@evalops/sdk-ts 0.1.13

package/dist/identity/v1/organizations_pb.d.ts

@@ -0,0 +1,621 @@
+import type { GenEnum, GenFile, GenMessage, GenService } from "@bufbuild/protobuf/codegenv2";
+import type { Timestamp } from "@bufbuild/protobuf/wkt";
+import type { Message } from "@bufbuild/protobuf";
+/**
+ * Describes the file identity/v1/organizations.proto.
+ */
+export declare const file_identity_v1_organizations: GenFile;
+/**
+ * Organization is the canonical org/workspace type.
+ * Unifies gate's Organization (tenant.proto) and chat's WorkspaceInfo (auth.proto).
+ *
+ * @generated from message identity.v1.Organization
+ */
+export type Organization = Message<"identity.v1.Organization"> & {
+    /**
+     * @generated from field: string id = 1;
+     */
+    id: string;
+    /**
+     * @generated from field: string name = 2;
+     */
+    name: string;
+    /**
+     * @generated from field: string slug = 3;
+     */
+    slug: string;
+    /**
+     * @generated from field: google.protobuf.Timestamp created_at = 4;
+     */
+    createdAt?: Timestamp;
+};
+/**
+ * Describes the message identity.v1.Organization.
+ * Use `create(OrganizationSchema)` to create a new message.
+ */
+export declare const OrganizationSchema: GenMessage<Organization>;
+/**
+ * OrganizationMembership is the canonical "org plus this user's role in it"
+ * view. It replaces chat's WorkspaceInfo without pushing membership-scoped
+ * fields onto Organization itself.
+ *
+ * @generated from message identity.v1.OrganizationMembership
+ */
+export type OrganizationMembership = Message<"identity.v1.OrganizationMembership"> & {
+    /**
+     * @generated from field: identity.v1.Organization organization = 1;
+     */
+    organization?: Organization;
+    /**
+     * @generated from field: string role = 2;
+     */
+    role: string;
+};
+/**
+ * Describes the message identity.v1.OrganizationMembership.
+ * Use `create(OrganizationMembershipSchema)` to create a new message.
+ */
+export declare const OrganizationMembershipSchema: GenMessage<OrganizationMembership>;
+/**
+ * Member is the canonical org membership type.
+ * Unifies gate's OrgMember and chat's WorkspaceMemberInfo.
+ *
+ * @generated from message identity.v1.Member
+ */
+export type Member = Message<"identity.v1.Member"> & {
+    /**
+     * @generated from field: string user_id = 1;
+     */
+    userId: string;
+    /**
+     * @generated from field: string organization_id = 2;
+     */
+    organizationId: string;
+    /**
+     * @generated from field: string email = 3;
+     */
+    email: string;
+    /**
+     * @generated from field: string name = 4;
+     */
+    name: string;
+    /**
+     * @generated from field: string picture = 5;
+     */
+    picture: string;
+    /**
+     * @generated from field: string role = 6;
+     */
+    role: string;
+    /**
+     * @generated from field: string status = 7;
+     */
+    status: string;
+    /**
+     * @generated from field: string identity_provider = 8;
+     */
+    identityProvider: string;
+    /**
+     * @generated from field: string provisioning_source = 9;
+     */
+    provisioningSource: string;
+    /**
+     * @generated from field: google.protobuf.Timestamp created_at = 10;
+     */
+    createdAt?: Timestamp;
+};
+/**
+ * Describes the message identity.v1.Member.
+ * Use `create(MemberSchema)` to create a new message.
+ */
+export declare const MemberSchema: GenMessage<Member>;
+/**
+ * APIKey is the canonical API key type.
+ * Unifies gate's APIKey (tenant.proto) and chat's APIKeyInfo (auth.proto).
+ *
+ * @generated from message identity.v1.APIKey
+ */
+export type APIKey = Message<"identity.v1.APIKey"> & {
+    /**
+     * @generated from field: string id = 1;
+     */
+    id: string;
+    /**
+     * @generated from field: string organization_id = 2;
+     */
+    organizationId: string;
+    /**
+     * @generated from field: string name = 3;
+     */
+    name: string;
+    /**
+     * @generated from field: string prefix = 4;
+     */
+    prefix: string;
+    /**
+     * @generated from field: string provider = 5;
+     */
+    provider: string;
+    /**
+     * @generated from field: string role = 6;
+     */
+    role: string;
+    /**
+     * @generated from field: string label = 7;
+     */
+    label: string;
+    /**
+     * @generated from field: google.protobuf.Timestamp created_at = 8;
+     */
+    createdAt?: Timestamp;
+    /**
+     * @generated from field: google.protobuf.Timestamp expires_at = 9;
+     */
+    expiresAt?: Timestamp;
+};
+/**
+ * Describes the message identity.v1.APIKey.
+ * Use `create(APIKeySchema)` to create a new message.
+ */
+export declare const APIKeySchema: GenMessage<APIKey>;
+/**
+ * Permission is a resource/action rule that a role can allow or deny.
+ *
+ * @generated from message identity.v1.Permission
+ */
+export type Permission = Message<"identity.v1.Permission"> & {
+    /**
+     * @generated from field: string resource = 1;
+     */
+    resource: string;
+    /**
+     * @generated from field: string action = 2;
+     */
+    action: string;
+    /**
+     * @generated from field: identity.v1.PermissionEffect effect = 3;
+     */
+    effect: PermissionEffect;
+};
+/**
+ * Describes the message identity.v1.Permission.
+ * Use `create(PermissionSchema)` to create a new message.
+ */
+export declare const PermissionSchema: GenMessage<Permission>;
+/**
+ * Role is a named bundle of permissions assignable within an organization.
+ *
+ * @generated from message identity.v1.Role
+ */
+export type Role = Message<"identity.v1.Role"> & {
+    /**
+     * @generated from field: string name = 1;
+     */
+    name: string;
+    /**
+     * @generated from field: string display_name = 2;
+     */
+    displayName: string;
+    /**
+     * @generated from field: string description = 3;
+     */
+    description: string;
+    /**
+     * @generated from field: repeated identity.v1.Permission permissions = 4;
+     */
+    permissions: Permission[];
+    /**
+     * @generated from field: bool built_in = 5;
+     */
+    builtIn: boolean;
+};
+/**
+ * Describes the message identity.v1.Role.
+ * Use `create(RoleSchema)` to create a new message.
+ */
+export declare const RoleSchema: GenMessage<Role>;
+/**
+ * RoleAssignment attaches a role to a principal at organization or team scope.
+ *
+ * @generated from message identity.v1.RoleAssignment
+ */
+export type RoleAssignment = Message<"identity.v1.RoleAssignment"> & {
+    /**
+     * @generated from field: string id = 1;
+     */
+    id: string;
+    /**
+     * @generated from field: string organization_id = 2;
+     */
+    organizationId: string;
+    /**
+     * @generated from field: string team_id = 3;
+     */
+    teamId: string;
+    /**
+     * @generated from field: identity.v1.PrincipalType principal_type = 4;
+     */
+    principalType: PrincipalType;
+    /**
+     * @generated from field: string principal_id = 5;
+     */
+    principalId: string;
+    /**
+     * @generated from field: string role_name = 6;
+     */
+    roleName: string;
+    /**
+     * @generated from field: string created_by = 7;
+     */
+    createdBy: string;
+    /**
+     * @generated from field: google.protobuf.Timestamp created_at = 8;
+     */
+    createdAt?: Timestamp;
+    /**
+     * @generated from field: google.protobuf.Timestamp updated_at = 9;
+     */
+    updatedAt?: Timestamp;
+};
+/**
+ * Describes the message identity.v1.RoleAssignment.
+ * Use `create(RoleAssignmentSchema)` to create a new message.
+ */
+export declare const RoleAssignmentSchema: GenMessage<RoleAssignment>;
+/**
+ * ListRolesRequest lists roles available for assignment.
+ *
+ * @generated from message identity.v1.ListRolesRequest
+ */
+export type ListRolesRequest = Message<"identity.v1.ListRolesRequest"> & {
+    /**
+     * @generated from field: string organization_id = 1;
+     */
+    organizationId: string;
+};
+/**
+ * Describes the message identity.v1.ListRolesRequest.
+ * Use `create(ListRolesRequestSchema)` to create a new message.
+ */
+export declare const ListRolesRequestSchema: GenMessage<ListRolesRequest>;
+/**
+ * ListRolesResponse returns the available RBAC roles.
+ *
+ * @generated from message identity.v1.ListRolesResponse
+ */
+export type ListRolesResponse = Message<"identity.v1.ListRolesResponse"> & {
+    /**
+     * @generated from field: repeated identity.v1.Role roles = 1;
+     */
+    roles: Role[];
+};
+/**
+ * Describes the message identity.v1.ListRolesResponse.
+ * Use `create(ListRolesResponseSchema)` to create a new message.
+ */
+export declare const ListRolesResponseSchema: GenMessage<ListRolesResponse>;
+/**
+ * AssignRoleRequest assigns a built-in role to a principal.
+ *
+ * @generated from message identity.v1.AssignRoleRequest
+ */
+export type AssignRoleRequest = Message<"identity.v1.AssignRoleRequest"> & {
+    /**
+     * @generated from field: string organization_id = 1;
+     */
+    organizationId: string;
+    /**
+     * @generated from field: string team_id = 2;
+     */
+    teamId: string;
+    /**
+     * @generated from field: identity.v1.PrincipalType principal_type = 3;
+     */
+    principalType: PrincipalType;
+    /**
+     * @generated from field: string principal_id = 4;
+     */
+    principalId: string;
+    /**
+     * @generated from field: string role_name = 5;
+     */
+    roleName: string;
+};
+/**
+ * Describes the message identity.v1.AssignRoleRequest.
+ * Use `create(AssignRoleRequestSchema)` to create a new message.
+ */
+export declare const AssignRoleRequestSchema: GenMessage<AssignRoleRequest>;
+/**
+ * AssignRoleResponse returns the stored role assignment.
+ *
+ * @generated from message identity.v1.AssignRoleResponse
+ */
+export type AssignRoleResponse = Message<"identity.v1.AssignRoleResponse"> & {
+    /**
+     * @generated from field: identity.v1.RoleAssignment assignment = 1;
+     */
+    assignment?: RoleAssignment;
+};
+/**
+ * Describes the message identity.v1.AssignRoleResponse.
+ * Use `create(AssignRoleResponseSchema)` to create a new message.
+ */
+export declare const AssignRoleResponseSchema: GenMessage<AssignRoleResponse>;
+/**
+ * RevokeRoleRequest removes one role assignment from a principal.
+ *
+ * @generated from message identity.v1.RevokeRoleRequest
+ */
+export type RevokeRoleRequest = Message<"identity.v1.RevokeRoleRequest"> & {
+    /**
+     * @generated from field: string organization_id = 1;
+     */
+    organizationId: string;
+    /**
+     * @generated from field: string team_id = 2;
+     */
+    teamId: string;
+    /**
+     * @generated from field: identity.v1.PrincipalType principal_type = 3;
+     */
+    principalType: PrincipalType;
+    /**
+     * @generated from field: string principal_id = 4;
+     */
+    principalId: string;
+    /**
+     * @generated from field: string role_name = 5;
+     */
+    roleName: string;
+};
+/**
+ * Describes the message identity.v1.RevokeRoleRequest.
+ * Use `create(RevokeRoleRequestSchema)` to create a new message.
+ */
+export declare const RevokeRoleRequestSchema: GenMessage<RevokeRoleRequest>;
+/**
+ * RevokeRoleResponse reports whether a matching assignment was removed.
+ *
+ * @generated from message identity.v1.RevokeRoleResponse
+ */
+export type RevokeRoleResponse = Message<"identity.v1.RevokeRoleResponse"> & {
+    /**
+     * @generated from field: bool revoked = 1;
+     */
+    revoked: boolean;
+};
+/**
+ * Describes the message identity.v1.RevokeRoleResponse.
+ * Use `create(RevokeRoleResponseSchema)` to create a new message.
+ */
+export declare const RevokeRoleResponseSchema: GenMessage<RevokeRoleResponse>;
+/**
+ * ListRoleAssignmentsRequest lists assignments for an organization or principal.
+ *
+ * @generated from message identity.v1.ListRoleAssignmentsRequest
+ */
+export type ListRoleAssignmentsRequest = Message<"identity.v1.ListRoleAssignmentsRequest"> & {
+    /**
+     * @generated from field: string organization_id = 1;
+     */
+    organizationId: string;
+    /**
+     * @generated from field: string team_id = 2;
+     */
+    teamId: string;
+    /**
+     * @generated from field: identity.v1.PrincipalType principal_type = 3;
+     */
+    principalType: PrincipalType;
+    /**
+     * @generated from field: string principal_id = 4;
+     */
+    principalId: string;
+};
+/**
+ * Describes the message identity.v1.ListRoleAssignmentsRequest.
+ * Use `create(ListRoleAssignmentsRequestSchema)` to create a new message.
+ */
+export declare const ListRoleAssignmentsRequestSchema: GenMessage<ListRoleAssignmentsRequest>;
+/**
+ * ListRoleAssignmentsResponse returns matching role assignments.
+ *
+ * @generated from message identity.v1.ListRoleAssignmentsResponse
+ */
+export type ListRoleAssignmentsResponse = Message<"identity.v1.ListRoleAssignmentsResponse"> & {
+    /**
+     * @generated from field: repeated identity.v1.RoleAssignment assignments = 1;
+     */
+    assignments: RoleAssignment[];
+};
+/**
+ * Describes the message identity.v1.ListRoleAssignmentsResponse.
+ * Use `create(ListRoleAssignmentsResponseSchema)` to create a new message.
+ */
+export declare const ListRoleAssignmentsResponseSchema: GenMessage<ListRoleAssignmentsResponse>;
+/**
+ * CheckPermissionRequest checks one resource/action permission for a principal.
+ *
+ * @generated from message identity.v1.CheckPermissionRequest
+ */
+export type CheckPermissionRequest = Message<"identity.v1.CheckPermissionRequest"> & {
+    /**
+     * @generated from field: string organization_id = 1;
+     */
+    organizationId: string;
+    /**
+     * @generated from field: string team_id = 2;
+     */
+    teamId: string;
+    /**
+     * @generated from field: identity.v1.PrincipalType principal_type = 3;
+     */
+    principalType: PrincipalType;
+    /**
+     * @generated from field: string principal_id = 4;
+     */
+    principalId: string;
+    /**
+     * @generated from field: string resource = 5;
+     */
+    resource: string;
+    /**
+     * @generated from field: string action = 6;
+     */
+    action: string;
+};
+/**
+ * Describes the message identity.v1.CheckPermissionRequest.
+ * Use `create(CheckPermissionRequestSchema)` to create a new message.
+ */
+export declare const CheckPermissionRequestSchema: GenMessage<CheckPermissionRequest>;
+/**
+ * CheckPermissionResponse returns the RBAC decision and matched role.
+ *
+ * @generated from message identity.v1.CheckPermissionResponse
+ */
+export type CheckPermissionResponse = Message<"identity.v1.CheckPermissionResponse"> & {
+    /**
+     * @generated from field: bool allowed = 1;
+     */
+    allowed: boolean;
+    /**
+     * @generated from field: string reason = 2;
+     */
+    reason: string;
+    /**
+     * @generated from field: string matched_role = 3;
+     */
+    matchedRole: string;
+    /**
+     * @generated from field: identity.v1.Permission matched_permission = 4;
+     */
+    matchedPermission?: Permission;
+};
+/**
+ * Describes the message identity.v1.CheckPermissionResponse.
+ * Use `create(CheckPermissionResponseSchema)` to create a new message.
+ */
+export declare const CheckPermissionResponseSchema: GenMessage<CheckPermissionResponse>;
+/**
+ * PermissionEffect describes whether a permission grants or denies access.
+ *
+ * @generated from enum identity.v1.PermissionEffect
+ */
+export declare enum PermissionEffect {
+    /**
+     * PERMISSION_EFFECT_UNSPECIFIED is rejected by RBAC mutation APIs.
+     *
+     * @generated from enum value: PERMISSION_EFFECT_UNSPECIFIED = 0;
+     */
+    UNSPECIFIED = 0,
+    /**
+     * PERMISSION_EFFECT_ALLOW grants access when the resource and action match.
+     *
+     * @generated from enum value: PERMISSION_EFFECT_ALLOW = 1;
+     */
+    ALLOW = 1,
+    /**
+     * PERMISSION_EFFECT_DENY denies access when the resource and action match.
+     *
+     * @generated from enum value: PERMISSION_EFFECT_DENY = 2;
+     */
+    DENY = 2
+}
+/**
+ * Describes the enum identity.v1.PermissionEffect.
+ */
+export declare const PermissionEffectSchema: GenEnum<PermissionEffect>;
+/**
+ * PrincipalType identifies the kind of actor receiving a role assignment.
+ *
+ * @generated from enum identity.v1.PrincipalType
+ */
+export declare enum PrincipalType {
+    /**
+     * PRINCIPAL_TYPE_UNSPECIFIED is rejected by RBAC mutation APIs.
+     *
+     * @generated from enum value: PRINCIPAL_TYPE_UNSPECIFIED = 0;
+     */
+    UNSPECIFIED = 0,
+    /**
+     * PRINCIPAL_TYPE_USER represents a human user in an organization.
+     *
+     * @generated from enum value: PRINCIPAL_TYPE_USER = 1;
+     */
+    USER = 1,
+    /**
+     * PRINCIPAL_TYPE_SERVICE_ACCOUNT represents a non-human service account.
+     *
+     * @generated from enum value: PRINCIPAL_TYPE_SERVICE_ACCOUNT = 2;
+     */
+    SERVICE_ACCOUNT = 2,
+    /**
+     * PRINCIPAL_TYPE_AGENT represents a registered agent identity.
+     *
+     * @generated from enum value: PRINCIPAL_TYPE_AGENT = 3;
+     */
+    AGENT = 3
+}
+/**
+ * Describes the enum identity.v1.PrincipalType.
+ */
+export declare const PrincipalTypeSchema: GenEnum<PrincipalType>;
+/**
+ * RBACService manages organization-scoped roles and permission checks.
+ *
+ * @generated from service identity.v1.RBACService
+ */
+export declare const RBACService: GenService<{
+    /**
+     * ListRoles returns built-in roles available for an organization.
+     *
+     * @generated from rpc identity.v1.RBACService.ListRoles
+     */
+    listRoles: {
+        methodKind: "unary";
+        input: typeof ListRolesRequestSchema;
+        output: typeof ListRolesResponseSchema;
+    };
+    /**
+     * AssignRole assigns a role to a user, service account, or agent.
+     *
+     * @generated from rpc identity.v1.RBACService.AssignRole
+     */
+    assignRole: {
+        methodKind: "unary";
+        input: typeof AssignRoleRequestSchema;
+        output: typeof AssignRoleResponseSchema;
+    };
+    /**
+     * RevokeRole removes a role assignment.
+     *
+     * @generated from rpc identity.v1.RBACService.RevokeRole
+     */
+    revokeRole: {
+        methodKind: "unary";
+        input: typeof RevokeRoleRequestSchema;
+        output: typeof RevokeRoleResponseSchema;
+    };
+    /**
+     * ListRoleAssignments lists assignments for an organization or principal.
+     *
+     * @generated from rpc identity.v1.RBACService.ListRoleAssignments
+     */
+    listRoleAssignments: {
+        methodKind: "unary";
+        input: typeof ListRoleAssignmentsRequestSchema;
+        output: typeof ListRoleAssignmentsResponseSchema;
+    };
+    /**
+     * CheckPermission evaluates whether a principal can perform an action.
+     *
+     * @generated from rpc identity.v1.RBACService.CheckPermission
+     */
+    checkPermission: {
+        methodKind: "unary";
+        input: typeof CheckPermissionRequestSchema;
+        output: typeof CheckPermissionResponseSchema;
+    };
+}>;