos
|
|
|
34
34
|
find_result(resource)&.allow?(action)
|
|
35
35
|
end
|
|
36
36
|
|
|
37
|
+
# Check if the policy decision was that all input actions should be allowed for a resource.
|
|
38
|
+
#
|
|
39
|
+
# @param resource [Input::Resource, Hash] the resource search criteria (see {#find_result}).
|
|
40
|
+
#
|
|
41
|
+
# @return [Boolean]
|
|
42
|
+
# @return [nil] if the resource is not present in the results.
|
|
43
|
+
def allow_all?(resource)
|
|
44
|
+
find_result(resource)&.allow_all?
|
|
45
|
+
end
|
|
46
|
+
|
|
37
47
|
# Find an item from {#results} by resource.
|
|
38
48
|
#
|
|
39
49
|
# @param resource [Input::Resource, Hash] the resource search criteria. `kind` and `id` are required; `policy_version` and `scope` may also be provided if needed to distinguish between multiple results for the same `kind` and `id`.
|
|
@@ -95,6 +105,13 @@ module Cerbos
|
|
|
95
105
|
actions[action]&.eql?(:EFFECT_ALLOW)
|
|
96
106
|
end
|
|
97
107
|
|
|
108
|
+
# Check if the policy decision was that all input actions should be allowed for the resource.
|
|
109
|
+
#
|
|
110
|
+
# @return [Boolean]
|
|
111
|
+
def allow_all?
|
|
112
|
+
actions.each_value.all? { |effect| effect == :EFFECT_ALLOW }
|
|
113
|
+
end
|
|
114
|
+
|
|
98
115
|
# List the actions that should be allowed for the resource.
|
|
99
116
|
#
|
|
100
117
|
# @return [Array<String>]
|
|
@@ -23,6 +23,20 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
23
23
|
repeated :inputs, :message, 4, "cerbos.engine.v1.CheckInput", json_name: "inputs"
|
|
24
24
|
repeated :outputs, :message, 5, "cerbos.engine.v1.CheckOutput", json_name: "outputs"
|
|
25
25
|
optional :error, :string, 6, json_name: "error"
|
|
26
|
+
oneof :method do
|
|
27
|
+
optional :check_resources, :message, 7, "cerbos.audit.v1.DecisionLogEntry.CheckResources", json_name: "checkResources"
|
|
28
|
+
optional :plan_resources, :message, 8, "cerbos.audit.v1.DecisionLogEntry.PlanResources", json_name: "planResources"
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
add_message "cerbos.audit.v1.DecisionLogEntry.CheckResources" do
|
|
32
|
+
repeated :inputs, :message, 1, "cerbos.engine.v1.CheckInput", json_name: "inputs"
|
|
33
|
+
repeated :outputs, :message, 2, "cerbos.engine.v1.CheckOutput", json_name: "outputs"
|
|
34
|
+
optional :error, :string, 3, json_name: "error"
|
|
35
|
+
end
|
|
36
|
+
add_message "cerbos.audit.v1.DecisionLogEntry.PlanResources" do
|
|
37
|
+
optional :input, :message, 1, "cerbos.engine.v1.PlanResourcesInput", json_name: "input"
|
|
38
|
+
optional :output, :message, 2, "cerbos.engine.v1.PlanResourcesOutput", json_name: "output"
|
|
39
|
+
optional :error, :string, 3, json_name: "error"
|
|
26
40
|
end
|
|
27
41
|
add_message "cerbos.audit.v1.MetaValues" do
|
|
28
42
|
repeated :values, :string, 1, json_name: "values"
|
|
@@ -41,6 +55,8 @@ module Cerbos::Protobuf::Cerbos
|
|
|
41
55
|
module V1
|
|
42
56
|
AccessLogEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.AccessLogEntry").msgclass
|
|
43
57
|
DecisionLogEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.DecisionLogEntry").msgclass
|
|
58
|
+
DecisionLogEntry::CheckResources = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.DecisionLogEntry.CheckResources").msgclass
|
|
59
|
+
DecisionLogEntry::PlanResources = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.DecisionLogEntry.PlanResources").msgclass
|
|
44
60
|
MetaValues = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.MetaValues").msgclass
|
|
45
61
|
Peer = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.Peer").msgclass
|
|
46
62
|
end
|
|
@@ -13,20 +13,69 @@ require 'cerbos/protobuf/validate/validate_pb'
|
|
|
13
13
|
|
|
14
14
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
15
15
|
add_file("cerbos/engine/v1/engine.proto", :syntax => :proto3) do
|
|
16
|
-
add_message "cerbos.engine.v1.
|
|
16
|
+
add_message "cerbos.engine.v1.PlanResourcesInput" do
|
|
17
17
|
optional :request_id, :string, 1, json_name: "requestId"
|
|
18
18
|
optional :action, :string, 2, json_name: "action"
|
|
19
19
|
optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
|
|
20
|
-
optional :resource, :message, 4, "cerbos.engine.v1.
|
|
20
|
+
optional :resource, :message, 4, "cerbos.engine.v1.PlanResourcesInput.Resource", json_name: "resource"
|
|
21
21
|
optional :aux_data, :message, 5, "cerbos.engine.v1.AuxData", json_name: "auxData"
|
|
22
22
|
optional :include_meta, :bool, 6, json_name: "includeMeta"
|
|
23
23
|
end
|
|
24
|
-
add_message "cerbos.engine.v1.
|
|
24
|
+
add_message "cerbos.engine.v1.PlanResourcesInput.Resource" do
|
|
25
25
|
optional :kind, :string, 1, json_name: "kind"
|
|
26
26
|
map :attr, :string, :message, 2, "google.protobuf.Value"
|
|
27
27
|
optional :policy_version, :string, 3, json_name: "policyVersion"
|
|
28
28
|
optional :scope, :string, 4, json_name: "scope"
|
|
29
29
|
end
|
|
30
|
+
add_message "cerbos.engine.v1.PlanResourcesAst" do
|
|
31
|
+
optional :filter_ast, :message, 1, "cerbos.engine.v1.PlanResourcesAst.Node", json_name: "filterAst"
|
|
32
|
+
end
|
|
33
|
+
add_message "cerbos.engine.v1.PlanResourcesAst.Node" do
|
|
34
|
+
oneof :node do
|
|
35
|
+
optional :logical_operation, :message, 1, "cerbos.engine.v1.PlanResourcesAst.LogicalOperation", json_name: "logicalOperation"
|
|
36
|
+
optional :expression, :message, 2, "google.api.expr.v1alpha1.CheckedExpr", json_name: "expression"
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
add_message "cerbos.engine.v1.PlanResourcesAst.LogicalOperation" do
|
|
40
|
+
optional :operator, :enum, 1, "cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator", json_name: "operator"
|
|
41
|
+
repeated :nodes, :message, 2, "cerbos.engine.v1.PlanResourcesAst.Node", json_name: "nodes"
|
|
42
|
+
end
|
|
43
|
+
add_enum "cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator" do
|
|
44
|
+
value :OPERATOR_UNSPECIFIED, 0
|
|
45
|
+
value :OPERATOR_AND, 1
|
|
46
|
+
value :OPERATOR_OR, 2
|
|
47
|
+
value :OPERATOR_NOT, 3
|
|
48
|
+
end
|
|
49
|
+
add_message "cerbos.engine.v1.PlanResourcesFilter" do
|
|
50
|
+
optional :kind, :enum, 1, "cerbos.engine.v1.PlanResourcesFilter.Kind", json_name: "kind"
|
|
51
|
+
optional :condition, :message, 2, "cerbos.engine.v1.PlanResourcesFilter.Expression.Operand", json_name: "condition"
|
|
52
|
+
end
|
|
53
|
+
add_message "cerbos.engine.v1.PlanResourcesFilter.Expression" do
|
|
54
|
+
optional :operator, :string, 1, json_name: "operator"
|
|
55
|
+
repeated :operands, :message, 2, "cerbos.engine.v1.PlanResourcesFilter.Expression.Operand", json_name: "operands"
|
|
56
|
+
end
|
|
57
|
+
add_message "cerbos.engine.v1.PlanResourcesFilter.Expression.Operand" do
|
|
58
|
+
oneof :node do
|
|
59
|
+
optional :value, :message, 1, "google.protobuf.Value", json_name: "value"
|
|
60
|
+
optional :expression, :message, 2, "cerbos.engine.v1.PlanResourcesFilter.Expression", json_name: "expression"
|
|
61
|
+
optional :variable, :string, 3, json_name: "variable"
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
add_enum "cerbos.engine.v1.PlanResourcesFilter.Kind" do
|
|
65
|
+
value :KIND_UNSPECIFIED, 0
|
|
66
|
+
value :KIND_ALWAYS_ALLOWED, 1
|
|
67
|
+
value :KIND_ALWAYS_DENIED, 2
|
|
68
|
+
value :KIND_CONDITIONAL, 3
|
|
69
|
+
end
|
|
70
|
+
add_message "cerbos.engine.v1.PlanResourcesOutput" do
|
|
71
|
+
optional :request_id, :string, 1, json_name: "requestId"
|
|
72
|
+
optional :action, :string, 2, json_name: "action"
|
|
73
|
+
optional :kind, :string, 3, json_name: "kind"
|
|
74
|
+
optional :policy_version, :string, 4, json_name: "policyVersion"
|
|
75
|
+
optional :scope, :string, 5, json_name: "scope"
|
|
76
|
+
optional :filter, :message, 6, "cerbos.engine.v1.PlanResourcesFilter", json_name: "filter"
|
|
77
|
+
optional :filter_debug, :string, 7, json_name: "filterDebug"
|
|
78
|
+
end
|
|
30
79
|
add_message "cerbos.engine.v1.CheckInput" do
|
|
31
80
|
optional :request_id, :string, 1, json_name: "requestId"
|
|
32
81
|
optional :resource, :message, 2, "cerbos.engine.v1.Resource", json_name: "resource"
|
|
@@ -46,30 +95,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
46
95
|
optional :policy, :string, 2, json_name: "policy"
|
|
47
96
|
optional :scope, :string, 3, json_name: "scope"
|
|
48
97
|
end
|
|
49
|
-
add_message "cerbos.engine.v1.PlanResourcesOutput" do
|
|
50
|
-
optional :request_id, :string, 1, json_name: "requestId"
|
|
51
|
-
optional :action, :string, 2, json_name: "action"
|
|
52
|
-
optional :kind, :string, 3, json_name: "kind"
|
|
53
|
-
optional :policy_version, :string, 4, json_name: "policyVersion"
|
|
54
|
-
optional :scope, :string, 5, json_name: "scope"
|
|
55
|
-
optional :filter, :message, 6, "cerbos.engine.v1.PlanResourcesOutput.Node", json_name: "filter"
|
|
56
|
-
end
|
|
57
|
-
add_message "cerbos.engine.v1.PlanResourcesOutput.Node" do
|
|
58
|
-
oneof :node do
|
|
59
|
-
optional :logical_operation, :message, 1, "cerbos.engine.v1.PlanResourcesOutput.LogicalOperation", json_name: "logicalOperation"
|
|
60
|
-
optional :expression, :message, 2, "google.api.expr.v1alpha1.CheckedExpr", json_name: "expression"
|
|
61
|
-
end
|
|
62
|
-
end
|
|
63
|
-
add_message "cerbos.engine.v1.PlanResourcesOutput.LogicalOperation" do
|
|
64
|
-
optional :operator, :enum, 1, "cerbos.engine.v1.PlanResourcesOutput.LogicalOperation.Operator", json_name: "operator"
|
|
65
|
-
repeated :nodes, :message, 2, "cerbos.engine.v1.PlanResourcesOutput.Node", json_name: "nodes"
|
|
66
|
-
end
|
|
67
|
-
add_enum "cerbos.engine.v1.PlanResourcesOutput.LogicalOperation.Operator" do
|
|
68
|
-
value :OPERATOR_UNSPECIFIED, 0
|
|
69
|
-
value :OPERATOR_AND, 1
|
|
70
|
-
value :OPERATOR_OR, 2
|
|
71
|
-
value :OPERATOR_NOT, 3
|
|
72
|
-
end
|
|
73
98
|
add_message "cerbos.engine.v1.Resource" do
|
|
74
99
|
optional :kind, :string, 1, json_name: "kind"
|
|
75
100
|
optional :policy_version, :string, 2, json_name: "policyVersion"
|
|
@@ -143,15 +168,20 @@ end
|
|
|
143
168
|
module Cerbos::Protobuf::Cerbos
|
|
144
169
|
module Engine
|
|
145
170
|
module V1
|
|
146
|
-
|
|
147
|
-
|
|
171
|
+
PlanResourcesInput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesInput").msgclass
|
|
172
|
+
PlanResourcesInput::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesInput.Resource").msgclass
|
|
173
|
+
PlanResourcesAst = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst").msgclass
|
|
174
|
+
PlanResourcesAst::Node = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.Node").msgclass
|
|
175
|
+
PlanResourcesAst::LogicalOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.LogicalOperation").msgclass
|
|
176
|
+
PlanResourcesAst::LogicalOperation::Operator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator").enummodule
|
|
177
|
+
PlanResourcesFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter").msgclass
|
|
178
|
+
PlanResourcesFilter::Expression = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Expression").msgclass
|
|
179
|
+
PlanResourcesFilter::Expression::Operand = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Expression.Operand").msgclass
|
|
180
|
+
PlanResourcesFilter::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Kind").enummodule
|
|
181
|
+
PlanResourcesOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput").msgclass
|
|
148
182
|
CheckInput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckInput").msgclass
|
|
149
183
|
CheckOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckOutput").msgclass
|
|
150
184
|
CheckOutput::ActionEffect = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckOutput.ActionEffect").msgclass
|
|
151
|
-
PlanResourcesOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput").msgclass
|
|
152
|
-
PlanResourcesOutput::Node = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput.Node").msgclass
|
|
153
|
-
PlanResourcesOutput::LogicalOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput.LogicalOperation").msgclass
|
|
154
|
-
PlanResourcesOutput::LogicalOperation::Operator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput.LogicalOperation.Operator").enummodule
|
|
155
185
|
Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Resource").msgclass
|
|
156
186
|
Principal = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Principal").msgclass
|
|
157
187
|
AuxData = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.AuxData").msgclass
|
|
@@ -19,7 +19,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
19
19
|
optional :request_id, :string, 1, json_name: "requestId"
|
|
20
20
|
optional :action, :string, 2, json_name: "action"
|
|
21
21
|
optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
|
|
22
|
-
optional :resource, :message, 4, "cerbos.engine.v1.
|
|
22
|
+
optional :resource, :message, 4, "cerbos.engine.v1.PlanResourcesInput.Resource", json_name: "resource"
|
|
23
23
|
optional :aux_data, :message, 5, "cerbos.request.v1.AuxData", json_name: "auxData"
|
|
24
24
|
optional :include_meta, :bool, 6, json_name: "includeMeta"
|
|
25
25
|
end
|
|
@@ -5,10 +5,10 @@ require 'google/protobuf'
|
|
|
5
5
|
|
|
6
6
|
require 'cerbos/protobuf/cerbos/audit/v1/audit_pb'
|
|
7
7
|
require 'cerbos/protobuf/cerbos/effect/v1/effect_pb'
|
|
8
|
+
require 'cerbos/protobuf/cerbos/engine/v1/engine_pb'
|
|
8
9
|
require 'cerbos/protobuf/cerbos/policy/v1/policy_pb'
|
|
9
10
|
require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
|
|
10
11
|
require 'google/protobuf/empty_pb'
|
|
11
|
-
require 'google/protobuf/struct_pb'
|
|
12
12
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
|
13
13
|
|
|
14
14
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
@@ -18,30 +18,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
18
18
|
optional :action, :string, 2, json_name: "action"
|
|
19
19
|
optional :resource_kind, :string, 3, json_name: "resourceKind"
|
|
20
20
|
optional :policy_version, :string, 4, json_name: "policyVersion"
|
|
21
|
-
optional :filter, :message, 5, "cerbos.
|
|
21
|
+
optional :filter, :message, 5, "cerbos.engine.v1.PlanResourcesFilter", json_name: "filter"
|
|
22
22
|
optional :meta, :message, 6, "cerbos.response.v1.PlanResourcesResponse.Meta", json_name: "meta"
|
|
23
23
|
end
|
|
24
|
-
add_message "cerbos.response.v1.PlanResourcesResponse.Expression" do
|
|
25
|
-
optional :operator, :string, 1, json_name: "operator"
|
|
26
|
-
repeated :operands, :message, 2, "cerbos.response.v1.PlanResourcesResponse.Expression.Operand", json_name: "operands"
|
|
27
|
-
end
|
|
28
|
-
add_message "cerbos.response.v1.PlanResourcesResponse.Expression.Operand" do
|
|
29
|
-
oneof :node do
|
|
30
|
-
optional :value, :message, 1, "google.protobuf.Value", json_name: "value"
|
|
31
|
-
optional :expression, :message, 2, "cerbos.response.v1.PlanResourcesResponse.Expression", json_name: "expression"
|
|
32
|
-
optional :variable, :string, 3, json_name: "variable"
|
|
33
|
-
end
|
|
34
|
-
end
|
|
35
|
-
add_message "cerbos.response.v1.PlanResourcesResponse.Filter" do
|
|
36
|
-
optional :kind, :enum, 1, "cerbos.response.v1.PlanResourcesResponse.Filter.Kind", json_name: "kind"
|
|
37
|
-
optional :condition, :message, 2, "cerbos.response.v1.PlanResourcesResponse.Expression.Operand", json_name: "condition"
|
|
38
|
-
end
|
|
39
|
-
add_enum "cerbos.response.v1.PlanResourcesResponse.Filter.Kind" do
|
|
40
|
-
value :KIND_UNSPECIFIED, 0
|
|
41
|
-
value :KIND_ALWAYS_ALLOWED, 1
|
|
42
|
-
value :KIND_ALWAYS_DENIED, 2
|
|
43
|
-
value :KIND_CONDITIONAL, 3
|
|
44
|
-
end
|
|
45
24
|
add_message "cerbos.response.v1.PlanResourcesResponse.Meta" do
|
|
46
25
|
optional :filter_debug, :string, 1, json_name: "filterDebug"
|
|
47
26
|
optional :matched_scope, :string, 2, json_name: "matchedScope"
|
|
@@ -189,10 +168,6 @@ module Cerbos::Protobuf::Cerbos
|
|
|
189
168
|
module Response
|
|
190
169
|
module V1
|
|
191
170
|
PlanResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse").msgclass
|
|
192
|
-
PlanResourcesResponse::Expression = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Expression").msgclass
|
|
193
|
-
PlanResourcesResponse::Expression::Operand = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Expression.Operand").msgclass
|
|
194
|
-
PlanResourcesResponse::Filter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Filter").msgclass
|
|
195
|
-
PlanResourcesResponse::Filter::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Filter.Kind").enummodule
|
|
196
171
|
PlanResourcesResponse::Meta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Meta").msgclass
|
|
197
172
|
CheckResourceSetResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceSetResponse").msgclass
|
|
198
173
|
CheckResourceSetResponse::ActionEffectMap = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap").msgclass
|
|
@@ -7,93 +7,117 @@ require 'google/protobuf/duration_pb'
|
|
|
7
7
|
|
|
8
8
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
9
9
|
add_file("cerbos/telemetry/v1/telemetry.proto", :syntax => :proto3) do
|
|
10
|
-
add_message "cerbos.telemetry.v1.
|
|
10
|
+
add_message "cerbos.telemetry.v1.ServerLaunch" do
|
|
11
11
|
optional :version, :string, 1, json_name: "version"
|
|
12
|
-
optional :source, :message, 2, "cerbos.telemetry.v1.
|
|
13
|
-
optional :features, :message, 3, "cerbos.telemetry.v1.
|
|
14
|
-
optional :stats, :message, 4, "cerbos.telemetry.v1.
|
|
12
|
+
optional :source, :message, 2, "cerbos.telemetry.v1.ServerLaunch.Source", json_name: "source"
|
|
13
|
+
optional :features, :message, 3, "cerbos.telemetry.v1.ServerLaunch.Features", json_name: "features"
|
|
14
|
+
optional :stats, :message, 4, "cerbos.telemetry.v1.ServerLaunch.Stats", json_name: "stats"
|
|
15
15
|
end
|
|
16
|
-
add_message "cerbos.telemetry.v1.
|
|
16
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Cerbos" do
|
|
17
17
|
optional :version, :string, 1, json_name: "version"
|
|
18
18
|
optional :commit, :string, 2, json_name: "commit"
|
|
19
19
|
optional :build_date, :string, 3, json_name: "buildDate"
|
|
20
20
|
optional :module_version, :string, 4, json_name: "moduleVersion"
|
|
21
21
|
optional :module_checksum, :string, 5, json_name: "moduleChecksum"
|
|
22
22
|
end
|
|
23
|
-
add_message "cerbos.telemetry.v1.
|
|
24
|
-
optional :cerbos, :message, 1, "cerbos.telemetry.v1.
|
|
23
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Source" do
|
|
24
|
+
optional :cerbos, :message, 1, "cerbos.telemetry.v1.ServerLaunch.Cerbos", json_name: "cerbos"
|
|
25
25
|
optional :os, :string, 2, json_name: "os"
|
|
26
26
|
optional :arch, :string, 3, json_name: "arch"
|
|
27
27
|
optional :num_cpus, :uint32, 4, json_name: "numCpus"
|
|
28
28
|
end
|
|
29
|
-
add_message "cerbos.telemetry.v1.
|
|
30
|
-
optional :audit, :message, 1, "cerbos.telemetry.v1.
|
|
31
|
-
optional :schema, :message, 2, "cerbos.telemetry.v1.
|
|
32
|
-
optional :admin_api, :message, 3, "cerbos.telemetry.v1.
|
|
33
|
-
optional :storage, :message, 4, "cerbos.telemetry.v1.
|
|
29
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Features" do
|
|
30
|
+
optional :audit, :message, 1, "cerbos.telemetry.v1.ServerLaunch.Features.Audit", json_name: "audit"
|
|
31
|
+
optional :schema, :message, 2, "cerbos.telemetry.v1.ServerLaunch.Features.Schema", json_name: "schema"
|
|
32
|
+
optional :admin_api, :message, 3, "cerbos.telemetry.v1.ServerLaunch.Features.AdminApi", json_name: "adminApi"
|
|
33
|
+
optional :storage, :message, 4, "cerbos.telemetry.v1.ServerLaunch.Features.Storage", json_name: "storage"
|
|
34
34
|
end
|
|
35
|
-
add_message "cerbos.telemetry.v1.
|
|
35
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Features.Audit" do
|
|
36
36
|
optional :enabled, :bool, 1, json_name: "enabled"
|
|
37
37
|
optional :backend, :string, 2, json_name: "backend"
|
|
38
38
|
end
|
|
39
|
-
add_message "cerbos.telemetry.v1.
|
|
39
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Features.Schema" do
|
|
40
40
|
optional :enforcement, :string, 1, json_name: "enforcement"
|
|
41
41
|
end
|
|
42
|
-
add_message "cerbos.telemetry.v1.
|
|
42
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Features.AdminApi" do
|
|
43
43
|
optional :enabled, :bool, 1, json_name: "enabled"
|
|
44
44
|
end
|
|
45
|
-
add_message "cerbos.telemetry.v1.
|
|
45
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Features.Storage" do
|
|
46
46
|
optional :driver, :string, 1, json_name: "driver"
|
|
47
47
|
oneof :store do
|
|
48
|
-
optional :disk, :message, 2, "cerbos.telemetry.v1.
|
|
49
|
-
optional :git, :message, 3, "cerbos.telemetry.v1.
|
|
50
|
-
optional :blob, :message, 4, "cerbos.telemetry.v1.
|
|
48
|
+
optional :disk, :message, 2, "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Disk", json_name: "disk"
|
|
49
|
+
optional :git, :message, 3, "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Git", json_name: "git"
|
|
50
|
+
optional :blob, :message, 4, "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Blob", json_name: "blob"
|
|
51
51
|
end
|
|
52
52
|
end
|
|
53
|
-
add_message "cerbos.telemetry.v1.
|
|
53
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Disk" do
|
|
54
54
|
optional :watch, :bool, 1, json_name: "watch"
|
|
55
55
|
end
|
|
56
|
-
add_message "cerbos.telemetry.v1.
|
|
56
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Git" do
|
|
57
57
|
optional :protocol, :string, 1, json_name: "protocol"
|
|
58
58
|
optional :auth, :bool, 2, json_name: "auth"
|
|
59
59
|
optional :poll_interval, :message, 3, "google.protobuf.Duration", json_name: "pollInterval"
|
|
60
60
|
end
|
|
61
|
-
add_message "cerbos.telemetry.v1.
|
|
61
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Blob" do
|
|
62
62
|
optional :provider, :string, 1, json_name: "provider"
|
|
63
63
|
optional :poll_interval, :message, 2, "google.protobuf.Duration", json_name: "pollInterval"
|
|
64
64
|
end
|
|
65
|
-
add_message "cerbos.telemetry.v1.
|
|
66
|
-
optional :policy, :message, 1, "cerbos.telemetry.v1.
|
|
67
|
-
optional :schema, :message, 2, "cerbos.telemetry.v1.
|
|
65
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Stats" do
|
|
66
|
+
optional :policy, :message, 1, "cerbos.telemetry.v1.ServerLaunch.Stats.Policy", json_name: "policy"
|
|
67
|
+
optional :schema, :message, 2, "cerbos.telemetry.v1.ServerLaunch.Stats.Schema", json_name: "schema"
|
|
68
68
|
end
|
|
69
|
-
add_message "cerbos.telemetry.v1.
|
|
69
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Stats.Policy" do
|
|
70
70
|
map :count, :string, :uint32, 1
|
|
71
71
|
map :avg_rule_count, :string, :double, 2
|
|
72
72
|
map :avg_condition_count, :string, :double, 3
|
|
73
73
|
end
|
|
74
|
-
add_message "cerbos.telemetry.v1.
|
|
74
|
+
add_message "cerbos.telemetry.v1.ServerLaunch.Stats.Schema" do
|
|
75
75
|
optional :count, :uint32, 1, json_name: "count"
|
|
76
76
|
end
|
|
77
|
+
add_message "cerbos.telemetry.v1.ServerStop" do
|
|
78
|
+
optional :version, :string, 1, json_name: "version"
|
|
79
|
+
optional :uptime, :message, 2, "google.protobuf.Duration", json_name: "uptime"
|
|
80
|
+
optional :requests_total, :uint64, 3, json_name: "requestsTotal"
|
|
81
|
+
end
|
|
82
|
+
add_message "cerbos.telemetry.v1.Event" do
|
|
83
|
+
oneof :data do
|
|
84
|
+
optional :api_activity, :message, 1, "cerbos.telemetry.v1.Event.ApiActivity", json_name: "apiActivity"
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
add_message "cerbos.telemetry.v1.Event.CountStat" do
|
|
88
|
+
optional :key, :string, 1, json_name: "key"
|
|
89
|
+
optional :count, :uint64, 2, json_name: "count"
|
|
90
|
+
end
|
|
91
|
+
add_message "cerbos.telemetry.v1.Event.ApiActivity" do
|
|
92
|
+
optional :version, :string, 1, json_name: "version"
|
|
93
|
+
optional :uptime, :message, 2, "google.protobuf.Duration", json_name: "uptime"
|
|
94
|
+
repeated :method_calls, :message, 3, "cerbos.telemetry.v1.Event.CountStat", json_name: "methodCalls"
|
|
95
|
+
repeated :user_agents, :message, 4, "cerbos.telemetry.v1.Event.CountStat", json_name: "userAgents"
|
|
96
|
+
end
|
|
77
97
|
end
|
|
78
98
|
end
|
|
79
99
|
|
|
80
100
|
module Cerbos::Protobuf::Cerbos
|
|
81
101
|
module Telemetry
|
|
82
102
|
module V1
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
103
|
+
ServerLaunch = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch").msgclass
|
|
104
|
+
ServerLaunch::Cerbos = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Cerbos").msgclass
|
|
105
|
+
ServerLaunch::Source = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Source").msgclass
|
|
106
|
+
ServerLaunch::Features = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features").msgclass
|
|
107
|
+
ServerLaunch::Features::Audit = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Audit").msgclass
|
|
108
|
+
ServerLaunch::Features::Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Schema").msgclass
|
|
109
|
+
ServerLaunch::Features::AdminApi = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.AdminApi").msgclass
|
|
110
|
+
ServerLaunch::Features::Storage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Storage").msgclass
|
|
111
|
+
ServerLaunch::Features::Storage::Disk = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Storage.Disk").msgclass
|
|
112
|
+
ServerLaunch::Features::Storage::Git = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Storage.Git").msgclass
|
|
113
|
+
ServerLaunch::Features::Storage::Blob = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Storage.Blob").msgclass
|
|
114
|
+
ServerLaunch::Stats = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Stats").msgclass
|
|
115
|
+
ServerLaunch::Stats::Policy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Stats.Policy").msgclass
|
|
116
|
+
ServerLaunch::Stats::Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Stats.Schema").msgclass
|
|
117
|
+
ServerStop = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerStop").msgclass
|
|
118
|
+
Event = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Event").msgclass
|
|
119
|
+
Event::CountStat = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Event.CountStat").msgclass
|
|
120
|
+
Event::ApiActivity = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Event.ApiActivity").msgclass
|
|
97
121
|
end
|
|
98
122
|
end
|
|
99
123
|
end
|
data/lib/cerbos/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cerbos
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cerbos
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-06-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: grpc
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '1.
|
|
19
|
+
version: '1.46'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '1.
|
|
26
|
+
version: '1.46'
|
|
27
27
|
description: Perform authorization in Ruby applications by interacting with the Cerbos
|
|
28
28
|
policy decision point.
|
|
29
29
|
email:
|
|
@@ -81,7 +81,7 @@ licenses:
|
|
|
81
81
|
metadata:
|
|
82
82
|
bug_tracker_uri: https://github.com/cerbos/cerbos-sdk-ruby/issues
|
|
83
83
|
changelog_uri: https://github.com/cerbos/cerbos-sdk-ruby/blob/main/CHANGELOG.md
|
|
84
|
-
documentation_uri: https://www.rubydoc.info/gems/cerbos/0.
|
|
84
|
+
documentation_uri: https://www.rubydoc.info/gems/cerbos/0.4.0
|
|
85
85
|
homepage_uri: https://github.com/cerbos/cerbos-sdk-ruby
|
|
86
86
|
source_code_uri: https://github.com/cerbos/cerbos-sdk-ruby
|
|
87
87
|
rubygems_mfa_required: 'true'
|