RubyGems - cerbos - Versions diffs - 0.3.0 → 0.4.0 - Mend

cerbos 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +9 -1
data/lib/cerbos/client.rb +33 -4
data/lib/cerbos/error.rb +16 -1
data/lib/cerbos/input/resource_query.rb +1 -1
data/lib/cerbos/protobuf/cerbos/audit/v1/audit_pb.rb +16 -0
data/lib/cerbos/protobuf/cerbos/engine/v1/engine_pb.rb +63 -33
data/lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb +1 -1
data/lib/cerbos/protobuf/cerbos/response/v1/response_pb.rb +2 -27
data/lib/cerbos/protobuf/cerbos/telemetry/v1/telemetry_pb.rb +65 -41
data/lib/cerbos/version.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 41c6a1f790cc09bff5f0c542d5338161730c4c649e66074afb381af8581637d3
-  data.tar.gz: f7fbd30bc55b357b1a0a77d1da2e48d06cf9af1fe4cfc44947c879e661a81768
+  metadata.gz: 53df88d33685d6761feb0c4f8c25453012d615ddb6d5158fbabb34594c905a64
+  data.tar.gz: 81b5a8f937915c33a11a130124b8e1a14a83d6327e0416568873062afc250b01
 SHA512:
-  metadata.gz: e0bbda1a092e1ec55fe9565765609fd0ed3dd77a4fa12f627cddbb1b7b48177d423114a9e8d21a454e2fcfd9257e6ce82da303f4f3df82d2d24d766519734100
-  data.tar.gz: 525b97f8aee44d35fe4039ab75ecad4315f79fedd0f2ad94a2b308fa99700579e8800009a38735ebdfc3a9f462aae230f71ef637ab682fc461c2d40cb6a897cb
+  metadata.gz: 1e8cf9388d67af42d55b8cd4a5dc312ffc689fb5facb27384144dd6bd7982dc3d7a7f2211aea94fc6773d173970aaf5264ddc1f8f72dd0bf320c9e043db8871d
+  data.tar.gz: 884c774cca17408a0f16ac5d00d2efd8833035291bc422190bafd266ec3e9354d8571c9c3f93e7a04545a7b0f85eec73507a481bc0f49462f61de75970b4c19c

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,13 @@
 ## [Unreleased]
 No notable changes.
+## [0.4.0] - 2022-06-03
+### Added
+- `on_validation_error` option to `Cerbos::Client#initialize` ([#22](https://github.com/cerbos/cerbos-sdk-ruby/pull/22))
+### Changed
+- Minor documentation fixes ([#21](https://github.com/cerbos/cerbos-sdk-ruby/pull/21))
 ## [0.3.0] - 2022-05-13
 ### Added
 - More helper methods ([#11](https://github.com/cerbos/cerbos-sdk-ruby/pull/11))
@@ -15,7 +22,8 @@ No notable changes.
 ### Added
 - Initial implementation of `Cerbos::Client` ([#2](https://github.com/cerbos/cerbos-sdk-ruby/pull/2))
-[Unreleased]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.3.0...HEAD
+[Unreleased]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.4.0...HEAD
+[0.4.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.3.0...v0.4.0
 [0.3.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.2.0...v0.3.0
 [0.2.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/v0.1.0...v0.2.0
 [0.1.0]: https://github.com/cerbos/cerbos-sdk-ruby/compare/4481009e9dec2e1e6a2df8ea2f828690ceabbefc...v0.1.0

data/lib/cerbos/client.rb CHANGED Viewed

@@ -9,9 +9,10 @@ module Cerbos
   class Client
     # Create a client for interacting with the Cerbos PDP server over gRPC.
     #
-    # @param target [String] Cerbos PDP server address (`"host", "host:port"`, or `"unix:/path/to/socket"`).
+    # @param target [String] Cerbos PDP server address (`"host"`, `"host:port"`, or `"unix:/path/to/socket"`).
     # @param tls [TLS, MutualTLS, false] gRPC connection encryption settings (`false` for plaintext).
     # @param grpc_channel_args [Hash{String, Symbol => String, Integer}] low-level settings for the gRPC channel (see [available keys in the gRPC documentation](https://grpc.github.io/grpc/core/group__grpc__arg__keys.html)).
+    # @param on_validation_error [:return, :raise, #call] action to take when input fails schema validation (`:return` to return the validation errors in the response, `:raise` to raise {Error::ValidationFailed}, or a callback to invoke).
     # @param playground_instance [String, nil] identifier of the playground instance to use when prototyping against the hosted demo PDP.
     # @param timeout [Numeric, nil] timeout for gRPC calls, in seconds (`nil` to never time out).
     #
@@ -23,7 +24,15 @@ module Cerbos
     #
     # @example Connect to the hosted demo PDP to experiment [in the playground](https://play.cerbos.dev)
     #   client = Cerbos::Client.new("demo-pdp.cerbos.cloud", tls: Cerbos::TLS.new, playground_instance: "gE623b0180QlsG5a4QIN6UOZ6f3iSFW2")
-    def initialize(target, tls:, grpc_channel_args: {}, playground_instance: nil, timeout: nil)
+    #
+    # @example Raise an error when input fails schema validation
+    #   client = Cerbos::Client.new("localhost:3593", tls: false, on_validation_error: :raise)
+    #
+    # @example Invoke a callback when input fails schema validation
+    #   client = Cerbos::Client.new("localhost:3593", tls: false, on_validation_error: ->(validation_errors) { do_something_with validation_errors })
+    def initialize(target, tls:, grpc_channel_args: {}, on_validation_error: :return, playground_instance: nil, timeout: nil)
+      @on_validation_error = on_validation_error
       handle_errors do
         credentials = tls ? tls.to_channel_credentials : :this_channel_is_insecure
@@ -53,6 +62,13 @@ module Cerbos
     # @param request_id [String] identifier for tracing the request.
     #
     # @return [Boolean]
+    #
+    # @example
+    #   client.allow?(
+    #     principal: {id: "user@example.com", roles: ["USER"]},
+    #     resource: {kind: "document", id: "1"},
+    #     action: "view"
+    #   ) # => true
     def allow?(principal:, resource:, action:, aux_data: nil, request_id: SecureRandom.uuid)
       check_resource(
         principal: principal,
@@ -119,7 +135,7 @@ module Cerbos
     #     ]
     #   )
     #
-    #   result.allow?(resource: {kind: "document", id: "1"}, action: "view") # => true
+    #   decision.allow?(resource: {kind: "document", id: "1"}, action: "view") # => true
     def check_resources(principal:, resources:, aux_data: nil, include_metadata: false, request_id: SecureRandom.uuid)
       handle_errors do
         request = Protobuf::Cerbos::Request::V1::CheckResourcesRequest.new(
@@ -132,7 +148,9 @@ module Cerbos
         response = perform_request(@cerbos_service, :check_resources, request)
-        Output::CheckResources.from_protobuf(response)
+        Output::CheckResources.from_protobuf(response).tap do |output|
+          handle_validation_errors output
+        end
       end
     end
@@ -200,6 +218,17 @@ module Cerbos
       raise Error, error.message
     end
+    def handle_validation_errors(output)
+      return if @on_validation_error == :return
+      validation_errors = output.results.flat_map(&:validation_errors)
+      return if validation_errors.empty?
+      raise Error::ValidationFailed.new(validation_errors) if @on_validation_error == :raise
+      @on_validation_error.call validation_errors
+    end
     def perform_request(service, rpc, request)
       service.public_send(rpc, request)
     end

data/lib/cerbos/error.rb CHANGED Viewed

@@ -3,6 +3,21 @@
 module Cerbos
   # Base type for errors thrown by the `cerbos` gem.
   class Error < StandardError
+    # Input failed schema validation.
+    class ValidationFailed < Error
+      # The validation errors that occurred.
+      #
+      # @return [Array<Output::CheckResources::Result::ValidationError>]
+      attr_reader :validation_errors
+      # @private
+      def initialize(validation_errors)
+        super "Input failed schema validation"
+        @validation_errors = validation_errors
+      end
+    end
     # An error indicating an unsuccessful gRPC operation.
     class NotOK < Error
       # The gRPC status code.
@@ -33,7 +48,7 @@ module Cerbos
       # @private
       def initialize(code:, details:, metadata: {})
-        super("gRPC error #{code}: #{details}")
+        super "gRPC error #{code}: #{details}"
         @code = code
         @details = details

data/lib/cerbos/input/resource_query.rb CHANGED Viewed

@@ -43,7 +43,7 @@ module Cerbos
       # @private
       def to_protobuf
-        Protobuf::Cerbos::Engine::V1::PlanResourcesRequest::Resource.new(
+        Protobuf::Cerbos::Engine::V1::PlanResourcesInput::Resource.new(
           kind: kind,
           attr: attributes.to_protobuf,
           policy_version: policy_version,

data/lib/cerbos/protobuf/cerbos/audit/v1/audit_pb.rb CHANGED Viewed

@@ -23,6 +23,20 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :inputs, :message, 4, "cerbos.engine.v1.CheckInput", json_name: "inputs"
       repeated :outputs, :message, 5, "cerbos.engine.v1.CheckOutput", json_name: "outputs"
       optional :error, :string, 6, json_name: "error"
+      oneof :method do
+        optional :check_resources, :message, 7, "cerbos.audit.v1.DecisionLogEntry.CheckResources", json_name: "checkResources"
+        optional :plan_resources, :message, 8, "cerbos.audit.v1.DecisionLogEntry.PlanResources", json_name: "planResources"
+      end
+    end
+    add_message "cerbos.audit.v1.DecisionLogEntry.CheckResources" do
+      repeated :inputs, :message, 1, "cerbos.engine.v1.CheckInput", json_name: "inputs"
+      repeated :outputs, :message, 2, "cerbos.engine.v1.CheckOutput", json_name: "outputs"
+      optional :error, :string, 3, json_name: "error"
+    end
+    add_message "cerbos.audit.v1.DecisionLogEntry.PlanResources" do
+      optional :input, :message, 1, "cerbos.engine.v1.PlanResourcesInput", json_name: "input"
+      optional :output, :message, 2, "cerbos.engine.v1.PlanResourcesOutput", json_name: "output"
+      optional :error, :string, 3, json_name: "error"
     end
     add_message "cerbos.audit.v1.MetaValues" do
       repeated :values, :string, 1, json_name: "values"
@@ -41,6 +55,8 @@ module Cerbos::Protobuf::Cerbos
     module V1
       AccessLogEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.AccessLogEntry").msgclass
       DecisionLogEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.DecisionLogEntry").msgclass
+      DecisionLogEntry::CheckResources = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.DecisionLogEntry.CheckResources").msgclass
+      DecisionLogEntry::PlanResources = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.DecisionLogEntry.PlanResources").msgclass
       MetaValues = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.MetaValues").msgclass
       Peer = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.audit.v1.Peer").msgclass
     end

data/lib/cerbos/protobuf/cerbos/engine/v1/engine_pb.rb CHANGED Viewed

@@ -13,20 +13,69 @@ require 'cerbos/protobuf/validate/validate_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("cerbos/engine/v1/engine.proto", :syntax => :proto3) do
-    add_message "cerbos.engine.v1.PlanResourcesRequest" do
+    add_message "cerbos.engine.v1.PlanResourcesInput" do
       optional :request_id, :string, 1, json_name: "requestId"
       optional :action, :string, 2, json_name: "action"
       optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
-      optional :resource, :message, 4, "cerbos.engine.v1.PlanResourcesRequest.Resource", json_name: "resource"
+      optional :resource, :message, 4, "cerbos.engine.v1.PlanResourcesInput.Resource", json_name: "resource"
       optional :aux_data, :message, 5, "cerbos.engine.v1.AuxData", json_name: "auxData"
       optional :include_meta, :bool, 6, json_name: "includeMeta"
     end
-    add_message "cerbos.engine.v1.PlanResourcesRequest.Resource" do
+    add_message "cerbos.engine.v1.PlanResourcesInput.Resource" do
       optional :kind, :string, 1, json_name: "kind"
       map :attr, :string, :message, 2, "google.protobuf.Value"
       optional :policy_version, :string, 3, json_name: "policyVersion"
       optional :scope, :string, 4, json_name: "scope"
     end
+    add_message "cerbos.engine.v1.PlanResourcesAst" do
+      optional :filter_ast, :message, 1, "cerbos.engine.v1.PlanResourcesAst.Node", json_name: "filterAst"
+    end
+    add_message "cerbos.engine.v1.PlanResourcesAst.Node" do
+      oneof :node do
+        optional :logical_operation, :message, 1, "cerbos.engine.v1.PlanResourcesAst.LogicalOperation", json_name: "logicalOperation"
+        optional :expression, :message, 2, "google.api.expr.v1alpha1.CheckedExpr", json_name: "expression"
+      end
+    end
+    add_message "cerbos.engine.v1.PlanResourcesAst.LogicalOperation" do
+      optional :operator, :enum, 1, "cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator", json_name: "operator"
+      repeated :nodes, :message, 2, "cerbos.engine.v1.PlanResourcesAst.Node", json_name: "nodes"
+    end
+    add_enum "cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator" do
+      value :OPERATOR_UNSPECIFIED, 0
+      value :OPERATOR_AND, 1
+      value :OPERATOR_OR, 2
+      value :OPERATOR_NOT, 3
+    end
+    add_message "cerbos.engine.v1.PlanResourcesFilter" do
+      optional :kind, :enum, 1, "cerbos.engine.v1.PlanResourcesFilter.Kind", json_name: "kind"
+      optional :condition, :message, 2, "cerbos.engine.v1.PlanResourcesFilter.Expression.Operand", json_name: "condition"
+    end
+    add_message "cerbos.engine.v1.PlanResourcesFilter.Expression" do
+      optional :operator, :string, 1, json_name: "operator"
+      repeated :operands, :message, 2, "cerbos.engine.v1.PlanResourcesFilter.Expression.Operand", json_name: "operands"
+    end
+    add_message "cerbos.engine.v1.PlanResourcesFilter.Expression.Operand" do
+      oneof :node do
+        optional :value, :message, 1, "google.protobuf.Value", json_name: "value"
+        optional :expression, :message, 2, "cerbos.engine.v1.PlanResourcesFilter.Expression", json_name: "expression"
+        optional :variable, :string, 3, json_name: "variable"
+      end
+    end
+    add_enum "cerbos.engine.v1.PlanResourcesFilter.Kind" do
+      value :KIND_UNSPECIFIED, 0
+      value :KIND_ALWAYS_ALLOWED, 1
+      value :KIND_ALWAYS_DENIED, 2
+      value :KIND_CONDITIONAL, 3
+    end
+    add_message "cerbos.engine.v1.PlanResourcesOutput" do
+      optional :request_id, :string, 1, json_name: "requestId"
+      optional :action, :string, 2, json_name: "action"
+      optional :kind, :string, 3, json_name: "kind"
+      optional :policy_version, :string, 4, json_name: "policyVersion"
+      optional :scope, :string, 5, json_name: "scope"
+      optional :filter, :message, 6, "cerbos.engine.v1.PlanResourcesFilter", json_name: "filter"
+      optional :filter_debug, :string, 7, json_name: "filterDebug"
+    end
     add_message "cerbos.engine.v1.CheckInput" do
       optional :request_id, :string, 1, json_name: "requestId"
       optional :resource, :message, 2, "cerbos.engine.v1.Resource", json_name: "resource"
@@ -46,30 +95,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :policy, :string, 2, json_name: "policy"
       optional :scope, :string, 3, json_name: "scope"
     end
-    add_message "cerbos.engine.v1.PlanResourcesOutput" do
-      optional :request_id, :string, 1, json_name: "requestId"
-      optional :action, :string, 2, json_name: "action"
-      optional :kind, :string, 3, json_name: "kind"
-      optional :policy_version, :string, 4, json_name: "policyVersion"
-      optional :scope, :string, 5, json_name: "scope"
-      optional :filter, :message, 6, "cerbos.engine.v1.PlanResourcesOutput.Node", json_name: "filter"
-    end
-    add_message "cerbos.engine.v1.PlanResourcesOutput.Node" do
-      oneof :node do
-        optional :logical_operation, :message, 1, "cerbos.engine.v1.PlanResourcesOutput.LogicalOperation", json_name: "logicalOperation"
-        optional :expression, :message, 2, "google.api.expr.v1alpha1.CheckedExpr", json_name: "expression"
-      end
-    end
-    add_message "cerbos.engine.v1.PlanResourcesOutput.LogicalOperation" do
-      optional :operator, :enum, 1, "cerbos.engine.v1.PlanResourcesOutput.LogicalOperation.Operator", json_name: "operator"
-      repeated :nodes, :message, 2, "cerbos.engine.v1.PlanResourcesOutput.Node", json_name: "nodes"
-    end
-    add_enum "cerbos.engine.v1.PlanResourcesOutput.LogicalOperation.Operator" do
-      value :OPERATOR_UNSPECIFIED, 0
-      value :OPERATOR_AND, 1
-      value :OPERATOR_OR, 2
-      value :OPERATOR_NOT, 3
-    end
     add_message "cerbos.engine.v1.Resource" do
       optional :kind, :string, 1, json_name: "kind"
       optional :policy_version, :string, 2, json_name: "policyVersion"
@@ -143,15 +168,20 @@ end
 module Cerbos::Protobuf::Cerbos
   module Engine
     module V1
-      PlanResourcesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesRequest").msgclass
-      PlanResourcesRequest::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesRequest.Resource").msgclass
+      PlanResourcesInput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesInput").msgclass
+      PlanResourcesInput::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesInput.Resource").msgclass
+      PlanResourcesAst = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst").msgclass
+      PlanResourcesAst::Node = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.Node").msgclass
+      PlanResourcesAst::LogicalOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.LogicalOperation").msgclass
+      PlanResourcesAst::LogicalOperation::Operator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesAst.LogicalOperation.Operator").enummodule
+      PlanResourcesFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter").msgclass
+      PlanResourcesFilter::Expression = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Expression").msgclass
+      PlanResourcesFilter::Expression::Operand = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Expression.Operand").msgclass
+      PlanResourcesFilter::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesFilter.Kind").enummodule
+      PlanResourcesOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput").msgclass
       CheckInput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckInput").msgclass
       CheckOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckOutput").msgclass
       CheckOutput::ActionEffect = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.CheckOutput.ActionEffect").msgclass
-      PlanResourcesOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput").msgclass
-      PlanResourcesOutput::Node = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput.Node").msgclass
-      PlanResourcesOutput::LogicalOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput.LogicalOperation").msgclass
-      PlanResourcesOutput::LogicalOperation::Operator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.PlanResourcesOutput.LogicalOperation.Operator").enummodule
       Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Resource").msgclass
       Principal = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.Principal").msgclass
       AuxData = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.engine.v1.AuxData").msgclass

data/lib/cerbos/protobuf/cerbos/request/v1/request_pb.rb CHANGED Viewed

@@ -19,7 +19,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :request_id, :string, 1, json_name: "requestId"
       optional :action, :string, 2, json_name: "action"
       optional :principal, :message, 3, "cerbos.engine.v1.Principal", json_name: "principal"
-      optional :resource, :message, 4, "cerbos.engine.v1.PlanResourcesRequest.Resource", json_name: "resource"
+      optional :resource, :message, 4, "cerbos.engine.v1.PlanResourcesInput.Resource", json_name: "resource"
       optional :aux_data, :message, 5, "cerbos.request.v1.AuxData", json_name: "auxData"
       optional :include_meta, :bool, 6, json_name: "includeMeta"
     end

data/lib/cerbos/protobuf/cerbos/response/v1/response_pb.rb CHANGED Viewed

@@ -5,10 +5,10 @@ require 'google/protobuf'
 require 'cerbos/protobuf/cerbos/audit/v1/audit_pb'
 require 'cerbos/protobuf/cerbos/effect/v1/effect_pb'
+require 'cerbos/protobuf/cerbos/engine/v1/engine_pb'
 require 'cerbos/protobuf/cerbos/policy/v1/policy_pb'
 require 'cerbos/protobuf/cerbos/schema/v1/schema_pb'
 require 'google/protobuf/empty_pb'
-require 'google/protobuf/struct_pb'
 require 'cerbos/protobuf/protoc-gen-openapiv2/options/annotations_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
@@ -18,30 +18,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :action, :string, 2, json_name: "action"
       optional :resource_kind, :string, 3, json_name: "resourceKind"
       optional :policy_version, :string, 4, json_name: "policyVersion"
-      optional :filter, :message, 5, "cerbos.response.v1.PlanResourcesResponse.Filter", json_name: "filter"
+      optional :filter, :message, 5, "cerbos.engine.v1.PlanResourcesFilter", json_name: "filter"
       optional :meta, :message, 6, "cerbos.response.v1.PlanResourcesResponse.Meta", json_name: "meta"
     end
-    add_message "cerbos.response.v1.PlanResourcesResponse.Expression" do
-      optional :operator, :string, 1, json_name: "operator"
-      repeated :operands, :message, 2, "cerbos.response.v1.PlanResourcesResponse.Expression.Operand", json_name: "operands"
-    end
-    add_message "cerbos.response.v1.PlanResourcesResponse.Expression.Operand" do
-      oneof :node do
-        optional :value, :message, 1, "google.protobuf.Value", json_name: "value"
-        optional :expression, :message, 2, "cerbos.response.v1.PlanResourcesResponse.Expression", json_name: "expression"
-        optional :variable, :string, 3, json_name: "variable"
-      end
-    end
-    add_message "cerbos.response.v1.PlanResourcesResponse.Filter" do
-      optional :kind, :enum, 1, "cerbos.response.v1.PlanResourcesResponse.Filter.Kind", json_name: "kind"
-      optional :condition, :message, 2, "cerbos.response.v1.PlanResourcesResponse.Expression.Operand", json_name: "condition"
-    end
-    add_enum "cerbos.response.v1.PlanResourcesResponse.Filter.Kind" do
-      value :KIND_UNSPECIFIED, 0
-      value :KIND_ALWAYS_ALLOWED, 1
-      value :KIND_ALWAYS_DENIED, 2
-      value :KIND_CONDITIONAL, 3
-    end
     add_message "cerbos.response.v1.PlanResourcesResponse.Meta" do
       optional :filter_debug, :string, 1, json_name: "filterDebug"
       optional :matched_scope, :string, 2, json_name: "matchedScope"
@@ -189,10 +168,6 @@ module Cerbos::Protobuf::Cerbos
   module Response
     module V1
       PlanResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse").msgclass
-      PlanResourcesResponse::Expression = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Expression").msgclass
-      PlanResourcesResponse::Expression::Operand = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Expression.Operand").msgclass
-      PlanResourcesResponse::Filter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Filter").msgclass
-      PlanResourcesResponse::Filter::Kind = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Filter.Kind").enummodule
       PlanResourcesResponse::Meta = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.PlanResourcesResponse.Meta").msgclass
       CheckResourceSetResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceSetResponse").msgclass
       CheckResourceSetResponse::ActionEffectMap = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.response.v1.CheckResourceSetResponse.ActionEffectMap").msgclass

data/lib/cerbos/protobuf/cerbos/telemetry/v1/telemetry_pb.rb CHANGED Viewed

@@ -7,93 +7,117 @@ require 'google/protobuf/duration_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("cerbos/telemetry/v1/telemetry.proto", :syntax => :proto3) do
-    add_message "cerbos.telemetry.v1.Ping" do
+    add_message "cerbos.telemetry.v1.ServerLaunch" do
       optional :version, :string, 1, json_name: "version"
-      optional :source, :message, 2, "cerbos.telemetry.v1.Ping.Source", json_name: "source"
-      optional :features, :message, 3, "cerbos.telemetry.v1.Ping.Features", json_name: "features"
-      optional :stats, :message, 4, "cerbos.telemetry.v1.Ping.Stats", json_name: "stats"
+      optional :source, :message, 2, "cerbos.telemetry.v1.ServerLaunch.Source", json_name: "source"
+      optional :features, :message, 3, "cerbos.telemetry.v1.ServerLaunch.Features", json_name: "features"
+      optional :stats, :message, 4, "cerbos.telemetry.v1.ServerLaunch.Stats", json_name: "stats"
     end
-    add_message "cerbos.telemetry.v1.Ping.Cerbos" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Cerbos" do
       optional :version, :string, 1, json_name: "version"
       optional :commit, :string, 2, json_name: "commit"
       optional :build_date, :string, 3, json_name: "buildDate"
       optional :module_version, :string, 4, json_name: "moduleVersion"
       optional :module_checksum, :string, 5, json_name: "moduleChecksum"
     end
-    add_message "cerbos.telemetry.v1.Ping.Source" do
-      optional :cerbos, :message, 1, "cerbos.telemetry.v1.Ping.Cerbos", json_name: "cerbos"
+    add_message "cerbos.telemetry.v1.ServerLaunch.Source" do
+      optional :cerbos, :message, 1, "cerbos.telemetry.v1.ServerLaunch.Cerbos", json_name: "cerbos"
       optional :os, :string, 2, json_name: "os"
       optional :arch, :string, 3, json_name: "arch"
       optional :num_cpus, :uint32, 4, json_name: "numCpus"
     end
-    add_message "cerbos.telemetry.v1.Ping.Features" do
-      optional :audit, :message, 1, "cerbos.telemetry.v1.Ping.Features.Audit", json_name: "audit"
-      optional :schema, :message, 2, "cerbos.telemetry.v1.Ping.Features.Schema", json_name: "schema"
-      optional :admin_api, :message, 3, "cerbos.telemetry.v1.Ping.Features.AdminApi", json_name: "adminApi"
-      optional :storage, :message, 4, "cerbos.telemetry.v1.Ping.Features.Storage", json_name: "storage"
+    add_message "cerbos.telemetry.v1.ServerLaunch.Features" do
+      optional :audit, :message, 1, "cerbos.telemetry.v1.ServerLaunch.Features.Audit", json_name: "audit"
+      optional :schema, :message, 2, "cerbos.telemetry.v1.ServerLaunch.Features.Schema", json_name: "schema"
+      optional :admin_api, :message, 3, "cerbos.telemetry.v1.ServerLaunch.Features.AdminApi", json_name: "adminApi"
+      optional :storage, :message, 4, "cerbos.telemetry.v1.ServerLaunch.Features.Storage", json_name: "storage"
     end
-    add_message "cerbos.telemetry.v1.Ping.Features.Audit" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Features.Audit" do
       optional :enabled, :bool, 1, json_name: "enabled"
       optional :backend, :string, 2, json_name: "backend"
     end
-    add_message "cerbos.telemetry.v1.Ping.Features.Schema" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Features.Schema" do
       optional :enforcement, :string, 1, json_name: "enforcement"
     end
-    add_message "cerbos.telemetry.v1.Ping.Features.AdminApi" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Features.AdminApi" do
       optional :enabled, :bool, 1, json_name: "enabled"
     end
-    add_message "cerbos.telemetry.v1.Ping.Features.Storage" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Features.Storage" do
       optional :driver, :string, 1, json_name: "driver"
       oneof :store do
-        optional :disk, :message, 2, "cerbos.telemetry.v1.Ping.Features.Storage.Disk", json_name: "disk"
-        optional :git, :message, 3, "cerbos.telemetry.v1.Ping.Features.Storage.Git", json_name: "git"
-        optional :blob, :message, 4, "cerbos.telemetry.v1.Ping.Features.Storage.Blob", json_name: "blob"
+        optional :disk, :message, 2, "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Disk", json_name: "disk"
+        optional :git, :message, 3, "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Git", json_name: "git"
+        optional :blob, :message, 4, "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Blob", json_name: "blob"
       end
     end
-    add_message "cerbos.telemetry.v1.Ping.Features.Storage.Disk" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Disk" do
       optional :watch, :bool, 1, json_name: "watch"
     end
-    add_message "cerbos.telemetry.v1.Ping.Features.Storage.Git" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Git" do
       optional :protocol, :string, 1, json_name: "protocol"
       optional :auth, :bool, 2, json_name: "auth"
       optional :poll_interval, :message, 3, "google.protobuf.Duration", json_name: "pollInterval"
     end
-    add_message "cerbos.telemetry.v1.Ping.Features.Storage.Blob" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Features.Storage.Blob" do
       optional :provider, :string, 1, json_name: "provider"
       optional :poll_interval, :message, 2, "google.protobuf.Duration", json_name: "pollInterval"
     end
-    add_message "cerbos.telemetry.v1.Ping.Stats" do
-      optional :policy, :message, 1, "cerbos.telemetry.v1.Ping.Stats.Policy", json_name: "policy"
-      optional :schema, :message, 2, "cerbos.telemetry.v1.Ping.Stats.Schema", json_name: "schema"
+    add_message "cerbos.telemetry.v1.ServerLaunch.Stats" do
+      optional :policy, :message, 1, "cerbos.telemetry.v1.ServerLaunch.Stats.Policy", json_name: "policy"
+      optional :schema, :message, 2, "cerbos.telemetry.v1.ServerLaunch.Stats.Schema", json_name: "schema"
     end
-    add_message "cerbos.telemetry.v1.Ping.Stats.Policy" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Stats.Policy" do
       map :count, :string, :uint32, 1
       map :avg_rule_count, :string, :double, 2
       map :avg_condition_count, :string, :double, 3
     end
-    add_message "cerbos.telemetry.v1.Ping.Stats.Schema" do
+    add_message "cerbos.telemetry.v1.ServerLaunch.Stats.Schema" do
       optional :count, :uint32, 1, json_name: "count"
     end
+    add_message "cerbos.telemetry.v1.ServerStop" do
+      optional :version, :string, 1, json_name: "version"
+      optional :uptime, :message, 2, "google.protobuf.Duration", json_name: "uptime"
+      optional :requests_total, :uint64, 3, json_name: "requestsTotal"
+    end
+    add_message "cerbos.telemetry.v1.Event" do
+      oneof :data do
+        optional :api_activity, :message, 1, "cerbos.telemetry.v1.Event.ApiActivity", json_name: "apiActivity"
+      end
+    end
+    add_message "cerbos.telemetry.v1.Event.CountStat" do
+      optional :key, :string, 1, json_name: "key"
+      optional :count, :uint64, 2, json_name: "count"
+    end
+    add_message "cerbos.telemetry.v1.Event.ApiActivity" do
+      optional :version, :string, 1, json_name: "version"
+      optional :uptime, :message, 2, "google.protobuf.Duration", json_name: "uptime"
+      repeated :method_calls, :message, 3, "cerbos.telemetry.v1.Event.CountStat", json_name: "methodCalls"
+      repeated :user_agents, :message, 4, "cerbos.telemetry.v1.Event.CountStat", json_name: "userAgents"
+    end
   end
 end
 module Cerbos::Protobuf::Cerbos
   module Telemetry
     module V1
-      Ping = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping").msgclass
-      Ping::Cerbos = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Cerbos").msgclass
-      Ping::Source = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Source").msgclass
-      Ping::Features = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features").msgclass
-      Ping::Features::Audit = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Audit").msgclass
-      Ping::Features::Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Schema").msgclass
-      Ping::Features::AdminApi = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.AdminApi").msgclass
-      Ping::Features::Storage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Storage").msgclass
-      Ping::Features::Storage::Disk = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Storage.Disk").msgclass
-      Ping::Features::Storage::Git = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Storage.Git").msgclass
-      Ping::Features::Storage::Blob = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Features.Storage.Blob").msgclass
-      Ping::Stats = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Stats").msgclass
-      Ping::Stats::Policy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Stats.Policy").msgclass
-      Ping::Stats::Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Ping.Stats.Schema").msgclass
+      ServerLaunch = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch").msgclass
+      ServerLaunch::Cerbos = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Cerbos").msgclass
+      ServerLaunch::Source = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Source").msgclass
+      ServerLaunch::Features = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features").msgclass
+      ServerLaunch::Features::Audit = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Audit").msgclass
+      ServerLaunch::Features::Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Schema").msgclass
+      ServerLaunch::Features::AdminApi = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.AdminApi").msgclass
+      ServerLaunch::Features::Storage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Storage").msgclass
+      ServerLaunch::Features::Storage::Disk = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Storage.Disk").msgclass
+      ServerLaunch::Features::Storage::Git = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Storage.Git").msgclass
+      ServerLaunch::Features::Storage::Blob = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Features.Storage.Blob").msgclass
+      ServerLaunch::Stats = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Stats").msgclass
+      ServerLaunch::Stats::Policy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Stats.Policy").msgclass
+      ServerLaunch::Stats::Schema = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerLaunch.Stats.Schema").msgclass
+      ServerStop = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.ServerStop").msgclass
+      Event = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Event").msgclass
+      Event::CountStat = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Event.CountStat").msgclass
+      Event::ApiActivity = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("cerbos.telemetry.v1.Event.ApiActivity").msgclass
     end
   end
 end

data/lib/cerbos/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 module Cerbos
   # Current version of the `cerbos` gem.
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cerbos
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Cerbos
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-05-13 00:00:00.000000000 Z
+date: 2022-06-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -81,7 +81,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/cerbos/cerbos-sdk-ruby/issues
   changelog_uri: https://github.com/cerbos/cerbos-sdk-ruby/blob/main/CHANGELOG.md
-  documentation_uri: https://www.rubydoc.info/gems/cerbos/0.3.0
+  documentation_uri: https://www.rubydoc.info/gems/cerbos/0.4.0
   homepage_uri: https://github.com/cerbos/cerbos-sdk-ruby
   source_code_uri: https://github.com/cerbos/cerbos-sdk-ruby
   rubygems_mfa_required: 'true'