cerbos 0.8.0 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -2
- data/README.md +2 -2
- data/cerbos.gemspec +2 -1
- data/lib/cerbos/input/principal.rb +20 -5
- data/lib/cerbos/input/resource.rb +20 -5
- data/lib/cerbos/input/resource_query.rb +20 -5
- data/lib/cerbos/protobuf/buf/validate/expression_pb.rb +17 -0
- data/lib/cerbos/protobuf/buf/validate/priv/private_pb.rb +22 -0
- data/lib/cerbos/protobuf/buf/validate/validate_pb.rb +45 -0
- data/lib/cerbos/protobuf/cerbos/effect/v1/effect_pb.rb +1 -22
- data/lib/cerbos/protobuf/cerbos/engine/v1/engine_pb.rb +2 -24
- data/lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb +3 -26
- data/lib/cerbos/protobuf/cerbos/response/v1/response_pb.rb +2 -25
- data/lib/cerbos/protobuf/cerbos/schema/v1/schema_pb.rb +1 -22
- data/lib/cerbos/protobuf/cerbos/svc/v1/svc_pb.rb +3 -24
- data/lib/cerbos/protobuf/cerbos/svc/v1/svc_services_pb.rb +1 -1
- data/lib/cerbos/protobuf/google/api/annotations_pb.rb +1 -23
- data/lib/cerbos/protobuf/google/api/field_behavior_pb.rb +2 -23
- data/lib/cerbos/protobuf/google/api/http_pb.rb +1 -22
- data/lib/cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb.rb +1 -23
- data/lib/cerbos/protobuf/protoc-gen-openapiv2/options/openapiv2_pb.rb +1 -23
- data/lib/cerbos/version.rb +1 -1
- data/lib/cerbos.rb +11 -0
- metadata +28 -6
- data/lib/cerbos/protobuf/validate/validate_pb.rb +0 -65
|
@@ -4,40 +4,17 @@
|
|
|
4
4
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
|
+
require 'cerbos/protobuf/buf/validate/validate_pb'
|
|
7
8
|
require 'cerbos/protobuf/cerbos/engine/v1/engine_pb'
|
|
8
9
|
require 'cerbos/protobuf/google/api/field_behavior_pb'
|
|
9
10
|
require 'google/protobuf/struct_pb'
|
|
10
11
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
|
11
|
-
require 'cerbos/protobuf/validate/validate_pb'
|
|
12
12
|
|
|
13
13
|
|
|
14
|
-
descriptor_data = "\n\x1f\x63\x65rbos/request/v1/request.proto\x12\x11\x63\x65rbos.request.v1\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\
|
|
14
|
+
descriptor_data = "\n\x1f\x63\x65rbos/request/v1/request.proto\x12\x11\x63\x65rbos.request.v1\x1a\x1b\x62uf/validate/validate.proto\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\x86\x05\n\x14PlanResourcesRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12l\n\x06\x61\x63tion\x18\x02 \x01(\tBT\x92\x41\x43\x32\x32\x41\x63tion to be applied to each resource in the list.J\r\"view:public\"\xe2\x41\x01\x02\xbaH\x07\xc8\x01\x01r\x02\x10\x01R\x06\x61\x63tion\x12\x45\n\tprincipal\x18\x03 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\tprincipal\x12U\n\x08resource\x18\x04 \x01(\x0b\x32-.cerbos.engine.v1.PlanResourcesInput.ResourceB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\x08resource\x12;\n\x08\x61ux_data\x18\x05 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataB\x04\xe2\x41\x01\x01R\x07\x61uxData\x12\x63\n\x0cinclude_meta\x18\x06 \x01(\x08\x42@\x92\x41=2;Opt to receive request processing metadata in the response.R\x0bincludeMeta:\'\x92\x41$\n\"2 PDP Resources Query Plan Request\"\x8a\x05\n\x17\x43heckResourceSetRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x90\x01\n\x07\x61\x63tions\x18\x02 \x03(\tBv\x92\x41\\28List of actions being performed on the set of resources.J\x1a[\"view:public\", \"comment\"]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x10\xc8\x01\x01\x92\x01\n\x08\x01\x18\x01\"\x04r\x02\x10\x01R\x07\x61\x63tions\x12\x45\n\tprincipal\x18\x03 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\tprincipal\x12\x46\n\x08resource\x18\x04 \x01(\x0b\x32\x1e.cerbos.request.v1.ResourceSetB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\x08resource\x12\x63\n\x0cinclude_meta\x18\x05 \x01(\x08\x42@\x92\x41=2;Opt to receive request processing metadata in the response.R\x0bincludeMeta\x12;\n\x08\x61ux_data\x18\x06 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataB\x04\xe2\x41\x01\x01R\x07\x61uxData:\x12\x92\x41\x0f\n\r2\x0bPDP Request\"\xb0\x08\n\x0bResourceSet\x12\x45\n\x04kind\x18\x01 \x01(\tB1\x92\x41 2\x0eResource kind.J\x0e\"album:object\"\xe2\x41\x01\x02\xbaH\x07\xc8\x01\x01r\x02\x10\x01R\x04kind\x12\xdd\x01\n\x0epolicy_version\x18\x02 \x01(\tB\xb5\x01\x92\x41\x99\x01\x32|The policy version to use to evaluate this request. If not specified, will default to the server-configured default version.J\t\"default\"\x8a\x01\r^[[:word:]]*$\xe2\x41\x01\x01\xbaH\x11r\x0f\x32\r^[[:word:]]*$R\rpolicyVersion\x12\xed\x02\n\tinstances\x18\x03 \x03(\x0b\x32-.cerbos.request.v1.ResourceSet.InstancesEntryB\x9f\x02\x92\x41\x8c\x02\x32mSet of resource instances to check. Each instance must be keyed by an application-specific unique identifier.J\x97\x01{\"XX125\":{\"attr\":{\"owner\":\"bugs_bunny\", \"public\": false, \"flagged\": false}}, \"XX225\":{\"attr\":{\"owner\":\"daffy_duck\", \"public\": true, \"flagged\": false}}}\xc8\x01\x01\xe2\x41\x01\x02\xbaH\x08\xc8\x01\x01\x9a\x01\x02\x08\x01R\tinstances\x12\x87\x02\n\x05scope\x18\x04 \x01(\tB\xf0\x01\x92\x41\xb2\x01\x32~A dot-separated scope that describes the hierarchy these resources belong to. This is used for determining policy inheritance.\x8a\x01/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$\xe2\x41\x01\x01\xbaH3r12/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$R\x05scope\x1a^\n\x0eInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\x36\n\x05value\x18\x02 \x01(\x0b\x32 .cerbos.request.v1.AttributesMapR\x05value:\x02\x38\x01: \x92\x41\x1d\n\x1b\x32\x19Set of resources to check\"\xc1\x02\n\rAttributesMap\x12\xa9\x01\n\x04\x61ttr\x18\x01 \x03(\x0b\x32*.cerbos.request.v1.AttributesMap.AttrEntryBi\x92\x41\x66\x32\x64Key-value pairs of contextual data about this instance that should be used during policy evaluation.R\x04\x61ttr\x1aO\n\tAttrEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01:3\x92\x41\x30\n.2,Unique identifier for the resource instance.\"\xe7\x06\n\x19\x43heckResourceBatchRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x45\n\tprincipal\x18\x02 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\tprincipal\x12\xc0\x02\n\tresources\x18\x03 \x03(\x0b\x32\x37.cerbos.request.v1.CheckResourceBatchRequest.BatchEntryB\xe8\x01\x92\x41\xd5\x01\x32\x1eList of resources and actions.J\xac\x01[{\"actions\":[\"view\",\"comment\"], \"resource\":{\"kind\":\"album:object\",\"policyVersion\":\"default\",\"id\":\"XX125\",\"attr\":{\"owner\":\"bugs_bunny\", \"public\": false, \"flagged\": false}}}]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x08\xc8\x01\x01\x92\x01\x02\x08\x01R\tresources\x12\x35\n\x08\x61ux_data\x18\x04 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataR\x07\x61uxData\x1a\xdb\x01\n\nBatchEntry\x12\x88\x01\n\x07\x61\x63tions\x18\x01 \x03(\tBn\x92\x41T20List of actions being performed on the resource.J\x1a[\"view:public\", \"comment\"]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x10\xc8\x01\x01\x92\x01\n\x08\x01\x18\x01\"\x04r\x02\x10\x01R\x07\x61\x63tions\x12\x42\n\x08resource\x18\x02 \x01(\x0b\x32\x1a.cerbos.engine.v1.ResourceB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\x08resource:\x12\x92\x41\x0f\n\r2\x0bPDP Request\"\xcb\x07\n\x15\x43heckResourcesRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12X\n\x0cinclude_meta\x18\x02 \x01(\x08\x42\x35\x92\x41\x32\x32\x30\x41\x64\x64 request processing metadata to the response.R\x0bincludeMeta\x12\x45\n\tprincipal\x18\x03 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\tprincipal\x12\xbf\x02\n\tresources\x18\x04 \x03(\x0b\x32\x36.cerbos.request.v1.CheckResourcesRequest.ResourceEntryB\xe8\x01\x92\x41\xd5\x01\x32\x1eList of resources and actions.J\xac\x01[{\"actions\":[\"view\",\"comment\"], \"resource\":{\"kind\":\"album:object\",\"policyVersion\":\"default\",\"id\":\"XX125\",\"attr\":{\"owner\":\"bugs_bunny\", \"public\": false, \"flagged\": false}}}]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x08\xc8\x01\x01\x92\x01\x02\x08\x01R\tresources\x12\x35\n\x08\x61ux_data\x18\x05 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataR\x07\x61uxData\x1a\xde\x01\n\rResourceEntry\x12\x88\x01\n\x07\x61\x63tions\x18\x01 \x03(\tBn\x92\x41T20List of actions being performed on the resource.J\x1a[\"view:public\", \"comment\"]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x10\xc8\x01\x01\x92\x01\n\x08\x01\x18\x01\"\x04r\x02\x10\x01R\x07\x61\x63tions\x12\x42\n\x08resource\x18\x02 \x01(\x0b\x32\x1a.cerbos.engine.v1.ResourceB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\x08resource:\x1e\x92\x41\x1b\n\x19\x32\x17\x43heck resources request\"\xb3\x07\n\x07\x41uxData\x12\x30\n\x03jwt\x18\x01 \x01(\x0b\x32\x1e.cerbos.request.v1.AuxData.JWTR\x03jwt\x1a\xb1\x06\n\x03JWT\x12\xc8\x04\n\x05token\x18\x01 \x01(\tB\xb1\x04\x92\x41\x9f\x04\x32\x1dJWT from the original requestJ\xc9\x03\"eyJhbGciOiJFUzM4NCIsImtpZCI6IjE5TGZaYXRFZGc4M1lOYzVyMjNndU1KcXJuND0iLCJ0eXAiOiJKV1QifQ.eyJhdWQiOlsiY2VyYm9zLWp3dC10ZXN0cyJdLCJjdXN0b21BcnJheSI6WyJBIiwiQiIsIkMiXSwiY3VzdG9tSW50Ijo0MiwiY3VzdG9tTWFwIjp7IkEiOiJBQSIsIkIiOiJCQiIsIkMiOiJDQyJ9LCJjdXN0b21TdHJpbmciOiJmb29iYXIiLCJleHAiOjE5NDk5MzQwMzksImlzcyI6ImNlcmJvcy10ZXN0LXN1aXRlIn0.WN_tOScSpd_EI-P5EI1YlagxEgExSfBjAtcrgcF6lyWj1lGpR_GKx9goZEp2p_t5AVWXN_bjz_sMUmJdJa4cVd55Qm1miR-FKu6oNRHnSEWdMFmnArwPw-YDJWfylLFX\"\x82\x03\x1a\n\x14x-example-show-value\x12\x02 \x00\x82\x03\x14\n\x0ex-fill-example\x12\x02 \x00\xe2\x41\x01\x02\xbaH\x07\xc8\x01\x01r\x02\x10\x01R\x05token\x12\xb8\x01\n\nkey_set_id\x18\x02 \x01(\tB\x99\x01\x92\x41\x95\x01\x32RKey ID to use when decoding the token (defined in the Cerbos server configuration)J\x0b\"my-keyset\"\x82\x03\x1a\n\x14x-example-show-value\x12\x02 \x00\x82\x03\x14\n\x0ex-fill-example\x12\x02 \x00R\x08keySetId:$\x92\x41!\n\x1f\x32\x1dJWT from the original request:B\x92\x41?\n=2;Structured auxiliary data useful for evaluating the request\"/\n\x11ServerInfoRequest:\x1a\x92\x41\x17\n\x15\x32\x13Server info requestBs\n\x19\x64\x65v.cerbos.api.v1.requestZ>github.com/cerbos/cerbos/api/genpb/cerbos/request/v1;requestv1\xaa\x02\x15\x43\x65rbos.Api.V1.Requestb\x06proto3"
|
|
15
15
|
|
|
16
16
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
17
|
-
|
|
18
|
-
begin
|
|
19
|
-
pool.add_serialized_file(descriptor_data)
|
|
20
|
-
rescue TypeError => e
|
|
21
|
-
# Compatibility code: will be removed in the next major version.
|
|
22
|
-
require 'google/protobuf/descriptor_pb'
|
|
23
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
24
|
-
parsed.clear_dependency
|
|
25
|
-
serialized = parsed.class.encode(parsed)
|
|
26
|
-
file = pool.add_serialized_file(serialized)
|
|
27
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
28
|
-
imports = [
|
|
29
|
-
["cerbos.engine.v1.Principal", "cerbos/engine/v1/engine.proto"],
|
|
30
|
-
["google.protobuf.Value", "google/protobuf/struct.proto"],
|
|
31
|
-
]
|
|
32
|
-
imports.each do |type_name, expected_filename|
|
|
33
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
34
|
-
if import_file.name != expected_filename
|
|
35
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
36
|
-
end
|
|
37
|
-
end
|
|
38
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
39
|
-
warn "This will become an error in the next major version."
|
|
40
|
-
end
|
|
17
|
+
pool.add_serialized_file(descriptor_data)
|
|
41
18
|
|
|
42
19
|
module Cerbos::Protobuf::Cerbos
|
|
43
20
|
module Request
|
|
@@ -10,33 +10,10 @@ require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
|
|
|
10
10
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
|
11
11
|
|
|
12
12
|
|
|
13
|
-
descriptor_data = "\n!cerbos/response/v1/response.proto\x12\x12\x63\x65rbos.response.v1\x1a\x1d\x63\x65rbos/effect/v1/effect.proto\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1d\x63\x65rbos/schema/v1/schema.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\xb5\x08\n\x15PlanResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x32\n\x06\x61\x63tion\x18\x02 \x01(\tB\x1a\x92\x41\x17\x32\x06\x41\x63tionJ\r\"view:public\"R\x06\x61\x63tion\x12\x8a\x01\n\rresource_kind\x18\x03 \x01(\tBe\x92\x41\x62\x32\x0eResource kind.J\x0e\"album:object\"\x8a\x01?^[[:alpha:]][[:word:]\\@\\.\\-]*(\\:[[:alpha:]][[:word:]\\@\\.\\-]*)*$R\x0cresourceKind\x12J\n\x0epolicy_version\x18\x04 \x01(\tB#\x92\x41 2\x13The policy version.J\t\"default\"R\rpolicyVersion\x12J\n\x06\x66ilter\x18\x05 \x01(\x0b\x32%.cerbos.engine.v1.PlanResourcesFilterB\x0b\x92\x41\x08\x32\x06\x46ilterR\x06\x66ilter\x12\x7f\n\x04meta\x18\x06 \x01(\x0b\x32..cerbos.response.v1.PlanResourcesResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x12\x90\x01\n\x11validation_errors\x18\x07 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1a\xff\x01\n\x04Meta\x12]\n\x0c\x66ilter_debug\x18\x01 \x01(\tB:\x92\x41\x37\x32\x35\x46ilter textual representation for debugging purposes.R\x0b\x66ilterDebug\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:)\x92\x41&\n$2\"Metadata about request evaluation.:<\x92\x41\x39\n725Resources query plan response for a set of resources.\"\xc8\x15\n\x18\x43heckResourceSetResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xdb\x02\n\x12resource_instances\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourceSetResponse.ResourceInstancesEntryB\xe6\x01\x92\x41\xe2\x01\x32KResults for each resource instance, keyed by the ID supplied in the requestJ\x92\x01{\"XX125\":{\"actions\":{\"view:*\":\"EFFECT_ALLOW\", \"comment\": \"EFFECT_ALLOW\"}}, \"XX225\":{\"actions\":{\"view:*\":\"EFFECT_DENY\", \"comment\": \"EFFECT_DENY\"}}}R\x11resourceInstances\x12\x82\x01\n\x04meta\x18\x03 \x01(\x0b\x32\x31.cerbos.response.v1.CheckResourceSetResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x1a\x8b\x03\n\x0f\x41\x63tionEffectMap\x12\x8e\x01\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap.ActionsEntryB)\x92\x41&2$Mapping of each action to an effect.R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x02 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01\x1a\x89\x0c\n\x04Meta\x12\xcf\x03\n\x12resource_instances\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourceSetResponse.Meta.ResourceInstancesEntryB\xd5\x02\x92\x41\xd1\x02\x32\"Metadata about resource instances.J\xaa\x02{\"XX125\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}, \"XX225\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}}}R\x11resourceInstances\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\xf3\x04\n\nActionMeta\x12\xa7\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1ax\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMetaR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Unique resource instance ID supplied in the request.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMapR\x05value:\x02\x38\x01:9\x92\x41\x36\n422Policy evaluation response for a set of resources.\"\xe5\x06\n\x1a\x43heckResourceBatchResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xb3\x01\n\x07results\x18\x02 \x03(\x0b\x32>.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMapBY\x92\x41V2\x18Result for each resourceJ:[{\"resourceId\":\"XX125\",\"actions\":{\"view\":\"EFFECT_ALLOW\"}}]R\x07results\x1a\xe2\x03\n\x0f\x41\x63tionEffectMap\x12:\n\x0bresource_id\x18\x01 \x01(\tB\x19\x92\x41\x16\x32\x0bResource IDJ\x07\"XX125\"R\nresourceId\x12\xa9\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32K.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Policy evaluation response for a batch of resources.\"\xa6\x17\n\x16\x43heckResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xe3\x01\n\x07results\x18\x02 \x03(\x0b\x32\x36.cerbos.response.v1.CheckResourcesResponse.ResultEntryB\x90\x01\x92\x41\x8c\x01\x32\x18Result for each resourceJp[{\"resource\": {\"Id\":\"XX125\", \"kind\":\"album:object\"}, \"actions\":{\"view\":\"EFFECT_ALLOW\",\"comment\":\"EFFECT_DENY\"}}]R\x07results\x1a\x80\x14\n\x0bResultEntry\x12[\n\x08resource\x18\x01 \x01(\x0b\x32?.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ResourceR\x08resource\x12\xa1\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x12\x98\x02\n\x04meta\x18\x04 \x01(\x0b\x32;.cerbos.response.v1.CheckResourcesResponse.ResultEntry.MetaB\xc6\x01\x92\x41\xc2\x01\x32 Metadata about policy evaluationJ\x9d\x01{\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}R\x04meta\x12\xf6\x01\n\x07outputs\x18\x05 \x03(\x0b\x32\x1d.cerbos.engine.v1.OutputEntryB\xbc\x01\x92\x41\xb8\x01\x32,Output for each rule with outputs configuredJ\x87\x01[{\"src\": \"resource.expense.v1/acme#rule-001\", \"val\": \"view_allowed:alice\"}, {\"src\": \"resource.expense.v1/acme#rule-002\", \"val\": \"foo\"}]R\x07outputs\x1a\xff\x04\n\x08Resource\x12\x39\n\x02id\x18\x01 \x01(\tB)\x92\x41&2\x1bID of the resource instanceJ\x07\"XX125\"R\x02id\x12\x93\x01\n\x04kind\x18\x02 \x01(\tB\x7f\x92\x41|2)Name of the resource kind being accessed.J\r\"album:photo\"\x8a\x01?^[[:alpha:]][[:word:]\\@\\.\\-]*(\\:[[:alpha:]][[:word:]\\@\\.\\-]*)*$R\x04kind\x12\xc5\x01\n\x0epolicy_version\x18\x03 \x01(\tB\x9d\x01\x92\x41\x99\x01\x32|The policy version to use to evaluate this request. If not specified, will default to the server-configured default version.J\t\"default\"\x8a\x01\r^[[:word:]]*$R\rpolicyVersion\x12\xd9\x01\n\x05scope\x18\x04 \x01(\tB\xc2\x01\x92\x41\xbe\x01\x32}A dot-separated scope that describes the hierarchy this resource belongs to. This is used for determining policy inheritance.J\x0b\"acme.corp\"\x8a\x01/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$R\x05scope\x1a\xf0\x06\n\x04Meta\x12\xa6\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\x82\x01\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\\\n\x05value\x18\x02 \x01(\x0b\x32\x46.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:2\x92\x41/\n-2+Response from the check resources API call.\"\x82\x01\n\x12ServerInfoResponse\x12\x18\n\x07version\x18\x01 \x01(\tR\x07version\x12\x16\n\x06\x63ommit\x18\x02 \x01(\tR\x06\x63ommit\x12\x1d\n\nbuild_date\x18\x03 \x01(\tR\tbuildDate:\x1b\x92\x41\x18\n\x16\x32\x14Server info responseBw\n\x1a\x64\x65v.cerbos.api.v1.responseZ@github.com/cerbos/cerbos/api/genpb/cerbos/response/v1;responsev1\xaa\x02\x16\x43\x65rbos.Api.V1.Responseb\x06proto3"
|
|
13
|
+
descriptor_data = "\n!cerbos/response/v1/response.proto\x12\x12\x63\x65rbos.response.v1\x1a\x1d\x63\x65rbos/effect/v1/effect.proto\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1d\x63\x65rbos/schema/v1/schema.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\xcd\x08\n\x15PlanResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x32\n\x06\x61\x63tion\x18\x02 \x01(\tB\x1a\x92\x41\x17\x32\x06\x41\x63tionJ\r\"view:public\"R\x06\x61\x63tion\x12H\n\rresource_kind\x18\x03 \x01(\tB#\x92\x41 2\x0eResource kind.J\x0e\"album:object\"R\x0cresourceKind\x12J\n\x0epolicy_version\x18\x04 \x01(\tB#\x92\x41 2\x13The policy version.J\t\"default\"R\rpolicyVersion\x12J\n\x06\x66ilter\x18\x05 \x01(\x0b\x32%.cerbos.engine.v1.PlanResourcesFilterB\x0b\x92\x41\x08\x32\x06\x46ilterR\x06\x66ilter\x12\x7f\n\x04meta\x18\x06 \x01(\x0b\x32..cerbos.response.v1.PlanResourcesResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x12\x90\x01\n\x11validation_errors\x18\x07 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x12Y\n\x0e\x63\x65rbos_call_id\x18\x08 \x01(\tB3\x92\x41\x30\x32.Audit log call ID associated with this requestR\x0c\x63\x65rbosCallId\x1a\xff\x01\n\x04Meta\x12]\n\x0c\x66ilter_debug\x18\x01 \x01(\tB:\x92\x41\x37\x32\x35\x46ilter textual representation for debugging purposes.R\x0b\x66ilterDebug\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:)\x92\x41&\n$2\"Metadata about request evaluation.:<\x92\x41\x39\n725Resources query plan response for a set of resources.\"\xc8\x15\n\x18\x43heckResourceSetResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xdb\x02\n\x12resource_instances\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourceSetResponse.ResourceInstancesEntryB\xe6\x01\x92\x41\xe2\x01\x32KResults for each resource instance, keyed by the ID supplied in the requestJ\x92\x01{\"XX125\":{\"actions\":{\"view:*\":\"EFFECT_ALLOW\", \"comment\": \"EFFECT_ALLOW\"}}, \"XX225\":{\"actions\":{\"view:*\":\"EFFECT_DENY\", \"comment\": \"EFFECT_DENY\"}}}R\x11resourceInstances\x12\x82\x01\n\x04meta\x18\x03 \x01(\x0b\x32\x31.cerbos.response.v1.CheckResourceSetResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x1a\x8b\x03\n\x0f\x41\x63tionEffectMap\x12\x8e\x01\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap.ActionsEntryB)\x92\x41&2$Mapping of each action to an effect.R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x02 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01\x1a\x89\x0c\n\x04Meta\x12\xcf\x03\n\x12resource_instances\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourceSetResponse.Meta.ResourceInstancesEntryB\xd5\x02\x92\x41\xd1\x02\x32\"Metadata about resource instances.J\xaa\x02{\"XX125\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}, \"XX225\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}}}R\x11resourceInstances\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\xf3\x04\n\nActionMeta\x12\xa7\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1ax\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMetaR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Unique resource instance ID supplied in the request.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMapR\x05value:\x02\x38\x01:9\x92\x41\x36\n422Policy evaluation response for a set of resources.\"\xe5\x06\n\x1a\x43heckResourceBatchResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xb3\x01\n\x07results\x18\x02 \x03(\x0b\x32>.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMapBY\x92\x41V2\x18Result for each resourceJ:[{\"resourceId\":\"XX125\",\"actions\":{\"view\":\"EFFECT_ALLOW\"}}]R\x07results\x1a\xe2\x03\n\x0f\x41\x63tionEffectMap\x12:\n\x0bresource_id\x18\x01 \x01(\tB\x19\x92\x41\x16\x32\x0bResource IDJ\x07\"XX125\"R\nresourceId\x12\xa9\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32K.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Policy evaluation response for a batch of resources.\"\xbe\x17\n\x16\x43heckResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xe3\x01\n\x07results\x18\x02 \x03(\x0b\x32\x36.cerbos.response.v1.CheckResourcesResponse.ResultEntryB\x90\x01\x92\x41\x8c\x01\x32\x18Result for each resourceJp[{\"resource\": {\"Id\":\"XX125\", \"kind\":\"album:object\"}, \"actions\":{\"view\":\"EFFECT_ALLOW\",\"comment\":\"EFFECT_DENY\"}}]R\x07results\x12Y\n\x0e\x63\x65rbos_call_id\x18\x03 \x01(\tB3\x92\x41\x30\x32.Audit log call ID associated with this requestR\x0c\x63\x65rbosCallId\x1a\xbd\x13\n\x0bResultEntry\x12[\n\x08resource\x18\x01 \x01(\x0b\x32?.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ResourceR\x08resource\x12\xa1\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x12\x98\x02\n\x04meta\x18\x04 \x01(\x0b\x32;.cerbos.response.v1.CheckResourcesResponse.ResultEntry.MetaB\xc6\x01\x92\x41\xc2\x01\x32 Metadata about policy evaluationJ\x9d\x01{\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}R\x04meta\x12\xf6\x01\n\x07outputs\x18\x05 \x03(\x0b\x32\x1d.cerbos.engine.v1.OutputEntryB\xbc\x01\x92\x41\xb8\x01\x32,Output for each rule with outputs configuredJ\x87\x01[{\"src\": \"resource.expense.v1/acme#rule-001\", \"val\": \"view_allowed:alice\"}, {\"src\": \"resource.expense.v1/acme#rule-002\", \"val\": \"foo\"}]R\x07outputs\x1a\xbc\x04\n\x08Resource\x12\x39\n\x02id\x18\x01 \x01(\tB)\x92\x41&2\x1bID of the resource instanceJ\x07\"XX125\"R\x02id\x12Q\n\x04kind\x18\x02 \x01(\tB=\x92\x41:2)Name of the resource kind being accessed.J\r\"album:photo\"R\x04kind\x12\xc5\x01\n\x0epolicy_version\x18\x03 \x01(\tB\x9d\x01\x92\x41\x99\x01\x32|The policy version to use to evaluate this request. If not specified, will default to the server-configured default version.J\t\"default\"\x8a\x01\r^[[:word:]]*$R\rpolicyVersion\x12\xd9\x01\n\x05scope\x18\x04 \x01(\tB\xc2\x01\x92\x41\xbe\x01\x32}A dot-separated scope that describes the hierarchy this resource belongs to. This is used for determining policy inheritance.J\x0b\"acme.corp\"\x8a\x01/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$R\x05scope\x1a\xf0\x06\n\x04Meta\x12\xa6\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\x82\x01\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\\\n\x05value\x18\x02 \x01(\x0b\x32\x46.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:2\x92\x41/\n-2+Response from the check resources API call.\"\x82\x01\n\x12ServerInfoResponse\x12\x18\n\x07version\x18\x01 \x01(\tR\x07version\x12\x16\n\x06\x63ommit\x18\x02 \x01(\tR\x06\x63ommit\x12\x1d\n\nbuild_date\x18\x03 \x01(\tR\tbuildDate:\x1b\x92\x41\x18\n\x16\x32\x14Server info responseBw\n\x1a\x64\x65v.cerbos.api.v1.responseZ@github.com/cerbos/cerbos/api/genpb/cerbos/response/v1;responsev1\xaa\x02\x16\x43\x65rbos.Api.V1.Responseb\x06proto3"
|
|
14
14
|
|
|
15
15
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
16
|
-
|
|
17
|
-
begin
|
|
18
|
-
pool.add_serialized_file(descriptor_data)
|
|
19
|
-
rescue TypeError => e
|
|
20
|
-
# Compatibility code: will be removed in the next major version.
|
|
21
|
-
require 'google/protobuf/descriptor_pb'
|
|
22
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
23
|
-
parsed.clear_dependency
|
|
24
|
-
serialized = parsed.class.encode(parsed)
|
|
25
|
-
file = pool.add_serialized_file(serialized)
|
|
26
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
27
|
-
imports = [
|
|
28
|
-
["cerbos.engine.v1.PlanResourcesFilter", "cerbos/engine/v1/engine.proto"],
|
|
29
|
-
["cerbos.schema.v1.ValidationError", "cerbos/schema/v1/schema.proto"],
|
|
30
|
-
]
|
|
31
|
-
imports.each do |type_name, expected_filename|
|
|
32
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
33
|
-
if import_file.name != expected_filename
|
|
34
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
35
|
-
end
|
|
36
|
-
end
|
|
37
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
38
|
-
warn "This will become an error in the next major version."
|
|
39
|
-
end
|
|
16
|
+
pool.add_serialized_file(descriptor_data)
|
|
40
17
|
|
|
41
18
|
module Cerbos::Protobuf::Cerbos
|
|
42
19
|
module Response
|
|
@@ -8,28 +8,7 @@ require 'google/protobuf'
|
|
|
8
8
|
descriptor_data = "\n\x1d\x63\x65rbos/schema/v1/schema.proto\x12\x10\x63\x65rbos.schema.v1\"\xce\x01\n\x0fValidationError\x12\x12\n\x04path\x18\x01 \x01(\tR\x04path\x12\x18\n\x07message\x18\x02 \x01(\tR\x07message\x12@\n\x06source\x18\x03 \x01(\x0e\x32(.cerbos.schema.v1.ValidationError.SourceR\x06source\"K\n\x06Source\x12\x16\n\x12SOURCE_UNSPECIFIED\x10\x00\x12\x14\n\x10SOURCE_PRINCIPAL\x10\x01\x12\x13\n\x0fSOURCE_RESOURCE\x10\x02\x42o\n\x18\x64\x65v.cerbos.api.v1.schemaZ<github.com/cerbos/cerbos/api/genpb/cerbos/schema/v1;schemav1\xaa\x02\x14\x43\x65rbos.Api.V1.Schemab\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
|
-
|
|
12
|
-
begin
|
|
13
|
-
pool.add_serialized_file(descriptor_data)
|
|
14
|
-
rescue TypeError => e
|
|
15
|
-
# Compatibility code: will be removed in the next major version.
|
|
16
|
-
require 'google/protobuf/descriptor_pb'
|
|
17
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
18
|
-
parsed.clear_dependency
|
|
19
|
-
serialized = parsed.class.encode(parsed)
|
|
20
|
-
file = pool.add_serialized_file(serialized)
|
|
21
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
22
|
-
imports = [
|
|
23
|
-
]
|
|
24
|
-
imports.each do |type_name, expected_filename|
|
|
25
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
26
|
-
if import_file.name != expected_filename
|
|
27
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
31
|
-
warn "This will become an error in the next major version."
|
|
32
|
-
end
|
|
11
|
+
pool.add_serialized_file(descriptor_data)
|
|
33
12
|
|
|
34
13
|
module Cerbos::Protobuf::Cerbos
|
|
35
14
|
module Schema
|
|
@@ -8,35 +8,14 @@ require 'cerbos/protobuf/cerbos/request/v1/request_pb'
|
|
|
8
8
|
require 'cerbos/protobuf/cerbos/response/v1/response_pb'
|
|
9
9
|
require 'cerbos/protobuf/google/api/annotations_pb'
|
|
10
10
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
|
11
|
-
require 'cerbos/protobuf/validate/validate_pb'
|
|
12
11
|
require 'cerbos/protobuf/google/api/field_behavior_pb'
|
|
12
|
+
require 'cerbos/protobuf/buf/validate/validate_pb'
|
|
13
13
|
|
|
14
14
|
|
|
15
|
-
descriptor_data = "\n\x17\x63\x65rbos/svc/v1/svc.proto\x12\rcerbos.svc.v1\x1a\x1f\x63\x65rbos/request/v1/request.proto\x1a!cerbos/response/v1/response.proto\x1a\x1cgoogle/api/annotations.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\x1a\
|
|
15
|
+
descriptor_data = "\n\x17\x63\x65rbos/svc/v1/svc.proto\x12\rcerbos.svc.v1\x1a\x1f\x63\x65rbos/request/v1/request.proto\x1a!cerbos/response/v1/response.proto\x1a\x1cgoogle/api/annotations.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x1b\x62uf/validate/validate.proto2\xd6\n\n\rCerbosService\x12\xa7\x02\n\x10\x43heckResourceSet\x12*.cerbos.request.v1.CheckResourceSetRequest\x1a,.cerbos.response.v1.CheckResourceSetResponse\"\xb8\x01\x92\x41\x9f\x01\x12\x05\x43heck\x1a\x93\x01[Deprecated: Use CheckResources API instead] Check whether a principal has permissions to perform the given actions on a set of resource instances.X\x01\x82\xd3\xe4\x93\x02\x0f:\x01*\"\n/api/check\x12\xb6\x02\n\x12\x43heckResourceBatch\x12,.cerbos.request.v1.CheckResourceBatchRequest\x1a..cerbos.response.v1.CheckResourceBatchResponse\"\xc1\x01\x92\x41\x99\x01\x12\x14\x43heck resource batch\x1a\x7f[Deprecated: Use CheckResources API instead] Check a principal\'s permissions to a batch of heterogeneous resources and actions.X\x01\x82\xd3\xe4\x93\x02\x1e:\x01*\"\x19/api/check_resource_batch\x12\xf0\x01\n\x0e\x43heckResources\x12(.cerbos.request.v1.CheckResourcesRequest\x1a*.cerbos.response.v1.CheckResourcesResponse\"\x87\x01\x92\x41\x65\x12\x0f\x43heck resources\x1aRCheck a principal\'s permissions to a batch of heterogeneous resources and actions.\x82\xd3\xe4\x93\x02\x19:\x01*\"\x14/api/check/resources\x12\xc5\x01\n\nServerInfo\x12$.cerbos.request.v1.ServerInfoRequest\x1a&.cerbos.response.v1.ServerInfoResponse\"i\x92\x41N\x12\x16Get server information\x1a\x34Get information about the server e.g. server version\x82\xd3\xe4\x93\x02\x12\x12\x10/api/server_info\x12\x83\x02\n\rPlanResources\x12\'.cerbos.request.v1.PlanResourcesRequest\x1a).cerbos.response.v1.PlanResourcesResponse\"\x9d\x01\x92\x41|\x12\x0ePlan resources\x1ajProduce a query plan with conditions that must be satisfied for accessing a set of instances of a resource\x82\xd3\xe4\x93\x02\x18:\x01*\"\x13/api/plan/resources\x1a!\x92\x41\x1e\x12\x1c\x43\x65rbos Policy Decision PointB\xe1\x01\n\x15\x64\x65v.cerbos.api.v1.svcZ6github.com/cerbos/cerbos/api/genpb/cerbos/svc/v1;svcv1\xaa\x02\x11\x43\x65rbos.Api.V1.Svc\x92\x41{\x12?\n\x06\x43\x65rbos\"-\n\x06\x43\x65rbos\x12\x12https://cerbos.dev\x1a\x0finfo@cerbos.dev2\x06latest*\x01\x02\x32\x10\x61pplication/json:\x10\x61pplication/jsonZ\x11\n\x0f\n\tBasicAuth\x12\x02\x08\x01\x62\x06proto3"
|
|
16
16
|
|
|
17
17
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
18
|
-
|
|
19
|
-
begin
|
|
20
|
-
pool.add_serialized_file(descriptor_data)
|
|
21
|
-
rescue TypeError => e
|
|
22
|
-
# Compatibility code: will be removed in the next major version.
|
|
23
|
-
require 'google/protobuf/descriptor_pb'
|
|
24
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
25
|
-
parsed.clear_dependency
|
|
26
|
-
serialized = parsed.class.encode(parsed)
|
|
27
|
-
file = pool.add_serialized_file(serialized)
|
|
28
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
29
|
-
imports = [
|
|
30
|
-
]
|
|
31
|
-
imports.each do |type_name, expected_filename|
|
|
32
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
33
|
-
if import_file.name != expected_filename
|
|
34
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
35
|
-
end
|
|
36
|
-
end
|
|
37
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
38
|
-
warn "This will become an error in the next major version."
|
|
39
|
-
end
|
|
18
|
+
pool.add_serialized_file(descriptor_data)
|
|
40
19
|
|
|
41
20
|
module Cerbos::Protobuf::Cerbos
|
|
42
21
|
module Svc
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
2
|
# Source: cerbos/svc/v1/svc.proto for package 'cerbos.svc.v1'
|
|
3
3
|
# Original file comments:
|
|
4
|
-
# Copyright 2021-
|
|
4
|
+
# Copyright 2021-2024 Zenauth Ltd.
|
|
5
5
|
# SPDX-License-Identifier: Apache-2.0
|
|
6
6
|
#
|
|
7
7
|
|
|
@@ -11,29 +11,7 @@ require 'google/protobuf/descriptor_pb'
|
|
|
11
11
|
descriptor_data = "\n\x1cgoogle/api/annotations.proto\x12\ngoogle.api\x1a\x15google/api/http.proto\x1a google/protobuf/descriptor.proto:K\n\x04http\x12\x1e.google.protobuf.MethodOptions\x18\xb0\xca\xbc\" \x01(\x0b\x32\x14.google.api.HttpRuleR\x04httpBn\n\x0e\x63om.google.apiB\x10\x41nnotationsProtoP\x01ZAgoogle.golang.org/genproto/googleapis/api/annotations;annotations\xa2\x02\x04GAPIb\x06proto3"
|
|
12
12
|
|
|
13
13
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
14
|
-
|
|
15
|
-
begin
|
|
16
|
-
pool.add_serialized_file(descriptor_data)
|
|
17
|
-
rescue TypeError => e
|
|
18
|
-
# Compatibility code: will be removed in the next major version.
|
|
19
|
-
require 'google/protobuf/descriptor_pb'
|
|
20
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
21
|
-
parsed.clear_dependency
|
|
22
|
-
serialized = parsed.class.encode(parsed)
|
|
23
|
-
file = pool.add_serialized_file(serialized)
|
|
24
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
25
|
-
imports = [
|
|
26
|
-
["google.api.HttpRule", "google/api/http.proto"],
|
|
27
|
-
]
|
|
28
|
-
imports.each do |type_name, expected_filename|
|
|
29
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
30
|
-
if import_file.name != expected_filename
|
|
31
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
35
|
-
warn "This will become an error in the next major version."
|
|
36
|
-
end
|
|
14
|
+
pool.add_serialized_file(descriptor_data)
|
|
37
15
|
|
|
38
16
|
module Cerbos::Protobuf::Google
|
|
39
17
|
module Api
|
|
@@ -7,31 +7,10 @@ require 'google/protobuf'
|
|
|
7
7
|
require 'google/protobuf/descriptor_pb'
|
|
8
8
|
|
|
9
9
|
|
|
10
|
-
descriptor_data = "\n\x1fgoogle/api/field_behavior.proto\x12\ngoogle.api\x1a google/protobuf/descriptor.proto*\
|
|
10
|
+
descriptor_data = "\n\x1fgoogle/api/field_behavior.proto\x12\ngoogle.api\x1a google/protobuf/descriptor.proto*\xb6\x01\n\rFieldBehavior\x12\x1e\n\x1a\x46IELD_BEHAVIOR_UNSPECIFIED\x10\x00\x12\x0c\n\x08OPTIONAL\x10\x01\x12\x0c\n\x08REQUIRED\x10\x02\x12\x0f\n\x0bOUTPUT_ONLY\x10\x03\x12\x0e\n\nINPUT_ONLY\x10\x04\x12\r\n\tIMMUTABLE\x10\x05\x12\x12\n\x0eUNORDERED_LIST\x10\x06\x12\x15\n\x11NON_EMPTY_DEFAULT\x10\x07\x12\x0e\n\nIDENTIFIER\x10\x08:`\n\x0e\x66ield_behavior\x12\x1d.google.protobuf.FieldOptions\x18\x9c\x08 \x03(\x0e\x32\x19.google.api.FieldBehaviorR\rfieldBehaviorBp\n\x0e\x63om.google.apiB\x12\x46ieldBehaviorProtoP\x01ZAgoogle.golang.org/genproto/googleapis/api/annotations;annotations\xa2\x02\x04GAPIb\x06proto3"
|
|
11
11
|
|
|
12
12
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
13
|
-
|
|
14
|
-
begin
|
|
15
|
-
pool.add_serialized_file(descriptor_data)
|
|
16
|
-
rescue TypeError => e
|
|
17
|
-
# Compatibility code: will be removed in the next major version.
|
|
18
|
-
require 'google/protobuf/descriptor_pb'
|
|
19
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
20
|
-
parsed.clear_dependency
|
|
21
|
-
serialized = parsed.class.encode(parsed)
|
|
22
|
-
file = pool.add_serialized_file(serialized)
|
|
23
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
24
|
-
imports = [
|
|
25
|
-
]
|
|
26
|
-
imports.each do |type_name, expected_filename|
|
|
27
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
28
|
-
if import_file.name != expected_filename
|
|
29
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
30
|
-
end
|
|
31
|
-
end
|
|
32
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
33
|
-
warn "This will become an error in the next major version."
|
|
34
|
-
end
|
|
13
|
+
pool.add_serialized_file(descriptor_data)
|
|
35
14
|
|
|
36
15
|
module Cerbos::Protobuf::Google
|
|
37
16
|
module Api
|
|
@@ -8,28 +8,7 @@ require 'google/protobuf'
|
|
|
8
8
|
descriptor_data = "\n\x15google/api/http.proto\x12\ngoogle.api\"\xda\x02\n\x08HttpRule\x12\x1a\n\x08selector\x18\x01 \x01(\tR\x08selector\x12\x12\n\x03get\x18\x02 \x01(\tH\x00R\x03get\x12\x12\n\x03put\x18\x03 \x01(\tH\x00R\x03put\x12\x14\n\x04post\x18\x04 \x01(\tH\x00R\x04post\x12\x18\n\x06\x64\x65lete\x18\x05 \x01(\tH\x00R\x06\x64\x65lete\x12\x16\n\x05patch\x18\x06 \x01(\tH\x00R\x05patch\x12\x37\n\x06\x63ustom\x18\x08 \x01(\x0b\x32\x1d.google.api.CustomHttpPatternH\x00R\x06\x63ustom\x12\x12\n\x04\x62ody\x18\x07 \x01(\tR\x04\x62ody\x12#\n\rresponse_body\x18\x0c \x01(\tR\x0cresponseBody\x12\x45\n\x13\x61\x64\x64itional_bindings\x18\x0b \x03(\x0b\x32\x14.google.api.HttpRuleR\x12\x61\x64\x64itionalBindingsB\t\n\x07pattern\";\n\x11\x43ustomHttpPattern\x12\x12\n\x04kind\x18\x01 \x01(\tR\x04kind\x12\x12\n\x04path\x18\x02 \x01(\tR\x04pathBj\n\x0e\x63om.google.apiB\tHttpProtoP\x01ZAgoogle.golang.org/genproto/googleapis/api/annotations;annotations\xf8\x01\x01\xa2\x02\x04GAPIb\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
|
-
|
|
12
|
-
begin
|
|
13
|
-
pool.add_serialized_file(descriptor_data)
|
|
14
|
-
rescue TypeError => e
|
|
15
|
-
# Compatibility code: will be removed in the next major version.
|
|
16
|
-
require 'google/protobuf/descriptor_pb'
|
|
17
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
18
|
-
parsed.clear_dependency
|
|
19
|
-
serialized = parsed.class.encode(parsed)
|
|
20
|
-
file = pool.add_serialized_file(serialized)
|
|
21
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
22
|
-
imports = [
|
|
23
|
-
]
|
|
24
|
-
imports.each do |type_name, expected_filename|
|
|
25
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
26
|
-
if import_file.name != expected_filename
|
|
27
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
31
|
-
warn "This will become an error in the next major version."
|
|
32
|
-
end
|
|
11
|
+
pool.add_serialized_file(descriptor_data)
|
|
33
12
|
|
|
34
13
|
module Cerbos::Protobuf::Google
|
|
35
14
|
module Api
|
|
@@ -11,29 +11,7 @@ require 'cerbos/protobuf/protoc-gen-openapiv2/options/openapiv2_pb'
|
|
|
11
11
|
descriptor_data = "\n.protoc-gen-openapiv2/options/annotations.proto\x12)grpc.gateway.protoc_gen_openapiv2.options\x1a google/protobuf/descriptor.proto\x1a,protoc-gen-openapiv2/options/openapiv2.proto:~\n\x11openapiv2_swagger\x12\x1c.google.protobuf.FileOptions\x18\x92\x08 \x01(\x0b\x32\x32.grpc.gateway.protoc_gen_openapiv2.options.SwaggerR\x10openapiv2Swagger:\x86\x01\n\x13openapiv2_operation\x12\x1e.google.protobuf.MethodOptions\x18\x92\x08 \x01(\x0b\x32\x34.grpc.gateway.protoc_gen_openapiv2.options.OperationR\x12openapiv2Operation:~\n\x10openapiv2_schema\x12\x1f.google.protobuf.MessageOptions\x18\x92\x08 \x01(\x0b\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.SchemaR\x0fopenapiv2Schema:u\n\ropenapiv2_tag\x12\x1f.google.protobuf.ServiceOptions\x18\x92\x08 \x01(\x0b\x32..grpc.gateway.protoc_gen_openapiv2.options.TagR\x0copenapiv2Tag:~\n\x0fopenapiv2_field\x12\x1d.google.protobuf.FieldOptions\x18\x92\x08 \x01(\x0b\x32\x35.grpc.gateway.protoc_gen_openapiv2.options.JSONSchemaR\x0eopenapiv2FieldBHZFgithub.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/optionsb\x06proto3"
|
|
12
12
|
|
|
13
13
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
14
|
-
|
|
15
|
-
begin
|
|
16
|
-
pool.add_serialized_file(descriptor_data)
|
|
17
|
-
rescue TypeError => e
|
|
18
|
-
# Compatibility code: will be removed in the next major version.
|
|
19
|
-
require 'google/protobuf/descriptor_pb'
|
|
20
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
21
|
-
parsed.clear_dependency
|
|
22
|
-
serialized = parsed.class.encode(parsed)
|
|
23
|
-
file = pool.add_serialized_file(serialized)
|
|
24
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
25
|
-
imports = [
|
|
26
|
-
["grpc.gateway.protoc_gen_openapiv2.options.Swagger", "protoc-gen-openapiv2/options/openapiv2.proto"],
|
|
27
|
-
]
|
|
28
|
-
imports.each do |type_name, expected_filename|
|
|
29
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
30
|
-
if import_file.name != expected_filename
|
|
31
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
35
|
-
warn "This will become an error in the next major version."
|
|
36
|
-
end
|
|
14
|
+
pool.add_serialized_file(descriptor_data)
|
|
37
15
|
|
|
38
16
|
module Cerbos::Protobuf::Grpc
|
|
39
17
|
module Gateway
|
|
@@ -10,29 +10,7 @@ require 'google/protobuf/struct_pb'
|
|
|
10
10
|
descriptor_data = "\n,protoc-gen-openapiv2/options/openapiv2.proto\x12)grpc.gateway.protoc_gen_openapiv2.options\x1a\x1cgoogle/protobuf/struct.proto\"\xb3\x08\n\x07Swagger\x12\x18\n\x07swagger\x18\x01 \x01(\tR\x07swagger\x12\x43\n\x04info\x18\x02 \x01(\x0b\x32/.grpc.gateway.protoc_gen_openapiv2.options.InfoR\x04info\x12\x12\n\x04host\x18\x03 \x01(\tR\x04host\x12\x1b\n\tbase_path\x18\x04 \x01(\tR\x08\x62\x61sePath\x12K\n\x07schemes\x18\x05 \x03(\x0e\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.SchemeR\x07schemes\x12\x1a\n\x08\x63onsumes\x18\x06 \x03(\tR\x08\x63onsumes\x12\x1a\n\x08produces\x18\x07 \x03(\tR\x08produces\x12_\n\tresponses\x18\n \x03(\x0b\x32\x41.grpc.gateway.protoc_gen_openapiv2.options.Swagger.ResponsesEntryR\tresponses\x12q\n\x14security_definitions\x18\x0b \x01(\x0b\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityDefinitionsR\x13securityDefinitions\x12Z\n\x08security\x18\x0c \x03(\x0b\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityRequirementR\x08security\x12\x42\n\x04tags\x18\r \x03(\x0b\x32..grpc.gateway.protoc_gen_openapiv2.options.TagR\x04tags\x12\x65\n\rexternal_docs\x18\x0e \x01(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.ExternalDocumentationR\x0c\x65xternalDocs\x12\x62\n\nextensions\x18\x0f \x03(\x0b\x32\x42.grpc.gateway.protoc_gen_openapiv2.options.Swagger.ExtensionsEntryR\nextensions\x1aq\n\x0eResponsesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12I\n\x05value\x18\x02 \x01(\x0b\x32\x33.grpc.gateway.protoc_gen_openapiv2.options.ResponseR\x05value:\x02\x38\x01\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01J\x04\x08\x08\x10\tJ\x04\x08\t\x10\n\"\xd6\x07\n\tOperation\x12\x12\n\x04tags\x18\x01 \x03(\tR\x04tags\x12\x18\n\x07summary\x18\x02 \x01(\tR\x07summary\x12 \n\x0b\x64\x65scription\x18\x03 \x01(\tR\x0b\x64\x65scription\x12\x65\n\rexternal_docs\x18\x04 \x01(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.ExternalDocumentationR\x0c\x65xternalDocs\x12!\n\x0coperation_id\x18\x05 \x01(\tR\x0boperationId\x12\x1a\n\x08\x63onsumes\x18\x06 \x03(\tR\x08\x63onsumes\x12\x1a\n\x08produces\x18\x07 \x03(\tR\x08produces\x12\x61\n\tresponses\x18\t \x03(\x0b\x32\x43.grpc.gateway.protoc_gen_openapiv2.options.Operation.ResponsesEntryR\tresponses\x12K\n\x07schemes\x18\n \x03(\x0e\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.SchemeR\x07schemes\x12\x1e\n\ndeprecated\x18\x0b \x01(\x08R\ndeprecated\x12Z\n\x08security\x18\x0c \x03(\x0b\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityRequirementR\x08security\x12\x64\n\nextensions\x18\r \x03(\x0b\x32\x44.grpc.gateway.protoc_gen_openapiv2.options.Operation.ExtensionsEntryR\nextensions\x12U\n\nparameters\x18\x0e \x01(\x0b\x32\x35.grpc.gateway.protoc_gen_openapiv2.options.ParametersR\nparameters\x1aq\n\x0eResponsesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12I\n\x05value\x18\x02 \x01(\x0b\x32\x33.grpc.gateway.protoc_gen_openapiv2.options.ResponseR\x05value:\x02\x38\x01\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01J\x04\x08\x08\x10\t\"b\n\nParameters\x12T\n\x07headers\x18\x01 \x03(\x0b\x32:.grpc.gateway.protoc_gen_openapiv2.options.HeaderParameterR\x07headers\"\xa3\x02\n\x0fHeaderParameter\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12 \n\x0b\x64\x65scription\x18\x02 \x01(\tR\x0b\x64\x65scription\x12S\n\x04type\x18\x03 \x01(\x0e\x32?.grpc.gateway.protoc_gen_openapiv2.options.HeaderParameter.TypeR\x04type\x12\x16\n\x06\x66ormat\x18\x04 \x01(\tR\x06\x66ormat\x12\x1a\n\x08required\x18\x05 \x01(\x08R\x08required\"E\n\x04Type\x12\x0b\n\x07UNKNOWN\x10\x00\x12\n\n\x06STRING\x10\x01\x12\n\n\x06NUMBER\x10\x02\x12\x0b\n\x07INTEGER\x10\x03\x12\x0b\n\x07\x42OOLEAN\x10\x04J\x04\x08\x06\x10\x07J\x04\x08\x07\x10\x08\"\xd8\x01\n\x06Header\x12 \n\x0b\x64\x65scription\x18\x01 \x01(\tR\x0b\x64\x65scription\x12\x12\n\x04type\x18\x02 \x01(\tR\x04type\x12\x16\n\x06\x66ormat\x18\x03 \x01(\tR\x06\x66ormat\x12\x18\n\x07\x64\x65\x66\x61ult\x18\x06 \x01(\tR\x07\x64\x65\x66\x61ult\x12\x18\n\x07pattern\x18\r \x01(\tR\x07patternJ\x04\x08\x04\x10\x05J\x04\x08\x05\x10\x06J\x04\x08\x07\x10\x08J\x04\x08\x08\x10\tJ\x04\x08\t\x10\nJ\x04\x08\n\x10\x0bJ\x04\x08\x0b\x10\x0cJ\x04\x08\x0c\x10\rJ\x04\x08\x0e\x10\x0fJ\x04\x08\x0f\x10\x10J\x04\x08\x10\x10\x11J\x04\x08\x11\x10\x12J\x04\x08\x12\x10\x13\"\x9a\x05\n\x08Response\x12 \n\x0b\x64\x65scription\x18\x01 \x01(\tR\x0b\x64\x65scription\x12I\n\x06schema\x18\x02 \x01(\x0b\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.SchemaR\x06schema\x12Z\n\x07headers\x18\x03 \x03(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.Response.HeadersEntryR\x07headers\x12]\n\x08\x65xamples\x18\x04 \x03(\x0b\x32\x41.grpc.gateway.protoc_gen_openapiv2.options.Response.ExamplesEntryR\x08\x65xamples\x12\x63\n\nextensions\x18\x05 \x03(\x0b\x32\x43.grpc.gateway.protoc_gen_openapiv2.options.Response.ExtensionsEntryR\nextensions\x1am\n\x0cHeadersEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12G\n\x05value\x18\x02 \x01(\x0b\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.HeaderR\x05value:\x02\x38\x01\x1a;\n\rExamplesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n\x05value\x18\x02 \x01(\tR\x05value:\x02\x38\x01\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"\xd6\x03\n\x04Info\x12\x14\n\x05title\x18\x01 \x01(\tR\x05title\x12 \n\x0b\x64\x65scription\x18\x02 \x01(\tR\x0b\x64\x65scription\x12(\n\x10terms_of_service\x18\x03 \x01(\tR\x0etermsOfService\x12L\n\x07\x63ontact\x18\x04 \x01(\x0b\x32\x32.grpc.gateway.protoc_gen_openapiv2.options.ContactR\x07\x63ontact\x12L\n\x07license\x18\x05 \x01(\x0b\x32\x32.grpc.gateway.protoc_gen_openapiv2.options.LicenseR\x07license\x12\x18\n\x07version\x18\x06 \x01(\tR\x07version\x12_\n\nextensions\x18\x07 \x03(\x0b\x32?.grpc.gateway.protoc_gen_openapiv2.options.Info.ExtensionsEntryR\nextensions\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"E\n\x07\x43ontact\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x10\n\x03url\x18\x02 \x01(\tR\x03url\x12\x14\n\x05\x65mail\x18\x03 \x01(\tR\x05\x65mail\"/\n\x07License\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x10\n\x03url\x18\x02 \x01(\tR\x03url\"K\n\x15\x45xternalDocumentation\x12 \n\x0b\x64\x65scription\x18\x01 \x01(\tR\x0b\x64\x65scription\x12\x10\n\x03url\x18\x02 \x01(\tR\x03url\"\xaa\x02\n\x06Schema\x12V\n\x0bjson_schema\x18\x01 \x01(\x0b\x32\x35.grpc.gateway.protoc_gen_openapiv2.options.JSONSchemaR\njsonSchema\x12$\n\rdiscriminator\x18\x02 \x01(\tR\rdiscriminator\x12\x1b\n\tread_only\x18\x03 \x01(\x08R\x08readOnly\x12\x65\n\rexternal_docs\x18\x05 \x01(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.ExternalDocumentationR\x0c\x65xternalDocs\x12\x18\n\x07\x65xample\x18\x06 \x01(\tR\x07\x65xampleJ\x04\x08\x04\x10\x05\"\xd7\n\n\nJSONSchema\x12\x10\n\x03ref\x18\x03 \x01(\tR\x03ref\x12\x14\n\x05title\x18\x05 \x01(\tR\x05title\x12 \n\x0b\x64\x65scription\x18\x06 \x01(\tR\x0b\x64\x65scription\x12\x18\n\x07\x64\x65\x66\x61ult\x18\x07 \x01(\tR\x07\x64\x65\x66\x61ult\x12\x1b\n\tread_only\x18\x08 \x01(\x08R\x08readOnly\x12\x18\n\x07\x65xample\x18\t \x01(\tR\x07\x65xample\x12\x1f\n\x0bmultiple_of\x18\n \x01(\x01R\nmultipleOf\x12\x18\n\x07maximum\x18\x0b \x01(\x01R\x07maximum\x12+\n\x11\x65xclusive_maximum\x18\x0c \x01(\x08R\x10\x65xclusiveMaximum\x12\x18\n\x07minimum\x18\r \x01(\x01R\x07minimum\x12+\n\x11\x65xclusive_minimum\x18\x0e \x01(\x08R\x10\x65xclusiveMinimum\x12\x1d\n\nmax_length\x18\x0f \x01(\x04R\tmaxLength\x12\x1d\n\nmin_length\x18\x10 \x01(\x04R\tminLength\x12\x18\n\x07pattern\x18\x11 \x01(\tR\x07pattern\x12\x1b\n\tmax_items\x18\x14 \x01(\x04R\x08maxItems\x12\x1b\n\tmin_items\x18\x15 \x01(\x04R\x08minItems\x12!\n\x0cunique_items\x18\x16 \x01(\x08R\x0buniqueItems\x12%\n\x0emax_properties\x18\x18 \x01(\x04R\rmaxProperties\x12%\n\x0emin_properties\x18\x19 \x01(\x04R\rminProperties\x12\x1a\n\x08required\x18\x1a \x03(\tR\x08required\x12\x14\n\x05\x61rray\x18\" \x03(\tR\x05\x61rray\x12_\n\x04type\x18# \x03(\x0e\x32K.grpc.gateway.protoc_gen_openapiv2.options.JSONSchema.JSONSchemaSimpleTypesR\x04type\x12\x16\n\x06\x66ormat\x18$ \x01(\tR\x06\x66ormat\x12\x12\n\x04\x65num\x18. \x03(\tR\x04\x65num\x12z\n\x13\x66ield_configuration\x18\xe9\x07 \x01(\x0b\x32H.grpc.gateway.protoc_gen_openapiv2.options.JSONSchema.FieldConfigurationR\x12\x66ieldConfiguration\x12\x65\n\nextensions\x18\x30 \x03(\x0b\x32\x45.grpc.gateway.protoc_gen_openapiv2.options.JSONSchema.ExtensionsEntryR\nextensions\x1a<\n\x12\x46ieldConfiguration\x12&\n\x0fpath_param_name\x18/ \x01(\tR\rpathParamName\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"w\n\x15JSONSchemaSimpleTypes\x12\x0b\n\x07UNKNOWN\x10\x00\x12\t\n\x05\x41RRAY\x10\x01\x12\x0b\n\x07\x42OOLEAN\x10\x02\x12\x0b\n\x07INTEGER\x10\x03\x12\x08\n\x04NULL\x10\x04\x12\n\n\x06NUMBER\x10\x05\x12\n\n\x06OBJECT\x10\x06\x12\n\n\x06STRING\x10\x07J\x04\x08\x01\x10\x02J\x04\x08\x02\x10\x03J\x04\x08\x04\x10\x05J\x04\x08\x12\x10\x13J\x04\x08\x13\x10\x14J\x04\x08\x17\x10\x18J\x04\x08\x1b\x10\x1cJ\x04\x08\x1c\x10\x1dJ\x04\x08\x1d\x10\x1eJ\x04\x08\x1e\x10\"J\x04\x08%\x10*J\x04\x08*\x10+J\x04\x08+\x10.\"\xd9\x02\n\x03Tag\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12 \n\x0b\x64\x65scription\x18\x02 \x01(\tR\x0b\x64\x65scription\x12\x65\n\rexternal_docs\x18\x03 \x01(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.ExternalDocumentationR\x0c\x65xternalDocs\x12^\n\nextensions\x18\x04 \x03(\x0b\x32>.grpc.gateway.protoc_gen_openapiv2.options.Tag.ExtensionsEntryR\nextensions\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"\xf7\x01\n\x13SecurityDefinitions\x12h\n\x08security\x18\x01 \x03(\x0b\x32L.grpc.gateway.protoc_gen_openapiv2.options.SecurityDefinitions.SecurityEntryR\x08security\x1av\n\rSecurityEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12O\n\x05value\x18\x02 \x01(\x0b\x32\x39.grpc.gateway.protoc_gen_openapiv2.options.SecuritySchemeR\x05value:\x02\x38\x01\"\xff\x06\n\x0eSecurityScheme\x12R\n\x04type\x18\x01 \x01(\x0e\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityScheme.TypeR\x04type\x12 \n\x0b\x64\x65scription\x18\x02 \x01(\tR\x0b\x64\x65scription\x12\x12\n\x04name\x18\x03 \x01(\tR\x04name\x12L\n\x02in\x18\x04 \x01(\x0e\x32<.grpc.gateway.protoc_gen_openapiv2.options.SecurityScheme.InR\x02in\x12R\n\x04\x66low\x18\x05 \x01(\x0e\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityScheme.FlowR\x04\x66low\x12+\n\x11\x61uthorization_url\x18\x06 \x01(\tR\x10\x61uthorizationUrl\x12\x1b\n\ttoken_url\x18\x07 \x01(\tR\x08tokenUrl\x12I\n\x06scopes\x18\x08 \x01(\x0b\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.ScopesR\x06scopes\x12i\n\nextensions\x18\t \x03(\x0b\x32I.grpc.gateway.protoc_gen_openapiv2.options.SecurityScheme.ExtensionsEntryR\nextensions\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"K\n\x04Type\x12\x10\n\x0cTYPE_INVALID\x10\x00\x12\x0e\n\nTYPE_BASIC\x10\x01\x12\x10\n\x0cTYPE_API_KEY\x10\x02\x12\x0f\n\x0bTYPE_OAUTH2\x10\x03\"1\n\x02In\x12\x0e\n\nIN_INVALID\x10\x00\x12\x0c\n\x08IN_QUERY\x10\x01\x12\r\n\tIN_HEADER\x10\x02\"j\n\x04\x46low\x12\x10\n\x0c\x46LOW_INVALID\x10\x00\x12\x11\n\rFLOW_IMPLICIT\x10\x01\x12\x11\n\rFLOW_PASSWORD\x10\x02\x12\x14\n\x10\x46LOW_APPLICATION\x10\x03\x12\x14\n\x10\x46LOW_ACCESS_CODE\x10\x04\"\xf6\x02\n\x13SecurityRequirement\x12\x8a\x01\n\x14security_requirement\x18\x01 \x03(\x0b\x32W.grpc.gateway.protoc_gen_openapiv2.options.SecurityRequirement.SecurityRequirementEntryR\x13securityRequirement\x1a\x30\n\x18SecurityRequirementValue\x12\x14\n\x05scope\x18\x01 \x03(\tR\x05scope\x1a\x9f\x01\n\x18SecurityRequirementEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12m\n\x05value\x18\x02 \x01(\x0b\x32W.grpc.gateway.protoc_gen_openapiv2.options.SecurityRequirement.SecurityRequirementValueR\x05value:\x02\x38\x01\"\x96\x01\n\x06Scopes\x12R\n\x05scope\x18\x01 \x03(\x0b\x32<.grpc.gateway.protoc_gen_openapiv2.options.Scopes.ScopeEntryR\x05scope\x1a\x38\n\nScopeEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n\x05value\x18\x02 \x01(\tR\x05value:\x02\x38\x01*;\n\x06Scheme\x12\x0b\n\x07UNKNOWN\x10\x00\x12\x08\n\x04HTTP\x10\x01\x12\t\n\x05HTTPS\x10\x02\x12\x06\n\x02WS\x10\x03\x12\x07\n\x03WSS\x10\x04\x42HZFgithub.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/optionsb\x06proto3"
|
|
11
11
|
|
|
12
12
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
13
|
-
|
|
14
|
-
begin
|
|
15
|
-
pool.add_serialized_file(descriptor_data)
|
|
16
|
-
rescue TypeError => e
|
|
17
|
-
# Compatibility code: will be removed in the next major version.
|
|
18
|
-
require 'google/protobuf/descriptor_pb'
|
|
19
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
20
|
-
parsed.clear_dependency
|
|
21
|
-
serialized = parsed.class.encode(parsed)
|
|
22
|
-
file = pool.add_serialized_file(serialized)
|
|
23
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
24
|
-
imports = [
|
|
25
|
-
["google.protobuf.Value", "google/protobuf/struct.proto"],
|
|
26
|
-
]
|
|
27
|
-
imports.each do |type_name, expected_filename|
|
|
28
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
29
|
-
if import_file.name != expected_filename
|
|
30
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
31
|
-
end
|
|
32
|
-
end
|
|
33
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
34
|
-
warn "This will become an error in the next major version."
|
|
35
|
-
end
|
|
13
|
+
pool.add_serialized_file(descriptor_data)
|
|
36
14
|
|
|
37
15
|
module Cerbos::Protobuf::Grpc
|
|
38
16
|
module Gateway
|
data/lib/cerbos/version.rb
CHANGED
data/lib/cerbos.rb
CHANGED
|
@@ -10,6 +10,17 @@ require "time"
|
|
|
10
10
|
#
|
|
11
11
|
# Create a {Client} instance to interact with the Cerbos policy decision point server over gRPC.
|
|
12
12
|
module Cerbos
|
|
13
|
+
# @private
|
|
14
|
+
def self.deprecation_warning(message)
|
|
15
|
+
return unless Warning[:deprecated]
|
|
16
|
+
|
|
17
|
+
message = "[cerbos] #{message}"
|
|
18
|
+
|
|
19
|
+
location = caller_locations.find { |location| !location.absolute_path.start_with?(__dir__) }
|
|
20
|
+
message = "#{location.path}:#{location.lineno}: #{message}" unless location.nil?
|
|
21
|
+
|
|
22
|
+
warn message, category: :deprecated
|
|
23
|
+
end
|
|
13
24
|
end
|
|
14
25
|
|
|
15
26
|
require_relative "cerbos/client"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cerbos
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cerbos
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-06-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: grpc
|
|
@@ -24,6 +24,26 @@ dependencies:
|
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
26
|
version: '1.46'
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: google-protobuf
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - ">="
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: 3.21.12
|
|
34
|
+
- - "<"
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: '4.0'
|
|
37
|
+
type: :runtime
|
|
38
|
+
prerelease: false
|
|
39
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
40
|
+
requirements:
|
|
41
|
+
- - ">="
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: 3.21.12
|
|
44
|
+
- - "<"
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: '4.0'
|
|
27
47
|
description: Perform authorization in Ruby applications by interacting with the Cerbos
|
|
28
48
|
policy decision point.
|
|
29
49
|
email:
|
|
@@ -55,6 +75,9 @@ files:
|
|
|
55
75
|
- lib/cerbos/output/server_info.rb
|
|
56
76
|
- lib/cerbos/output/validation_error.rb
|
|
57
77
|
- lib/cerbos/protobuf.rb
|
|
78
|
+
- lib/cerbos/protobuf/buf/validate/expression_pb.rb
|
|
79
|
+
- lib/cerbos/protobuf/buf/validate/priv/private_pb.rb
|
|
80
|
+
- lib/cerbos/protobuf/buf/validate/validate_pb.rb
|
|
58
81
|
- lib/cerbos/protobuf/cerbos/effect/v1/effect_pb.rb
|
|
59
82
|
- lib/cerbos/protobuf/cerbos/engine/v1/engine_pb.rb
|
|
60
83
|
- lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb
|
|
@@ -67,7 +90,6 @@ files:
|
|
|
67
90
|
- lib/cerbos/protobuf/google/api/http_pb.rb
|
|
68
91
|
- lib/cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb.rb
|
|
69
92
|
- lib/cerbos/protobuf/protoc-gen-openapiv2/options/openapiv2_pb.rb
|
|
70
|
-
- lib/cerbos/protobuf/validate/validate_pb.rb
|
|
71
93
|
- lib/cerbos/tls.rb
|
|
72
94
|
- lib/cerbos/version.rb
|
|
73
95
|
- yard_extensions.rb
|
|
@@ -77,7 +99,7 @@ licenses:
|
|
|
77
99
|
metadata:
|
|
78
100
|
bug_tracker_uri: https://github.com/cerbos/cerbos-sdk-ruby/issues
|
|
79
101
|
changelog_uri: https://github.com/cerbos/cerbos-sdk-ruby/blob/main/CHANGELOG.md
|
|
80
|
-
documentation_uri: https://www.rubydoc.info/gems/cerbos/0.
|
|
102
|
+
documentation_uri: https://www.rubydoc.info/gems/cerbos/0.9.0
|
|
81
103
|
homepage_uri: https://github.com/cerbos/cerbos-sdk-ruby
|
|
82
104
|
source_code_uri: https://github.com/cerbos/cerbos-sdk-ruby
|
|
83
105
|
rubygems_mfa_required: 'true'
|
|
@@ -89,14 +111,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
89
111
|
requirements:
|
|
90
112
|
- - ">="
|
|
91
113
|
- !ruby/object:Gem::Version
|
|
92
|
-
version: 3.
|
|
114
|
+
version: 3.1.0
|
|
93
115
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
94
116
|
requirements:
|
|
95
117
|
- - ">="
|
|
96
118
|
- !ruby/object:Gem::Version
|
|
97
119
|
version: '0'
|
|
98
120
|
requirements: []
|
|
99
|
-
rubygems_version: 3.5.
|
|
121
|
+
rubygems_version: 3.5.11
|
|
100
122
|
signing_key:
|
|
101
123
|
specification_version: 4
|
|
102
124
|
summary: Client library for authorization via Cerbos
|