cerbos 0.8.0 → 0.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +27 -2
- data/README.md +2 -2
- data/cerbos.gemspec +2 -1
- data/lib/cerbos/input/principal.rb +20 -5
- data/lib/cerbos/input/resource.rb +20 -5
- data/lib/cerbos/input/resource_query.rb +20 -5
- data/lib/cerbos/protobuf/buf/validate/expression_pb.rb +17 -0
- data/lib/cerbos/protobuf/buf/validate/priv/private_pb.rb +22 -0
- data/lib/cerbos/protobuf/buf/validate/validate_pb.rb +45 -0
- data/lib/cerbos/protobuf/cerbos/effect/v1/effect_pb.rb +1 -22
- data/lib/cerbos/protobuf/cerbos/engine/v1/engine_pb.rb +2 -24
- data/lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb +3 -26
- data/lib/cerbos/protobuf/cerbos/response/v1/response_pb.rb +2 -25
- data/lib/cerbos/protobuf/cerbos/schema/v1/schema_pb.rb +1 -22
- data/lib/cerbos/protobuf/cerbos/svc/v1/svc_pb.rb +3 -24
- data/lib/cerbos/protobuf/cerbos/svc/v1/svc_services_pb.rb +1 -1
- data/lib/cerbos/protobuf/google/api/annotations_pb.rb +1 -23
- data/lib/cerbos/protobuf/google/api/field_behavior_pb.rb +2 -23
- data/lib/cerbos/protobuf/google/api/http_pb.rb +1 -22
- data/lib/cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb.rb +1 -23
- data/lib/cerbos/protobuf/protoc-gen-openapiv2/options/openapiv2_pb.rb +1 -23
- data/lib/cerbos/version.rb +1 -1
- data/lib/cerbos.rb +11 -0
- metadata +28 -6
- data/lib/cerbos/protobuf/validate/validate_pb.rb +0 -65
|
@@ -4,40 +4,17 @@
|
|
|
4
4
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
|
+
require 'cerbos/protobuf/buf/validate/validate_pb'
|
|
7
8
|
require 'cerbos/protobuf/cerbos/engine/v1/engine_pb'
|
|
8
9
|
require 'cerbos/protobuf/google/api/field_behavior_pb'
|
|
9
10
|
require 'google/protobuf/struct_pb'
|
|
10
11
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
|
11
|
-
require 'cerbos/protobuf/validate/validate_pb'
|
|
12
12
|
|
|
13
13
|
|
|
14
|
-
descriptor_data = "\n\x1f\x63\x65rbos/request/v1/request.proto\x12\x11\x63\x65rbos.request.v1\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\
|
|
14
|
+
descriptor_data = "\n\x1f\x63\x65rbos/request/v1/request.proto\x12\x11\x63\x65rbos.request.v1\x1a\x1b\x62uf/validate/validate.proto\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\x86\x05\n\x14PlanResourcesRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12l\n\x06\x61\x63tion\x18\x02 \x01(\tBT\x92\x41\x43\x32\x32\x41\x63tion to be applied to each resource in the list.J\r\"view:public\"\xe2\x41\x01\x02\xbaH\x07\xc8\x01\x01r\x02\x10\x01R\x06\x61\x63tion\x12\x45\n\tprincipal\x18\x03 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\tprincipal\x12U\n\x08resource\x18\x04 \x01(\x0b\x32-.cerbos.engine.v1.PlanResourcesInput.ResourceB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\x08resource\x12;\n\x08\x61ux_data\x18\x05 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataB\x04\xe2\x41\x01\x01R\x07\x61uxData\x12\x63\n\x0cinclude_meta\x18\x06 \x01(\x08\x42@\x92\x41=2;Opt to receive request processing metadata in the response.R\x0bincludeMeta:\'\x92\x41$\n\"2 PDP Resources Query Plan Request\"\x8a\x05\n\x17\x43heckResourceSetRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x90\x01\n\x07\x61\x63tions\x18\x02 \x03(\tBv\x92\x41\\28List of actions being performed on the set of resources.J\x1a[\"view:public\", \"comment\"]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x10\xc8\x01\x01\x92\x01\n\x08\x01\x18\x01\"\x04r\x02\x10\x01R\x07\x61\x63tions\x12\x45\n\tprincipal\x18\x03 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\tprincipal\x12\x46\n\x08resource\x18\x04 \x01(\x0b\x32\x1e.cerbos.request.v1.ResourceSetB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\x08resource\x12\x63\n\x0cinclude_meta\x18\x05 \x01(\x08\x42@\x92\x41=2;Opt to receive request processing metadata in the response.R\x0bincludeMeta\x12;\n\x08\x61ux_data\x18\x06 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataB\x04\xe2\x41\x01\x01R\x07\x61uxData:\x12\x92\x41\x0f\n\r2\x0bPDP Request\"\xb0\x08\n\x0bResourceSet\x12\x45\n\x04kind\x18\x01 \x01(\tB1\x92\x41 2\x0eResource kind.J\x0e\"album:object\"\xe2\x41\x01\x02\xbaH\x07\xc8\x01\x01r\x02\x10\x01R\x04kind\x12\xdd\x01\n\x0epolicy_version\x18\x02 \x01(\tB\xb5\x01\x92\x41\x99\x01\x32|The policy version to use to evaluate this request. If not specified, will default to the server-configured default version.J\t\"default\"\x8a\x01\r^[[:word:]]*$\xe2\x41\x01\x01\xbaH\x11r\x0f\x32\r^[[:word:]]*$R\rpolicyVersion\x12\xed\x02\n\tinstances\x18\x03 \x03(\x0b\x32-.cerbos.request.v1.ResourceSet.InstancesEntryB\x9f\x02\x92\x41\x8c\x02\x32mSet of resource instances to check. Each instance must be keyed by an application-specific unique identifier.J\x97\x01{\"XX125\":{\"attr\":{\"owner\":\"bugs_bunny\", \"public\": false, \"flagged\": false}}, \"XX225\":{\"attr\":{\"owner\":\"daffy_duck\", \"public\": true, \"flagged\": false}}}\xc8\x01\x01\xe2\x41\x01\x02\xbaH\x08\xc8\x01\x01\x9a\x01\x02\x08\x01R\tinstances\x12\x87\x02\n\x05scope\x18\x04 \x01(\tB\xf0\x01\x92\x41\xb2\x01\x32~A dot-separated scope that describes the hierarchy these resources belong to. This is used for determining policy inheritance.\x8a\x01/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$\xe2\x41\x01\x01\xbaH3r12/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$R\x05scope\x1a^\n\x0eInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\x36\n\x05value\x18\x02 \x01(\x0b\x32 .cerbos.request.v1.AttributesMapR\x05value:\x02\x38\x01: \x92\x41\x1d\n\x1b\x32\x19Set of resources to check\"\xc1\x02\n\rAttributesMap\x12\xa9\x01\n\x04\x61ttr\x18\x01 \x03(\x0b\x32*.cerbos.request.v1.AttributesMap.AttrEntryBi\x92\x41\x66\x32\x64Key-value pairs of contextual data about this instance that should be used during policy evaluation.R\x04\x61ttr\x1aO\n\tAttrEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01:3\x92\x41\x30\n.2,Unique identifier for the resource instance.\"\xe7\x06\n\x19\x43heckResourceBatchRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x45\n\tprincipal\x18\x02 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\tprincipal\x12\xc0\x02\n\tresources\x18\x03 \x03(\x0b\x32\x37.cerbos.request.v1.CheckResourceBatchRequest.BatchEntryB\xe8\x01\x92\x41\xd5\x01\x32\x1eList of resources and actions.J\xac\x01[{\"actions\":[\"view\",\"comment\"], \"resource\":{\"kind\":\"album:object\",\"policyVersion\":\"default\",\"id\":\"XX125\",\"attr\":{\"owner\":\"bugs_bunny\", \"public\": false, \"flagged\": false}}}]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x08\xc8\x01\x01\x92\x01\x02\x08\x01R\tresources\x12\x35\n\x08\x61ux_data\x18\x04 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataR\x07\x61uxData\x1a\xdb\x01\n\nBatchEntry\x12\x88\x01\n\x07\x61\x63tions\x18\x01 \x03(\tBn\x92\x41T20List of actions being performed on the resource.J\x1a[\"view:public\", \"comment\"]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x10\xc8\x01\x01\x92\x01\n\x08\x01\x18\x01\"\x04r\x02\x10\x01R\x07\x61\x63tions\x12\x42\n\x08resource\x18\x02 \x01(\x0b\x32\x1a.cerbos.engine.v1.ResourceB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\x08resource:\x12\x92\x41\x0f\n\r2\x0bPDP Request\"\xcb\x07\n\x15\x43heckResourcesRequest\x12\x96\x01\n\nrequest_id\x18\x01 \x01(\tBw\x92\x41t2JOptional application-specific ID useful for correlating logs for analysis.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12X\n\x0cinclude_meta\x18\x02 \x01(\x08\x42\x35\x92\x41\x32\x32\x30\x41\x64\x64 request processing metadata to the response.R\x0bincludeMeta\x12\x45\n\tprincipal\x18\x03 \x01(\x0b\x32\x1b.cerbos.engine.v1.PrincipalB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\tprincipal\x12\xbf\x02\n\tresources\x18\x04 \x03(\x0b\x32\x36.cerbos.request.v1.CheckResourcesRequest.ResourceEntryB\xe8\x01\x92\x41\xd5\x01\x32\x1eList of resources and actions.J\xac\x01[{\"actions\":[\"view\",\"comment\"], \"resource\":{\"kind\":\"album:object\",\"policyVersion\":\"default\",\"id\":\"XX125\",\"attr\":{\"owner\":\"bugs_bunny\", \"public\": false, \"flagged\": false}}}]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x08\xc8\x01\x01\x92\x01\x02\x08\x01R\tresources\x12\x35\n\x08\x61ux_data\x18\x05 \x01(\x0b\x32\x1a.cerbos.request.v1.AuxDataR\x07\x61uxData\x1a\xde\x01\n\rResourceEntry\x12\x88\x01\n\x07\x61\x63tions\x18\x01 \x03(\tBn\x92\x41T20List of actions being performed on the resource.J\x1a[\"view:public\", \"comment\"]\xa8\x01\x01\xb0\x01\x01\xe2\x41\x01\x02\xbaH\x10\xc8\x01\x01\x92\x01\n\x08\x01\x18\x01\"\x04r\x02\x10\x01R\x07\x61\x63tions\x12\x42\n\x08resource\x18\x02 \x01(\x0b\x32\x1a.cerbos.engine.v1.ResourceB\n\xe2\x41\x01\x02\xbaH\x03\xc8\x01\x01R\x08resource:\x1e\x92\x41\x1b\n\x19\x32\x17\x43heck resources request\"\xb3\x07\n\x07\x41uxData\x12\x30\n\x03jwt\x18\x01 \x01(\x0b\x32\x1e.cerbos.request.v1.AuxData.JWTR\x03jwt\x1a\xb1\x06\n\x03JWT\x12\xc8\x04\n\x05token\x18\x01 \x01(\tB\xb1\x04\x92\x41\x9f\x04\x32\x1dJWT from the original requestJ\xc9\x03\"eyJhbGciOiJFUzM4NCIsImtpZCI6IjE5TGZaYXRFZGc4M1lOYzVyMjNndU1KcXJuND0iLCJ0eXAiOiJKV1QifQ.eyJhdWQiOlsiY2VyYm9zLWp3dC10ZXN0cyJdLCJjdXN0b21BcnJheSI6WyJBIiwiQiIsIkMiXSwiY3VzdG9tSW50Ijo0MiwiY3VzdG9tTWFwIjp7IkEiOiJBQSIsIkIiOiJCQiIsIkMiOiJDQyJ9LCJjdXN0b21TdHJpbmciOiJmb29iYXIiLCJleHAiOjE5NDk5MzQwMzksImlzcyI6ImNlcmJvcy10ZXN0LXN1aXRlIn0.WN_tOScSpd_EI-P5EI1YlagxEgExSfBjAtcrgcF6lyWj1lGpR_GKx9goZEp2p_t5AVWXN_bjz_sMUmJdJa4cVd55Qm1miR-FKu6oNRHnSEWdMFmnArwPw-YDJWfylLFX\"\x82\x03\x1a\n\x14x-example-show-value\x12\x02 \x00\x82\x03\x14\n\x0ex-fill-example\x12\x02 \x00\xe2\x41\x01\x02\xbaH\x07\xc8\x01\x01r\x02\x10\x01R\x05token\x12\xb8\x01\n\nkey_set_id\x18\x02 \x01(\tB\x99\x01\x92\x41\x95\x01\x32RKey ID to use when decoding the token (defined in the Cerbos server configuration)J\x0b\"my-keyset\"\x82\x03\x1a\n\x14x-example-show-value\x12\x02 \x00\x82\x03\x14\n\x0ex-fill-example\x12\x02 \x00R\x08keySetId:$\x92\x41!\n\x1f\x32\x1dJWT from the original request:B\x92\x41?\n=2;Structured auxiliary data useful for evaluating the request\"/\n\x11ServerInfoRequest:\x1a\x92\x41\x17\n\x15\x32\x13Server info requestBs\n\x19\x64\x65v.cerbos.api.v1.requestZ>github.com/cerbos/cerbos/api/genpb/cerbos/request/v1;requestv1\xaa\x02\x15\x43\x65rbos.Api.V1.Requestb\x06proto3"
|
|
15
15
|
|
|
16
16
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
17
|
-
|
|
18
|
-
begin
|
|
19
|
-
pool.add_serialized_file(descriptor_data)
|
|
20
|
-
rescue TypeError => e
|
|
21
|
-
# Compatibility code: will be removed in the next major version.
|
|
22
|
-
require 'google/protobuf/descriptor_pb'
|
|
23
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
24
|
-
parsed.clear_dependency
|
|
25
|
-
serialized = parsed.class.encode(parsed)
|
|
26
|
-
file = pool.add_serialized_file(serialized)
|
|
27
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
28
|
-
imports = [
|
|
29
|
-
["cerbos.engine.v1.Principal", "cerbos/engine/v1/engine.proto"],
|
|
30
|
-
["google.protobuf.Value", "google/protobuf/struct.proto"],
|
|
31
|
-
]
|
|
32
|
-
imports.each do |type_name, expected_filename|
|
|
33
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
34
|
-
if import_file.name != expected_filename
|
|
35
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
36
|
-
end
|
|
37
|
-
end
|
|
38
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
39
|
-
warn "This will become an error in the next major version."
|
|
40
|
-
end
|
|
17
|
+
pool.add_serialized_file(descriptor_data)
|
|
41
18
|
|
|
42
19
|
module Cerbos::Protobuf::Cerbos
|
|
43
20
|
module Request
|
|
@@ -10,33 +10,10 @@ require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
|
|
|
10
10
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
|
11
11
|
|
|
12
12
|
|
|
13
|
-
descriptor_data = "\n!cerbos/response/v1/response.proto\x12\x12\x63\x65rbos.response.v1\x1a\x1d\x63\x65rbos/effect/v1/effect.proto\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1d\x63\x65rbos/schema/v1/schema.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\xb5\x08\n\x15PlanResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x32\n\x06\x61\x63tion\x18\x02 \x01(\tB\x1a\x92\x41\x17\x32\x06\x41\x63tionJ\r\"view:public\"R\x06\x61\x63tion\x12\x8a\x01\n\rresource_kind\x18\x03 \x01(\tBe\x92\x41\x62\x32\x0eResource kind.J\x0e\"album:object\"\x8a\x01?^[[:alpha:]][[:word:]\\@\\.\\-]*(\\:[[:alpha:]][[:word:]\\@\\.\\-]*)*$R\x0cresourceKind\x12J\n\x0epolicy_version\x18\x04 \x01(\tB#\x92\x41 2\x13The policy version.J\t\"default\"R\rpolicyVersion\x12J\n\x06\x66ilter\x18\x05 \x01(\x0b\x32%.cerbos.engine.v1.PlanResourcesFilterB\x0b\x92\x41\x08\x32\x06\x46ilterR\x06\x66ilter\x12\x7f\n\x04meta\x18\x06 \x01(\x0b\x32..cerbos.response.v1.PlanResourcesResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x12\x90\x01\n\x11validation_errors\x18\x07 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1a\xff\x01\n\x04Meta\x12]\n\x0c\x66ilter_debug\x18\x01 \x01(\tB:\x92\x41\x37\x32\x35\x46ilter textual representation for debugging purposes.R\x0b\x66ilterDebug\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:)\x92\x41&\n$2\"Metadata about request evaluation.:<\x92\x41\x39\n725Resources query plan response for a set of resources.\"\xc8\x15\n\x18\x43heckResourceSetResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xdb\x02\n\x12resource_instances\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourceSetResponse.ResourceInstancesEntryB\xe6\x01\x92\x41\xe2\x01\x32KResults for each resource instance, keyed by the ID supplied in the requestJ\x92\x01{\"XX125\":{\"actions\":{\"view:*\":\"EFFECT_ALLOW\", \"comment\": \"EFFECT_ALLOW\"}}, \"XX225\":{\"actions\":{\"view:*\":\"EFFECT_DENY\", \"comment\": \"EFFECT_DENY\"}}}R\x11resourceInstances\x12\x82\x01\n\x04meta\x18\x03 \x01(\x0b\x32\x31.cerbos.response.v1.CheckResourceSetResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x1a\x8b\x03\n\x0f\x41\x63tionEffectMap\x12\x8e\x01\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap.ActionsEntryB)\x92\x41&2$Mapping of each action to an effect.R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x02 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01\x1a\x89\x0c\n\x04Meta\x12\xcf\x03\n\x12resource_instances\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourceSetResponse.Meta.ResourceInstancesEntryB\xd5\x02\x92\x41\xd1\x02\x32\"Metadata about resource instances.J\xaa\x02{\"XX125\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}, \"XX225\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}}}R\x11resourceInstances\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\xf3\x04\n\nActionMeta\x12\xa7\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1ax\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMetaR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Unique resource instance ID supplied in the request.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMapR\x05value:\x02\x38\x01:9\x92\x41\x36\n422Policy evaluation response for a set of resources.\"\xe5\x06\n\x1a\x43heckResourceBatchResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xb3\x01\n\x07results\x18\x02 \x03(\x0b\x32>.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMapBY\x92\x41V2\x18Result for each resourceJ:[{\"resourceId\":\"XX125\",\"actions\":{\"view\":\"EFFECT_ALLOW\"}}]R\x07results\x1a\xe2\x03\n\x0f\x41\x63tionEffectMap\x12:\n\x0bresource_id\x18\x01 \x01(\tB\x19\x92\x41\x16\x32\x0bResource IDJ\x07\"XX125\"R\nresourceId\x12\xa9\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32K.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Policy evaluation response for a batch of resources.\"\xa6\x17\n\x16\x43heckResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xe3\x01\n\x07results\x18\x02 \x03(\x0b\x32\x36.cerbos.response.v1.CheckResourcesResponse.ResultEntryB\x90\x01\x92\x41\x8c\x01\x32\x18Result for each resourceJp[{\"resource\": {\"Id\":\"XX125\", \"kind\":\"album:object\"}, \"actions\":{\"view\":\"EFFECT_ALLOW\",\"comment\":\"EFFECT_DENY\"}}]R\x07results\x1a\x80\x14\n\x0bResultEntry\x12[\n\x08resource\x18\x01 \x01(\x0b\x32?.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ResourceR\x08resource\x12\xa1\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x12\x98\x02\n\x04meta\x18\x04 \x01(\x0b\x32;.cerbos.response.v1.CheckResourcesResponse.ResultEntry.MetaB\xc6\x01\x92\x41\xc2\x01\x32 Metadata about policy evaluationJ\x9d\x01{\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}R\x04meta\x12\xf6\x01\n\x07outputs\x18\x05 \x03(\x0b\x32\x1d.cerbos.engine.v1.OutputEntryB\xbc\x01\x92\x41\xb8\x01\x32,Output for each rule with outputs configuredJ\x87\x01[{\"src\": \"resource.expense.v1/acme#rule-001\", \"val\": \"view_allowed:alice\"}, {\"src\": \"resource.expense.v1/acme#rule-002\", \"val\": \"foo\"}]R\x07outputs\x1a\xff\x04\n\x08Resource\x12\x39\n\x02id\x18\x01 \x01(\tB)\x92\x41&2\x1bID of the resource instanceJ\x07\"XX125\"R\x02id\x12\x93\x01\n\x04kind\x18\x02 \x01(\tB\x7f\x92\x41|2)Name of the resource kind being accessed.J\r\"album:photo\"\x8a\x01?^[[:alpha:]][[:word:]\\@\\.\\-]*(\\:[[:alpha:]][[:word:]\\@\\.\\-]*)*$R\x04kind\x12\xc5\x01\n\x0epolicy_version\x18\x03 \x01(\tB\x9d\x01\x92\x41\x99\x01\x32|The policy version to use to evaluate this request. If not specified, will default to the server-configured default version.J\t\"default\"\x8a\x01\r^[[:word:]]*$R\rpolicyVersion\x12\xd9\x01\n\x05scope\x18\x04 \x01(\tB\xc2\x01\x92\x41\xbe\x01\x32}A dot-separated scope that describes the hierarchy this resource belongs to. This is used for determining policy inheritance.J\x0b\"acme.corp\"\x8a\x01/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$R\x05scope\x1a\xf0\x06\n\x04Meta\x12\xa6\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\x82\x01\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\\\n\x05value\x18\x02 \x01(\x0b\x32\x46.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:2\x92\x41/\n-2+Response from the check resources API call.\"\x82\x01\n\x12ServerInfoResponse\x12\x18\n\x07version\x18\x01 \x01(\tR\x07version\x12\x16\n\x06\x63ommit\x18\x02 \x01(\tR\x06\x63ommit\x12\x1d\n\nbuild_date\x18\x03 \x01(\tR\tbuildDate:\x1b\x92\x41\x18\n\x16\x32\x14Server info responseBw\n\x1a\x64\x65v.cerbos.api.v1.responseZ@github.com/cerbos/cerbos/api/genpb/cerbos/response/v1;responsev1\xaa\x02\x16\x43\x65rbos.Api.V1.Responseb\x06proto3"
|
|
13
|
+
descriptor_data = "\n!cerbos/response/v1/response.proto\x12\x12\x63\x65rbos.response.v1\x1a\x1d\x63\x65rbos/effect/v1/effect.proto\x1a\x1d\x63\x65rbos/engine/v1/engine.proto\x1a\x1d\x63\x65rbos/schema/v1/schema.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\"\xcd\x08\n\x15PlanResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\x32\n\x06\x61\x63tion\x18\x02 \x01(\tB\x1a\x92\x41\x17\x32\x06\x41\x63tionJ\r\"view:public\"R\x06\x61\x63tion\x12H\n\rresource_kind\x18\x03 \x01(\tB#\x92\x41 2\x0eResource kind.J\x0e\"album:object\"R\x0cresourceKind\x12J\n\x0epolicy_version\x18\x04 \x01(\tB#\x92\x41 2\x13The policy version.J\t\"default\"R\rpolicyVersion\x12J\n\x06\x66ilter\x18\x05 \x01(\x0b\x32%.cerbos.engine.v1.PlanResourcesFilterB\x0b\x92\x41\x08\x32\x06\x46ilterR\x06\x66ilter\x12\x7f\n\x04meta\x18\x06 \x01(\x0b\x32..cerbos.response.v1.PlanResourcesResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x12\x90\x01\n\x11validation_errors\x18\x07 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x12Y\n\x0e\x63\x65rbos_call_id\x18\x08 \x01(\tB3\x92\x41\x30\x32.Audit log call ID associated with this requestR\x0c\x63\x65rbosCallId\x1a\xff\x01\n\x04Meta\x12]\n\x0c\x66ilter_debug\x18\x01 \x01(\tB:\x92\x41\x37\x32\x35\x46ilter textual representation for debugging purposes.R\x0b\x66ilterDebug\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:)\x92\x41&\n$2\"Metadata about request evaluation.:<\x92\x41\x39\n725Resources query plan response for a set of resources.\"\xc8\x15\n\x18\x43heckResourceSetResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xdb\x02\n\x12resource_instances\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourceSetResponse.ResourceInstancesEntryB\xe6\x01\x92\x41\xe2\x01\x32KResults for each resource instance, keyed by the ID supplied in the requestJ\x92\x01{\"XX125\":{\"actions\":{\"view:*\":\"EFFECT_ALLOW\", \"comment\": \"EFFECT_ALLOW\"}}, \"XX225\":{\"actions\":{\"view:*\":\"EFFECT_DENY\", \"comment\": \"EFFECT_DENY\"}}}R\x11resourceInstances\x12\x82\x01\n\x04meta\x18\x03 \x01(\x0b\x32\x31.cerbos.response.v1.CheckResourceSetResponse.MetaB;\x92\x41\x38\x32\x36Optional metadata about the request evaluation processR\x04meta\x1a\x8b\x03\n\x0f\x41\x63tionEffectMap\x12\x8e\x01\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap.ActionsEntryB)\x92\x41&2$Mapping of each action to an effect.R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x02 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01\x1a\x89\x0c\n\x04Meta\x12\xcf\x03\n\x12resource_instances\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourceSetResponse.Meta.ResourceInstancesEntryB\xd5\x02\x92\x41\xd1\x02\x32\"Metadata about resource instances.J\xaa\x02{\"XX125\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}, \"XX225\": {\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}}}R\x11resourceInstances\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\xf3\x04\n\nActionMeta\x12\xa7\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32I.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMeta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1ax\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.EffectMetaR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Unique resource instance ID supplied in the request.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.Meta.ActionMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1a\x82\x01\n\x16ResourceInstancesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12R\n\x05value\x18\x02 \x01(\x0b\x32<.cerbos.response.v1.CheckResourceSetResponse.ActionEffectMapR\x05value:\x02\x38\x01:9\x92\x41\x36\n422Policy evaluation response for a set of resources.\"\xe5\x06\n\x1a\x43heckResourceBatchResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xb3\x01\n\x07results\x18\x02 \x03(\x0b\x32>.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMapBY\x92\x41V2\x18Result for each resourceJ:[{\"resourceId\":\"XX125\",\"actions\":{\"view\":\"EFFECT_ALLOW\"}}]R\x07results\x1a\xe2\x03\n\x0f\x41\x63tionEffectMap\x12:\n\x0bresource_id\x18\x01 \x01(\tB\x19\x92\x41\x16\x32\x0bResource IDJ\x07\"XX125\"R\nresourceId\x12\xa9\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32K.cerbos.response.v1.CheckResourceBatchResponse.ActionEffectMap.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:;\x92\x41\x38\n624Policy evaluation response for a batch of resources.\"\xbe\x17\n\x16\x43heckResourcesResponse\x12o\n\nrequest_id\x18\x01 \x01(\tBP\x92\x41M2#Request ID provided in the request.J&\"c2db17b8-4f9f-4fb1-acfd-9162a02be42b\"R\trequestId\x12\xe3\x01\n\x07results\x18\x02 \x03(\x0b\x32\x36.cerbos.response.v1.CheckResourcesResponse.ResultEntryB\x90\x01\x92\x41\x8c\x01\x32\x18Result for each resourceJp[{\"resource\": {\"Id\":\"XX125\", \"kind\":\"album:object\"}, \"actions\":{\"view\":\"EFFECT_ALLOW\",\"comment\":\"EFFECT_DENY\"}}]R\x07results\x12Y\n\x0e\x63\x65rbos_call_id\x18\x03 \x01(\tB3\x92\x41\x30\x32.Audit log call ID associated with this requestR\x0c\x63\x65rbosCallId\x1a\xbd\x13\n\x0bResultEntry\x12[\n\x08resource\x18\x01 \x01(\x0b\x32?.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ResourceR\x08resource\x12\xa1\x01\n\x07\x61\x63tions\x18\x02 \x03(\x0b\x32\x43.cerbos.response.v1.CheckResourcesResponse.ResultEntry.ActionsEntryBB\x92\x41?2$Mapping of each action to an effect.J\x17{\"view\":\"EFFECT_ALLOW\"}R\x07\x61\x63tions\x12\x90\x01\n\x11validation_errors\x18\x03 \x03(\x0b\x32!.cerbos.schema.v1.ValidationErrorB@\x92\x41=2;List of validation errors (if schema validation is enabled)R\x10validationErrors\x12\x98\x02\n\x04meta\x18\x04 \x01(\x0b\x32;.cerbos.response.v1.CheckResourcesResponse.ResultEntry.MetaB\xc6\x01\x92\x41\xc2\x01\x32 Metadata about policy evaluationJ\x9d\x01{\"actions\": {\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}, \"effective_derived_roles\": [\"owner\"]}R\x04meta\x12\xf6\x01\n\x07outputs\x18\x05 \x03(\x0b\x32\x1d.cerbos.engine.v1.OutputEntryB\xbc\x01\x92\x41\xb8\x01\x32,Output for each rule with outputs configuredJ\x87\x01[{\"src\": \"resource.expense.v1/acme#rule-001\", \"val\": \"view_allowed:alice\"}, {\"src\": \"resource.expense.v1/acme#rule-002\", \"val\": \"foo\"}]R\x07outputs\x1a\xbc\x04\n\x08Resource\x12\x39\n\x02id\x18\x01 \x01(\tB)\x92\x41&2\x1bID of the resource instanceJ\x07\"XX125\"R\x02id\x12Q\n\x04kind\x18\x02 \x01(\tB=\x92\x41:2)Name of the resource kind being accessed.J\r\"album:photo\"R\x04kind\x12\xc5\x01\n\x0epolicy_version\x18\x03 \x01(\tB\x9d\x01\x92\x41\x99\x01\x32|The policy version to use to evaluate this request. If not specified, will default to the server-configured default version.J\t\"default\"\x8a\x01\r^[[:word:]]*$R\rpolicyVersion\x12\xd9\x01\n\x05scope\x18\x04 \x01(\tB\xc2\x01\x92\x41\xbe\x01\x32}A dot-separated scope that describes the hierarchy this resource belongs to. This is used for determining policy inheritance.J\x0b\"acme.corp\"\x8a\x01/^([[:alnum:]][[:word:]\\-]*(\\.[[:word:]\\-]*)*)*$R\x05scope\x1a\xf0\x06\n\x04Meta\x12\xa6\x02\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32H.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.ActionsEntryB\xc1\x01\x92\x41\xbd\x01\x32OMetadata about the effect calculated for each action on this resource instance.Jj{\"view:*\":{\"matched_policy\": \"album:object:default\"},\"comment\":{\"matched_policy\": \"album:object:default\"}}R\x07\x61\x63tions\x12\x83\x01\n\x17\x65\x66\x66\x65\x63tive_derived_roles\x18\x02 \x03(\tBK\x92\x41H2;Derived roles that were effective during policy evaluation.J\t[\"owner\"]R\x15\x65\x66\x66\x65\x63tiveDerivedRoles\x1a\x88\x02\n\nEffectMeta\x12o\n\x0ematched_policy\x18\x01 \x01(\tBH\x92\x41\x45\x32+Policy that matched to produce this effect.J\x16\"album:object:default\"R\rmatchedPolicy\x12m\n\rmatched_scope\x18\x02 \x01(\tBH\x92\x41\x45\x32\x31Policy scope that matched to produce this effect.J\x10\"acme.corp.base\"R\x0cmatchedScope:\x1a\x92\x41\x17\n\x15\x32\x13Name of the action.\x1a\x82\x01\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\\\n\x05value\x18\x02 \x01(\x0b\x32\x46.cerbos.response.v1.CheckResourcesResponse.ResultEntry.Meta.EffectMetaR\x05value:\x02\x38\x01:)\x92\x41&\n$2\"Metadata about request evaluation.\x1aT\n\x0c\x41\x63tionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12.\n\x05value\x18\x02 \x01(\x0e\x32\x18.cerbos.effect.v1.EffectR\x05value:\x02\x38\x01:2\x92\x41/\n-2+Response from the check resources API call.\"\x82\x01\n\x12ServerInfoResponse\x12\x18\n\x07version\x18\x01 \x01(\tR\x07version\x12\x16\n\x06\x63ommit\x18\x02 \x01(\tR\x06\x63ommit\x12\x1d\n\nbuild_date\x18\x03 \x01(\tR\tbuildDate:\x1b\x92\x41\x18\n\x16\x32\x14Server info responseBw\n\x1a\x64\x65v.cerbos.api.v1.responseZ@github.com/cerbos/cerbos/api/genpb/cerbos/response/v1;responsev1\xaa\x02\x16\x43\x65rbos.Api.V1.Responseb\x06proto3"
|
|
14
14
|
|
|
15
15
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
16
|
-
|
|
17
|
-
begin
|
|
18
|
-
pool.add_serialized_file(descriptor_data)
|
|
19
|
-
rescue TypeError => e
|
|
20
|
-
# Compatibility code: will be removed in the next major version.
|
|
21
|
-
require 'google/protobuf/descriptor_pb'
|
|
22
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
23
|
-
parsed.clear_dependency
|
|
24
|
-
serialized = parsed.class.encode(parsed)
|
|
25
|
-
file = pool.add_serialized_file(serialized)
|
|
26
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
27
|
-
imports = [
|
|
28
|
-
["cerbos.engine.v1.PlanResourcesFilter", "cerbos/engine/v1/engine.proto"],
|
|
29
|
-
["cerbos.schema.v1.ValidationError", "cerbos/schema/v1/schema.proto"],
|
|
30
|
-
]
|
|
31
|
-
imports.each do |type_name, expected_filename|
|
|
32
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
33
|
-
if import_file.name != expected_filename
|
|
34
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
35
|
-
end
|
|
36
|
-
end
|
|
37
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
38
|
-
warn "This will become an error in the next major version."
|
|
39
|
-
end
|
|
16
|
+
pool.add_serialized_file(descriptor_data)
|
|
40
17
|
|
|
41
18
|
module Cerbos::Protobuf::Cerbos
|
|
42
19
|
module Response
|
|
@@ -8,28 +8,7 @@ require 'google/protobuf'
|
|
|
8
8
|
descriptor_data = "\n\x1d\x63\x65rbos/schema/v1/schema.proto\x12\x10\x63\x65rbos.schema.v1\"\xce\x01\n\x0fValidationError\x12\x12\n\x04path\x18\x01 \x01(\tR\x04path\x12\x18\n\x07message\x18\x02 \x01(\tR\x07message\x12@\n\x06source\x18\x03 \x01(\x0e\x32(.cerbos.schema.v1.ValidationError.SourceR\x06source\"K\n\x06Source\x12\x16\n\x12SOURCE_UNSPECIFIED\x10\x00\x12\x14\n\x10SOURCE_PRINCIPAL\x10\x01\x12\x13\n\x0fSOURCE_RESOURCE\x10\x02\x42o\n\x18\x64\x65v.cerbos.api.v1.schemaZ<github.com/cerbos/cerbos/api/genpb/cerbos/schema/v1;schemav1\xaa\x02\x14\x43\x65rbos.Api.V1.Schemab\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
|
-
|
|
12
|
-
begin
|
|
13
|
-
pool.add_serialized_file(descriptor_data)
|
|
14
|
-
rescue TypeError => e
|
|
15
|
-
# Compatibility code: will be removed in the next major version.
|
|
16
|
-
require 'google/protobuf/descriptor_pb'
|
|
17
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
18
|
-
parsed.clear_dependency
|
|
19
|
-
serialized = parsed.class.encode(parsed)
|
|
20
|
-
file = pool.add_serialized_file(serialized)
|
|
21
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
22
|
-
imports = [
|
|
23
|
-
]
|
|
24
|
-
imports.each do |type_name, expected_filename|
|
|
25
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
26
|
-
if import_file.name != expected_filename
|
|
27
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
31
|
-
warn "This will become an error in the next major version."
|
|
32
|
-
end
|
|
11
|
+
pool.add_serialized_file(descriptor_data)
|
|
33
12
|
|
|
34
13
|
module Cerbos::Protobuf::Cerbos
|
|
35
14
|
module Schema
|
|
@@ -8,35 +8,14 @@ require 'cerbos/protobuf/cerbos/request/v1/request_pb'
|
|
|
8
8
|
require 'cerbos/protobuf/cerbos/response/v1/response_pb'
|
|
9
9
|
require 'cerbos/protobuf/google/api/annotations_pb'
|
|
10
10
|
require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
|
|
11
|
-
require 'cerbos/protobuf/validate/validate_pb'
|
|
12
11
|
require 'cerbos/protobuf/google/api/field_behavior_pb'
|
|
12
|
+
require 'cerbos/protobuf/buf/validate/validate_pb'
|
|
13
13
|
|
|
14
14
|
|
|
15
|
-
descriptor_data = "\n\x17\x63\x65rbos/svc/v1/svc.proto\x12\rcerbos.svc.v1\x1a\x1f\x63\x65rbos/request/v1/request.proto\x1a!cerbos/response/v1/response.proto\x1a\x1cgoogle/api/annotations.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\x1a\
|
|
15
|
+
descriptor_data = "\n\x17\x63\x65rbos/svc/v1/svc.proto\x12\rcerbos.svc.v1\x1a\x1f\x63\x65rbos/request/v1/request.proto\x1a!cerbos/response/v1/response.proto\x1a\x1cgoogle/api/annotations.proto\x1a.protoc-gen-openapiv2/options/annotations.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x1b\x62uf/validate/validate.proto2\xd6\n\n\rCerbosService\x12\xa7\x02\n\x10\x43heckResourceSet\x12*.cerbos.request.v1.CheckResourceSetRequest\x1a,.cerbos.response.v1.CheckResourceSetResponse\"\xb8\x01\x92\x41\x9f\x01\x12\x05\x43heck\x1a\x93\x01[Deprecated: Use CheckResources API instead] Check whether a principal has permissions to perform the given actions on a set of resource instances.X\x01\x82\xd3\xe4\x93\x02\x0f:\x01*\"\n/api/check\x12\xb6\x02\n\x12\x43heckResourceBatch\x12,.cerbos.request.v1.CheckResourceBatchRequest\x1a..cerbos.response.v1.CheckResourceBatchResponse\"\xc1\x01\x92\x41\x99\x01\x12\x14\x43heck resource batch\x1a\x7f[Deprecated: Use CheckResources API instead] Check a principal\'s permissions to a batch of heterogeneous resources and actions.X\x01\x82\xd3\xe4\x93\x02\x1e:\x01*\"\x19/api/check_resource_batch\x12\xf0\x01\n\x0e\x43heckResources\x12(.cerbos.request.v1.CheckResourcesRequest\x1a*.cerbos.response.v1.CheckResourcesResponse\"\x87\x01\x92\x41\x65\x12\x0f\x43heck resources\x1aRCheck a principal\'s permissions to a batch of heterogeneous resources and actions.\x82\xd3\xe4\x93\x02\x19:\x01*\"\x14/api/check/resources\x12\xc5\x01\n\nServerInfo\x12$.cerbos.request.v1.ServerInfoRequest\x1a&.cerbos.response.v1.ServerInfoResponse\"i\x92\x41N\x12\x16Get server information\x1a\x34Get information about the server e.g. server version\x82\xd3\xe4\x93\x02\x12\x12\x10/api/server_info\x12\x83\x02\n\rPlanResources\x12\'.cerbos.request.v1.PlanResourcesRequest\x1a).cerbos.response.v1.PlanResourcesResponse\"\x9d\x01\x92\x41|\x12\x0ePlan resources\x1ajProduce a query plan with conditions that must be satisfied for accessing a set of instances of a resource\x82\xd3\xe4\x93\x02\x18:\x01*\"\x13/api/plan/resources\x1a!\x92\x41\x1e\x12\x1c\x43\x65rbos Policy Decision PointB\xe1\x01\n\x15\x64\x65v.cerbos.api.v1.svcZ6github.com/cerbos/cerbos/api/genpb/cerbos/svc/v1;svcv1\xaa\x02\x11\x43\x65rbos.Api.V1.Svc\x92\x41{\x12?\n\x06\x43\x65rbos\"-\n\x06\x43\x65rbos\x12\x12https://cerbos.dev\x1a\x0finfo@cerbos.dev2\x06latest*\x01\x02\x32\x10\x61pplication/json:\x10\x61pplication/jsonZ\x11\n\x0f\n\tBasicAuth\x12\x02\x08\x01\x62\x06proto3"
|
|
16
16
|
|
|
17
17
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
18
|
-
|
|
19
|
-
begin
|
|
20
|
-
pool.add_serialized_file(descriptor_data)
|
|
21
|
-
rescue TypeError => e
|
|
22
|
-
# Compatibility code: will be removed in the next major version.
|
|
23
|
-
require 'google/protobuf/descriptor_pb'
|
|
24
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
25
|
-
parsed.clear_dependency
|
|
26
|
-
serialized = parsed.class.encode(parsed)
|
|
27
|
-
file = pool.add_serialized_file(serialized)
|
|
28
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
29
|
-
imports = [
|
|
30
|
-
]
|
|
31
|
-
imports.each do |type_name, expected_filename|
|
|
32
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
33
|
-
if import_file.name != expected_filename
|
|
34
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
35
|
-
end
|
|
36
|
-
end
|
|
37
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
38
|
-
warn "This will become an error in the next major version."
|
|
39
|
-
end
|
|
18
|
+
pool.add_serialized_file(descriptor_data)
|
|
40
19
|
|
|
41
20
|
module Cerbos::Protobuf::Cerbos
|
|
42
21
|
module Svc
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
2
|
# Source: cerbos/svc/v1/svc.proto for package 'cerbos.svc.v1'
|
|
3
3
|
# Original file comments:
|
|
4
|
-
# Copyright 2021-
|
|
4
|
+
# Copyright 2021-2024 Zenauth Ltd.
|
|
5
5
|
# SPDX-License-Identifier: Apache-2.0
|
|
6
6
|
#
|
|
7
7
|
|
|
@@ -11,29 +11,7 @@ require 'google/protobuf/descriptor_pb'
|
|
|
11
11
|
descriptor_data = "\n\x1cgoogle/api/annotations.proto\x12\ngoogle.api\x1a\x15google/api/http.proto\x1a google/protobuf/descriptor.proto:K\n\x04http\x12\x1e.google.protobuf.MethodOptions\x18\xb0\xca\xbc\" \x01(\x0b\x32\x14.google.api.HttpRuleR\x04httpBn\n\x0e\x63om.google.apiB\x10\x41nnotationsProtoP\x01ZAgoogle.golang.org/genproto/googleapis/api/annotations;annotations\xa2\x02\x04GAPIb\x06proto3"
|
|
12
12
|
|
|
13
13
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
14
|
-
|
|
15
|
-
begin
|
|
16
|
-
pool.add_serialized_file(descriptor_data)
|
|
17
|
-
rescue TypeError => e
|
|
18
|
-
# Compatibility code: will be removed in the next major version.
|
|
19
|
-
require 'google/protobuf/descriptor_pb'
|
|
20
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
21
|
-
parsed.clear_dependency
|
|
22
|
-
serialized = parsed.class.encode(parsed)
|
|
23
|
-
file = pool.add_serialized_file(serialized)
|
|
24
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
25
|
-
imports = [
|
|
26
|
-
["google.api.HttpRule", "google/api/http.proto"],
|
|
27
|
-
]
|
|
28
|
-
imports.each do |type_name, expected_filename|
|
|
29
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
30
|
-
if import_file.name != expected_filename
|
|
31
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
35
|
-
warn "This will become an error in the next major version."
|
|
36
|
-
end
|
|
14
|
+
pool.add_serialized_file(descriptor_data)
|
|
37
15
|
|
|
38
16
|
module Cerbos::Protobuf::Google
|
|
39
17
|
module Api
|
|
@@ -7,31 +7,10 @@ require 'google/protobuf'
|
|
|
7
7
|
require 'google/protobuf/descriptor_pb'
|
|
8
8
|
|
|
9
9
|
|
|
10
|
-
descriptor_data = "\n\x1fgoogle/api/field_behavior.proto\x12\ngoogle.api\x1a google/protobuf/descriptor.proto*\
|
|
10
|
+
descriptor_data = "\n\x1fgoogle/api/field_behavior.proto\x12\ngoogle.api\x1a google/protobuf/descriptor.proto*\xb6\x01\n\rFieldBehavior\x12\x1e\n\x1a\x46IELD_BEHAVIOR_UNSPECIFIED\x10\x00\x12\x0c\n\x08OPTIONAL\x10\x01\x12\x0c\n\x08REQUIRED\x10\x02\x12\x0f\n\x0bOUTPUT_ONLY\x10\x03\x12\x0e\n\nINPUT_ONLY\x10\x04\x12\r\n\tIMMUTABLE\x10\x05\x12\x12\n\x0eUNORDERED_LIST\x10\x06\x12\x15\n\x11NON_EMPTY_DEFAULT\x10\x07\x12\x0e\n\nIDENTIFIER\x10\x08:`\n\x0e\x66ield_behavior\x12\x1d.google.protobuf.FieldOptions\x18\x9c\x08 \x03(\x0e\x32\x19.google.api.FieldBehaviorR\rfieldBehaviorBp\n\x0e\x63om.google.apiB\x12\x46ieldBehaviorProtoP\x01ZAgoogle.golang.org/genproto/googleapis/api/annotations;annotations\xa2\x02\x04GAPIb\x06proto3"
|
|
11
11
|
|
|
12
12
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
13
|
-
|
|
14
|
-
begin
|
|
15
|
-
pool.add_serialized_file(descriptor_data)
|
|
16
|
-
rescue TypeError => e
|
|
17
|
-
# Compatibility code: will be removed in the next major version.
|
|
18
|
-
require 'google/protobuf/descriptor_pb'
|
|
19
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
20
|
-
parsed.clear_dependency
|
|
21
|
-
serialized = parsed.class.encode(parsed)
|
|
22
|
-
file = pool.add_serialized_file(serialized)
|
|
23
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
24
|
-
imports = [
|
|
25
|
-
]
|
|
26
|
-
imports.each do |type_name, expected_filename|
|
|
27
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
28
|
-
if import_file.name != expected_filename
|
|
29
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
30
|
-
end
|
|
31
|
-
end
|
|
32
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
33
|
-
warn "This will become an error in the next major version."
|
|
34
|
-
end
|
|
13
|
+
pool.add_serialized_file(descriptor_data)
|
|
35
14
|
|
|
36
15
|
module Cerbos::Protobuf::Google
|
|
37
16
|
module Api
|
|
@@ -8,28 +8,7 @@ require 'google/protobuf'
|
|
|
8
8
|
descriptor_data = "\n\x15google/api/http.proto\x12\ngoogle.api\"\xda\x02\n\x08HttpRule\x12\x1a\n\x08selector\x18\x01 \x01(\tR\x08selector\x12\x12\n\x03get\x18\x02 \x01(\tH\x00R\x03get\x12\x12\n\x03put\x18\x03 \x01(\tH\x00R\x03put\x12\x14\n\x04post\x18\x04 \x01(\tH\x00R\x04post\x12\x18\n\x06\x64\x65lete\x18\x05 \x01(\tH\x00R\x06\x64\x65lete\x12\x16\n\x05patch\x18\x06 \x01(\tH\x00R\x05patch\x12\x37\n\x06\x63ustom\x18\x08 \x01(\x0b\x32\x1d.google.api.CustomHttpPatternH\x00R\x06\x63ustom\x12\x12\n\x04\x62ody\x18\x07 \x01(\tR\x04\x62ody\x12#\n\rresponse_body\x18\x0c \x01(\tR\x0cresponseBody\x12\x45\n\x13\x61\x64\x64itional_bindings\x18\x0b \x03(\x0b\x32\x14.google.api.HttpRuleR\x12\x61\x64\x64itionalBindingsB\t\n\x07pattern\";\n\x11\x43ustomHttpPattern\x12\x12\n\x04kind\x18\x01 \x01(\tR\x04kind\x12\x12\n\x04path\x18\x02 \x01(\tR\x04pathBj\n\x0e\x63om.google.apiB\tHttpProtoP\x01ZAgoogle.golang.org/genproto/googleapis/api/annotations;annotations\xf8\x01\x01\xa2\x02\x04GAPIb\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
|
-
|
|
12
|
-
begin
|
|
13
|
-
pool.add_serialized_file(descriptor_data)
|
|
14
|
-
rescue TypeError => e
|
|
15
|
-
# Compatibility code: will be removed in the next major version.
|
|
16
|
-
require 'google/protobuf/descriptor_pb'
|
|
17
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
18
|
-
parsed.clear_dependency
|
|
19
|
-
serialized = parsed.class.encode(parsed)
|
|
20
|
-
file = pool.add_serialized_file(serialized)
|
|
21
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
22
|
-
imports = [
|
|
23
|
-
]
|
|
24
|
-
imports.each do |type_name, expected_filename|
|
|
25
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
26
|
-
if import_file.name != expected_filename
|
|
27
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
31
|
-
warn "This will become an error in the next major version."
|
|
32
|
-
end
|
|
11
|
+
pool.add_serialized_file(descriptor_data)
|
|
33
12
|
|
|
34
13
|
module Cerbos::Protobuf::Google
|
|
35
14
|
module Api
|
|
@@ -11,29 +11,7 @@ require 'cerbos/protobuf/protoc-gen-openapiv2/options/openapiv2_pb'
|
|
|
11
11
|
descriptor_data = "\n.protoc-gen-openapiv2/options/annotations.proto\x12)grpc.gateway.protoc_gen_openapiv2.options\x1a google/protobuf/descriptor.proto\x1a,protoc-gen-openapiv2/options/openapiv2.proto:~\n\x11openapiv2_swagger\x12\x1c.google.protobuf.FileOptions\x18\x92\x08 \x01(\x0b\x32\x32.grpc.gateway.protoc_gen_openapiv2.options.SwaggerR\x10openapiv2Swagger:\x86\x01\n\x13openapiv2_operation\x12\x1e.google.protobuf.MethodOptions\x18\x92\x08 \x01(\x0b\x32\x34.grpc.gateway.protoc_gen_openapiv2.options.OperationR\x12openapiv2Operation:~\n\x10openapiv2_schema\x12\x1f.google.protobuf.MessageOptions\x18\x92\x08 \x01(\x0b\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.SchemaR\x0fopenapiv2Schema:u\n\ropenapiv2_tag\x12\x1f.google.protobuf.ServiceOptions\x18\x92\x08 \x01(\x0b\x32..grpc.gateway.protoc_gen_openapiv2.options.TagR\x0copenapiv2Tag:~\n\x0fopenapiv2_field\x12\x1d.google.protobuf.FieldOptions\x18\x92\x08 \x01(\x0b\x32\x35.grpc.gateway.protoc_gen_openapiv2.options.JSONSchemaR\x0eopenapiv2FieldBHZFgithub.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/optionsb\x06proto3"
|
|
12
12
|
|
|
13
13
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
14
|
-
|
|
15
|
-
begin
|
|
16
|
-
pool.add_serialized_file(descriptor_data)
|
|
17
|
-
rescue TypeError => e
|
|
18
|
-
# Compatibility code: will be removed in the next major version.
|
|
19
|
-
require 'google/protobuf/descriptor_pb'
|
|
20
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
21
|
-
parsed.clear_dependency
|
|
22
|
-
serialized = parsed.class.encode(parsed)
|
|
23
|
-
file = pool.add_serialized_file(serialized)
|
|
24
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
25
|
-
imports = [
|
|
26
|
-
["grpc.gateway.protoc_gen_openapiv2.options.Swagger", "protoc-gen-openapiv2/options/openapiv2.proto"],
|
|
27
|
-
]
|
|
28
|
-
imports.each do |type_name, expected_filename|
|
|
29
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
30
|
-
if import_file.name != expected_filename
|
|
31
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
35
|
-
warn "This will become an error in the next major version."
|
|
36
|
-
end
|
|
14
|
+
pool.add_serialized_file(descriptor_data)
|
|
37
15
|
|
|
38
16
|
module Cerbos::Protobuf::Grpc
|
|
39
17
|
module Gateway
|
|
@@ -10,29 +10,7 @@ require 'google/protobuf/struct_pb'
|
|
|
10
10
|
descriptor_data = "\n,protoc-gen-openapiv2/options/openapiv2.proto\x12)grpc.gateway.protoc_gen_openapiv2.options\x1a\x1cgoogle/protobuf/struct.proto\"\xb3\x08\n\x07Swagger\x12\x18\n\x07swagger\x18\x01 \x01(\tR\x07swagger\x12\x43\n\x04info\x18\x02 \x01(\x0b\x32/.grpc.gateway.protoc_gen_openapiv2.options.InfoR\x04info\x12\x12\n\x04host\x18\x03 \x01(\tR\x04host\x12\x1b\n\tbase_path\x18\x04 \x01(\tR\x08\x62\x61sePath\x12K\n\x07schemes\x18\x05 \x03(\x0e\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.SchemeR\x07schemes\x12\x1a\n\x08\x63onsumes\x18\x06 \x03(\tR\x08\x63onsumes\x12\x1a\n\x08produces\x18\x07 \x03(\tR\x08produces\x12_\n\tresponses\x18\n \x03(\x0b\x32\x41.grpc.gateway.protoc_gen_openapiv2.options.Swagger.ResponsesEntryR\tresponses\x12q\n\x14security_definitions\x18\x0b \x01(\x0b\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityDefinitionsR\x13securityDefinitions\x12Z\n\x08security\x18\x0c \x03(\x0b\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityRequirementR\x08security\x12\x42\n\x04tags\x18\r \x03(\x0b\x32..grpc.gateway.protoc_gen_openapiv2.options.TagR\x04tags\x12\x65\n\rexternal_docs\x18\x0e \x01(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.ExternalDocumentationR\x0c\x65xternalDocs\x12\x62\n\nextensions\x18\x0f \x03(\x0b\x32\x42.grpc.gateway.protoc_gen_openapiv2.options.Swagger.ExtensionsEntryR\nextensions\x1aq\n\x0eResponsesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12I\n\x05value\x18\x02 \x01(\x0b\x32\x33.grpc.gateway.protoc_gen_openapiv2.options.ResponseR\x05value:\x02\x38\x01\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01J\x04\x08\x08\x10\tJ\x04\x08\t\x10\n\"\xd6\x07\n\tOperation\x12\x12\n\x04tags\x18\x01 \x03(\tR\x04tags\x12\x18\n\x07summary\x18\x02 \x01(\tR\x07summary\x12 \n\x0b\x64\x65scription\x18\x03 \x01(\tR\x0b\x64\x65scription\x12\x65\n\rexternal_docs\x18\x04 \x01(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.ExternalDocumentationR\x0c\x65xternalDocs\x12!\n\x0coperation_id\x18\x05 \x01(\tR\x0boperationId\x12\x1a\n\x08\x63onsumes\x18\x06 \x03(\tR\x08\x63onsumes\x12\x1a\n\x08produces\x18\x07 \x03(\tR\x08produces\x12\x61\n\tresponses\x18\t \x03(\x0b\x32\x43.grpc.gateway.protoc_gen_openapiv2.options.Operation.ResponsesEntryR\tresponses\x12K\n\x07schemes\x18\n \x03(\x0e\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.SchemeR\x07schemes\x12\x1e\n\ndeprecated\x18\x0b \x01(\x08R\ndeprecated\x12Z\n\x08security\x18\x0c \x03(\x0b\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityRequirementR\x08security\x12\x64\n\nextensions\x18\r \x03(\x0b\x32\x44.grpc.gateway.protoc_gen_openapiv2.options.Operation.ExtensionsEntryR\nextensions\x12U\n\nparameters\x18\x0e \x01(\x0b\x32\x35.grpc.gateway.protoc_gen_openapiv2.options.ParametersR\nparameters\x1aq\n\x0eResponsesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12I\n\x05value\x18\x02 \x01(\x0b\x32\x33.grpc.gateway.protoc_gen_openapiv2.options.ResponseR\x05value:\x02\x38\x01\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01J\x04\x08\x08\x10\t\"b\n\nParameters\x12T\n\x07headers\x18\x01 \x03(\x0b\x32:.grpc.gateway.protoc_gen_openapiv2.options.HeaderParameterR\x07headers\"\xa3\x02\n\x0fHeaderParameter\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12 \n\x0b\x64\x65scription\x18\x02 \x01(\tR\x0b\x64\x65scription\x12S\n\x04type\x18\x03 \x01(\x0e\x32?.grpc.gateway.protoc_gen_openapiv2.options.HeaderParameter.TypeR\x04type\x12\x16\n\x06\x66ormat\x18\x04 \x01(\tR\x06\x66ormat\x12\x1a\n\x08required\x18\x05 \x01(\x08R\x08required\"E\n\x04Type\x12\x0b\n\x07UNKNOWN\x10\x00\x12\n\n\x06STRING\x10\x01\x12\n\n\x06NUMBER\x10\x02\x12\x0b\n\x07INTEGER\x10\x03\x12\x0b\n\x07\x42OOLEAN\x10\x04J\x04\x08\x06\x10\x07J\x04\x08\x07\x10\x08\"\xd8\x01\n\x06Header\x12 \n\x0b\x64\x65scription\x18\x01 \x01(\tR\x0b\x64\x65scription\x12\x12\n\x04type\x18\x02 \x01(\tR\x04type\x12\x16\n\x06\x66ormat\x18\x03 \x01(\tR\x06\x66ormat\x12\x18\n\x07\x64\x65\x66\x61ult\x18\x06 \x01(\tR\x07\x64\x65\x66\x61ult\x12\x18\n\x07pattern\x18\r \x01(\tR\x07patternJ\x04\x08\x04\x10\x05J\x04\x08\x05\x10\x06J\x04\x08\x07\x10\x08J\x04\x08\x08\x10\tJ\x04\x08\t\x10\nJ\x04\x08\n\x10\x0bJ\x04\x08\x0b\x10\x0cJ\x04\x08\x0c\x10\rJ\x04\x08\x0e\x10\x0fJ\x04\x08\x0f\x10\x10J\x04\x08\x10\x10\x11J\x04\x08\x11\x10\x12J\x04\x08\x12\x10\x13\"\x9a\x05\n\x08Response\x12 \n\x0b\x64\x65scription\x18\x01 \x01(\tR\x0b\x64\x65scription\x12I\n\x06schema\x18\x02 \x01(\x0b\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.SchemaR\x06schema\x12Z\n\x07headers\x18\x03 \x03(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.Response.HeadersEntryR\x07headers\x12]\n\x08\x65xamples\x18\x04 \x03(\x0b\x32\x41.grpc.gateway.protoc_gen_openapiv2.options.Response.ExamplesEntryR\x08\x65xamples\x12\x63\n\nextensions\x18\x05 \x03(\x0b\x32\x43.grpc.gateway.protoc_gen_openapiv2.options.Response.ExtensionsEntryR\nextensions\x1am\n\x0cHeadersEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12G\n\x05value\x18\x02 \x01(\x0b\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.HeaderR\x05value:\x02\x38\x01\x1a;\n\rExamplesEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n\x05value\x18\x02 \x01(\tR\x05value:\x02\x38\x01\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"\xd6\x03\n\x04Info\x12\x14\n\x05title\x18\x01 \x01(\tR\x05title\x12 \n\x0b\x64\x65scription\x18\x02 \x01(\tR\x0b\x64\x65scription\x12(\n\x10terms_of_service\x18\x03 \x01(\tR\x0etermsOfService\x12L\n\x07\x63ontact\x18\x04 \x01(\x0b\x32\x32.grpc.gateway.protoc_gen_openapiv2.options.ContactR\x07\x63ontact\x12L\n\x07license\x18\x05 \x01(\x0b\x32\x32.grpc.gateway.protoc_gen_openapiv2.options.LicenseR\x07license\x12\x18\n\x07version\x18\x06 \x01(\tR\x07version\x12_\n\nextensions\x18\x07 \x03(\x0b\x32?.grpc.gateway.protoc_gen_openapiv2.options.Info.ExtensionsEntryR\nextensions\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"E\n\x07\x43ontact\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x10\n\x03url\x18\x02 \x01(\tR\x03url\x12\x14\n\x05\x65mail\x18\x03 \x01(\tR\x05\x65mail\"/\n\x07License\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12\x10\n\x03url\x18\x02 \x01(\tR\x03url\"K\n\x15\x45xternalDocumentation\x12 \n\x0b\x64\x65scription\x18\x01 \x01(\tR\x0b\x64\x65scription\x12\x10\n\x03url\x18\x02 \x01(\tR\x03url\"\xaa\x02\n\x06Schema\x12V\n\x0bjson_schema\x18\x01 \x01(\x0b\x32\x35.grpc.gateway.protoc_gen_openapiv2.options.JSONSchemaR\njsonSchema\x12$\n\rdiscriminator\x18\x02 \x01(\tR\rdiscriminator\x12\x1b\n\tread_only\x18\x03 \x01(\x08R\x08readOnly\x12\x65\n\rexternal_docs\x18\x05 \x01(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.ExternalDocumentationR\x0c\x65xternalDocs\x12\x18\n\x07\x65xample\x18\x06 \x01(\tR\x07\x65xampleJ\x04\x08\x04\x10\x05\"\xd7\n\n\nJSONSchema\x12\x10\n\x03ref\x18\x03 \x01(\tR\x03ref\x12\x14\n\x05title\x18\x05 \x01(\tR\x05title\x12 \n\x0b\x64\x65scription\x18\x06 \x01(\tR\x0b\x64\x65scription\x12\x18\n\x07\x64\x65\x66\x61ult\x18\x07 \x01(\tR\x07\x64\x65\x66\x61ult\x12\x1b\n\tread_only\x18\x08 \x01(\x08R\x08readOnly\x12\x18\n\x07\x65xample\x18\t \x01(\tR\x07\x65xample\x12\x1f\n\x0bmultiple_of\x18\n \x01(\x01R\nmultipleOf\x12\x18\n\x07maximum\x18\x0b \x01(\x01R\x07maximum\x12+\n\x11\x65xclusive_maximum\x18\x0c \x01(\x08R\x10\x65xclusiveMaximum\x12\x18\n\x07minimum\x18\r \x01(\x01R\x07minimum\x12+\n\x11\x65xclusive_minimum\x18\x0e \x01(\x08R\x10\x65xclusiveMinimum\x12\x1d\n\nmax_length\x18\x0f \x01(\x04R\tmaxLength\x12\x1d\n\nmin_length\x18\x10 \x01(\x04R\tminLength\x12\x18\n\x07pattern\x18\x11 \x01(\tR\x07pattern\x12\x1b\n\tmax_items\x18\x14 \x01(\x04R\x08maxItems\x12\x1b\n\tmin_items\x18\x15 \x01(\x04R\x08minItems\x12!\n\x0cunique_items\x18\x16 \x01(\x08R\x0buniqueItems\x12%\n\x0emax_properties\x18\x18 \x01(\x04R\rmaxProperties\x12%\n\x0emin_properties\x18\x19 \x01(\x04R\rminProperties\x12\x1a\n\x08required\x18\x1a \x03(\tR\x08required\x12\x14\n\x05\x61rray\x18\" \x03(\tR\x05\x61rray\x12_\n\x04type\x18# \x03(\x0e\x32K.grpc.gateway.protoc_gen_openapiv2.options.JSONSchema.JSONSchemaSimpleTypesR\x04type\x12\x16\n\x06\x66ormat\x18$ \x01(\tR\x06\x66ormat\x12\x12\n\x04\x65num\x18. \x03(\tR\x04\x65num\x12z\n\x13\x66ield_configuration\x18\xe9\x07 \x01(\x0b\x32H.grpc.gateway.protoc_gen_openapiv2.options.JSONSchema.FieldConfigurationR\x12\x66ieldConfiguration\x12\x65\n\nextensions\x18\x30 \x03(\x0b\x32\x45.grpc.gateway.protoc_gen_openapiv2.options.JSONSchema.ExtensionsEntryR\nextensions\x1a<\n\x12\x46ieldConfiguration\x12&\n\x0fpath_param_name\x18/ \x01(\tR\rpathParamName\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"w\n\x15JSONSchemaSimpleTypes\x12\x0b\n\x07UNKNOWN\x10\x00\x12\t\n\x05\x41RRAY\x10\x01\x12\x0b\n\x07\x42OOLEAN\x10\x02\x12\x0b\n\x07INTEGER\x10\x03\x12\x08\n\x04NULL\x10\x04\x12\n\n\x06NUMBER\x10\x05\x12\n\n\x06OBJECT\x10\x06\x12\n\n\x06STRING\x10\x07J\x04\x08\x01\x10\x02J\x04\x08\x02\x10\x03J\x04\x08\x04\x10\x05J\x04\x08\x12\x10\x13J\x04\x08\x13\x10\x14J\x04\x08\x17\x10\x18J\x04\x08\x1b\x10\x1cJ\x04\x08\x1c\x10\x1dJ\x04\x08\x1d\x10\x1eJ\x04\x08\x1e\x10\"J\x04\x08%\x10*J\x04\x08*\x10+J\x04\x08+\x10.\"\xd9\x02\n\x03Tag\x12\x12\n\x04name\x18\x01 \x01(\tR\x04name\x12 \n\x0b\x64\x65scription\x18\x02 \x01(\tR\x0b\x64\x65scription\x12\x65\n\rexternal_docs\x18\x03 \x01(\x0b\x32@.grpc.gateway.protoc_gen_openapiv2.options.ExternalDocumentationR\x0c\x65xternalDocs\x12^\n\nextensions\x18\x04 \x03(\x0b\x32>.grpc.gateway.protoc_gen_openapiv2.options.Tag.ExtensionsEntryR\nextensions\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"\xf7\x01\n\x13SecurityDefinitions\x12h\n\x08security\x18\x01 \x03(\x0b\x32L.grpc.gateway.protoc_gen_openapiv2.options.SecurityDefinitions.SecurityEntryR\x08security\x1av\n\rSecurityEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12O\n\x05value\x18\x02 \x01(\x0b\x32\x39.grpc.gateway.protoc_gen_openapiv2.options.SecuritySchemeR\x05value:\x02\x38\x01\"\xff\x06\n\x0eSecurityScheme\x12R\n\x04type\x18\x01 \x01(\x0e\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityScheme.TypeR\x04type\x12 \n\x0b\x64\x65scription\x18\x02 \x01(\tR\x0b\x64\x65scription\x12\x12\n\x04name\x18\x03 \x01(\tR\x04name\x12L\n\x02in\x18\x04 \x01(\x0e\x32<.grpc.gateway.protoc_gen_openapiv2.options.SecurityScheme.InR\x02in\x12R\n\x04\x66low\x18\x05 \x01(\x0e\x32>.grpc.gateway.protoc_gen_openapiv2.options.SecurityScheme.FlowR\x04\x66low\x12+\n\x11\x61uthorization_url\x18\x06 \x01(\tR\x10\x61uthorizationUrl\x12\x1b\n\ttoken_url\x18\x07 \x01(\tR\x08tokenUrl\x12I\n\x06scopes\x18\x08 \x01(\x0b\x32\x31.grpc.gateway.protoc_gen_openapiv2.options.ScopesR\x06scopes\x12i\n\nextensions\x18\t \x03(\x0b\x32I.grpc.gateway.protoc_gen_openapiv2.options.SecurityScheme.ExtensionsEntryR\nextensions\x1aU\n\x0f\x45xtensionsEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12,\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.ValueR\x05value:\x02\x38\x01\"K\n\x04Type\x12\x10\n\x0cTYPE_INVALID\x10\x00\x12\x0e\n\nTYPE_BASIC\x10\x01\x12\x10\n\x0cTYPE_API_KEY\x10\x02\x12\x0f\n\x0bTYPE_OAUTH2\x10\x03\"1\n\x02In\x12\x0e\n\nIN_INVALID\x10\x00\x12\x0c\n\x08IN_QUERY\x10\x01\x12\r\n\tIN_HEADER\x10\x02\"j\n\x04\x46low\x12\x10\n\x0c\x46LOW_INVALID\x10\x00\x12\x11\n\rFLOW_IMPLICIT\x10\x01\x12\x11\n\rFLOW_PASSWORD\x10\x02\x12\x14\n\x10\x46LOW_APPLICATION\x10\x03\x12\x14\n\x10\x46LOW_ACCESS_CODE\x10\x04\"\xf6\x02\n\x13SecurityRequirement\x12\x8a\x01\n\x14security_requirement\x18\x01 \x03(\x0b\x32W.grpc.gateway.protoc_gen_openapiv2.options.SecurityRequirement.SecurityRequirementEntryR\x13securityRequirement\x1a\x30\n\x18SecurityRequirementValue\x12\x14\n\x05scope\x18\x01 \x03(\tR\x05scope\x1a\x9f\x01\n\x18SecurityRequirementEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12m\n\x05value\x18\x02 \x01(\x0b\x32W.grpc.gateway.protoc_gen_openapiv2.options.SecurityRequirement.SecurityRequirementValueR\x05value:\x02\x38\x01\"\x96\x01\n\x06Scopes\x12R\n\x05scope\x18\x01 \x03(\x0b\x32<.grpc.gateway.protoc_gen_openapiv2.options.Scopes.ScopeEntryR\x05scope\x1a\x38\n\nScopeEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n\x05value\x18\x02 \x01(\tR\x05value:\x02\x38\x01*;\n\x06Scheme\x12\x0b\n\x07UNKNOWN\x10\x00\x12\x08\n\x04HTTP\x10\x01\x12\t\n\x05HTTPS\x10\x02\x12\x06\n\x02WS\x10\x03\x12\x07\n\x03WSS\x10\x04\x42HZFgithub.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/optionsb\x06proto3"
|
|
11
11
|
|
|
12
12
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
13
|
-
|
|
14
|
-
begin
|
|
15
|
-
pool.add_serialized_file(descriptor_data)
|
|
16
|
-
rescue TypeError => e
|
|
17
|
-
# Compatibility code: will be removed in the next major version.
|
|
18
|
-
require 'google/protobuf/descriptor_pb'
|
|
19
|
-
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
20
|
-
parsed.clear_dependency
|
|
21
|
-
serialized = parsed.class.encode(parsed)
|
|
22
|
-
file = pool.add_serialized_file(serialized)
|
|
23
|
-
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
24
|
-
imports = [
|
|
25
|
-
["google.protobuf.Value", "google/protobuf/struct.proto"],
|
|
26
|
-
]
|
|
27
|
-
imports.each do |type_name, expected_filename|
|
|
28
|
-
import_file = pool.lookup(type_name).file_descriptor
|
|
29
|
-
if import_file.name != expected_filename
|
|
30
|
-
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
31
|
-
end
|
|
32
|
-
end
|
|
33
|
-
warn "Each proto file must use a consistent fully-qualified name."
|
|
34
|
-
warn "This will become an error in the next major version."
|
|
35
|
-
end
|
|
13
|
+
pool.add_serialized_file(descriptor_data)
|
|
36
14
|
|
|
37
15
|
module Cerbos::Protobuf::Grpc
|
|
38
16
|
module Gateway
|
data/lib/cerbos/version.rb
CHANGED
data/lib/cerbos.rb
CHANGED
|
@@ -10,6 +10,17 @@ require "time"
|
|
|
10
10
|
#
|
|
11
11
|
# Create a {Client} instance to interact with the Cerbos policy decision point server over gRPC.
|
|
12
12
|
module Cerbos
|
|
13
|
+
# @private
|
|
14
|
+
def self.deprecation_warning(message)
|
|
15
|
+
return unless Warning[:deprecated]
|
|
16
|
+
|
|
17
|
+
message = "[cerbos] #{message}"
|
|
18
|
+
|
|
19
|
+
location = caller_locations.find { |location| !location.absolute_path.start_with?(__dir__) }
|
|
20
|
+
message = "#{location.path}:#{location.lineno}: #{message}" unless location.nil?
|
|
21
|
+
|
|
22
|
+
warn message, category: :deprecated
|
|
23
|
+
end
|
|
13
24
|
end
|
|
14
25
|
|
|
15
26
|
require_relative "cerbos/client"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cerbos
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.9.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cerbos
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-07-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: grpc
|
|
@@ -24,6 +24,26 @@ dependencies:
|
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
26
|
version: '1.46'
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: google-protobuf
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - ">="
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: 3.21.12
|
|
34
|
+
- - "<"
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: '5.0'
|
|
37
|
+
type: :runtime
|
|
38
|
+
prerelease: false
|
|
39
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
40
|
+
requirements:
|
|
41
|
+
- - ">="
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: 3.21.12
|
|
44
|
+
- - "<"
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: '5.0'
|
|
27
47
|
description: Perform authorization in Ruby applications by interacting with the Cerbos
|
|
28
48
|
policy decision point.
|
|
29
49
|
email:
|
|
@@ -55,6 +75,9 @@ files:
|
|
|
55
75
|
- lib/cerbos/output/server_info.rb
|
|
56
76
|
- lib/cerbos/output/validation_error.rb
|
|
57
77
|
- lib/cerbos/protobuf.rb
|
|
78
|
+
- lib/cerbos/protobuf/buf/validate/expression_pb.rb
|
|
79
|
+
- lib/cerbos/protobuf/buf/validate/priv/private_pb.rb
|
|
80
|
+
- lib/cerbos/protobuf/buf/validate/validate_pb.rb
|
|
58
81
|
- lib/cerbos/protobuf/cerbos/effect/v1/effect_pb.rb
|
|
59
82
|
- lib/cerbos/protobuf/cerbos/engine/v1/engine_pb.rb
|
|
60
83
|
- lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb
|
|
@@ -67,7 +90,6 @@ files:
|
|
|
67
90
|
- lib/cerbos/protobuf/google/api/http_pb.rb
|
|
68
91
|
- lib/cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb.rb
|
|
69
92
|
- lib/cerbos/protobuf/protoc-gen-openapiv2/options/openapiv2_pb.rb
|
|
70
|
-
- lib/cerbos/protobuf/validate/validate_pb.rb
|
|
71
93
|
- lib/cerbos/tls.rb
|
|
72
94
|
- lib/cerbos/version.rb
|
|
73
95
|
- yard_extensions.rb
|
|
@@ -77,7 +99,7 @@ licenses:
|
|
|
77
99
|
metadata:
|
|
78
100
|
bug_tracker_uri: https://github.com/cerbos/cerbos-sdk-ruby/issues
|
|
79
101
|
changelog_uri: https://github.com/cerbos/cerbos-sdk-ruby/blob/main/CHANGELOG.md
|
|
80
|
-
documentation_uri: https://www.rubydoc.info/gems/cerbos/0.
|
|
102
|
+
documentation_uri: https://www.rubydoc.info/gems/cerbos/0.9.1
|
|
81
103
|
homepage_uri: https://github.com/cerbos/cerbos-sdk-ruby
|
|
82
104
|
source_code_uri: https://github.com/cerbos/cerbos-sdk-ruby
|
|
83
105
|
rubygems_mfa_required: 'true'
|
|
@@ -89,14 +111,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
89
111
|
requirements:
|
|
90
112
|
- - ">="
|
|
91
113
|
- !ruby/object:Gem::Version
|
|
92
|
-
version: 3.
|
|
114
|
+
version: 3.1.0
|
|
93
115
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
94
116
|
requirements:
|
|
95
117
|
- - ">="
|
|
96
118
|
- !ruby/object:Gem::Version
|
|
97
119
|
version: '0'
|
|
98
120
|
requirements: []
|
|
99
|
-
rubygems_version: 3.5.
|
|
121
|
+
rubygems_version: 3.5.15
|
|
100
122
|
signing_key:
|
|
101
123
|
specification_version: 4
|
|
102
124
|
summary: Client library for authorization via Cerbos
|