cerbos 0.5.0 → 0.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e1c86d3d658d13d5226bad856d440ce3a511e260fb7c7a1d0df57ab6c1368584
4
- data.tar.gz: b776cb441ca8011e80c43fa2647aa36e7640873290086c3b04cd6233b0192f4c
3
+ metadata.gz: e66a450c22c146b4372b0ebd4cfd1e950d3824c78e8d24209275ee41020aa3d1
4
+ data.tar.gz: 5f3d5aeb480e91d3918ad3065badb211d9572991b7e729ea4847732655d6bf30
5
5
  SHA512:
6
- metadata.gz: b13e093563c7ad60ac1b524dffee33b22fb1d553b433d0927063ff61b4ba10b2aa3516ac309f03384848b40913776605ea7b922fce906d2c6dbe43f8c175dd19
7
- data.tar.gz: '039c5611d71e663451ecb192efaa91fe63a09f81de902b21ec67dee270374170e0fd08db61eee9b3b43283bca8299cd362bccb16a010670e77f9017ecf0a5932'
6
+ metadata.gz: 8de09b89a42c31f5a5283adf91ac8f1af0cfde2d660a8a47443ac6a28fb814a658991fbbd74a5bebcf95dd2382bfd0215b5dac6c27343cac0ad5345211bf38cf
7
+ data.tar.gz: 88a4ce5be4f53fcd7df994494e4190b49587159d2a93ae2ee828afa557c3ace338731c21c27f99c5eb69fff9592ef90c1e7fb0e2e7b5b76c82787b06fdc0f4e9
data/CHANGELOG.md CHANGED
@@ -1,6 +1,20 @@
1
1
  ## [Unreleased]
2
2
  No notable changes.
3
3
 
4
+ ## [0.6.1] - 2023-03-23
5
+ ### Removed
6
+ - Unused generated code ([#83](https://github.com/cerbos/cerbos-sdk-ruby/pull/83))
7
+
8
+ ## [0.6.0] - 2022-07-01
9
+ ### Added
10
+ - Support for schema validation in `Cerbos::Client#plan_resources` ([#32](https://github.com/cerbos/cerbos-sdk-ruby/pull/32))
11
+
12
+ Requires Cerbos 0.19+.
13
+ `Cerbos::Output::PlanResources#validation_errors` will always return an empty array if the client is connected to an earlier version of Cerbos.
14
+
15
+ As a result, `Cerbos::Output::CheckResources::Result::ValidationError` has moved to `Cerbos::Output::ValidationError`.
16
+ Attempting to access the class via the old namespace will print a deprecation warning and return the new class.
17
+
4
18
  ## [0.5.0] - 2022-06-09
5
19
  ### Added
6
20
  - Allow symbol keys in nested attributes hashes ([#28](https://github.com/cerbos/cerbos-sdk-ruby/pull/28))
@@ -26,7 +40,9 @@ No notable changes.
26
40
  ### Added
27
41
  - Initial implementation of `Cerbos::Client` ([#2](https://github.com/cerbos/cerbos-sdk-ruby/pull/2))
28
42
 
29
- [Unreleased]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.5.0...HEAD
43
+ [Unreleased]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.6.1...HEAD
44
+ [0.6.1]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.6.0...v0.6.1
45
+ [0.6.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.5.0...v0.6.0
30
46
  [0.5.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.4.0...v0.5.0
31
47
  [0.4.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.3.0...v0.4.0
32
48
  [0.3.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.2.0...v0.3.0
data/lib/cerbos/client.rb CHANGED
@@ -187,7 +187,9 @@ module Cerbos
187
187
 
188
188
  response = perform_request(@cerbos_service, :plan_resources, request)
189
189
 
190
- Output::PlanResources.from_protobuf(response)
190
+ Output::PlanResources.from_protobuf(response).tap do |output|
191
+ handle_validation_errors output
192
+ end
191
193
  end
192
194
  end
193
195
 
@@ -221,7 +223,7 @@ module Cerbos
221
223
  def handle_validation_errors(output)
222
224
  return if @on_validation_error == :return
223
225
 
224
- validation_errors = output.results.flat_map(&:validation_errors)
226
+ validation_errors = output.validation_errors
225
227
  return if validation_errors.empty?
226
228
 
227
229
  raise Error::ValidationFailed.new(validation_errors) if @on_validation_error == :raise
@@ -55,6 +55,13 @@ module Cerbos
55
55
  results.find { |result| matching_resource?(search, result.resource) }
56
56
  end
57
57
 
58
+ # List unique schema validation errors for the principal or resource attributes.
59
+ #
60
+ # @return [Array<ValidationError>]
61
+ def validation_errors
62
+ results.flat_map(&:validation_errors).uniq
63
+ end
64
+
58
65
  private
59
66
 
60
67
  def matching_resource?(search, candidate)
@@ -88,11 +95,21 @@ module Cerbos
88
95
  # @return [Metadata]
89
96
  # @return [nil] if `include_metadata` was `false`.
90
97
 
98
+ # @private
99
+ def self.const_missing(const)
100
+ if const == :ValidationError
101
+ warn "#{name}::ValidationError is deprecated; use #{ValidationError.name} instead (called from #{caller(1..1).first})"
102
+ return ValidationError
103
+ end
104
+
105
+ super
106
+ end
107
+
91
108
  def self.from_protobuf(entry)
92
109
  new(
93
110
  resource: CheckResources::Result::Resource.from_protobuf(entry.resource),
94
111
  actions: entry.actions.to_h,
95
- validation_errors: (entry.validation_errors || []).map { |validation_error| CheckResources::Result::ValidationError.from_protobuf(validation_error) },
112
+ validation_errors: (entry.validation_errors || []).map { |validation_error| ValidationError.from_protobuf(validation_error) },
96
113
  metadata: CheckResources::Result::Metadata.from_protobuf(entry.meta)
97
114
  )
98
115
  end
@@ -154,46 +171,6 @@ module Cerbos
154
171
  end
155
172
  end
156
173
 
157
- # An error that occurred while validating the principal or resource attributes against a schema.
158
- CheckResources::Result::ValidationError = Output.new_class(:path, :message, :source) do
159
- # @!attribute [r] path
160
- # The path to the attribute that failed validation.
161
- #
162
- # @return [String]
163
-
164
- # @!attribute [r] message
165
- # The error message.
166
- #
167
- # @return [String]
168
-
169
- # @!attribute [r] source
170
- # The source of the invalid attributes.
171
- #
172
- # @return [:SOURCE_PRINCIPAL, :SOURCE_RESOURCE]
173
-
174
- def self.from_protobuf(validation_error)
175
- new(
176
- path: validation_error.path,
177
- message: validation_error.message,
178
- source: validation_error.source
179
- )
180
- end
181
-
182
- # Check if the principal's attributes failed schema validation.
183
- #
184
- # @return [Boolean]
185
- def from_principal?
186
- source == :SOURCE_PRINCIPAL
187
- end
188
-
189
- # Check if the resource's attributes failed schema validation.
190
- #
191
- # @return [Boolean]
192
- def from_resource?
193
- source == :SOURCE_RESOURCE
194
- end
195
- end
196
-
197
174
  # Additional information about how policy decisions were reached.
198
175
  CheckResources::Result::Metadata = Output.new_class(:actions, :effective_derived_roles) do
199
176
  # @!attribute [r] actions
@@ -5,7 +5,7 @@ module Cerbos
5
5
  # A query plan that can be used to obtain a list of resources on which a principal is allowed to perform a particular action.
6
6
  #
7
7
  # @see Client#plan_resources
8
- PlanResources = Output.new_class(:request_id, :kind, :condition, :metadata) do
8
+ PlanResources = Output.new_class(:request_id, :kind, :condition, :validation_errors, :metadata) do
9
9
  # @!attribute [r] request_id
10
10
  # The identifier for tracing the request.
11
11
  #
@@ -26,6 +26,11 @@ module Cerbos
26
26
  # @see #always_denied?
27
27
  # @see #conditional?
28
28
 
29
+ # @!attribute [r] validation_errors
30
+ # Any schema validation errors for the principal or resource attributes.
31
+ #
32
+ # @return [Array<ValidationError>]
33
+
29
34
  # @!attribute [r] metadata
30
35
  # Additional information about the query plan.
31
36
  #
@@ -37,6 +42,7 @@ module Cerbos
37
42
  request_id: plan_resources.request_id,
38
43
  kind: plan_resources.filter.kind,
39
44
  condition: PlanResources::Expression::Operand.from_protobuf(plan_resources.filter.condition),
45
+ validation_errors: (plan_resources.validation_errors || []).map { |validation_error| ValidationError.from_protobuf(validation_error) },
40
46
  metadata: PlanResources::Metadata.from_protobuf(plan_resources.meta)
41
47
  )
42
48
  end
@@ -0,0 +1,45 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Cerbos
4
+ module Output
5
+ # An error that occurred while validating the principal or resource attributes against a schema.
6
+ ValidationError = Output.new_class(:path, :message, :source) do
7
+ # @!attribute [r] path
8
+ # The path to the attribute that failed validation.
9
+ #
10
+ # @return [String]
11
+
12
+ # @!attribute [r] message
13
+ # The error message.
14
+ #
15
+ # @return [String]
16
+
17
+ # @!attribute [r] source
18
+ # The source of the invalid attributes.
19
+ #
20
+ # @return [:SOURCE_PRINCIPAL, :SOURCE_RESOURCE]
21
+
22
+ def self.from_protobuf(validation_error)
23
+ new(
24
+ path: validation_error.path,
25
+ message: validation_error.message,
26
+ source: validation_error.source
27
+ )
28
+ end
29
+
30
+ # Check if the principal's attributes failed schema validation.
31
+ #
32
+ # @return [Boolean]
33
+ def from_principal?
34
+ source == :SOURCE_PRINCIPAL
35
+ end
36
+
37
+ # Check if the resource's attributes failed schema validation.
38
+ #
39
+ # @return [Boolean]
40
+ def from_resource?
41
+ source == :SOURCE_RESOURCE
42
+ end
43
+ end
44
+ end
45
+ end
data/lib/cerbos/output.rb CHANGED
@@ -32,6 +32,7 @@ module Cerbos
32
32
  end
33
33
  end
34
34
 
35
+ require_relative "output/validation_error"
35
36
  require_relative "output/check_resources"
36
37
  require_relative "output/plan_resources"
37
38
  require_relative "output/server_info"
@@ -3,23 +3,12 @@
3
3
 
4
4
  require 'google/protobuf'
5
5
 
6
- require 'cerbos/protobuf/cerbos/effect/v1/effect_pb'
7
- require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
8
- require 'cerbos/protobuf/google/api/expr/v1alpha1/checked_pb'
9
- require 'cerbos/protobuf/google/api/field_behavior_pb'
10
6
  require 'google/protobuf/struct_pb'
11
7
  require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
12
- require 'cerbos/protobuf/validate/validate_pb'
13
8
 
14
9
  Google::Protobuf::DescriptorPool.generated_pool.build do
15
10
  add_file("cerbos/engine/v1/engine.proto", :syntax => :proto3) do
16
11
  add_message "cerbos.engine.v1.PlanResourcesInput" do
17
- optional :request_id, :string, 1, json_name: "requestId"
18
- optional :action, :string, 2, json_name: "action"
19
- optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
20
- optional :resource, :message, 4, "cerbos.engine.v1.PlanResourcesInput.Resource", json_name: "resource"
21
- optional :aux_data, :message, 5, "cerbos.engine.v1.AuxData", json_name: "auxData"
22
- optional :include_meta, :bool, 6, json_name: "includeMeta"
23
12
  end
24
13
  add_message "cerbos.engine.v1.PlanResourcesInput.Resource" do
25
14
  optional :kind, :string, 1, json_name: "kind"
@@ -27,25 +16,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
27
16
  optional :policy_version, :string, 3, json_name: "policyVersion"
28
17
  optional :scope, :string, 4, json_name: "scope"
29
18
  end
30
- add_message "cerbos.engine.v1.PlanResourcesAst" do
31
- optional :filter_ast, :message, 1, "cerbos.engine.v1.PlanResourcesAst.Node", json_name: "filterAst"
32
- end
33
- add_message "cerbos.engine.v1.PlanResourcesAst.Node" do
34
- oneof :node do
35
- optional :logical_operation, :message, 1, "cerbos.engine.v1.PlanResourcesAst.LogicalOperation", json_name: "logicalOperation"
36
- optional :expression, :message, 2, "google.api.expr.v1alpha1.CheckedExpr", json_name: "expression"
37
- end
38
- end
39
- add_message "cerbos.engine.v1.PlanResourcesAst.LogicalOperation" do
40
- optional :operator, :enum, 1, "cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator", json_name: "operator"
41
- repeated :nodes, :message, 2, "cerbos.engine.v1.PlanResourcesAst.Node", json_name: "nodes"
42
- end
43
- add_enum "cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator" do
44
- value :OPERATOR_UNSPECIFIED, 0
45
- value :OPERATOR_AND, 1
46
- value :OPERATOR_OR, 2
47
- value :OPERATOR_NOT, 3
48
- end
49
19
  add_message "cerbos.engine.v1.PlanResourcesFilter" do
50
20
  optional :kind, :enum, 1, "cerbos.engine.v1.PlanResourcesFilter.Kind", json_name: "kind"
51
21
  optional :condition, :message, 2, "cerbos.engine.v1.PlanResourcesFilter.Expression.Operand", json_name: "condition"
@@ -67,34 +37,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
67
37
  value :KIND_ALWAYS_DENIED, 2
68
38
  value :KIND_CONDITIONAL, 3
69
39
  end
70
- add_message "cerbos.engine.v1.PlanResourcesOutput" do
71
- optional :request_id, :string, 1, json_name: "requestId"
72
- optional :action, :string, 2, json_name: "action"
73
- optional :kind, :string, 3, json_name: "kind"
74
- optional :policy_version, :string, 4, json_name: "policyVersion"
75
- optional :scope, :string, 5, json_name: "scope"
76
- optional :filter, :message, 6, "cerbos.engine.v1.PlanResourcesFilter", json_name: "filter"
77
- optional :filter_debug, :string, 7, json_name: "filterDebug"
78
- end
79
- add_message "cerbos.engine.v1.CheckInput" do
80
- optional :request_id, :string, 1, json_name: "requestId"
81
- optional :resource, :message, 2, "cerbos.engine.v1.Resource", json_name: "resource"
82
- optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
83
- repeated :actions, :string, 4, json_name: "actions"
84
- optional :aux_data, :message, 5, "cerbos.engine.v1.AuxData", json_name: "auxData"
85
- end
86
- add_message "cerbos.engine.v1.CheckOutput" do
87
- optional :request_id, :string, 1, json_name: "requestId"
88
- optional :resource_id, :string, 2, json_name: "resourceId"
89
- map :actions, :string, :message, 3, "cerbos.engine.v1.CheckOutput.ActionEffect"
90
- repeated :effective_derived_roles, :string, 4, json_name: "effectiveDerivedRoles"
91
- repeated :validation_errors, :message, 5, "cerbos.schema.v1.ValidationError", json_name: "validationErrors"
92
- end
93
- add_message "cerbos.engine.v1.CheckOutput.ActionEffect" do
94
- optional :effect, :enum, 1, "cerbos.effect.v1.Effect", json_name: "effect"
95
- optional :policy, :string, 2, json_name: "policy"
96
- optional :scope, :string, 3, json_name: "scope"
97
- end
98
40
  add_message "cerbos.engine.v1.Resource" do
99
41
  optional :kind, :string, 1, json_name: "kind"
100
42
  optional :policy_version, :string, 2, json_name: "policyVersion"
@@ -109,59 +51,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
109
51
  map :attr, :string, :message, 4, "google.protobuf.Value"
110
52
  optional :scope, :string, 5, json_name: "scope"
111
53
  end
112
- add_message "cerbos.engine.v1.AuxData" do
113
- map :jwt, :string, :message, 1, "google.protobuf.Value"
114
- end
115
- add_message "cerbos.engine.v1.Trace" do
116
- repeated :components, :message, 1, "cerbos.engine.v1.Trace.Component", json_name: "components"
117
- optional :event, :message, 2, "cerbos.engine.v1.Trace.Event", json_name: "event"
118
- end
119
- add_message "cerbos.engine.v1.Trace.Component" do
120
- optional :kind, :enum, 1, "cerbos.engine.v1.Trace.Component.Kind", json_name: "kind"
121
- oneof :details do
122
- optional :action, :string, 2, json_name: "action"
123
- optional :derived_role, :string, 3, json_name: "derivedRole"
124
- optional :expr, :string, 4, json_name: "expr"
125
- optional :index, :uint32, 5, json_name: "index"
126
- optional :policy, :string, 6, json_name: "policy"
127
- optional :resource, :string, 7, json_name: "resource"
128
- optional :rule, :string, 8, json_name: "rule"
129
- optional :scope, :string, 9, json_name: "scope"
130
- optional :variable, :message, 10, "cerbos.engine.v1.Trace.Component.Variable", json_name: "variable"
131
- end
132
- end
133
- add_message "cerbos.engine.v1.Trace.Component.Variable" do
134
- optional :name, :string, 1, json_name: "name"
135
- optional :expr, :string, 2, json_name: "expr"
136
- end
137
- add_enum "cerbos.engine.v1.Trace.Component.Kind" do
138
- value :KIND_UNSPECIFIED, 0
139
- value :KIND_ACTION, 1
140
- value :KIND_CONDITION_ALL, 2
141
- value :KIND_CONDITION_ANY, 3
142
- value :KIND_CONDITION_NONE, 4
143
- value :KIND_CONDITION, 5
144
- value :KIND_DERIVED_ROLE, 6
145
- value :KIND_EXPR, 7
146
- value :KIND_POLICY, 8
147
- value :KIND_RESOURCE, 9
148
- value :KIND_RULE, 10
149
- value :KIND_SCOPE, 11
150
- value :KIND_VARIABLE, 12
151
- value :KIND_VARIABLES, 13
152
- end
153
- add_message "cerbos.engine.v1.Trace.Event" do
154
- optional :status, :enum, 1, "cerbos.engine.v1.Trace.Event.Status", json_name: "status"
155
- optional :effect, :enum, 2, "cerbos.effect.v1.Effect", json_name: "effect"
156
- optional :error, :string, 3, json_name: "error"
157
- optional :message, :string, 4, json_name: "message"
158
- optional :result, :message, 5, "google.protobuf.Value", json_name: "result"
159
- end
160
- add_enum "cerbos.engine.v1.Trace.Event.Status" do
161
- value :STATUS_UNSPECIFIED, 0
162
- value :STATUS_ACTIVATED, 1
163
- value :STATUS_SKIPPED, 2
164
- end
165
54
  end
166
55
  end
167
56
 
@@ -170,27 +59,12 @@ module Cerbos::Protobuf::Cerbos
170
59
  module V1
171
60
  PlanResourcesInput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesInput").msgclass
172
61
  PlanResourcesInput::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesInput.Resource").msgclass
173
- PlanResourcesAst = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst").msgclass
174
- PlanResourcesAst::Node = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.Node").msgclass
175
- PlanResourcesAst::LogicalOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.LogicalOperation").msgclass
176
- PlanResourcesAst::LogicalOperation::Operator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator").enummodule
177
62
  PlanResourcesFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter").msgclass
178
63
  PlanResourcesFilter::Expression = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Expression").msgclass
179
64
  PlanResourcesFilter::Expression::Operand = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Expression.Operand").msgclass
180
65
  PlanResourcesFilter::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Kind").enummodule
181
- PlanResourcesOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput").msgclass
182
- CheckInput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckInput").msgclass
183
- CheckOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckOutput").msgclass
184
- CheckOutput::ActionEffect = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckOutput.ActionEffect").msgclass
185
66
  Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Resource").msgclass
186
67
  Principal = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Principal").msgclass
187
- AuxData = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.AuxData").msgclass
188
- Trace = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace").msgclass
189
- Trace::Component = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Component").msgclass
190
- Trace::Component::Variable = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Component.Variable").msgclass
191
- Trace::Component::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Component.Kind").enummodule
192
- Trace::Event = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Event").msgclass
193
- Trace::Event::Status = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Trace.Event.Status").enummodule
194
68
  end
195
69
  end
196
70
  end
@@ -4,12 +4,8 @@
4
4
  require 'google/protobuf'
5
5
 
6
6
  require 'cerbos/protobuf/cerbos/engine/v1/engine_pb'
7
- require 'cerbos/protobuf/cerbos/policy/v1/policy_pb'
8
- require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
9
7
  require 'cerbos/protobuf/google/api/field_behavior_pb'
10
- require 'google/protobuf/duration_pb'
11
8
  require 'google/protobuf/struct_pb'
12
- require 'google/protobuf/timestamp_pb'
13
9
  require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
14
10
  require 'cerbos/protobuf/validate/validate_pb'
15
11
 
@@ -68,78 +64,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
68
64
  optional :token, :string, 1, json_name: "token"
69
65
  optional :key_set_id, :string, 2, json_name: "keySetId"
70
66
  end
71
- add_message "cerbos.request.v1.File" do
72
- optional :file_name, :string, 1, json_name: "fileName"
73
- optional :contents, :bytes, 2, json_name: "contents"
74
- end
75
- add_message "cerbos.request.v1.PlaygroundValidateRequest" do
76
- optional :playground_id, :string, 1, json_name: "playgroundId"
77
- repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
78
- end
79
- add_message "cerbos.request.v1.PlaygroundTestRequest" do
80
- optional :playground_id, :string, 1, json_name: "playgroundId"
81
- repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
82
- end
83
- add_message "cerbos.request.v1.PlaygroundEvaluateRequest" do
84
- optional :playground_id, :string, 1, json_name: "playgroundId"
85
- repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
86
- optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
87
- optional :resource, :message, 4, "cerbos.engine.v1.Resource", json_name: "resource"
88
- repeated :actions, :string, 5, json_name: "actions"
89
- optional :aux_data, :message, 6, "cerbos.request.v1.AuxData", json_name: "auxData"
90
- end
91
- add_message "cerbos.request.v1.PlaygroundProxyRequest" do
92
- optional :playground_id, :string, 1, json_name: "playgroundId"
93
- repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
94
- oneof :proxy_request do
95
- optional :check_resource_set, :message, 3, "cerbos.request.v1.CheckResourceSetRequest", json_name: "checkResourceSet"
96
- optional :check_resource_batch, :message, 4, "cerbos.request.v1.CheckResourceBatchRequest", json_name: "checkResourceBatch"
97
- optional :plan_resources, :message, 5, "cerbos.request.v1.PlanResourcesRequest", json_name: "planResources"
98
- optional :check_resources, :message, 6, "cerbos.request.v1.CheckResourcesRequest", json_name: "checkResources"
99
- end
100
- end
101
- add_message "cerbos.request.v1.AddOrUpdatePolicyRequest" do
102
- repeated :policies, :message, 1, "cerbos.policy.v1.Policy", json_name: "policies"
103
- end
104
- add_message "cerbos.request.v1.ListAuditLogEntriesRequest" do
105
- optional :kind, :enum, 1, "cerbos.request.v1.ListAuditLogEntriesRequest.Kind", json_name: "kind"
106
- oneof :filter do
107
- optional :tail, :uint32, 2, json_name: "tail"
108
- optional :between, :message, 3, "cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange", json_name: "between"
109
- optional :since, :message, 4, "google.protobuf.Duration", json_name: "since"
110
- optional :lookup, :string, 5, json_name: "lookup"
111
- end
112
- end
113
- add_message "cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange" do
114
- optional :start, :message, 1, "google.protobuf.Timestamp", json_name: "start"
115
- optional :end, :message, 2, "google.protobuf.Timestamp", json_name: "end"
116
- end
117
- add_enum "cerbos.request.v1.ListAuditLogEntriesRequest.Kind" do
118
- value :KIND_UNSPECIFIED, 0
119
- value :KIND_ACCESS, 1
120
- value :KIND_DECISION, 2
121
- end
122
67
  add_message "cerbos.request.v1.ServerInfoRequest" do
123
68
  end
124
- add_message "cerbos.request.v1.ListPoliciesRequest" do
125
- end
126
- add_message "cerbos.request.v1.GetPolicyRequest" do
127
- repeated :id, :string, 1, json_name: "id"
128
- end
129
- add_message "cerbos.request.v1.AddOrUpdateSchemaRequest" do
130
- repeated :schemas, :message, 1, "cerbos.schema.v1.Schema", json_name: "schemas"
131
- end
132
- add_message "cerbos.request.v1.ListSchemasRequest" do
133
- end
134
- add_message "cerbos.request.v1.GetSchemaRequest" do
135
- repeated :id, :string, 1, json_name: "id"
136
- end
137
- add_message "cerbos.request.v1.DeleteSchemaRequest" do
138
- repeated :id, :string, 1, json_name: "id"
139
- end
140
- add_message "cerbos.request.v1.ReloadStoreRequest" do
141
- optional :wait, :bool, 1, json_name: "wait"
142
- end
143
69
  end
144
70
  end
145
71
 
@@ -156,23 +82,7 @@ module Cerbos::Protobuf::Cerbos
156
82
  CheckResourcesRequest::ResourceEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.CheckResourcesRequest.ResourceEntry").msgclass
157
83
  AuxData = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AuxData").msgclass
158
84
  AuxData::JWT = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AuxData.JWT").msgclass
159
- File = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.File").msgclass
160
- PlaygroundValidateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundValidateRequest").msgclass
161
- PlaygroundTestRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundTestRequest").msgclass
162
- PlaygroundEvaluateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundEvaluateRequest").msgclass
163
- PlaygroundProxyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundProxyRequest").msgclass
164
- AddOrUpdatePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AddOrUpdatePolicyRequest").msgclass
165
- ListAuditLogEntriesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest").msgclass
166
- ListAuditLogEntriesRequest::TimeRange = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange").msgclass
167
- ListAuditLogEntriesRequest::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest.Kind").enummodule
168
85
  ServerInfoRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ServerInfoRequest").msgclass
169
- ListPoliciesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListPoliciesRequest").msgclass
170
- GetPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.GetPolicyRequest").msgclass
171
- AddOrUpdateSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AddOrUpdateSchemaRequest").msgclass
172
- ListSchemasRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListSchemasRequest").msgclass
173
- GetSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.GetSchemaRequest").msgclass
174
- DeleteSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.DeleteSchemaRequest").msgclass
175
- ReloadStoreRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ReloadStoreRequest").msgclass
176
86
  end
177
87
  end
178
88
  end