cerbos 0.5.0 → 0.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e1c86d3d658d13d5226bad856d440ce3a511e260fb7c7a1d0df57ab6c1368584
-  data.tar.gz: b776cb441ca8011e80c43fa2647aa36e7640873290086c3b04cd6233b0192f4c
+  metadata.gz: e66a450c22c146b4372b0ebd4cfd1e950d3824c78e8d24209275ee41020aa3d1
+  data.tar.gz: 5f3d5aeb480e91d3918ad3065badb211d9572991b7e729ea4847732655d6bf30
 SHA512:
-  metadata.gz: b13e093563c7ad60ac1b524dffee33b22fb1d553b433d0927063ff61b4ba10b2aa3516ac309f03384848b40913776605ea7b922fce906d2c6dbe43f8c175dd19
-  data.tar.gz: '039c5611d71e663451ecb192efaa91fe63a09f81de902b21ec67dee270374170e0fd08db61eee9b3b43283bca8299cd362bccb16a010670e77f9017ecf0a5932'
+  metadata.gz: 8de09b89a42c31f5a5283adf91ac8f1af0cfde2d660a8a47443ac6a28fb814a658991fbbd74a5bebcf95dd2382bfd0215b5dac6c27343cac0ad5345211bf38cf
+  data.tar.gz: 88a4ce5be4f53fcd7df994494e4190b49587159d2a93ae2ee828afa557c3ace338731c21c27f99c5eb69fff9592ef90c1e7fb0e2e7b5b76c82787b06fdc0f4e9

data/CHANGELOG.md

@@ -1,6 +1,20 @@
 ## [Unreleased]
 No notable changes.
 
+## [0.6.1] - 2023-03-23
+### Removed
+- Unused generated code ([#83](https://github.com/cerbos/cerbos-sdk-ruby/pull/83))
+
+## [0.6.0] - 2022-07-01
+### Added
+- Support for schema validation in `Cerbos::Client#plan_resources` ([#32](https://github.com/cerbos/cerbos-sdk-ruby/pull/32))
+
+  Requires Cerbos 0.19+.
+  `Cerbos::Output::PlanResources#validation_errors` will always return an empty array if the client is connected to an earlier version of Cerbos.
+
+  As a result, `Cerbos::Output::CheckResources::Result::ValidationError` has moved to `Cerbos::Output::ValidationError`.
+  Attempting to access the class via the old namespace will print a deprecation warning and return the new class.
+
 ## [0.5.0] - 2022-06-09
 ### Added
 - Allow symbol keys in nested attributes hashes ([#28](https://github.com/cerbos/cerbos-sdk-ruby/pull/28))
@@ -26,7 +40,9 @@ No notable changes.
 ### Added
 - Initial implementation of `Cerbos::Client` ([#2](https://github.com/cerbos/cerbos-sdk-ruby/pull/2))
 
-[Unreleased]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.5.0...HEAD
+[Unreleased]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.6.1...HEAD
+[0.6.1]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.6.0...v0.6.1
+[0.6.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.5.0...v0.6.0
 [0.5.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.4.0...v0.5.0
 [0.4.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.3.0...v0.4.0
 [0.3.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.2.0...v0.3.0

data/lib/cerbos/client.rb

@@ -187,7 +187,9 @@ module Cerbos
 
         response = perform_request(@cerbos_service, :plan_resources, request)
 
-        Output::PlanResources.from_protobuf(response)
+        Output::PlanResources.from_protobuf(response).tap do |output|
+          handle_validation_errors output
+        end
       end
     end
 
@@ -221,7 +223,7 @@ module Cerbos
     def handle_validation_errors(output)
       return if @on_validation_error == :return
 
-      validation_errors = output.results.flat_map(&:validation_errors)
+      validation_errors = output.validation_errors
       return if validation_errors.empty?
 
       raise Error::ValidationFailed.new(validation_errors) if @on_validation_error == :raise

data/lib/cerbos/output/check_resources.rb

@@ -55,6 +55,13 @@ module Cerbos
         results.find { |result| matching_resource?(search, result.resource) }
       end
 
+      # List unique schema validation errors for the principal or resource attributes.
+      #
+      # @return [Array<ValidationError>]
+      def validation_errors
+        results.flat_map(&:validation_errors).uniq
+      end
+
       private
 
       def matching_resource?(search, candidate)
@@ -88,11 +95,21 @@ module Cerbos
       #   @return [Metadata]
       #   @return [nil] if `include_metadata` was `false`.
 
+      # @private
+      def self.const_missing(const)
+        if const == :ValidationError
+          warn "#{name}::ValidationError is deprecated; use #{ValidationError.name} instead (called from #{caller(1..1).first})"
+          return ValidationError
+        end
+
+        super
+      end
+
       def self.from_protobuf(entry)
         new(
           resource: CheckResources::Result::Resource.from_protobuf(entry.resource),
           actions: entry.actions.to_h,
-          validation_errors: (entry.validation_errors || []).map { |validation_error| CheckResources::Result::ValidationError.from_protobuf(validation_error) },
+          validation_errors: (entry.validation_errors || []).map { |validation_error| ValidationError.from_protobuf(validation_error) },
           metadata: CheckResources::Result::Metadata.from_protobuf(entry.meta)
         )
       end
@@ -154,46 +171,6 @@ module Cerbos
       end
     end
 
-    # An error that occurred while validating the principal or resource attributes against a schema.
-    CheckResources::Result::ValidationError = Output.new_class(:path, :message, :source) do
-      # @!attribute [r] path
-      #   The path to the attribute that failed validation.
-      #
-      #   @return [String]
-
-      # @!attribute [r] message
-      #   The error message.
-      #
-      #   @return [String]
-
-      # @!attribute [r] source
-      #   The source of the invalid attributes.
-      #
-      #   @return [:SOURCE_PRINCIPAL, :SOURCE_RESOURCE]
-
-      def self.from_protobuf(validation_error)
-        new(
-          path: validation_error.path,
-          message: validation_error.message,
-          source: validation_error.source
-        )
-      end
-
-      # Check if the principal's attributes failed schema validation.
-      #
-      # @return [Boolean]
-      def from_principal?
-        source == :SOURCE_PRINCIPAL
-      end
-
-      # Check if the resource's attributes failed schema validation.
-      #
-      # @return [Boolean]
-      def from_resource?
-        source == :SOURCE_RESOURCE
-      end
-    end
-
     # Additional information about how policy decisions were reached.
     CheckResources::Result::Metadata = Output.new_class(:actions, :effective_derived_roles) do
       # @!attribute [r] actions

data/lib/cerbos/output/plan_resources.rb

@@ -5,7 +5,7 @@ module Cerbos
     # A query plan that can be used to obtain a list of resources on which a principal is allowed to perform a particular action.
     #
     # @see Client#plan_resources
-    PlanResources = Output.new_class(:request_id, :kind, :condition, :metadata) do
+    PlanResources = Output.new_class(:request_id, :kind, :condition, :validation_errors, :metadata) do
       # @!attribute [r] request_id
       #   The identifier for tracing the request.
       #
@@ -26,6 +26,11 @@ module Cerbos
       #   @see #always_denied?
       #   @see #conditional?
 
+      # @!attribute [r] validation_errors
+      #   Any schema validation errors for the principal or resource attributes.
+      #
+      #   @return [Array<ValidationError>]
+
       # @!attribute [r] metadata
       #   Additional information about the query plan.
       #
@@ -37,6 +42,7 @@ module Cerbos
           request_id: plan_resources.request_id,
           kind: plan_resources.filter.kind,
           condition: PlanResources::Expression::Operand.from_protobuf(plan_resources.filter.condition),
+          validation_errors: (plan_resources.validation_errors || []).map { |validation_error| ValidationError.from_protobuf(validation_error) },
           metadata: PlanResources::Metadata.from_protobuf(plan_resources.meta)
         )
       end

data/lib/cerbos/output/validation_error.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module Cerbos
+  module Output
+    # An error that occurred while validating the principal or resource attributes against a schema.
+    ValidationError = Output.new_class(:path, :message, :source) do
+      # @!attribute [r] path
+      #   The path to the attribute that failed validation.
+      #
+      #   @return [String]
+
+      # @!attribute [r] message
+      #   The error message.
+      #
+      #   @return [String]
+
+      # @!attribute [r] source
+      #   The source of the invalid attributes.
+      #
+      #   @return [:SOURCE_PRINCIPAL, :SOURCE_RESOURCE]
+
+      def self.from_protobuf(validation_error)
+        new(
+          path: validation_error.path,
+          message: validation_error.message,
+          source: validation_error.source
+        )
+      end
+
+      # Check if the principal's attributes failed schema validation.
+      #
+      # @return [Boolean]
+      def from_principal?
+        source == :SOURCE_PRINCIPAL
+      end
+
+      # Check if the resource's attributes failed schema validation.
+      #
+      # @return [Boolean]
+      def from_resource?
+        source == :SOURCE_RESOURCE
+      end
+    end
+  end
+end

data/lib/cerbos/output.rb

@@ -32,6 +32,7 @@ module Cerbos
   end
 end
 
+require_relative "output/validation_error"
 require_relative "output/check_resources"
 require_relative "output/plan_resources"
 require_relative "output/server_info"

data/lib/cerbos/protobuf/cerbos/engine/v1/engine_pb.rb

@@ -3,23 +3,12 @@
 
 require 'google/protobuf'
 
-require 'cerbos/protobuf/cerbos/effect/v1/effect_pb'
-require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
-require 'cerbos/protobuf/google/api/expr/v1alpha1/checked_pb'
-require 'cerbos/protobuf/google/api/field_behavior_pb'
 require 'google/protobuf/struct_pb'
 require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
-require 'cerbos/protobuf/validate/validate_pb'
 
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("cerbos/engine/v1/engine.proto", :syntax => :proto3) do
     add_message "cerbos.engine.v1.PlanResourcesInput" do
-      optional :request_id, :string, 1, json_name: "requestId"
-      optional :action, :string, 2, json_name: "action"
-      optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
-      optional :resource, :message, 4, "cerbos.engine.v1.PlanResourcesInput.Resource", json_name: "resource"
-      optional :aux_data, :message, 5, "cerbos.engine.v1.AuxData", json_name: "auxData"
-      optional :include_meta, :bool, 6, json_name: "includeMeta"
     end
     add_message "cerbos.engine.v1.PlanResourcesInput.Resource" do
       optional :kind, :string, 1, json_name: "kind"
@@ -27,25 +16,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :policy_version, :string, 3, json_name: "policyVersion"
       optional :scope, :string, 4, json_name: "scope"
     end
-    add_message "cerbos.engine.v1.PlanResourcesAst" do
-      optional :filter_ast, :message, 1, "cerbos.engine.v1.PlanResourcesAst.Node", json_name: "filterAst"
-    end
-    add_message "cerbos.engine.v1.PlanResourcesAst.Node" do
-      oneof :node do
-        optional :logical_operation, :message, 1, "cerbos.engine.v1.PlanResourcesAst.LogicalOperation", json_name: "logicalOperation"
-        optional :expression, :message, 2, "google.api.expr.v1alpha1.CheckedExpr", json_name: "expression"
-      end
-    end
-    add_message "cerbos.engine.v1.PlanResourcesAst.LogicalOperation" do
-      optional :operator, :enum, 1, "cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator", json_name: "operator"
-      repeated :nodes, :message, 2, "cerbos.engine.v1.PlanResourcesAst.Node", json_name: "nodes"
-    end
-    add_enum "cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator" do
-      value :OPERATOR_UNSPECIFIED, 0
-      value :OPERATOR_AND, 1
-      value :OPERATOR_OR, 2
-      value :OPERATOR_NOT, 3
-    end
     add_message "cerbos.engine.v1.PlanResourcesFilter" do
       optional :kind, :enum, 1, "cerbos.engine.v1.PlanResourcesFilter.Kind", json_name: "kind"
       optional :condition, :message, 2, "cerbos.engine.v1.PlanResourcesFilter.Expression.Operand", json_name: "condition"
@@ -67,34 +37,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       value :KIND_ALWAYS_DENIED, 2
       value :KIND_CONDITIONAL, 3
     end
-    add_message "cerbos.engine.v1.PlanResourcesOutput" do
-      optional :request_id, :string, 1, json_name: "requestId"
-      optional :action, :string, 2, json_name: "action"
-      optional :kind, :string, 3, json_name: "kind"
-      optional :policy_version, :string, 4, json_name: "policyVersion"
-      optional :scope, :string, 5, json_name: "scope"
-      optional :filter, :message, 6, "cerbos.engine.v1.PlanResourcesFilter", json_name: "filter"
-      optional :filter_debug, :string, 7, json_name: "filterDebug"
-    end
-    add_message "cerbos.engine.v1.CheckInput" do
-      optional :request_id, :string, 1, json_name: "requestId"
-      optional :resource, :message, 2, "cerbos.engine.v1.Resource", json_name: "resource"
-      optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
-      repeated :actions, :string, 4, json_name: "actions"
-      optional :aux_data, :message, 5, "cerbos.engine.v1.AuxData", json_name: "auxData"
-    end
-    add_message "cerbos.engine.v1.CheckOutput" do
-      optional :request_id, :string, 1, json_name: "requestId"
-      optional :resource_id, :string, 2, json_name: "resourceId"
-      map :actions, :string, :message, 3, "cerbos.engine.v1.CheckOutput.ActionEffect"
-      repeated :effective_derived_roles, :string, 4, json_name: "effectiveDerivedRoles"
-      repeated :validation_errors, :message, 5, "cerbos.schema.v1.ValidationError", json_name: "validationErrors"
-    end
-    add_message "cerbos.engine.v1.CheckOutput.ActionEffect" do
-      optional :effect, :enum, 1, "cerbos.effect.v1.Effect", json_name: "effect"
-      optional :policy, :string, 2, json_name: "policy"
-      optional :scope, :string, 3, json_name: "scope"
-    end
     add_message "cerbos.engine.v1.Resource" do
       optional :kind, :string, 1, json_name: "kind"
       optional :policy_version, :string, 2, json_name: "policyVersion"
@@ -109,59 +51,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       map :attr, :string, :message, 4, "google.protobuf.Value"
       optional :scope, :string, 5, json_name: "scope"
     end
-    add_message "cerbos.engine.v1.AuxData" do
-      map :jwt, :string, :message, 1, "google.protobuf.Value"
-    end
-    add_message "cerbos.engine.v1.Trace" do
-      repeated :components, :message, 1, "cerbos.engine.v1.Trace.Component", json_name: "components"
-      optional :event, :message, 2, "cerbos.engine.v1.Trace.Event", json_name: "event"
-    end
-    add_message "cerbos.engine.v1.Trace.Component" do
-      optional :kind, :enum, 1, "cerbos.engine.v1.Trace.Component.Kind", json_name: "kind"
-      oneof :details do
-        optional :action, :string, 2, json_name: "action"
-        optional :derived_role, :string, 3, json_name: "derivedRole"
-        optional :expr, :string, 4, json_name: "expr"
-        optional :index, :uint32, 5, json_name: "index"
-        optional :policy, :string, 6, json_name: "policy"
-        optional :resource, :string, 7, json_name: "resource"
-        optional :rule, :string, 8, json_name: "rule"
-        optional :scope, :string, 9, json_name: "scope"
-        optional :variable, :message, 10, "cerbos.engine.v1.Trace.Component.Variable", json_name: "variable"
-      end
-    end
-    add_message "cerbos.engine.v1.Trace.Component.Variable" do
-      optional :name, :string, 1, json_name: "name"
-      optional :expr, :string, 2, json_name: "expr"
-    end
-    add_enum "cerbos.engine.v1.Trace.Component.Kind" do
-      value :KIND_UNSPECIFIED, 0
-      value :KIND_ACTION, 1
-      value :KIND_CONDITION_ALL, 2
-      value :KIND_CONDITION_ANY, 3
-      value :KIND_CONDITION_NONE, 4
-      value :KIND_CONDITION, 5
-      value :KIND_DERIVED_ROLE, 6
-      value :KIND_EXPR, 7
-      value :KIND_POLICY, 8
-      value :KIND_RESOURCE, 9
-      value :KIND_RULE, 10
-      value :KIND_SCOPE, 11
-      value :KIND_VARIABLE, 12
-      value :KIND_VARIABLES, 13
-    end
-    add_message "cerbos.engine.v1.Trace.Event" do
-      optional :status, :enum, 1, "cerbos.engine.v1.Trace.Event.Status", json_name: "status"
-      optional :effect, :enum, 2, "cerbos.effect.v1.Effect", json_name: "effect"
-      optional :error, :string, 3, json_name: "error"
-      optional :message, :string, 4, json_name: "message"
-      optional :result, :message, 5, "google.protobuf.Value", json_name: "result"
-    end
-    add_enum "cerbos.engine.v1.Trace.Event.Status" do
-      value :STATUS_UNSPECIFIED, 0
-      value :STATUS_ACTIVATED, 1
-      value :STATUS_SKIPPED, 2
-    end
   end
 end
 
@@ -170,27 +59,12 @@ module Cerbos::Protobuf::Cerbos
     module V1
       PlanResourcesInput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesInput").msgclass
       PlanResourcesInput::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesInput.Resource").msgclass
-      PlanResourcesAst = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst").msgclass
-      PlanResourcesAst::Node = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.Node").msgclass
-      PlanResourcesAst::LogicalOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.LogicalOperation").msgclass
-      PlanResourcesAst::LogicalOperation::Operator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator").enummodule
       PlanResourcesFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter").msgclass
       PlanResourcesFilter::Expression = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Expression").msgclass
       PlanResourcesFilter::Expression::Operand = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Expression.Operand").msgclass
       PlanResourcesFilter::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Kind").enummodule
-      PlanResourcesOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput").msgclass
-      CheckInput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckInput").msgclass
-      CheckOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckOutput").msgclass
-      CheckOutput::ActionEffect = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckOutput.ActionEffect").msgclass
       Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Resource").msgclass
       Principal = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Principal").msgclass
-      AuxData = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.AuxData").msgclass
-      Trace = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace").msgclass
-      Trace::Component = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Component").msgclass
-      Trace::Component::Variable = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Component.Variable").msgclass
-      Trace::Component::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Component.Kind").enummodule
-      Trace::Event = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Event").msgclass
-      Trace::Event::Status = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Event.Status").enummodule
     end
   end
 end

data/lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb

@@ -4,12 +4,8 @@
 require 'google/protobuf'
 
 require 'cerbos/protobuf/cerbos/engine/v1/engine_pb'
-require 'cerbos/protobuf/cerbos/policy/v1/policy_pb'
-require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
 require 'cerbos/protobuf/google/api/field_behavior_pb'
-require 'google/protobuf/duration_pb'
 require 'google/protobuf/struct_pb'
-require 'google/protobuf/timestamp_pb'
 require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
 require 'cerbos/protobuf/validate/validate_pb'
 
@@ -68,78 +64,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :token, :string, 1, json_name: "token"
       optional :key_set_id, :string, 2, json_name: "keySetId"
     end
-    add_message "cerbos.request.v1.File" do
-      optional :file_name, :string, 1, json_name: "fileName"
-      optional :contents, :bytes, 2, json_name: "contents"
-    end
-    add_message "cerbos.request.v1.PlaygroundValidateRequest" do
-      optional :playground_id, :string, 1, json_name: "playgroundId"
-      repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
-    end
-    add_message "cerbos.request.v1.PlaygroundTestRequest" do
-      optional :playground_id, :string, 1, json_name: "playgroundId"
-      repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
-    end
-    add_message "cerbos.request.v1.PlaygroundEvaluateRequest" do
-      optional :playground_id, :string, 1, json_name: "playgroundId"
-      repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
-      optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
-      optional :resource, :message, 4, "cerbos.engine.v1.Resource", json_name: "resource"
-      repeated :actions, :string, 5, json_name: "actions"
-      optional :aux_data, :message, 6, "cerbos.request.v1.AuxData", json_name: "auxData"
-    end
-    add_message "cerbos.request.v1.PlaygroundProxyRequest" do
-      optional :playground_id, :string, 1, json_name: "playgroundId"
-      repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
-      oneof :proxy_request do
-        optional :check_resource_set, :message, 3, "cerbos.request.v1.CheckResourceSetRequest", json_name: "checkResourceSet"
-        optional :check_resource_batch, :message, 4, "cerbos.request.v1.CheckResourceBatchRequest", json_name: "checkResourceBatch"
-        optional :plan_resources, :message, 5, "cerbos.request.v1.PlanResourcesRequest", json_name: "planResources"
-        optional :check_resources, :message, 6, "cerbos.request.v1.CheckResourcesRequest", json_name: "checkResources"
-      end
-    end
-    add_message "cerbos.request.v1.AddOrUpdatePolicyRequest" do
-      repeated :policies, :message, 1, "cerbos.policy.v1.Policy", json_name: "policies"
-    end
-    add_message "cerbos.request.v1.ListAuditLogEntriesRequest" do
-      optional :kind, :enum, 1, "cerbos.request.v1.ListAuditLogEntriesRequest.Kind", json_name: "kind"
-      oneof :filter do
-        optional :tail, :uint32, 2, json_name: "tail"
-        optional :between, :message, 3, "cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange", json_name: "between"
-        optional :since, :message, 4, "google.protobuf.Duration", json_name: "since"
-        optional :lookup, :string, 5, json_name: "lookup"
-      end
-    end
-    add_message "cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange" do
-      optional :start, :message, 1, "google.protobuf.Timestamp", json_name: "start"
-      optional :end, :message, 2, "google.protobuf.Timestamp", json_name: "end"
-    end
-    add_enum "cerbos.request.v1.ListAuditLogEntriesRequest.Kind" do
-      value :KIND_UNSPECIFIED, 0
-      value :KIND_ACCESS, 1
-      value :KIND_DECISION, 2
-    end
     add_message "cerbos.request.v1.ServerInfoRequest" do
     end
-    add_message "cerbos.request.v1.ListPoliciesRequest" do
-    end
-    add_message "cerbos.request.v1.GetPolicyRequest" do
-      repeated :id, :string, 1, json_name: "id"
-    end
-    add_message "cerbos.request.v1.AddOrUpdateSchemaRequest" do
-      repeated :schemas, :message, 1, "cerbos.schema.v1.Schema", json_name: "schemas"
-    end
-    add_message "cerbos.request.v1.ListSchemasRequest" do
-    end
-    add_message "cerbos.request.v1.GetSchemaRequest" do
-      repeated :id, :string, 1, json_name: "id"
-    end
-    add_message "cerbos.request.v1.DeleteSchemaRequest" do
-      repeated :id, :string, 1, json_name: "id"
-    end
-    add_message "cerbos.request.v1.ReloadStoreRequest" do
-      optional :wait, :bool, 1, json_name: "wait"
-    end
   end
 end
 
@@ -156,23 +82,7 @@ module Cerbos::Protobuf::Cerbos
       CheckResourcesRequest::ResourceEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.CheckResourcesRequest.ResourceEntry").msgclass
       AuxData = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AuxData").msgclass
       AuxData::JWT = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AuxData.JWT").msgclass
-      File = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.File").msgclass
-      PlaygroundValidateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundValidateRequest").msgclass
-      PlaygroundTestRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundTestRequest").msgclass
-      PlaygroundEvaluateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundEvaluateRequest").msgclass
-      PlaygroundProxyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundProxyRequest").msgclass
-      AddOrUpdatePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AddOrUpdatePolicyRequest").msgclass
-      ListAuditLogEntriesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest").msgclass
-      ListAuditLogEntriesRequest::TimeRange = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange").msgclass
-      ListAuditLogEntriesRequest::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest.Kind").enummodule
       ServerInfoRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ServerInfoRequest").msgclass
-      ListPoliciesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListPoliciesRequest").msgclass
-      GetPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.GetPolicyRequest").msgclass
-      AddOrUpdateSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AddOrUpdateSchemaRequest").msgclass
-      ListSchemasRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListSchemasRequest").msgclass
-      GetSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.GetSchemaRequest").msgclass
-      DeleteSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.DeleteSchemaRequest").msgclass
-      ReloadStoreRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ReloadStoreRequest").msgclass
     end
   end
 end