cerbos 0.6.0 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +36 -2
- data/README.md +1 -1
- data/cerbos.gemspec +1 -1
- data/lib/cerbos/output/check_resources.rb +38 -3
- data/lib/cerbos/protobuf/cerbos/effect/v1/effect_pb.rb +24 -7
- data/lib/cerbos/protobuf/cerbos/engine/v1/engine_pb.rb +26 -171
- data/lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb +26 -146
- data/lib/cerbos/protobuf/cerbos/response/v1/response_pb.rb +26 -171
- data/lib/cerbos/protobuf/cerbos/schema/v1/schema_pb.rb +23 -19
- data/lib/cerbos/protobuf/cerbos/svc/v1/svc_pb.rb +27 -2
- data/lib/cerbos/protobuf/cerbos/svc/v1/svc_services_pb.rb +1 -40
- data/lib/cerbos/protobuf/google/api/annotations_pb.rb +26 -2
- data/lib/cerbos/protobuf/google/api/field_behavior_pb.rb +24 -11
- data/lib/cerbos/protobuf/google/api/http_pb.rb +24 -24
- data/lib/cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb.rb +26 -2
- data/lib/cerbos/protobuf/protoc-gen-openapiv2/options/openapiv2_pb.rb +29 -160
- data/lib/cerbos/protobuf/validate/validate_pb.rb +26 -254
- data/lib/cerbos/version.rb +1 -1
- metadata +5 -10
- data/lib/cerbos/protobuf/cerbos/audit/v1/audit_pb.rb +0 -64
- data/lib/cerbos/protobuf/cerbos/policy/v1/policy_pb.rb +0 -247
- data/lib/cerbos/protobuf/cerbos/telemetry/v1/telemetry_pb.rb +0 -123
- data/lib/cerbos/protobuf/google/api/expr/v1alpha1/checked_pb.rb +0 -117
- data/lib/cerbos/protobuf/google/api/expr/v1alpha1/syntax_pb.rb +0 -113
@@ -1,146 +1,42 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
3
|
# source: cerbos/request/v1/request.proto
|
3
4
|
|
4
5
|
require 'google/protobuf'
|
5
6
|
|
6
7
|
require 'cerbos/protobuf/cerbos/engine/v1/engine_pb'
|
7
|
-
require 'cerbos/protobuf/cerbos/policy/v1/policy_pb'
|
8
|
-
require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
|
9
8
|
require 'cerbos/protobuf/google/api/field_behavior_pb'
|
10
|
-
require 'google/protobuf/duration_pb'
|
11
9
|
require 'google/protobuf/struct_pb'
|
12
|
-
require 'google/protobuf/timestamp_pb'
|
13
10
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
14
11
|
require 'cerbos/protobuf/validate/validate_pb'
|
15
12
|
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
end
|
40
|
-
add_message "cerbos.request.v1.AttributesMap" do
|
41
|
-
map :attr, :string, :message, 1, "google.protobuf.Value"
|
42
|
-
end
|
43
|
-
add_message "cerbos.request.v1.CheckResourceBatchRequest" do
|
44
|
-
optional :request_id, :string, 1, json_name: "requestId"
|
45
|
-
optional :principal, :message, 2, "cerbos.engine.v1.Principal", json_name: "principal"
|
46
|
-
repeated :resources, :message, 3, "cerbos.request.v1.CheckResourceBatchRequest.BatchEntry", json_name: "resources"
|
47
|
-
optional :aux_data, :message, 4, "cerbos.request.v1.AuxData", json_name: "auxData"
|
48
|
-
end
|
49
|
-
add_message "cerbos.request.v1.CheckResourceBatchRequest.BatchEntry" do
|
50
|
-
repeated :actions, :string, 1, json_name: "actions"
|
51
|
-
optional :resource, :message, 2, "cerbos.engine.v1.Resource", json_name: "resource"
|
52
|
-
end
|
53
|
-
add_message "cerbos.request.v1.CheckResourcesRequest" do
|
54
|
-
optional :request_id, :string, 1, json_name: "requestId"
|
55
|
-
optional :include_meta, :bool, 2, json_name: "includeMeta"
|
56
|
-
optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
|
57
|
-
repeated :resources, :message, 4, "cerbos.request.v1.CheckResourcesRequest.ResourceEntry", json_name: "resources"
|
58
|
-
optional :aux_data, :message, 5, "cerbos.request.v1.AuxData", json_name: "auxData"
|
59
|
-
end
|
60
|
-
add_message "cerbos.request.v1.CheckResourcesRequest.ResourceEntry" do
|
61
|
-
repeated :actions, :string, 1, json_name: "actions"
|
62
|
-
optional :resource, :message, 2, "cerbos.engine.v1.Resource", json_name: "resource"
|
63
|
-
end
|
64
|
-
add_message "cerbos.request.v1.AuxData" do
|
65
|
-
optional :jwt, :message, 1, "cerbos.request.v1.AuxData.JWT", json_name: "jwt"
|
66
|
-
end
|
67
|
-
add_message "cerbos.request.v1.AuxData.JWT" do
|
68
|
-
optional :token, :string, 1, json_name: "token"
|
69
|
-
optional :key_set_id, :string, 2, json_name: "keySetId"
|
70
|
-
end
|
71
|
-
add_message "cerbos.request.v1.File" do
|
72
|
-
optional :file_name, :string, 1, json_name: "fileName"
|
73
|
-
optional :contents, :bytes, 2, json_name: "contents"
|
74
|
-
end
|
75
|
-
add_message "cerbos.request.v1.PlaygroundValidateRequest" do
|
76
|
-
optional :playground_id, :string, 1, json_name: "playgroundId"
|
77
|
-
repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
|
78
|
-
end
|
79
|
-
add_message "cerbos.request.v1.PlaygroundTestRequest" do
|
80
|
-
optional :playground_id, :string, 1, json_name: "playgroundId"
|
81
|
-
repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
|
82
|
-
end
|
83
|
-
add_message "cerbos.request.v1.PlaygroundEvaluateRequest" do
|
84
|
-
optional :playground_id, :string, 1, json_name: "playgroundId"
|
85
|
-
repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
|
86
|
-
optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
|
87
|
-
optional :resource, :message, 4, "cerbos.engine.v1.Resource", json_name: "resource"
|
88
|
-
repeated :actions, :string, 5, json_name: "actions"
|
89
|
-
optional :aux_data, :message, 6, "cerbos.request.v1.AuxData", json_name: "auxData"
|
90
|
-
end
|
91
|
-
add_message "cerbos.request.v1.PlaygroundProxyRequest" do
|
92
|
-
optional :playground_id, :string, 1, json_name: "playgroundId"
|
93
|
-
repeated :files, :message, 2, "cerbos.request.v1.File", json_name: "files"
|
94
|
-
oneof :proxy_request do
|
95
|
-
optional :check_resource_set, :message, 3, "cerbos.request.v1.CheckResourceSetRequest", json_name: "checkResourceSet"
|
96
|
-
optional :check_resource_batch, :message, 4, "cerbos.request.v1.CheckResourceBatchRequest", json_name: "checkResourceBatch"
|
97
|
-
optional :plan_resources, :message, 5, "cerbos.request.v1.PlanResourcesRequest", json_name: "planResources"
|
98
|
-
optional :check_resources, :message, 6, "cerbos.request.v1.CheckResourcesRequest", json_name: "checkResources"
|
99
|
-
end
|
100
|
-
end
|
101
|
-
add_message "cerbos.request.v1.AddOrUpdatePolicyRequest" do
|
102
|
-
repeated :policies, :message, 1, "cerbos.policy.v1.Policy", json_name: "policies"
|
103
|
-
end
|
104
|
-
add_message "cerbos.request.v1.ListAuditLogEntriesRequest" do
|
105
|
-
optional :kind, :enum, 1, "cerbos.request.v1.ListAuditLogEntriesRequest.Kind", json_name: "kind"
|
106
|
-
oneof :filter do
|
107
|
-
optional :tail, :uint32, 2, json_name: "tail"
|
108
|
-
optional :between, :message, 3, "cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange", json_name: "between"
|
109
|
-
optional :since, :message, 4, "google.protobuf.Duration", json_name: "since"
|
110
|
-
optional :lookup, :string, 5, json_name: "lookup"
|
111
|
-
end
|
112
|
-
end
|
113
|
-
add_message "cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange" do
|
114
|
-
optional :start, :message, 1, "google.protobuf.Timestamp", json_name: "start"
|
115
|
-
optional :end, :message, 2, "google.protobuf.Timestamp", json_name: "end"
|
116
|
-
end
|
117
|
-
add_enum "cerbos.request.v1.ListAuditLogEntriesRequest.Kind" do
|
118
|
-
value :KIND_UNSPECIFIED, 0
|
119
|
-
value :KIND_ACCESS, 1
|
120
|
-
value :KIND_DECISION, 2
|
121
|
-
end
|
122
|
-
add_message "cerbos.request.v1.ServerInfoRequest" do
|
123
|
-
end
|
124
|
-
add_message "cerbos.request.v1.ListPoliciesRequest" do
|
125
|
-
end
|
126
|
-
add_message "cerbos.request.v1.GetPolicyRequest" do
|
127
|
-
repeated :id, :string, 1, json_name: "id"
|
128
|
-
end
|
129
|
-
add_message "cerbos.request.v1.AddOrUpdateSchemaRequest" do
|
130
|
-
repeated :schemas, :message, 1, "cerbos.schema.v1.Schema", json_name: "schemas"
|
131
|
-
end
|
132
|
-
add_message "cerbos.request.v1.ListSchemasRequest" do
|
133
|
-
end
|
134
|
-
add_message "cerbos.request.v1.GetSchemaRequest" do
|
135
|
-
repeated :id, :string, 1, json_name: "id"
|
136
|
-
end
|
137
|
-
add_message "cerbos.request.v1.DeleteSchemaRequest" do
|
138
|
-
repeated :id, :string, 1, json_name: "id"
|
139
|
-
end
|
140
|
-
add_message "cerbos.request.v1.ReloadStoreRequest" do
|
141
|
-
optional :wait, :bool, 1, json_name: "wait"
|
13
|
+
|
14
|
+
descriptor_data = "\n\x1f\x63\x65rbos/request/v1/request.proto\x12\x11\x63\x65rbos.request.v1\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\x1a\x17validate/validate.proto\"\x83\x05\n\x14PlanResourcesRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12h\n\x06\x61\x63tion\x18\x02 \x01(\tBP\x92\x41\x43\x32\x32\x41\x63tion to be applied to each resource in the list.J\r\"view:public\"\xe0\x41\x02\xfa\x42\x04r\x02\x10\x01R\x06\x61\x63tion\x12\x46\n\tprincipal\x18\x03 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\x0b\xe0\x41\x02\xfa\x42\x05\x8a\x01\x02\x10\x01R\tprincipal\x12V\n\x08resource\x18\x04 \x01(\x0b\x32-.cerbos.engine.v1.PlanResourcesInput.ResourceB\x0b\xe0\x41\x02\xfa\x42\x05\x8a\x01\x02\x10\x01R\x08resource\x12:\n\x08\x61ux_data\x18\x05 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataB\x03\xe0\x41\x01R\x07\x61uxData\x12\x63\n\x0cinclude_meta\x18\x06 \x01(\x08\x42@\x92\x41=2;Opt to receive request processing metadata in the response.R\x0bincludeMeta:\'\x92\x41$\n\"2 PDP Resources Query Plan Request\"\x87\x05\n\x17\x43heckResourceSetRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x8c\x01\n\x07\x61\x63tions\x18\x02 \x03(\tBr\x92\x41\\28List of actions being performed on the set of resources.J\x1a[\"view:public\", \"comment\"]\xa8\x01\x01\xb0\x01\x01\xe0\x41\x02\xfa\x42\r\x92\x01\n\x08\x01\x18\x01\"\x04r\x02\x10\x01R\x07\x61\x63tions\x12\x46\n\tprincipal\x18\x03 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\x0b\xe0\x41\x02\xfa\x42\x05\x8a\x01\x02\x10\x01R\tprincipal\x12G\n\x08resource\x18\x04 \x01(\x0b\x32\x1e.cerbos.request.v1.ResourceSetB\x0b\xe0\x41\x02\xfa\x42\x05\x8a\x01\x02\x10\x01R\x08resource\x12\x63\n\x0cinclude_meta\x18\x05 \x01(\x08\x42@\x92\x41=2;Opt to receive request processing metadata in the response.R\x0bincludeMeta\x12:\n\x08\x61ux_data\x18\x06 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataB\x03\xe0\x41\x01R\x07\x61uxData:\x12\x92\x41\x0f\n\r2\x0bPDP Request\"\xaf\t\n\x0bResourceSet\x12\xc7\x01\n\x04kind\x18\x01 \x01(\tB\xb2\x01\x92\x41\x62\x32\x0eResource kind.J\x0e\"album:object\"\x8a\x01?^[[:alpha:]][[:word:]\\@\\.\\-]*(\\:[[:alpha:]][[:word:]\\@\\.\\-]*)*$\xe0\x41\x02\xfa\x42GrE\x10\x01\x32\x41^[[:alpha:]][[:word:]\\@\\.\\-/]*(\\:[[:alpha:]][[:word:]\\@\\.\\-/]*)*$R\x04kind\x12\xdc\x01\n\x0epolicy_version\x18\x02 \x01(\tB\xb4\x01\x92\x41\x99\x01\x32|The policy version to use to evaluate this request. If not specified, will default to the server-configured default version.J\t\"default\"\x8a\x01\r^[[:word:]]*$\xe0\x41\x01\xfa\x42\x11r\x0f\x32\r^[[:word:]]*$R\rpolicyVersion\x12\xeb\x02\n\tinstances\x18\x03 \x03(\x0b\x32-.cerbos.request.v1.ResourceSet.InstancesEntryB\x9d\x02\x92\x41\x8c\x02\x32mSet of resource instances to check. Each instance must be keyed by an application-specific unique identifier.J\x97\x01{\"XX125\":{\"attr\":{\"owner\":\"bugs_bunny\", \"public\": false, \"flagged\": false}}, \"XX225\":{\"attr\":{\"owner\":\"daffy_duck\", \"public\": true, \"flagged\": false}}}\xc8\x01\x01\xe0\x41\x02\xfa\x42\x07\x9a\x01\x04\x08\x01\x18\x01R\tinstances\x12\x86\x02\n\x05scope\x18\x04 \x01(\tB\xef\x01\x92\x41\xb2\x01\x32~A dot-separated scope that describes the hierarchy these resources belong to. This is used for determining policy inheritance.\x8a\x01/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$\xe0\x41\x01\xfa\x42\x33r12/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$R\x05scope\x1a^\n\x0eInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\x36\n\x05value\x18\x02 \x01(\x0b\x32 .cerbos.request.v1.AttributesMapR\x05value:\x02\x38\x01: \x92\x41\x1d\n\x1b\x32\x19Set of resources to check\"\xc9\x02\n\rAttributesMap\x12\xb1\x01\n\x04\x61ttr\x18\x01 \x03(\x0b\x32*.cerbos.request.v1.AttributesMap.AttrEntryBq\x92\x41\x66\x32\x64Key-value pairs of contextual data about this instance that should be used during policy evaluation.\xfa\x42\x05\x9a\x01\x02\x18\x01R\x04\x61ttr\x1aO\n\tAttrEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01:3\x92\x41\x30\n.2,Unique identifier for the resource instance.\"\xe1\x06\n\x19\x43heckResourceBatchRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x46\n\tprincipal\x18\x02 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\x0b\xe0\x41\x02\xfa\x42\x05\x8a\x01\x02\x10\x01R\tprincipal\x12\xbc\x02\n\tresources\x18\x03 \x03(\x0b\x32\x37.cerbos.request.v1.CheckResourceBatchRequest.BatchEntryB\xe4\x01\x92\x41\xd5\x01\x32\x1eList of resources and actions.J\xac\x01[{\"actions\":[\"view\",\"comment\"], \"resource\":{\"kind\":\"album:object\",\"policyVersion\":\"default\",\"id\":\"XX125\",\"attr\":{\"owner\":\"bugs_bunny\", \"public\": false, \"flagged\": false}}}]\xa8\x01\x01\xb0\x01\x01\xe0\x41\x02\xfa\x42\x05\x92\x01\x02\x08\x01R\tresources\x12\x35\n\x08\x61ux_data\x18\x04 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataR\x07\x61uxData\x1a\xd8\x01\n\nBatchEntry\x12\x84\x01\n\x07\x61\x63tions\x18\x01 \x03(\tBj\x92\x41T20List of actions being performed on the resource.J\x1a[\"view:public\", \"comment\"]\xa8\x01\x01\xb0\x01\x01\xe0\x41\x02\xfa\x42\r\x92\x01\n\x08\x01\x18\x01\"\x04r\x02\x10\x01R\x07\x61\x63tions\x12\x43\n\x08resource\x18\x02 \x01(\x0b\x32\x1a.cerbos.engine.v1.ResourceB\x0b\xe0\x41\x02\xfa\x42\x05\x8a\x01\x02\x10\x01R\x08resource:\x12\x92\x41\x0f\n\r2\x0bPDP Request\"\xc5\x07\n\x15\x43heckResourcesRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12X\n\x0cinclude_meta\x18\x02 \x01(\x08\x42\x35\x92\x41\x32\x32\x30\x41\x64\x64 request processing metadata to the response.R\x0bincludeMeta\x12\x46\n\tprincipal\x18\x03 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\x0b\xe0\x41\x02\xfa\x42\x05\x8a\x01\x02\x10\x01R\tprincipal\x12\xbb\x02\n\tresources\x18\x04 \x03(\x0b\x32\x36.cerbos.request.v1.CheckResourcesRequest.ResourceEntryB\xe4\x01\x92\x41\xd5\x01\x32\x1eList of resources and actions.J\xac\x01[{\"actions\":[\"view\",\"comment\"], \"resource\":{\"kind\":\"album:object\",\"policyVersion\":\"default\",\"id\":\"XX125\",\"attr\":{\"owner\":\"bugs_bunny\", \"public\": false, \"flagged\": false}}}]\xa8\x01\x01\xb0\x01\x01\xe0\x41\x02\xfa\x42\x05\x92\x01\x02\x08\x01R\tresources\x12\x35\n\x08\x61ux_data\x18\x05 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataR\x07\x61uxData\x1a\xdb\x01\n\rResourceEntry\x12\x84\x01\n\x07\x61\x63tions\x18\x01 \x03(\tBj\x92\x41T20List of actions being performed on the resource.J\x1a[\"view:public\", \"comment\"]\xa8\x01\x01\xb0\x01\x01\xe0\x41\x02\xfa\x42\r\x92\x01\n\x08\x01\x18\x01\"\x04r\x02\x10\x01R\x07\x61\x63tions\x12\x43\n\x08resource\x18\x02 \x01(\x0b\x32\x1a.cerbos.engine.v1.ResourceB\x0b\xe0\x41\x02\xfa\x42\x05\x8a\x01\x02\x10\x01R\x08resource:\x1e\x92\x41\x1b\n\x19\x32\x17\x43heck resources request\"\xc5\x06\n\x07\x41uxData\x12\x30\n\x03jwt\x18\x01 \x01(\x0b\x32\x1e.cerbos.request.v1.AuxData.JWTR\x03jwt\x1a\xc3\x05\n\x03JWT\x12\x90\x04\n\x05token\x18\x01 \x01(\tB\xf9\x03\x92\x41\xeb\x03\x32\x1dJWT from the original requestJ\xc9\x03\"eyJhbGciOiJFUzM4NCIsImtpZCI6IjE5TGZaYXRFZGc4M1lOYzVyMjNndU1KcXJuND0iLCJ0eXAiOiJKV1QifQ.eyJhdWQiOlsiY2VyYm9zLWp3dC10ZXN0cyJdLCJjdXN0b21BcnJheSI6WyJBIiwiQiIsIkMiXSwiY3VzdG9tSW50Ijo0MiwiY3VzdG9tTWFwIjp7IkEiOiJBQSIsIkIiOiJCQiIsIkMiOiJDQyJ9LCJjdXN0b21TdHJpbmciOiJmb29iYXIiLCJleHAiOjE5NDk5MzQwMzksImlzcyI6ImNlcmJvcy10ZXN0LXN1aXRlIn0.WN_tOScSpd_EI-P5EI1YlagxEgExSfBjAtcrgcF6lyWj1lGpR_GKx9goZEp2p_t5AVWXN_bjz_sMUmJdJa4cVd55Qm1miR-FKu6oNRHnSEWdMFmnArwPw-YDJWfylLFX\"\xe0\x41\x02\xfa\x42\x04r\x02\x10\x01R\x05token\x12\x82\x01\n\nkey_set_id\x18\x02 \x01(\tBd\x92\x41\x61\x32RKey ID to use when decoding the token (defined in the Cerbos server configuration)J\x0b\"my-keyset\"R\x08keySetId:$\x92\x41!\n\x1f\x32\x1dJWT from the original request:B\x92\x41?\n=2;Structured auxiliary data useful for evaluating the request\"/\n\x11ServerInfoRequest:\x1a\x92\x41\x17\n\x15\x32\x13Server info requestBs\n\x19\x64\x65v.cerbos.api.v1.requestZ>github.com/cerbos/cerbos/api/genpb/cerbos/request/v1;requestv1\xaa\x02\x15\x43\x65rbos.Api.V1.Requestb\x06proto3"
|
15
|
+
|
16
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
17
|
+
|
18
|
+
begin
|
19
|
+
pool.add_serialized_file(descriptor_data)
|
20
|
+
rescue TypeError => e
|
21
|
+
# Compatibility code: will be removed in the next major version.
|
22
|
+
require 'google/protobuf/descriptor_pb'
|
23
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
24
|
+
parsed.clear_dependency
|
25
|
+
serialized = parsed.class.encode(parsed)
|
26
|
+
file = pool.add_serialized_file(serialized)
|
27
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
28
|
+
imports = [
|
29
|
+
["cerbos.engine.v1.Principal", "cerbos/engine/v1/engine.proto"],
|
30
|
+
["google.protobuf.Value", "google/protobuf/struct.proto"],
|
31
|
+
]
|
32
|
+
imports.each do |type_name, expected_filename|
|
33
|
+
import_file = pool.lookup(type_name).file_descriptor
|
34
|
+
if import_file.name != expected_filename
|
35
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
142
36
|
end
|
143
37
|
end
|
38
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
39
|
+
warn "This will become an error in the next major version."
|
144
40
|
end
|
145
41
|
|
146
42
|
module Cerbos::Protobuf::Cerbos
|
@@ -156,23 +52,7 @@ module Cerbos::Protobuf::Cerbos
|
|
156
52
|
CheckResourcesRequest::ResourceEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.CheckResourcesRequest.ResourceEntry").msgclass
|
157
53
|
AuxData = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AuxData").msgclass
|
158
54
|
AuxData::JWT = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AuxData.JWT").msgclass
|
159
|
-
File = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.File").msgclass
|
160
|
-
PlaygroundValidateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundValidateRequest").msgclass
|
161
|
-
PlaygroundTestRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundTestRequest").msgclass
|
162
|
-
PlaygroundEvaluateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundEvaluateRequest").msgclass
|
163
|
-
PlaygroundProxyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.PlaygroundProxyRequest").msgclass
|
164
|
-
AddOrUpdatePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AddOrUpdatePolicyRequest").msgclass
|
165
|
-
ListAuditLogEntriesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest").msgclass
|
166
|
-
ListAuditLogEntriesRequest::TimeRange = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest.TimeRange").msgclass
|
167
|
-
ListAuditLogEntriesRequest::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListAuditLogEntriesRequest.Kind").enummodule
|
168
55
|
ServerInfoRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ServerInfoRequest").msgclass
|
169
|
-
ListPoliciesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListPoliciesRequest").msgclass
|
170
|
-
GetPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.GetPolicyRequest").msgclass
|
171
|
-
AddOrUpdateSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.AddOrUpdateSchemaRequest").msgclass
|
172
|
-
ListSchemasRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ListSchemasRequest").msgclass
|
173
|
-
GetSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.GetSchemaRequest").msgclass
|
174
|
-
DeleteSchemaRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.DeleteSchemaRequest").msgclass
|
175
|
-
ReloadStoreRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.request.v1.ReloadStoreRequest").msgclass
|
176
56
|
end
|
177
57
|
end
|
178
58
|
end
|
@@ -1,168 +1,41 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
3
|
# source: cerbos/response/v1/response.proto
|
3
4
|
|
4
5
|
require 'google/protobuf'
|
5
6
|
|
6
|
-
require 'cerbos/protobuf/cerbos/audit/v1/audit_pb'
|
7
7
|
require 'cerbos/protobuf/cerbos/effect/v1/effect_pb'
|
8
8
|
require 'cerbos/protobuf/cerbos/engine/v1/engine_pb'
|
9
|
-
require 'cerbos/protobuf/cerbos/policy/v1/policy_pb'
|
10
9
|
require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
|
11
|
-
require 'google/protobuf/empty_pb'
|
12
10
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
13
11
|
|
14
|
-
|
15
|
-
add_file("cerbos/response/v1/response.proto", :syntax => :proto3) do
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
end
|
38
|
-
add_message "cerbos.response.v1.CheckResourceSetResponse.Meta" do
|
39
|
-
map :resource_instances, :string, :message, 1, "cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta"
|
40
|
-
end
|
41
|
-
add_message "cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMeta" do
|
42
|
-
optional :matched_policy, :string, 1, json_name: "matchedPolicy"
|
43
|
-
optional :matched_scope, :string, 2, json_name: "matchedScope"
|
44
|
-
end
|
45
|
-
add_message "cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta" do
|
46
|
-
map :actions, :string, :message, 1, "cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMeta"
|
47
|
-
repeated :effective_derived_roles, :string, 2, json_name: "effectiveDerivedRoles"
|
48
|
-
end
|
49
|
-
add_message "cerbos.response.v1.CheckResourceBatchResponse" do
|
50
|
-
optional :request_id, :string, 1, json_name: "requestId"
|
51
|
-
repeated :results, :message, 2, "cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap", json_name: "results"
|
52
|
-
end
|
53
|
-
add_message "cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap" do
|
54
|
-
optional :resource_id, :string, 1, json_name: "resourceId"
|
55
|
-
map :actions, :string, :enum, 2, "cerbos.effect.v1.Effect"
|
56
|
-
repeated :validation_errors, :message, 3, "cerbos.schema.v1.ValidationError", json_name: "validationErrors"
|
57
|
-
end
|
58
|
-
add_message "cerbos.response.v1.CheckResourcesResponse" do
|
59
|
-
optional :request_id, :string, 1, json_name: "requestId"
|
60
|
-
repeated :results, :message, 2, "cerbos.response.v1.CheckResourcesResponse.ResultEntry", json_name: "results"
|
61
|
-
end
|
62
|
-
add_message "cerbos.response.v1.CheckResourcesResponse.ResultEntry" do
|
63
|
-
optional :resource, :message, 1, "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Resource", json_name: "resource"
|
64
|
-
map :actions, :string, :enum, 2, "cerbos.effect.v1.Effect"
|
65
|
-
repeated :validation_errors, :message, 3, "cerbos.schema.v1.ValidationError", json_name: "validationErrors"
|
66
|
-
optional :meta, :message, 4, "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta", json_name: "meta"
|
67
|
-
end
|
68
|
-
add_message "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Resource" do
|
69
|
-
optional :id, :string, 1, json_name: "id"
|
70
|
-
optional :kind, :string, 2, json_name: "kind"
|
71
|
-
optional :policy_version, :string, 3, json_name: "policyVersion"
|
72
|
-
optional :scope, :string, 4, json_name: "scope"
|
73
|
-
end
|
74
|
-
add_message "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta" do
|
75
|
-
map :actions, :string, :message, 1, "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMeta"
|
76
|
-
repeated :effective_derived_roles, :string, 2, json_name: "effectiveDerivedRoles"
|
77
|
-
end
|
78
|
-
add_message "cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMeta" do
|
79
|
-
optional :matched_policy, :string, 1, json_name: "matchedPolicy"
|
80
|
-
optional :matched_scope, :string, 2, json_name: "matchedScope"
|
81
|
-
end
|
82
|
-
add_message "cerbos.response.v1.PlaygroundFailure" do
|
83
|
-
repeated :errors, :message, 1, "cerbos.response.v1.PlaygroundFailure.Error", json_name: "errors"
|
84
|
-
end
|
85
|
-
add_message "cerbos.response.v1.PlaygroundFailure.Error" do
|
86
|
-
optional :file, :string, 1, json_name: "file"
|
87
|
-
optional :error, :string, 2, json_name: "error"
|
88
|
-
end
|
89
|
-
add_message "cerbos.response.v1.PlaygroundValidateResponse" do
|
90
|
-
optional :playground_id, :string, 1, json_name: "playgroundId"
|
91
|
-
oneof :outcome do
|
92
|
-
optional :failure, :message, 2, "cerbos.response.v1.PlaygroundFailure", json_name: "failure"
|
93
|
-
optional :success, :message, 3, "google.protobuf.Empty", json_name: "success"
|
94
|
-
end
|
95
|
-
end
|
96
|
-
add_message "cerbos.response.v1.PlaygroundTestResponse" do
|
97
|
-
optional :playground_id, :string, 1, json_name: "playgroundId"
|
98
|
-
oneof :outcome do
|
99
|
-
optional :failure, :message, 2, "cerbos.response.v1.PlaygroundFailure", json_name: "failure"
|
100
|
-
optional :success, :message, 3, "cerbos.response.v1.PlaygroundTestResponse.TestResults", json_name: "success"
|
101
|
-
end
|
102
|
-
end
|
103
|
-
add_message "cerbos.response.v1.PlaygroundTestResponse.TestResults" do
|
104
|
-
optional :results, :message, 1, "cerbos.policy.v1.TestResults", json_name: "results"
|
105
|
-
end
|
106
|
-
add_message "cerbos.response.v1.PlaygroundEvaluateResponse" do
|
107
|
-
optional :playground_id, :string, 1, json_name: "playgroundId"
|
108
|
-
oneof :outcome do
|
109
|
-
optional :failure, :message, 2, "cerbos.response.v1.PlaygroundFailure", json_name: "failure"
|
110
|
-
optional :success, :message, 3, "cerbos.response.v1.PlaygroundEvaluateResponse.EvalResultList", json_name: "success"
|
111
|
-
end
|
112
|
-
end
|
113
|
-
add_message "cerbos.response.v1.PlaygroundEvaluateResponse.EvalResult" do
|
114
|
-
optional :action, :string, 1, json_name: "action"
|
115
|
-
optional :effect, :enum, 2, "cerbos.effect.v1.Effect", json_name: "effect"
|
116
|
-
optional :policy, :string, 3, json_name: "policy"
|
117
|
-
repeated :effective_derived_roles, :string, 4, json_name: "effectiveDerivedRoles"
|
118
|
-
repeated :validation_errors, :message, 5, "cerbos.schema.v1.ValidationError", json_name: "validationErrors"
|
119
|
-
end
|
120
|
-
add_message "cerbos.response.v1.PlaygroundEvaluateResponse.EvalResultList" do
|
121
|
-
repeated :results, :message, 1, "cerbos.response.v1.PlaygroundEvaluateResponse.EvalResult", json_name: "results"
|
122
|
-
end
|
123
|
-
add_message "cerbos.response.v1.PlaygroundProxyResponse" do
|
124
|
-
optional :playground_id, :string, 1, json_name: "playgroundId"
|
125
|
-
oneof :outcome do
|
126
|
-
optional :failure, :message, 2, "cerbos.response.v1.PlaygroundFailure", json_name: "failure"
|
127
|
-
optional :check_resource_set, :message, 3, "cerbos.response.v1.CheckResourceSetResponse", json_name: "checkResourceSet"
|
128
|
-
optional :check_resource_batch, :message, 4, "cerbos.response.v1.CheckResourceBatchResponse", json_name: "checkResourceBatch"
|
129
|
-
optional :plan_resources, :message, 5, "cerbos.response.v1.PlanResourcesResponse", json_name: "planResources"
|
130
|
-
optional :check_resources, :message, 6, "cerbos.response.v1.CheckResourcesResponse", json_name: "checkResources"
|
131
|
-
end
|
132
|
-
end
|
133
|
-
add_message "cerbos.response.v1.AddOrUpdatePolicyResponse" do
|
134
|
-
optional :success, :message, 1, "google.protobuf.Empty", json_name: "success"
|
135
|
-
end
|
136
|
-
add_message "cerbos.response.v1.ListAuditLogEntriesResponse" do
|
137
|
-
oneof :entry do
|
138
|
-
optional :access_log_entry, :message, 1, "cerbos.audit.v1.AccessLogEntry", json_name: "accessLogEntry"
|
139
|
-
optional :decision_log_entry, :message, 2, "cerbos.audit.v1.DecisionLogEntry", json_name: "decisionLogEntry"
|
140
|
-
end
|
141
|
-
end
|
142
|
-
add_message "cerbos.response.v1.ServerInfoResponse" do
|
143
|
-
optional :version, :string, 1, json_name: "version"
|
144
|
-
optional :commit, :string, 2, json_name: "commit"
|
145
|
-
optional :build_date, :string, 3, json_name: "buildDate"
|
146
|
-
end
|
147
|
-
add_message "cerbos.response.v1.ListPoliciesResponse" do
|
148
|
-
repeated :policy_ids, :string, 1, json_name: "policyIds"
|
149
|
-
end
|
150
|
-
add_message "cerbos.response.v1.GetPolicyResponse" do
|
151
|
-
repeated :policies, :message, 1, "cerbos.policy.v1.Policy", json_name: "policies"
|
152
|
-
end
|
153
|
-
add_message "cerbos.response.v1.AddOrUpdateSchemaResponse" do
|
154
|
-
end
|
155
|
-
add_message "cerbos.response.v1.ListSchemasResponse" do
|
156
|
-
repeated :schema_ids, :string, 1, json_name: "schemaIds"
|
157
|
-
end
|
158
|
-
add_message "cerbos.response.v1.GetSchemaResponse" do
|
159
|
-
repeated :schemas, :message, 1, "cerbos.schema.v1.Schema", json_name: "schemas"
|
160
|
-
end
|
161
|
-
add_message "cerbos.response.v1.DeleteSchemaResponse" do
|
162
|
-
end
|
163
|
-
add_message "cerbos.response.v1.ReloadStoreResponse" do
|
12
|
+
|
13
|
+
descriptor_data = "\n!cerbos/response/v1/response.proto\x12\x12\x63\x65rbos.response.v1\x1a\x1d\x63\x65rbos/effect/v1/effect.proto\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1d\x63\x65rbos/schema/v1/schema.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\xb5\x08\n\x15PlanResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x32\n\x06\x61\x63tion\x18\x02 \x01(\tB\x1a\x92\x41\x17\x32\x06\x41\x63tionJ\r\"view:public\"R\x06\x61\x63tion\x12\x8a\x01\n\rresource_kind\x18\x03 \x01(\tBe\x92\x41\x62\x32\x0eResource kind.J\x0e\"album:object\"\x8a\x01?^[[:alpha:]][[:word:]\\@\\.\\-]*(\\:[[:alpha:]][[:word:]\\@\\.\\-]*)*$R\x0cresourceKind\x12J\n\x0epolicy_version\x18\x04 \x01(\tB#\x92\x41 2\x13The policy version.J\t\"default\"R\rpolicyVersion\x12J\n\x06\x66ilter\x18\x05 \x01(\x0b\x32%.cerbos.engine.v1.PlanResourcesFilterB\x0b\x92\x41\x08\x32\x06\x46ilterR\x06\x66ilter\x12\x7f\n\x04meta\x18\x06 \x01(\x0b\x32..cerbos.response.v1.PlanResourcesResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x12\x90\x01\n\x11validation_errors\x18\x07 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1a\xff\x01\n\x04Meta\x12]\n\x0c\x66ilter_debug\x18\x01 \x01(\tB:\x92\x41\x37\x32\x35\x46ilter textual representation for debugging purposes.R\x0b\x66ilterDebug\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:)\x92\x41&\n$2\"Metadata about request evaluation.:<\x92\x41\x39\n725Resources query plan response for a set of resources.\"\xc8\x15\n\x18\x43heckResourceSetResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xdb\x02\n\x12resource_instances\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourceSetResponse.ResourceInstancesEntryB\xe6\x01\x92\x41\xe2\x01\x32KResults for each resource instance, keyed by the ID supplied in the requestJ\x92\x01{\"XX125\":{\"actions\":{\"view:*\":\"EFFECT_ALLOW\", \"comment\": \"EFFECT_ALLOW\"}}, \"XX225\":{\"actions\":{\"view:*\":\"EFFECT_DENY\", \"comment\": \"EFFECT_DENY\"}}}R\x11resourceInstances\x12\x82\x01\n\x04meta\x18\x03 \x01(\x0b\x32\x31.cerbos.response.v1.CheckResourceSetResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x1a\x8b\x03\n\x0f\x41\x63tionEffectMap\x12\x8e\x01\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap.ActionsEntryB)\x92\x41&2$Mapping of each action to an effect.R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x02 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01\x1a\x89\x0c\n\x04Meta\x12\xcf\x03\n\x12resource_instances\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourceSetResponse.Meta.ResourceInstancesEntryB\xd5\x02\x92\x41\xd1\x02\x32\"Metadata about resource instances.J\xaa\x02{\"XX125\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}, \"XX225\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}}}R\x11resourceInstances\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\xf3\x04\n\nActionMeta\x12\xa7\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1ax\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMetaR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Unique resource instance ID supplied in the request.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMapR\x05value:\x02\x38\x01:9\x92\x41\x36\n422Policy evaluation response for a set of resources.\"\xe5\x06\n\x1a\x43heckResourceBatchResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xb3\x01\n\x07results\x18\x02 \x03(\x0b\x32>.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMapBY\x92\x41V2\x18Result for each resourceJ:[{\"resourceId\":\"XX125\",\"actions\":{\"view\":\"EFFECT_ALLOW\"}}]R\x07results\x1a\xe2\x03\n\x0f\x41\x63tionEffectMap\x12:\n\x0bresource_id\x18\x01 \x01(\tB\x19\x92\x41\x16\x32\x0bResource IDJ\x07\"XX125\"R\nresourceId\x12\xa9\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32K.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Policy evaluation response for a batch of resources.\"\xa6\x17\n\x16\x43heckResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xe3\x01\n\x07results\x18\x02 \x03(\x0b\x32\x36.cerbos.response.v1.CheckResourcesResponse.ResultEntryB\x90\x01\x92\x41\x8c\x01\x32\x18Result for each resourceJp[{\"resource\": {\"Id\":\"XX125\", \"kind\":\"album:object\"}, \"actions\":{\"view\":\"EFFECT_ALLOW\",\"comment\":\"EFFECT_DENY\"}}]R\x07results\x1a\x80\x14\n\x0bResultEntry\x12[\n\x08resource\x18\x01 \x01(\x0b\x32?.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ResourceR\x08resource\x12\xa1\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x12\x98\x02\n\x04meta\x18\x04 \x01(\x0b\x32;.cerbos.response.v1.CheckResourcesResponse.ResultEntry.MetaB\xc6\x01\x92\x41\xc2\x01\x32 Metadata about policy evaluationJ\x9d\x01{\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}R\x04meta\x12\xf6\x01\n\x07outputs\x18\x05 \x03(\x0b\x32\x1d.cerbos.engine.v1.OutputEntryB\xbc\x01\x92\x41\xb8\x01\x32,Output for each rule with outputs configuredJ\x87\x01[{\"src\": \"resource.expense.v1/acme#rule-001\", \"val\": \"view_allowed:alice\"}, {\"src\": \"resource.expense.v1/acme#rule-002\", \"val\": \"foo\"}]R\x07outputs\x1a\xff\x04\n\x08Resource\x12\x39\n\x02id\x18\x01 \x01(\tB)\x92\x41&2\x1bID of the resource instanceJ\x07\"XX125\"R\x02id\x12\x93\x01\n\x04kind\x18\x02 \x01(\tB\x7f\x92\x41|2)Name of the resource kind being accessed.J\r\"album:photo\"\x8a\x01?^[[:alpha:]][[:word:]\\@\\.\\-]*(\\:[[:alpha:]][[:word:]\\@\\.\\-]*)*$R\x04kind\x12\xc5\x01\n\x0epolicy_version\x18\x03 \x01(\tB\x9d\x01\x92\x41\x99\x01\x32|The policy version to use to evaluate this request. If not specified, will default to the server-configured default version.J\t\"default\"\x8a\x01\r^[[:word:]]*$R\rpolicyVersion\x12\xd9\x01\n\x05scope\x18\x04 \x01(\tB\xc2\x01\x92\x41\xbe\x01\x32}A dot-separated scope that describes the hierarchy this resource belongs to. This is used for determining policy inheritance.J\x0b\"acme.corp\"\x8a\x01/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$R\x05scope\x1a\xf0\x06\n\x04Meta\x12\xa6\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\x82\x01\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\\\n\x05value\x18\x02 \x01(\x0b\x32\x46.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:2\x92\x41/\n-2+Response from the check resources API call.\"\x82\x01\n\x12ServerInfoResponse\x12\x18\n\x07version\x18\x01 \x01(\tR\x07version\x12\x16\n\x06\x63ommit\x18\x02 \x01(\tR\x06\x63ommit\x12\x1d\n\nbuild_date\x18\x03 \x01(\tR\tbuildDate:\x1b\x92\x41\x18\n\x16\x32\x14Server info responseBw\n\x1a\x64\x65v.cerbos.api.v1.responseZ@github.com/cerbos/cerbos/api/genpb/cerbos/response/v1;responsev1\xaa\x02\x16\x43\x65rbos.Api.V1.Responseb\x06proto3"
|
14
|
+
|
15
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
16
|
+
|
17
|
+
begin
|
18
|
+
pool.add_serialized_file(descriptor_data)
|
19
|
+
rescue TypeError => e
|
20
|
+
# Compatibility code: will be removed in the next major version.
|
21
|
+
require 'google/protobuf/descriptor_pb'
|
22
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
23
|
+
parsed.clear_dependency
|
24
|
+
serialized = parsed.class.encode(parsed)
|
25
|
+
file = pool.add_serialized_file(serialized)
|
26
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
27
|
+
imports = [
|
28
|
+
["cerbos.engine.v1.PlanResourcesFilter", "cerbos/engine/v1/engine.proto"],
|
29
|
+
["cerbos.schema.v1.ValidationError", "cerbos/schema/v1/schema.proto"],
|
30
|
+
]
|
31
|
+
imports.each do |type_name, expected_filename|
|
32
|
+
import_file = pool.lookup(type_name).file_descriptor
|
33
|
+
if import_file.name != expected_filename
|
34
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
164
35
|
end
|
165
36
|
end
|
37
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
38
|
+
warn "This will become an error in the next major version."
|
166
39
|
end
|
167
40
|
|
168
41
|
module Cerbos::Protobuf::Cerbos
|
@@ -182,25 +55,7 @@ module Cerbos::Protobuf::Cerbos
|
|
182
55
|
CheckResourcesResponse::ResultEntry::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourcesResponse.ResultEntry.Resource").msgclass
|
183
56
|
CheckResourcesResponse::ResultEntry::Meta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta").msgclass
|
184
57
|
CheckResourcesResponse::ResultEntry::Meta::EffectMeta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMeta").msgclass
|
185
|
-
PlaygroundFailure = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundFailure").msgclass
|
186
|
-
PlaygroundFailure::Error = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundFailure.Error").msgclass
|
187
|
-
PlaygroundValidateResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundValidateResponse").msgclass
|
188
|
-
PlaygroundTestResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundTestResponse").msgclass
|
189
|
-
PlaygroundTestResponse::TestResults = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundTestResponse.TestResults").msgclass
|
190
|
-
PlaygroundEvaluateResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundEvaluateResponse").msgclass
|
191
|
-
PlaygroundEvaluateResponse::EvalResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundEvaluateResponse.EvalResult").msgclass
|
192
|
-
PlaygroundEvaluateResponse::EvalResultList = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundEvaluateResponse.EvalResultList").msgclass
|
193
|
-
PlaygroundProxyResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlaygroundProxyResponse").msgclass
|
194
|
-
AddOrUpdatePolicyResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.AddOrUpdatePolicyResponse").msgclass
|
195
|
-
ListAuditLogEntriesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ListAuditLogEntriesResponse").msgclass
|
196
58
|
ServerInfoResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ServerInfoResponse").msgclass
|
197
|
-
ListPoliciesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ListPoliciesResponse").msgclass
|
198
|
-
GetPolicyResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.GetPolicyResponse").msgclass
|
199
|
-
AddOrUpdateSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.AddOrUpdateSchemaResponse").msgclass
|
200
|
-
ListSchemasResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ListSchemasResponse").msgclass
|
201
|
-
GetSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.GetSchemaResponse").msgclass
|
202
|
-
DeleteSchemaResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.DeleteSchemaResponse").msgclass
|
203
|
-
ReloadStoreResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.ReloadStoreResponse").msgclass
|
204
59
|
end
|
205
60
|
end
|
206
61
|
end
|
@@ -1,29 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
3
|
# source: cerbos/schema/v1/schema.proto
|
3
4
|
|
4
5
|
require 'google/protobuf'
|
5
6
|
|
6
|
-
require 'cerbos/protobuf/google/api/field_behavior_pb'
|
7
|
-
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
8
|
-
require 'cerbos/protobuf/validate/validate_pb'
|
9
7
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
8
|
+
descriptor_data = "\n\x1d\x63\x65rbos/schema/v1/schema.proto\x12\x10\x63\x65rbos.schema.v1\"\xce\x01\n\x0fValidationError\x12\x12\n\x04path\x18\x01 \x01(\tR\x04path\x12\x18\n\x07message\x18\x02 \x01(\tR\x07message\x12@\n\x06source\x18\x03 \x01(\x0e\x32(.cerbos.schema.v1.ValidationError.SourceR\x06source\"K\n\x06Source\x12\x16\n\x12SOURCE_UNSPECIFIED\x10\x00\x12\x14\n\x10SOURCE_PRINCIPAL\x10\x01\x12\x13\n\x0fSOURCE_RESOURCE\x10\x02\x42o\n\x18\x64\x65v.cerbos.api.v1.schemaZ<github.com/cerbos/cerbos/api/genpb/cerbos/schema/v1;schemav1\xaa\x02\x14\x43\x65rbos.Api.V1.Schemab\x06proto3"
|
9
|
+
|
10
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
11
|
+
|
12
|
+
begin
|
13
|
+
pool.add_serialized_file(descriptor_data)
|
14
|
+
rescue TypeError => e
|
15
|
+
# Compatibility code: will be removed in the next major version.
|
16
|
+
require 'google/protobuf/descriptor_pb'
|
17
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
18
|
+
parsed.clear_dependency
|
19
|
+
serialized = parsed.class.encode(parsed)
|
20
|
+
file = pool.add_serialized_file(serialized)
|
21
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
22
|
+
imports = [
|
23
|
+
]
|
24
|
+
imports.each do |type_name, expected_filename|
|
25
|
+
import_file = pool.lookup(type_name).file_descriptor
|
26
|
+
if import_file.name != expected_filename
|
27
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
25
28
|
end
|
26
29
|
end
|
30
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
31
|
+
warn "This will become an error in the next major version."
|
27
32
|
end
|
28
33
|
|
29
34
|
module Cerbos::Protobuf::Cerbos
|
@@ -31,7 +36,6 @@ module Cerbos::Protobuf::Cerbos
|
|
31
36
|
module V1
|
32
37
|
ValidationError = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.schema.v1.ValidationError").msgclass
|
33
38
|
ValidationError::Source = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.schema.v1.ValidationError.Source").enummodule
|
34
|
-
Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.schema.v1.Schema").msgclass
|
35
39
|
end
|
36
40
|
end
|
37
41
|
end
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
3
|
# source: cerbos/svc/v1/svc.proto
|
3
4
|
|
@@ -7,10 +8,34 @@ require 'cerbos/protobuf/cerbos/request/v1/request_pb'
|
|
7
8
|
require 'cerbos/protobuf/cerbos/response/v1/response_pb'
|
8
9
|
require 'cerbos/protobuf/google/api/annotations_pb'
|
9
10
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
11
|
+
require 'cerbos/protobuf/validate/validate_pb'
|
12
|
+
require 'cerbos/protobuf/google/api/field_behavior_pb'
|
10
13
|
|
11
|
-
|
12
|
-
|
14
|
+
|
15
|
+
descriptor_data = "\n\x17\x63\x65rbos/svc/v1/svc.proto\x12\rcerbos.svc.v1\x1a\x1f\x63\x65rbos/request/v1/request.proto\x1a!cerbos/response/v1/response.proto\x1a\x1cgoogle/api/annotations.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\x1a\x17validate/validate.proto\x1a\x1fgoogle/api/field_behavior.proto2\xd6\n\n\rCerbosService\x12\xa7\x02\n\x10\x43heckResourceSet\x12*.cerbos.request.v1.CheckResourceSetRequest\x1a,.cerbos.response.v1.CheckResourceSetResponse\"\xb8\x01\x92\x41\x9f\x01\x12\x05\x43heck\x1a\x93\x01[Deprecated: Use CheckResources API instead] Check whether a principal has permissions to perform the given actions on a set of resource instances.X\x01\x82\xd3\xe4\x93\x02\x0f:\x01*\"\n/api/check\x12\xb6\x02\n\x12\x43heckResourceBatch\x12,.cerbos.request.v1.CheckResourceBatchRequest\x1a..cerbos.response.v1.CheckResourceBatchResponse\"\xc1\x01\x92\x41\x99\x01\x12\x14\x43heck resource batch\x1a\x7f[Deprecated: Use CheckResources API instead] Check a principal\'s permissions to a batch of heterogeneous resources and actions.X\x01\x82\xd3\xe4\x93\x02\x1e:\x01*\"\x19/api/check_resource_batch\x12\xf0\x01\n\x0e\x43heckResources\x12(.cerbos.request.v1.CheckResourcesRequest\x1a*.cerbos.response.v1.CheckResourcesResponse\"\x87\x01\x92\x41\x65\x12\x0f\x43heck resources\x1aRCheck a principal\'s permissions to a batch of heterogeneous resources and actions.\x82\xd3\xe4\x93\x02\x19:\x01*\"\x14/api/check/resources\x12\xc5\x01\n\nServerInfo\x12$.cerbos.request.v1.ServerInfoRequest\x1a&.cerbos.response.v1.ServerInfoResponse\"i\x92\x41N\x12\x16Get server information\x1a\x34Get information about the server e.g. server version\x82\xd3\xe4\x93\x02\x12\x12\x10/api/server_info\x12\x83\x02\n\rPlanResources\x12\'.cerbos.request.v1.PlanResourcesRequest\x1a).cerbos.response.v1.PlanResourcesResponse\"\x9d\x01\x92\x41|\x12\x0ePlan resources\x1ajProduce a query plan with conditions that must be satisfied for accessing a set of instances of a resource\x82\xd3\xe4\x93\x02\x18:\x01*\"\x13/api/plan/resources\x1a!\x92\x41\x1e\x12\x1c\x43\x65rbos Policy Decision PointB\xe1\x01\n\x15\x64\x65v.cerbos.api.v1.svcZ6github.com/cerbos/cerbos/api/genpb/cerbos/svc/v1;svcv1\xaa\x02\x11\x43\x65rbos.Api.V1.Svc\x92\x41{\x12?\n\x06\x43\x65rbos\"-\n\x06\x43\x65rbos\x12\x12https://cerbos.dev\x1a\x0finfo@cerbos.dev2\x06latest*\x01\x02\x32\x10\x61pplication/json:\x10\x61pplication/jsonZ\x11\n\x0f\n\tBasicAuth\x12\x02\x08\x01\x62\x06proto3"
|
16
|
+
|
17
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
18
|
+
|
19
|
+
begin
|
20
|
+
pool.add_serialized_file(descriptor_data)
|
21
|
+
rescue TypeError => e
|
22
|
+
# Compatibility code: will be removed in the next major version.
|
23
|
+
require 'google/protobuf/descriptor_pb'
|
24
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
25
|
+
parsed.clear_dependency
|
26
|
+
serialized = parsed.class.encode(parsed)
|
27
|
+
file = pool.add_serialized_file(serialized)
|
28
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
29
|
+
imports = [
|
30
|
+
]
|
31
|
+
imports.each do |type_name, expected_filename|
|
32
|
+
import_file = pool.lookup(type_name).file_descriptor
|
33
|
+
if import_file.name != expected_filename
|
34
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
35
|
+
end
|
13
36
|
end
|
37
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
38
|
+
warn "This will become an error in the next major version."
|
14
39
|
end
|
15
40
|
|
16
41
|
module Cerbos::Protobuf::Cerbos
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
2
|
# Source: cerbos/svc/v1/svc.proto for package 'cerbos.svc.v1'
|
3
3
|
# Original file comments:
|
4
|
-
# Copyright 2021-
|
4
|
+
# Copyright 2021-2023 Zenauth Ltd.
|
5
5
|
# SPDX-License-Identifier: Apache-2.0
|
6
6
|
#
|
7
7
|
|
@@ -27,45 +27,6 @@ module Cerbos::Protobuf::Cerbos
|
|
27
27
|
rpc :PlanResources, ::Cerbos::Protobuf::Cerbos::Request::V1::PlanResourcesRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlanResourcesResponse
|
28
28
|
end
|
29
29
|
|
30
|
-
Stub = Service.rpc_stub_class
|
31
|
-
end
|
32
|
-
module CerbosAdminService
|
33
|
-
class Service
|
34
|
-
|
35
|
-
include ::GRPC::GenericService
|
36
|
-
|
37
|
-
self.marshal_class_method = :encode
|
38
|
-
self.unmarshal_class_method = :decode
|
39
|
-
self.service_name = 'cerbos.svc.v1.CerbosAdminService'
|
40
|
-
|
41
|
-
rpc :AddOrUpdatePolicy, ::Cerbos::Protobuf::Cerbos::Request::V1::AddOrUpdatePolicyRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::AddOrUpdatePolicyResponse
|
42
|
-
rpc :ListPolicies, ::Cerbos::Protobuf::Cerbos::Request::V1::ListPoliciesRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::ListPoliciesResponse
|
43
|
-
rpc :GetPolicy, ::Cerbos::Protobuf::Cerbos::Request::V1::GetPolicyRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::GetPolicyResponse
|
44
|
-
rpc :ListAuditLogEntries, ::Cerbos::Protobuf::Cerbos::Request::V1::ListAuditLogEntriesRequest, stream(::Cerbos::Protobuf::Cerbos::Response::V1::ListAuditLogEntriesResponse)
|
45
|
-
rpc :AddOrUpdateSchema, ::Cerbos::Protobuf::Cerbos::Request::V1::AddOrUpdateSchemaRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::AddOrUpdateSchemaResponse
|
46
|
-
rpc :ListSchemas, ::Cerbos::Protobuf::Cerbos::Request::V1::ListSchemasRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::ListSchemasResponse
|
47
|
-
rpc :GetSchema, ::Cerbos::Protobuf::Cerbos::Request::V1::GetSchemaRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::GetSchemaResponse
|
48
|
-
rpc :DeleteSchema, ::Cerbos::Protobuf::Cerbos::Request::V1::DeleteSchemaRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::DeleteSchemaResponse
|
49
|
-
rpc :ReloadStore, ::Cerbos::Protobuf::Cerbos::Request::V1::ReloadStoreRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::ReloadStoreResponse
|
50
|
-
end
|
51
|
-
|
52
|
-
Stub = Service.rpc_stub_class
|
53
|
-
end
|
54
|
-
module CerbosPlaygroundService
|
55
|
-
class Service
|
56
|
-
|
57
|
-
include ::GRPC::GenericService
|
58
|
-
|
59
|
-
self.marshal_class_method = :encode
|
60
|
-
self.unmarshal_class_method = :decode
|
61
|
-
self.service_name = 'cerbos.svc.v1.CerbosPlaygroundService'
|
62
|
-
|
63
|
-
rpc :PlaygroundValidate, ::Cerbos::Protobuf::Cerbos::Request::V1::PlaygroundValidateRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlaygroundValidateResponse
|
64
|
-
rpc :PlaygroundTest, ::Cerbos::Protobuf::Cerbos::Request::V1::PlaygroundTestRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlaygroundTestResponse
|
65
|
-
rpc :PlaygroundEvaluate, ::Cerbos::Protobuf::Cerbos::Request::V1::PlaygroundEvaluateRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlaygroundEvaluateResponse
|
66
|
-
rpc :PlaygroundProxy, ::Cerbos::Protobuf::Cerbos::Request::V1::PlaygroundProxyRequest, ::Cerbos::Protobuf::Cerbos::Response::V1::PlaygroundProxyResponse
|
67
|
-
end
|
68
|
-
|
69
30
|
Stub = Service.rpc_stub_class
|
70
31
|
end
|
71
32
|
end
|