diff --git a/README.md b/README.md index dd282de..2fd66bb 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,32 @@ -# Rebac Service +# Kessel Relations API -## Build -`make build` +Kessel Relations API is a Zanzibar-inspired frontend for relationship-based access control. -## Run -`make run` +## Contributing + +### Prerequisites + +To get necessary build and generation dependencies: -## Install Kratos ``` -go install github.com/go-kratos/kratos/cmd/kratos/v2@latest +make init ``` -## Create a service + +See also: + +- https://protobuf.dev/getting-started/gotutorial/#compiling-protocol-buffers +- https://go-kratos.dev/en/docs/getting-started/start/ + +### Build + +`make build` + +### Run + +`make run` + +### Create a service + ``` # Create a template project kratos new server @@ -27,16 +43,18 @@ go generate ./... go build -o ./bin/ ./... ./bin/server -conf ./configs ``` -## Generate other auxiliary files by Makefile + +### Generate other auxiliary files by Makefile + ``` -# Download and update dependencies -make init # Generate API files (include: pb.go, http, grpc, validate, swagger) by proto file make api # Generate all files make all ``` -## Automated Initialization (wire) + +### Automated Initialization (wire) + ``` # install wire go get github.com/google/wire/cmd/wire @@ -48,19 +66,24 @@ wire ## Spicedb using docker/podman -## Run the spicedb +### Run the spicedb + `make spicedb` -## Run the insights-rebac with docker compose +### Run the insights-rebac with docker compose + `make rebac` -## teardown spicedb and postgresql db +### teardown spicedb and postgresql db + `make spicedb/teardown` -## Deploy Rebac and Spicedb using kind/kubernetes +### Deploy Rebac and Spicedb using kind/kubernetes + `make kind/rebac` -## Docker +### Docker + ```bash # build docker build -t . @@ -71,19 +94,21 @@ docker run --rm -p 8000:8000 -p 9000:9000 -v :/data/conf ## Deploy to a openshift cluster that has Clowder -### Prerequisite +### Prerequisite + [bonfire](https://github.com/RedHatInsights/bonfire) NOTE: The minimum required version of [bonfire](https://github.com/RedHatInsights/bonfire) is specified in the MIN_BONFIRE_VERSION variable in the deploy.sh script Bonfire could be upgraded by command: + ```asciidoc pip install --upgrade crc-bonfire ``` -Latest version of [bonfire](https://github.com/RedHatInsights/bonfire) could be found [here](https://github.com/RedHatInsights/bonfire/releases). +Latest version of [bonfire](https://github.com/RedHatInsights/bonfire) could be found [here](https://github.com/RedHatInsights/bonfire/releases). -[oc](https://docs.openshift.com/container-platform/4.8/cli_reference/openshift_cli/getting-started-cli.html) +[oc](https://docs.openshift.com/container-platform/4.8/cli_reference/openshift_cli/getting-started-cli.html) You should have logged into a valid openshift cluster using the oc login command @@ -108,11 +133,11 @@ The [deploy script](deploy/deploy.sh) under the [deploy](deploy) folder, will de - Creates a postgres pod and service (Note: No PVC) - Creates a spiceDB secret - that contains: a preshared key and Postgres connection URI -- Creates a Configmap object - that serves as a bootstrap schema for spiceDB (by default it uses the schema.yaml file under deploy) +- Creates a Configmap object - that serves as a bootstrap schema for spiceDB (by default it uses the schema.yaml file under deploy) - Creates the spiceDB service - Creates the relations service -You should be able to use the public route (relations-*) created by the clowder in your namespace, to use the service. +You should be able to use the public route (relations-\*) created by the clowder in your namespace, to use the service. #### Deploying the components with rbac @@ -125,6 +150,7 @@ This is demonstrating calling relationship api from rbac service in ephemeral en `path_to_local_copy_of_insights_rbac` is this [repository](https://github.com/RedHatInsights/insights-rbac) Example: + ``` ./deploy.sh rbac /Projects/insights-rbac ``` diff --git a/api/README.md b/api/README.md new file mode 100644 index 0000000..65da61a --- /dev/null +++ b/api/README.md @@ -0,0 +1,51 @@ +# API Design + +API design should refer to the following style guides, in this order of precedence: + +- https://protobuf.dev/programming-guides/proto3/ +- https://protobuf.dev/programming-guides/dos-donts/ +- https://protobuf.dev/programming-guides/api +- https://buf.build/docs/best-practices/style-guide +- https://cloud.google.com/apis/design + +## Notes + +These are some specific call outs from the above docs which are useful or surprising in case you +didn't spend the required time to go through all of those links. + +### Service names + +Service names should be globally disambiguated, even regardless of package, hence the inclusion of +"Kessel" in the names (https://protobuf.dev/programming-guides/api/#service-name-globally-unique). + +### Comments + +Comment fields using Markdown (https://buf.build/docs/bsr/documentation#supported-formatting-syntax). + +### Method names + +These generally follow Google Cloud's guidance, with VerbNoun, in imperative mood, with a standard +set of verbs. Custom method names are allowed outside of this. + +- https://cloud.google.com/apis/design/naming_convention#method_names +- https://cloud.google.com/apis/design/standard_methods + +Note that "List" uses paged messages, _not_ streams, +so "List" should be avoided for methods with streaming responses. + +It does not appear there is any other convention for methods with streaming responses, +[based on querying all of GCP's APIs][1]. + +[1]: https://github.com/search?q=repo:googleapis/googleapis+%22returns+(stream+%22+language:%22Protocol+Buffer%22&type=code&p=1 + +## Troubleshooting + +### Using VSCode proto extension and seeing import errors? + +Add this to your settings.json: + +``` + "protoc": { + "options": ["--proto_path=api", "--proto_path=third_party"] + } +``` diff --git a/api/health/v1/health.pb.go b/api/health/v1/health.pb.go index 4f65418..81544dc 100644 --- a/api/health/v1/health.pb.go +++ b/api/health/v1/health.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.32.0 -// protoc v3.19.4 +// protoc-gen-go v1.34.1 +// protoc v4.25.1 // source: health/v1/health.proto package v1 @@ -177,30 +177,34 @@ var File_health_v1_health_proto protoreflect.FileDescriptor var file_health_v1_health_proto_rawDesc = []byte{ 0x0a, 0x16, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2f, 0x76, 0x31, 0x2f, 0x68, 0x65, 0x61, 0x6c, - 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x61, 0x70, 0x69, 0x2e, 0x68, 0x65, - 0x61, 0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, - 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x11, 0x0a, 0x0f, 0x47, 0x65, 0x74, 0x4c, 0x69, 0x76, 0x65, - 0x7a, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x0f, 0x0a, 0x0d, 0x47, 0x65, 0x74, 0x4c, - 0x69, 0x76, 0x65, 0x7a, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x12, 0x0a, 0x10, 0x47, 0x65, 0x74, - 0x52, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x10, 0x0a, - 0x0e, 0x47, 0x65, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x32, - 0xc0, 0x01, 0x0a, 0x06, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x12, 0x58, 0x0a, 0x08, 0x47, 0x65, - 0x74, 0x4c, 0x69, 0x76, 0x65, 0x7a, 0x12, 0x1e, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x68, 0x65, 0x61, - 0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x4c, 0x69, 0x76, 0x65, 0x7a, 0x52, - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x68, 0x65, 0x61, - 0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x4c, 0x69, 0x76, 0x65, 0x7a, 0x52, - 0x65, 0x70, 0x6c, 0x79, 0x22, 0x0e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x08, 0x12, 0x06, 0x2f, 0x6c, - 0x69, 0x76, 0x65, 0x7a, 0x12, 0x5c, 0x0a, 0x09, 0x47, 0x65, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, - 0x7a, 0x12, 0x1f, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e, 0x76, - 0x31, 0x2e, 0x47, 0x65, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e, - 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x52, 0x65, 0x70, 0x6c, - 0x79, 0x22, 0x0f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x09, 0x12, 0x07, 0x2f, 0x72, 0x65, 0x61, 0x64, - 0x79, 0x7a, 0x42, 0x2e, 0x0a, 0x0d, 0x61, 0x70, 0x69, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, - 0x2e, 0x76, 0x31, 0x50, 0x01, 0x5a, 0x1b, 0x63, 0x69, 0x61, 0x6d, 0x2d, 0x72, 0x65, 0x62, 0x61, - 0x63, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2f, 0x76, 0x31, 0x3b, - 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x13, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, + 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x31, 0x1a, 0x1c, 0x67, + 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x11, 0x0a, 0x0f, 0x47, + 0x65, 0x74, 0x4c, 0x69, 0x76, 0x65, 0x7a, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x0f, + 0x0a, 0x0d, 0x47, 0x65, 0x74, 0x4c, 0x69, 0x76, 0x65, 0x7a, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, + 0x12, 0x0a, 0x10, 0x47, 0x65, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x22, 0x10, 0x0a, 0x0e, 0x47, 0x65, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x7a, + 0x52, 0x65, 0x70, 0x6c, 0x79, 0x32, 0xde, 0x01, 0x0a, 0x0c, 0x4b, 0x65, 0x73, 0x73, 0x65, 0x6c, + 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x12, 0x64, 0x0a, 0x08, 0x47, 0x65, 0x74, 0x4c, 0x69, 0x76, + 0x65, 0x7a, 0x12, 0x24, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x4c, 0x69, 0x76, 0x65, + 0x7a, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, + 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, + 0x65, 0x74, 0x4c, 0x69, 0x76, 0x65, 0x7a, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x0e, 0x82, 0xd3, + 0xe4, 0x93, 0x02, 0x08, 0x12, 0x06, 0x2f, 0x6c, 0x69, 0x76, 0x65, 0x7a, 0x12, 0x68, 0x0a, 0x09, + 0x47, 0x65, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x12, 0x25, 0x2e, 0x6b, 0x65, 0x73, 0x73, + 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x31, 0x2e, + 0x47, 0x65, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x23, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x7a, + 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x0f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x09, 0x12, 0x07, 0x2f, + 0x72, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x42, 0x44, 0x0a, 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x70, 0x72, + 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x31, 0x50, 0x01, 0x5a, + 0x1b, 0x63, 0x69, 0x61, 0x6d, 0x2d, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, 0x61, 0x70, 0x69, 0x2f, + 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2f, 0x76, 0x31, 0x3b, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -217,16 +221,16 @@ func file_health_v1_health_proto_rawDescGZIP() []byte { var file_health_v1_health_proto_msgTypes = make([]protoimpl.MessageInfo, 4) var file_health_v1_health_proto_goTypes = []interface{}{ - (*GetLivezRequest)(nil), // 0: api.health.v1.GetLivezRequest - (*GetLivezReply)(nil), // 1: api.health.v1.GetLivezReply - (*GetReadyzRequest)(nil), // 2: api.health.v1.GetReadyzRequest - (*GetReadyzReply)(nil), // 3: api.health.v1.GetReadyzReply + (*GetLivezRequest)(nil), // 0: kessel.relations.v1.GetLivezRequest + (*GetLivezReply)(nil), // 1: kessel.relations.v1.GetLivezReply + (*GetReadyzRequest)(nil), // 2: kessel.relations.v1.GetReadyzRequest + (*GetReadyzReply)(nil), // 3: kessel.relations.v1.GetReadyzReply } var file_health_v1_health_proto_depIdxs = []int32{ - 0, // 0: api.health.v1.Health.GetLivez:input_type -> api.health.v1.GetLivezRequest - 2, // 1: api.health.v1.Health.GetReadyz:input_type -> api.health.v1.GetReadyzRequest - 1, // 2: api.health.v1.Health.GetLivez:output_type -> api.health.v1.GetLivezReply - 3, // 3: api.health.v1.Health.GetReadyz:output_type -> api.health.v1.GetReadyzReply + 0, // 0: kessel.relations.v1.KesselHealth.GetLivez:input_type -> kessel.relations.v1.GetLivezRequest + 2, // 1: kessel.relations.v1.KesselHealth.GetReadyz:input_type -> kessel.relations.v1.GetReadyzRequest + 1, // 2: kessel.relations.v1.KesselHealth.GetLivez:output_type -> kessel.relations.v1.GetLivezReply + 3, // 3: kessel.relations.v1.KesselHealth.GetReadyz:output_type -> kessel.relations.v1.GetReadyzReply 2, // [2:4] is the sub-list for method output_type 0, // [0:2] is the sub-list for method input_type 0, // [0:0] is the sub-list for extension type_name diff --git a/api/health/v1/health.proto b/api/health/v1/health.proto index 6435dc0..96caf33 100644 --- a/api/health/v1/health.proto +++ b/api/health/v1/health.proto @@ -1,14 +1,14 @@ syntax = "proto3"; -package api.health.v1; +package kessel.relations.v1; import "google/api/annotations.proto"; option go_package = "ciam-rebac/api/health/v1;v1"; option java_multiple_files = true; -option java_package = "api.health.v1"; +option java_package = "org.project_kessel.api.relations.v1"; -service Health { +service KesselHealth { rpc GetLivez (GetLivezRequest) returns (GetLivezReply){ option (google.api.http) = { get: "/livez" diff --git a/api/health/v1/health_grpc.pb.go b/api/health/v1/health_grpc.pb.go index c7fc2ac..25d0dce 100644 --- a/api/health/v1/health_grpc.pb.go +++ b/api/health/v1/health_grpc.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: // - protoc-gen-go-grpc v1.3.0 -// - protoc v3.19.4 +// - protoc v4.25.1 // source: health/v1/health.proto package v1 @@ -19,126 +19,126 @@ import ( const _ = grpc.SupportPackageIsVersion7 const ( - Health_GetLivez_FullMethodName = "/api.health.v1.Health/GetLivez" - Health_GetReadyz_FullMethodName = "/api.health.v1.Health/GetReadyz" + KesselHealth_GetLivez_FullMethodName = "/kessel.relations.v1.KesselHealth/GetLivez" + KesselHealth_GetReadyz_FullMethodName = "/kessel.relations.v1.KesselHealth/GetReadyz" ) -// HealthClient is the client API for Health service. +// KesselHealthClient is the client API for KesselHealth service. // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. -type HealthClient interface { +type KesselHealthClient interface { GetLivez(ctx context.Context, in *GetLivezRequest, opts ...grpc.CallOption) (*GetLivezReply, error) GetReadyz(ctx context.Context, in *GetReadyzRequest, opts ...grpc.CallOption) (*GetReadyzReply, error) } -type healthClient struct { +type kesselHealthClient struct { cc grpc.ClientConnInterface } -func NewHealthClient(cc grpc.ClientConnInterface) HealthClient { - return &healthClient{cc} +func NewKesselHealthClient(cc grpc.ClientConnInterface) KesselHealthClient { + return &kesselHealthClient{cc} } -func (c *healthClient) GetLivez(ctx context.Context, in *GetLivezRequest, opts ...grpc.CallOption) (*GetLivezReply, error) { +func (c *kesselHealthClient) GetLivez(ctx context.Context, in *GetLivezRequest, opts ...grpc.CallOption) (*GetLivezReply, error) { out := new(GetLivezReply) - err := c.cc.Invoke(ctx, Health_GetLivez_FullMethodName, in, out, opts...) + err := c.cc.Invoke(ctx, KesselHealth_GetLivez_FullMethodName, in, out, opts...) if err != nil { return nil, err } return out, nil } -func (c *healthClient) GetReadyz(ctx context.Context, in *GetReadyzRequest, opts ...grpc.CallOption) (*GetReadyzReply, error) { +func (c *kesselHealthClient) GetReadyz(ctx context.Context, in *GetReadyzRequest, opts ...grpc.CallOption) (*GetReadyzReply, error) { out := new(GetReadyzReply) - err := c.cc.Invoke(ctx, Health_GetReadyz_FullMethodName, in, out, opts...) + err := c.cc.Invoke(ctx, KesselHealth_GetReadyz_FullMethodName, in, out, opts...) if err != nil { return nil, err } return out, nil } -// HealthServer is the server API for Health service. -// All implementations must embed UnimplementedHealthServer +// KesselHealthServer is the server API for KesselHealth service. +// All implementations must embed UnimplementedKesselHealthServer // for forward compatibility -type HealthServer interface { +type KesselHealthServer interface { GetLivez(context.Context, *GetLivezRequest) (*GetLivezReply, error) GetReadyz(context.Context, *GetReadyzRequest) (*GetReadyzReply, error) - mustEmbedUnimplementedHealthServer() + mustEmbedUnimplementedKesselHealthServer() } -// UnimplementedHealthServer must be embedded to have forward compatible implementations. -type UnimplementedHealthServer struct { +// UnimplementedKesselHealthServer must be embedded to have forward compatible implementations. +type UnimplementedKesselHealthServer struct { } -func (UnimplementedHealthServer) GetLivez(context.Context, *GetLivezRequest) (*GetLivezReply, error) { +func (UnimplementedKesselHealthServer) GetLivez(context.Context, *GetLivezRequest) (*GetLivezReply, error) { return nil, status.Errorf(codes.Unimplemented, "method GetLivez not implemented") } -func (UnimplementedHealthServer) GetReadyz(context.Context, *GetReadyzRequest) (*GetReadyzReply, error) { +func (UnimplementedKesselHealthServer) GetReadyz(context.Context, *GetReadyzRequest) (*GetReadyzReply, error) { return nil, status.Errorf(codes.Unimplemented, "method GetReadyz not implemented") } -func (UnimplementedHealthServer) mustEmbedUnimplementedHealthServer() {} +func (UnimplementedKesselHealthServer) mustEmbedUnimplementedKesselHealthServer() {} -// UnsafeHealthServer may be embedded to opt out of forward compatibility for this service. -// Use of this interface is not recommended, as added methods to HealthServer will +// UnsafeKesselHealthServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to KesselHealthServer will // result in compilation errors. -type UnsafeHealthServer interface { - mustEmbedUnimplementedHealthServer() +type UnsafeKesselHealthServer interface { + mustEmbedUnimplementedKesselHealthServer() } -func RegisterHealthServer(s grpc.ServiceRegistrar, srv HealthServer) { - s.RegisterService(&Health_ServiceDesc, srv) +func RegisterKesselHealthServer(s grpc.ServiceRegistrar, srv KesselHealthServer) { + s.RegisterService(&KesselHealth_ServiceDesc, srv) } -func _Health_GetLivez_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { +func _KesselHealth_GetLivez_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { in := new(GetLivezRequest) if err := dec(in); err != nil { return nil, err } if interceptor == nil { - return srv.(HealthServer).GetLivez(ctx, in) + return srv.(KesselHealthServer).GetLivez(ctx, in) } info := &grpc.UnaryServerInfo{ Server: srv, - FullMethod: Health_GetLivez_FullMethodName, + FullMethod: KesselHealth_GetLivez_FullMethodName, } handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(HealthServer).GetLivez(ctx, req.(*GetLivezRequest)) + return srv.(KesselHealthServer).GetLivez(ctx, req.(*GetLivezRequest)) } return interceptor(ctx, in, info, handler) } -func _Health_GetReadyz_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { +func _KesselHealth_GetReadyz_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { in := new(GetReadyzRequest) if err := dec(in); err != nil { return nil, err } if interceptor == nil { - return srv.(HealthServer).GetReadyz(ctx, in) + return srv.(KesselHealthServer).GetReadyz(ctx, in) } info := &grpc.UnaryServerInfo{ Server: srv, - FullMethod: Health_GetReadyz_FullMethodName, + FullMethod: KesselHealth_GetReadyz_FullMethodName, } handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(HealthServer).GetReadyz(ctx, req.(*GetReadyzRequest)) + return srv.(KesselHealthServer).GetReadyz(ctx, req.(*GetReadyzRequest)) } return interceptor(ctx, in, info, handler) } -// Health_ServiceDesc is the grpc.ServiceDesc for Health service. +// KesselHealth_ServiceDesc is the grpc.ServiceDesc for KesselHealth service. // It's only intended for direct use with grpc.RegisterService, // and not to be introspected or modified (even as a copy) -var Health_ServiceDesc = grpc.ServiceDesc{ - ServiceName: "api.health.v1.Health", - HandlerType: (*HealthServer)(nil), +var KesselHealth_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "kessel.relations.v1.KesselHealth", + HandlerType: (*KesselHealthServer)(nil), Methods: []grpc.MethodDesc{ { MethodName: "GetLivez", - Handler: _Health_GetLivez_Handler, + Handler: _KesselHealth_GetLivez_Handler, }, { MethodName: "GetReadyz", - Handler: _Health_GetReadyz_Handler, + Handler: _KesselHealth_GetReadyz_Handler, }, }, Streams: []grpc.StreamDesc{}, diff --git a/api/health/v1/health_http.pb.go b/api/health/v1/health_http.pb.go index 5412da7..4346b3f 100644 --- a/api/health/v1/health_http.pb.go +++ b/api/health/v1/health_http.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go-http. DO NOT EDIT. // versions: // - protoc-gen-go-http v2.7.3 -// - protoc v3.19.4 +// - protoc v4.25.1 // source: health/v1/health.proto package v1 @@ -19,27 +19,27 @@ var _ = binding.EncodeURL const _ = http.SupportPackageIsVersion1 -const OperationHealthGetLivez = "/api.health.v1.Health/GetLivez" -const OperationHealthGetReadyz = "/api.health.v1.Health/GetReadyz" +const OperationKesselHealthGetLivez = "/kessel.relations.v1.KesselHealth/GetLivez" +const OperationKesselHealthGetReadyz = "/kessel.relations.v1.KesselHealth/GetReadyz" -type HealthHTTPServer interface { +type KesselHealthHTTPServer interface { GetLivez(context.Context, *GetLivezRequest) (*GetLivezReply, error) GetReadyz(context.Context, *GetReadyzRequest) (*GetReadyzReply, error) } -func RegisterHealthHTTPServer(s *http.Server, srv HealthHTTPServer) { +func RegisterKesselHealthHTTPServer(s *http.Server, srv KesselHealthHTTPServer) { r := s.Route("/") - r.GET("/livez", _Health_GetLivez0_HTTP_Handler(srv)) - r.GET("/readyz", _Health_GetReadyz0_HTTP_Handler(srv)) + r.GET("/livez", _KesselHealth_GetLivez0_HTTP_Handler(srv)) + r.GET("/readyz", _KesselHealth_GetReadyz0_HTTP_Handler(srv)) } -func _Health_GetLivez0_HTTP_Handler(srv HealthHTTPServer) func(ctx http.Context) error { +func _KesselHealth_GetLivez0_HTTP_Handler(srv KesselHealthHTTPServer) func(ctx http.Context) error { return func(ctx http.Context) error { var in GetLivezRequest if err := ctx.BindQuery(&in); err != nil { return err } - http.SetOperation(ctx, OperationHealthGetLivez) + http.SetOperation(ctx, OperationKesselHealthGetLivez) h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) { return srv.GetLivez(ctx, req.(*GetLivezRequest)) }) @@ -52,13 +52,13 @@ func _Health_GetLivez0_HTTP_Handler(srv HealthHTTPServer) func(ctx http.Context) } } -func _Health_GetReadyz0_HTTP_Handler(srv HealthHTTPServer) func(ctx http.Context) error { +func _KesselHealth_GetReadyz0_HTTP_Handler(srv KesselHealthHTTPServer) func(ctx http.Context) error { return func(ctx http.Context) error { var in GetReadyzRequest if err := ctx.BindQuery(&in); err != nil { return err } - http.SetOperation(ctx, OperationHealthGetReadyz) + http.SetOperation(ctx, OperationKesselHealthGetReadyz) h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) { return srv.GetReadyz(ctx, req.(*GetReadyzRequest)) }) @@ -71,24 +71,24 @@ func _Health_GetReadyz0_HTTP_Handler(srv HealthHTTPServer) func(ctx http.Context } } -type HealthHTTPClient interface { +type KesselHealthHTTPClient interface { GetLivez(ctx context.Context, req *GetLivezRequest, opts ...http.CallOption) (rsp *GetLivezReply, err error) GetReadyz(ctx context.Context, req *GetReadyzRequest, opts ...http.CallOption) (rsp *GetReadyzReply, err error) } -type HealthHTTPClientImpl struct { +type KesselHealthHTTPClientImpl struct { cc *http.Client } -func NewHealthHTTPClient(client *http.Client) HealthHTTPClient { - return &HealthHTTPClientImpl{client} +func NewKesselHealthHTTPClient(client *http.Client) KesselHealthHTTPClient { + return &KesselHealthHTTPClientImpl{client} } -func (c *HealthHTTPClientImpl) GetLivez(ctx context.Context, in *GetLivezRequest, opts ...http.CallOption) (*GetLivezReply, error) { +func (c *KesselHealthHTTPClientImpl) GetLivez(ctx context.Context, in *GetLivezRequest, opts ...http.CallOption) (*GetLivezReply, error) { var out GetLivezReply pattern := "/livez" path := binding.EncodeURL(pattern, in, true) - opts = append(opts, http.Operation(OperationHealthGetLivez)) + opts = append(opts, http.Operation(OperationKesselHealthGetLivez)) opts = append(opts, http.PathTemplate(pattern)) err := c.cc.Invoke(ctx, "GET", path, nil, &out, opts...) if err != nil { @@ -97,11 +97,11 @@ func (c *HealthHTTPClientImpl) GetLivez(ctx context.Context, in *GetLivezRequest return &out, nil } -func (c *HealthHTTPClientImpl) GetReadyz(ctx context.Context, in *GetReadyzRequest, opts ...http.CallOption) (*GetReadyzReply, error) { +func (c *KesselHealthHTTPClientImpl) GetReadyz(ctx context.Context, in *GetReadyzRequest, opts ...http.CallOption) (*GetReadyzReply, error) { var out GetReadyzReply pattern := "/readyz" path := binding.EncodeURL(pattern, in, true) - opts = append(opts, http.Operation(OperationHealthGetReadyz)) + opts = append(opts, http.Operation(OperationKesselHealthGetReadyz)) opts = append(opts, http.PathTemplate(pattern)) err := c.cc.Invoke(ctx, "GET", path, nil, &out, opts...) if err != nil { diff --git a/api/rebac/v1/check.pb.go b/api/rebac/v1/check.pb.go deleted file mode 100644 index f02f9da..0000000 --- a/api/rebac/v1/check.pb.go +++ /dev/null @@ -1,308 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.32.0 -// protoc v3.19.4 -// source: rebac/v1/check.proto - -package v1 - -import ( - _ "google.golang.org/genproto/googleapis/api/annotations" - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type CheckResponse_Allowed int32 - -const ( - CheckResponse_ALLOWED_UNSPECIFIED CheckResponse_Allowed = 0 - CheckResponse_ALLOWED_TRUE CheckResponse_Allowed = 1 - CheckResponse_ALLOWED_FALSE CheckResponse_Allowed = 2 // e.g. ALLOWED_CONDITIONAL = 3; -) - -// Enum value maps for CheckResponse_Allowed. -var ( - CheckResponse_Allowed_name = map[int32]string{ - 0: "ALLOWED_UNSPECIFIED", - 1: "ALLOWED_TRUE", - 2: "ALLOWED_FALSE", - } - CheckResponse_Allowed_value = map[string]int32{ - "ALLOWED_UNSPECIFIED": 0, - "ALLOWED_TRUE": 1, - "ALLOWED_FALSE": 2, - } -) - -func (x CheckResponse_Allowed) Enum() *CheckResponse_Allowed { - p := new(CheckResponse_Allowed) - *p = x - return p -} - -func (x CheckResponse_Allowed) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) -} - -func (CheckResponse_Allowed) Descriptor() protoreflect.EnumDescriptor { - return file_rebac_v1_check_proto_enumTypes[0].Descriptor() -} - -func (CheckResponse_Allowed) Type() protoreflect.EnumType { - return &file_rebac_v1_check_proto_enumTypes[0] -} - -func (x CheckResponse_Allowed) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use CheckResponse_Allowed.Descriptor instead. -func (CheckResponse_Allowed) EnumDescriptor() ([]byte, []int) { - return file_rebac_v1_check_proto_rawDescGZIP(), []int{1, 0} -} - -type CheckRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Object *ObjectReference `protobuf:"bytes,1,opt,name=object,proto3" json:"object,omitempty"` - Relation string `protobuf:"bytes,2,opt,name=relation,proto3" json:"relation,omitempty"` - Subject *SubjectReference `protobuf:"bytes,3,opt,name=subject,proto3" json:"subject,omitempty"` -} - -func (x *CheckRequest) Reset() { - *x = CheckRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_check_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *CheckRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*CheckRequest) ProtoMessage() {} - -func (x *CheckRequest) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_check_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use CheckRequest.ProtoReflect.Descriptor instead. -func (*CheckRequest) Descriptor() ([]byte, []int) { - return file_rebac_v1_check_proto_rawDescGZIP(), []int{0} -} - -func (x *CheckRequest) GetObject() *ObjectReference { - if x != nil { - return x.Object - } - return nil -} - -func (x *CheckRequest) GetRelation() string { - if x != nil { - return x.Relation - } - return "" -} - -func (x *CheckRequest) GetSubject() *SubjectReference { - if x != nil { - return x.Subject - } - return nil -} - -type CheckResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Allowed CheckResponse_Allowed `protobuf:"varint,1,opt,name=allowed,proto3,enum=api.rebac.v1.CheckResponse_Allowed" json:"allowed,omitempty"` -} - -func (x *CheckResponse) Reset() { - *x = CheckResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_check_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *CheckResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*CheckResponse) ProtoMessage() {} - -func (x *CheckResponse) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_check_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use CheckResponse.ProtoReflect.Descriptor instead. -func (*CheckResponse) Descriptor() ([]byte, []int) { - return file_rebac_v1_check_proto_rawDescGZIP(), []int{1} -} - -func (x *CheckResponse) GetAllowed() CheckResponse_Allowed { - if x != nil { - return x.Allowed - } - return CheckResponse_ALLOWED_UNSPECIFIED -} - -var File_rebac_v1_check_proto protoreflect.FileDescriptor - -var file_rebac_v1_check_proto_rawDesc = []byte{ - 0x0a, 0x14, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, 0x76, 0x31, 0x2f, 0x63, 0x68, 0x65, 0x63, 0x6b, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, - 0x63, 0x2e, 0x76, 0x31, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, - 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x1a, 0x1c, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x65, 0x6c, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x22, 0x9b, 0x01, 0x0a, 0x0c, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x12, 0x35, 0x0a, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x1d, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, - 0x2e, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, - 0x52, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, - 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, - 0x72, 0x65, 0x6e, 0x63, 0x65, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x22, 0x97, - 0x01, 0x0a, 0x0d, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x12, 0x3d, 0x0a, 0x07, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x0e, 0x32, 0x23, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, - 0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x41, - 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x52, 0x07, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x22, - 0x47, 0x0a, 0x07, 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x12, 0x17, 0x0a, 0x13, 0x41, 0x4c, - 0x4c, 0x4f, 0x57, 0x45, 0x44, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, - 0x44, 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x41, 0x4c, 0x4c, 0x4f, 0x57, 0x45, 0x44, 0x5f, 0x54, - 0x52, 0x55, 0x45, 0x10, 0x01, 0x12, 0x11, 0x0a, 0x0d, 0x41, 0x4c, 0x4c, 0x4f, 0x57, 0x45, 0x44, - 0x5f, 0x46, 0x41, 0x4c, 0x53, 0x45, 0x10, 0x02, 0x32, 0x5f, 0x0a, 0x05, 0x43, 0x68, 0x65, 0x63, - 0x6b, 0x12, 0x56, 0x0a, 0x05, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x1a, 0x2e, 0x61, 0x70, 0x69, - 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1b, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, - 0x61, 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x22, 0x14, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0e, 0x3a, 0x01, 0x2a, 0x22, 0x09, - 0x2f, 0x76, 0x31, 0x2f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x42, 0x2c, 0x0a, 0x0c, 0x61, 0x70, 0x69, - 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x50, 0x01, 0x5a, 0x1a, 0x63, 0x69, 0x61, - 0x6d, 0x2d, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x72, 0x65, 0x62, 0x61, - 0x63, 0x2f, 0x76, 0x31, 0x3b, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_rebac_v1_check_proto_rawDescOnce sync.Once - file_rebac_v1_check_proto_rawDescData = file_rebac_v1_check_proto_rawDesc -) - -func file_rebac_v1_check_proto_rawDescGZIP() []byte { - file_rebac_v1_check_proto_rawDescOnce.Do(func() { - file_rebac_v1_check_proto_rawDescData = protoimpl.X.CompressGZIP(file_rebac_v1_check_proto_rawDescData) - }) - return file_rebac_v1_check_proto_rawDescData -} - -var file_rebac_v1_check_proto_enumTypes = make([]protoimpl.EnumInfo, 1) -var file_rebac_v1_check_proto_msgTypes = make([]protoimpl.MessageInfo, 2) -var file_rebac_v1_check_proto_goTypes = []interface{}{ - (CheckResponse_Allowed)(0), // 0: api.rebac.v1.CheckResponse.Allowed - (*CheckRequest)(nil), // 1: api.rebac.v1.CheckRequest - (*CheckResponse)(nil), // 2: api.rebac.v1.CheckResponse - (*ObjectReference)(nil), // 3: api.rebac.v1.ObjectReference - (*SubjectReference)(nil), // 4: api.rebac.v1.SubjectReference -} -var file_rebac_v1_check_proto_depIdxs = []int32{ - 3, // 0: api.rebac.v1.CheckRequest.object:type_name -> api.rebac.v1.ObjectReference - 4, // 1: api.rebac.v1.CheckRequest.subject:type_name -> api.rebac.v1.SubjectReference - 0, // 2: api.rebac.v1.CheckResponse.allowed:type_name -> api.rebac.v1.CheckResponse.Allowed - 1, // 3: api.rebac.v1.Check.Check:input_type -> api.rebac.v1.CheckRequest - 2, // 4: api.rebac.v1.Check.Check:output_type -> api.rebac.v1.CheckResponse - 4, // [4:5] is the sub-list for method output_type - 3, // [3:4] is the sub-list for method input_type - 3, // [3:3] is the sub-list for extension type_name - 3, // [3:3] is the sub-list for extension extendee - 0, // [0:3] is the sub-list for field type_name -} - -func init() { file_rebac_v1_check_proto_init() } -func file_rebac_v1_check_proto_init() { - if File_rebac_v1_check_proto != nil { - return - } - file_rebac_v1_relationships_proto_init() - if !protoimpl.UnsafeEnabled { - file_rebac_v1_check_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CheckRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_check_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CheckResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_rebac_v1_check_proto_rawDesc, - NumEnums: 1, - NumMessages: 2, - NumExtensions: 0, - NumServices: 1, - }, - GoTypes: file_rebac_v1_check_proto_goTypes, - DependencyIndexes: file_rebac_v1_check_proto_depIdxs, - EnumInfos: file_rebac_v1_check_proto_enumTypes, - MessageInfos: file_rebac_v1_check_proto_msgTypes, - }.Build() - File_rebac_v1_check_proto = out.File - file_rebac_v1_check_proto_rawDesc = nil - file_rebac_v1_check_proto_goTypes = nil - file_rebac_v1_check_proto_depIdxs = nil -} diff --git a/api/rebac/v1/check_grpc.pb.go b/api/rebac/v1/check_grpc.pb.go deleted file mode 100644 index 68f3c75..0000000 --- a/api/rebac/v1/check_grpc.pb.go +++ /dev/null @@ -1,109 +0,0 @@ -// Code generated by protoc-gen-go-grpc. DO NOT EDIT. -// versions: -// - protoc-gen-go-grpc v1.3.0 -// - protoc v3.19.4 -// source: rebac/v1/check.proto - -package v1 - -import ( - context "context" - grpc "google.golang.org/grpc" - codes "google.golang.org/grpc/codes" - status "google.golang.org/grpc/status" -) - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the grpc package it is being compiled against. -// Requires gRPC-Go v1.32.0 or later. -const _ = grpc.SupportPackageIsVersion7 - -const ( - Check_Check_FullMethodName = "/api.rebac.v1.Check/Check" -) - -// CheckClient is the client API for Check service. -// -// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. -type CheckClient interface { - Check(ctx context.Context, in *CheckRequest, opts ...grpc.CallOption) (*CheckResponse, error) -} - -type checkClient struct { - cc grpc.ClientConnInterface -} - -func NewCheckClient(cc grpc.ClientConnInterface) CheckClient { - return &checkClient{cc} -} - -func (c *checkClient) Check(ctx context.Context, in *CheckRequest, opts ...grpc.CallOption) (*CheckResponse, error) { - out := new(CheckResponse) - err := c.cc.Invoke(ctx, Check_Check_FullMethodName, in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -// CheckServer is the server API for Check service. -// All implementations must embed UnimplementedCheckServer -// for forward compatibility -type CheckServer interface { - Check(context.Context, *CheckRequest) (*CheckResponse, error) - mustEmbedUnimplementedCheckServer() -} - -// UnimplementedCheckServer must be embedded to have forward compatible implementations. -type UnimplementedCheckServer struct { -} - -func (UnimplementedCheckServer) Check(context.Context, *CheckRequest) (*CheckResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method Check not implemented") -} -func (UnimplementedCheckServer) mustEmbedUnimplementedCheckServer() {} - -// UnsafeCheckServer may be embedded to opt out of forward compatibility for this service. -// Use of this interface is not recommended, as added methods to CheckServer will -// result in compilation errors. -type UnsafeCheckServer interface { - mustEmbedUnimplementedCheckServer() -} - -func RegisterCheckServer(s grpc.ServiceRegistrar, srv CheckServer) { - s.RegisterService(&Check_ServiceDesc, srv) -} - -func _Check_Check_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(CheckRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(CheckServer).Check(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: Check_Check_FullMethodName, - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(CheckServer).Check(ctx, req.(*CheckRequest)) - } - return interceptor(ctx, in, info, handler) -} - -// Check_ServiceDesc is the grpc.ServiceDesc for Check service. -// It's only intended for direct use with grpc.RegisterService, -// and not to be introspected or modified (even as a copy) -var Check_ServiceDesc = grpc.ServiceDesc{ - ServiceName: "api.rebac.v1.Check", - HandlerType: (*CheckServer)(nil), - Methods: []grpc.MethodDesc{ - { - MethodName: "Check", - Handler: _Check_Check_Handler, - }, - }, - Streams: []grpc.StreamDesc{}, - Metadata: "rebac/v1/check.proto", -} diff --git a/api/rebac/v1/relationships.pb.go b/api/rebac/v1/relationships.pb.go deleted file mode 100644 index 7757f6f..0000000 --- a/api/rebac/v1/relationships.pb.go +++ /dev/null @@ -1,914 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.32.0 -// protoc v3.19.4 -// source: rebac/v1/relationships.proto - -package v1 - -import ( - _ "google.golang.org/genproto/googleapis/api/annotations" - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type CreateRelationshipsRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Touch bool `protobuf:"varint,1,opt,name=touch,proto3" json:"touch,omitempty"` - Relationships []*Relationship `protobuf:"bytes,2,rep,name=relationships,proto3" json:"relationships,omitempty"` -} - -func (x *CreateRelationshipsRequest) Reset() { - *x = CreateRelationshipsRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *CreateRelationshipsRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*CreateRelationshipsRequest) ProtoMessage() {} - -func (x *CreateRelationshipsRequest) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use CreateRelationshipsRequest.ProtoReflect.Descriptor instead. -func (*CreateRelationshipsRequest) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{0} -} - -func (x *CreateRelationshipsRequest) GetTouch() bool { - if x != nil { - return x.Touch - } - return false -} - -func (x *CreateRelationshipsRequest) GetRelationships() []*Relationship { - if x != nil { - return x.Relationships - } - return nil -} - -type CreateRelationshipsResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields -} - -func (x *CreateRelationshipsResponse) Reset() { - *x = CreateRelationshipsResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *CreateRelationshipsResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*CreateRelationshipsResponse) ProtoMessage() {} - -func (x *CreateRelationshipsResponse) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use CreateRelationshipsResponse.ProtoReflect.Descriptor instead. -func (*CreateRelationshipsResponse) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{1} -} - -type ReadRelationshipsRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Filter *RelationshipFilter `protobuf:"bytes,1,opt,name=filter,proto3" json:"filter,omitempty"` -} - -func (x *ReadRelationshipsRequest) Reset() { - *x = ReadRelationshipsRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *ReadRelationshipsRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*ReadRelationshipsRequest) ProtoMessage() {} - -func (x *ReadRelationshipsRequest) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use ReadRelationshipsRequest.ProtoReflect.Descriptor instead. -func (*ReadRelationshipsRequest) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{2} -} - -func (x *ReadRelationshipsRequest) GetFilter() *RelationshipFilter { - if x != nil { - return x.Filter - } - return nil -} - -type ReadRelationshipsResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Relationships []*Relationship `protobuf:"bytes,1,rep,name=relationships,proto3" json:"relationships,omitempty"` -} - -func (x *ReadRelationshipsResponse) Reset() { - *x = ReadRelationshipsResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[3] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *ReadRelationshipsResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*ReadRelationshipsResponse) ProtoMessage() {} - -func (x *ReadRelationshipsResponse) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[3] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use ReadRelationshipsResponse.ProtoReflect.Descriptor instead. -func (*ReadRelationshipsResponse) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{3} -} - -func (x *ReadRelationshipsResponse) GetRelationships() []*Relationship { - if x != nil { - return x.Relationships - } - return nil -} - -type DeleteRelationshipsRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Filter *RelationshipFilter `protobuf:"bytes,1,opt,name=filter,proto3" json:"filter,omitempty"` -} - -func (x *DeleteRelationshipsRequest) Reset() { - *x = DeleteRelationshipsRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[4] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *DeleteRelationshipsRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*DeleteRelationshipsRequest) ProtoMessage() {} - -func (x *DeleteRelationshipsRequest) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[4] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use DeleteRelationshipsRequest.ProtoReflect.Descriptor instead. -func (*DeleteRelationshipsRequest) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{4} -} - -func (x *DeleteRelationshipsRequest) GetFilter() *RelationshipFilter { - if x != nil { - return x.Filter - } - return nil -} - -type DeleteRelationshipsResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields -} - -func (x *DeleteRelationshipsResponse) Reset() { - *x = DeleteRelationshipsResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[5] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *DeleteRelationshipsResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*DeleteRelationshipsResponse) ProtoMessage() {} - -func (x *DeleteRelationshipsResponse) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[5] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use DeleteRelationshipsResponse.ProtoReflect.Descriptor instead. -func (*DeleteRelationshipsResponse) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{5} -} - -type RelationshipFilter struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - ObjectType string `protobuf:"bytes,1,opt,name=object_type,json=objectType,proto3" json:"object_type,omitempty"` - ObjectId string `protobuf:"bytes,2,opt,name=object_id,json=objectId,proto3" json:"object_id,omitempty"` - Relation string `protobuf:"bytes,3,opt,name=relation,proto3" json:"relation,omitempty"` - SubjectFilter *SubjectFilter `protobuf:"bytes,4,opt,name=subject_filter,json=subjectFilter,proto3" json:"subject_filter,omitempty"` -} - -func (x *RelationshipFilter) Reset() { - *x = RelationshipFilter{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[6] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *RelationshipFilter) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*RelationshipFilter) ProtoMessage() {} - -func (x *RelationshipFilter) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[6] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use RelationshipFilter.ProtoReflect.Descriptor instead. -func (*RelationshipFilter) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{6} -} - -func (x *RelationshipFilter) GetObjectType() string { - if x != nil { - return x.ObjectType - } - return "" -} - -func (x *RelationshipFilter) GetObjectId() string { - if x != nil { - return x.ObjectId - } - return "" -} - -func (x *RelationshipFilter) GetRelation() string { - if x != nil { - return x.Relation - } - return "" -} - -func (x *RelationshipFilter) GetSubjectFilter() *SubjectFilter { - if x != nil { - return x.SubjectFilter - } - return nil -} - -type SubjectFilter struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Relation string `protobuf:"bytes,1,opt,name=relation,proto3" json:"relation,omitempty"` - SubjectId string `protobuf:"bytes,2,opt,name=subject_id,json=subjectId,proto3" json:"subject_id,omitempty"` - SubjectType string `protobuf:"bytes,3,opt,name=subject_type,json=subjectType,proto3" json:"subject_type,omitempty"` -} - -func (x *SubjectFilter) Reset() { - *x = SubjectFilter{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[7] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *SubjectFilter) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*SubjectFilter) ProtoMessage() {} - -func (x *SubjectFilter) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[7] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use SubjectFilter.ProtoReflect.Descriptor instead. -func (*SubjectFilter) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{7} -} - -func (x *SubjectFilter) GetRelation() string { - if x != nil { - return x.Relation - } - return "" -} - -func (x *SubjectFilter) GetSubjectId() string { - if x != nil { - return x.SubjectId - } - return "" -} - -func (x *SubjectFilter) GetSubjectType() string { - if x != nil { - return x.SubjectType - } - return "" -} - -type Relationship struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Object *ObjectReference `protobuf:"bytes,1,opt,name=object,proto3" json:"object,omitempty"` - Relation string `protobuf:"bytes,2,opt,name=relation,proto3" json:"relation,omitempty"` - Subject *SubjectReference `protobuf:"bytes,3,opt,name=subject,proto3" json:"subject,omitempty"` -} - -func (x *Relationship) Reset() { - *x = Relationship{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[8] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Relationship) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Relationship) ProtoMessage() {} - -func (x *Relationship) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[8] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Relationship.ProtoReflect.Descriptor instead. -func (*Relationship) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{8} -} - -func (x *Relationship) GetObject() *ObjectReference { - if x != nil { - return x.Object - } - return nil -} - -func (x *Relationship) GetRelation() string { - if x != nil { - return x.Relation - } - return "" -} - -func (x *Relationship) GetSubject() *SubjectReference { - if x != nil { - return x.Subject - } - return nil -} - -type SubjectReference struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Relation string `protobuf:"bytes,1,opt,name=relation,proto3" json:"relation,omitempty"` - Object *ObjectReference `protobuf:"bytes,2,opt,name=object,proto3" json:"object,omitempty"` -} - -func (x *SubjectReference) Reset() { - *x = SubjectReference{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[9] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *SubjectReference) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*SubjectReference) ProtoMessage() {} - -func (x *SubjectReference) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[9] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use SubjectReference.ProtoReflect.Descriptor instead. -func (*SubjectReference) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{9} -} - -func (x *SubjectReference) GetRelation() string { - if x != nil { - return x.Relation - } - return "" -} - -func (x *SubjectReference) GetObject() *ObjectReference { - if x != nil { - return x.Object - } - return nil -} - -type ObjectReference struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"` - Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` -} - -func (x *ObjectReference) Reset() { - *x = ObjectReference{} - if protoimpl.UnsafeEnabled { - mi := &file_rebac_v1_relationships_proto_msgTypes[10] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *ObjectReference) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*ObjectReference) ProtoMessage() {} - -func (x *ObjectReference) ProtoReflect() protoreflect.Message { - mi := &file_rebac_v1_relationships_proto_msgTypes[10] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use ObjectReference.ProtoReflect.Descriptor instead. -func (*ObjectReference) Descriptor() ([]byte, []int) { - return file_rebac_v1_relationships_proto_rawDescGZIP(), []int{10} -} - -func (x *ObjectReference) GetType() string { - if x != nil { - return x.Type - } - return "" -} - -func (x *ObjectReference) GetId() string { - if x != nil { - return x.Id - } - return "" -} - -var File_rebac_v1_relationships_proto protoreflect.FileDescriptor - -var file_rebac_v1_relationships_proto_rawDesc = []byte{ - 0x0a, 0x1c, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x65, 0x6c, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, - 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x1a, 0x1c, 0x67, 0x6f, - 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x74, 0x0a, 0x1a, 0x43, 0x72, - 0x65, 0x61, 0x74, 0x65, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, - 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x75, 0x63, - 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x74, 0x6f, 0x75, 0x63, 0x68, 0x12, 0x40, - 0x0a, 0x0d, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x18, - 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, - 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, - 0x70, 0x52, 0x0d, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, - 0x22, 0x1d, 0x0a, 0x1b, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, - 0x54, 0x0a, 0x18, 0x52, 0x65, 0x61, 0x64, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, - 0x68, 0x69, 0x70, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x38, 0x0a, 0x06, 0x66, - 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x61, 0x70, - 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6c, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66, - 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0x5d, 0x0a, 0x19, 0x52, 0x65, 0x61, 0x64, 0x52, 0x65, 0x6c, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x12, 0x40, 0x0a, 0x0d, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, - 0x69, 0x70, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x61, 0x70, 0x69, 0x2e, - 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x73, 0x68, 0x69, 0x70, 0x52, 0x0d, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, - 0x68, 0x69, 0x70, 0x73, 0x22, 0x56, 0x0a, 0x1a, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, - 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x12, 0x38, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, - 0x31, 0x2e, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x46, 0x69, - 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0x1d, 0x0a, 0x1b, - 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, - 0x69, 0x70, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xb2, 0x01, 0x0a, 0x12, - 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x46, 0x69, 0x6c, 0x74, - 0x65, 0x72, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x79, 0x70, - 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x54, - 0x79, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x69, 0x64, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x49, 0x64, - 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x42, 0x0a, 0x0e, - 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x04, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, - 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, - 0x72, 0x52, 0x0d, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, - 0x22, 0x6d, 0x0a, 0x0d, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, - 0x72, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1d, 0x0a, - 0x0a, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x09, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x49, 0x64, 0x12, 0x21, 0x0a, 0x0c, - 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0b, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x54, 0x79, 0x70, 0x65, 0x22, - 0x9b, 0x01, 0x0a, 0x0c, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, - 0x12, 0x35, 0x0a, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x1d, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x2e, - 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x52, - 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, - 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, - 0x65, 0x6e, 0x63, 0x65, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x22, 0x65, 0x0a, - 0x10, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, - 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x35, 0x0a, - 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, - 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x4f, 0x62, 0x6a, - 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x6f, 0x62, - 0x6a, 0x65, 0x63, 0x74, 0x22, 0x35, 0x0a, 0x0f, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, - 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, - 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x32, 0xa3, 0x03, 0x0a, 0x0d, - 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x12, 0x88, 0x01, - 0x0a, 0x13, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x73, 0x68, 0x69, 0x70, 0x73, 0x12, 0x28, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, - 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x52, 0x65, 0x6c, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, - 0x29, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x43, - 0x72, 0x65, 0x61, 0x74, 0x65, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, - 0x70, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1c, 0x82, 0xd3, 0xe4, 0x93, - 0x02, 0x16, 0x3a, 0x01, 0x2a, 0x22, 0x11, 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x65, 0x6c, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x12, 0x7f, 0x0a, 0x11, 0x52, 0x65, 0x61, 0x64, - 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x12, 0x26, 0x2e, - 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, - 0x64, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, - 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x19, - 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x13, 0x12, 0x11, 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x65, 0x6c, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x12, 0x85, 0x01, 0x0a, 0x13, 0x44, 0x65, - 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, - 0x73, 0x12, 0x28, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, - 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, - 0x68, 0x69, 0x70, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x61, 0x70, - 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, - 0x65, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, 0x73, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x19, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x13, 0x2a, 0x11, - 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, 0x70, - 0x73, 0x42, 0x2c, 0x0a, 0x0c, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2e, 0x76, - 0x31, 0x50, 0x01, 0x5a, 0x1a, 0x63, 0x69, 0x61, 0x6d, 0x2d, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, - 0x61, 0x70, 0x69, 0x2f, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, 0x76, 0x31, 0x3b, 0x76, 0x31, 0x62, - 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_rebac_v1_relationships_proto_rawDescOnce sync.Once - file_rebac_v1_relationships_proto_rawDescData = file_rebac_v1_relationships_proto_rawDesc -) - -func file_rebac_v1_relationships_proto_rawDescGZIP() []byte { - file_rebac_v1_relationships_proto_rawDescOnce.Do(func() { - file_rebac_v1_relationships_proto_rawDescData = protoimpl.X.CompressGZIP(file_rebac_v1_relationships_proto_rawDescData) - }) - return file_rebac_v1_relationships_proto_rawDescData -} - -var file_rebac_v1_relationships_proto_msgTypes = make([]protoimpl.MessageInfo, 11) -var file_rebac_v1_relationships_proto_goTypes = []interface{}{ - (*CreateRelationshipsRequest)(nil), // 0: api.rebac.v1.CreateRelationshipsRequest - (*CreateRelationshipsResponse)(nil), // 1: api.rebac.v1.CreateRelationshipsResponse - (*ReadRelationshipsRequest)(nil), // 2: api.rebac.v1.ReadRelationshipsRequest - (*ReadRelationshipsResponse)(nil), // 3: api.rebac.v1.ReadRelationshipsResponse - (*DeleteRelationshipsRequest)(nil), // 4: api.rebac.v1.DeleteRelationshipsRequest - (*DeleteRelationshipsResponse)(nil), // 5: api.rebac.v1.DeleteRelationshipsResponse - (*RelationshipFilter)(nil), // 6: api.rebac.v1.RelationshipFilter - (*SubjectFilter)(nil), // 7: api.rebac.v1.SubjectFilter - (*Relationship)(nil), // 8: api.rebac.v1.Relationship - (*SubjectReference)(nil), // 9: api.rebac.v1.SubjectReference - (*ObjectReference)(nil), // 10: api.rebac.v1.ObjectReference -} -var file_rebac_v1_relationships_proto_depIdxs = []int32{ - 8, // 0: api.rebac.v1.CreateRelationshipsRequest.relationships:type_name -> api.rebac.v1.Relationship - 6, // 1: api.rebac.v1.ReadRelationshipsRequest.filter:type_name -> api.rebac.v1.RelationshipFilter - 8, // 2: api.rebac.v1.ReadRelationshipsResponse.relationships:type_name -> api.rebac.v1.Relationship - 6, // 3: api.rebac.v1.DeleteRelationshipsRequest.filter:type_name -> api.rebac.v1.RelationshipFilter - 7, // 4: api.rebac.v1.RelationshipFilter.subject_filter:type_name -> api.rebac.v1.SubjectFilter - 10, // 5: api.rebac.v1.Relationship.object:type_name -> api.rebac.v1.ObjectReference - 9, // 6: api.rebac.v1.Relationship.subject:type_name -> api.rebac.v1.SubjectReference - 10, // 7: api.rebac.v1.SubjectReference.object:type_name -> api.rebac.v1.ObjectReference - 0, // 8: api.rebac.v1.Relationships.CreateRelationships:input_type -> api.rebac.v1.CreateRelationshipsRequest - 2, // 9: api.rebac.v1.Relationships.ReadRelationships:input_type -> api.rebac.v1.ReadRelationshipsRequest - 4, // 10: api.rebac.v1.Relationships.DeleteRelationships:input_type -> api.rebac.v1.DeleteRelationshipsRequest - 1, // 11: api.rebac.v1.Relationships.CreateRelationships:output_type -> api.rebac.v1.CreateRelationshipsResponse - 3, // 12: api.rebac.v1.Relationships.ReadRelationships:output_type -> api.rebac.v1.ReadRelationshipsResponse - 5, // 13: api.rebac.v1.Relationships.DeleteRelationships:output_type -> api.rebac.v1.DeleteRelationshipsResponse - 11, // [11:14] is the sub-list for method output_type - 8, // [8:11] is the sub-list for method input_type - 8, // [8:8] is the sub-list for extension type_name - 8, // [8:8] is the sub-list for extension extendee - 0, // [0:8] is the sub-list for field type_name -} - -func init() { file_rebac_v1_relationships_proto_init() } -func file_rebac_v1_relationships_proto_init() { - if File_rebac_v1_relationships_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_rebac_v1_relationships_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CreateRelationshipsRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CreateRelationshipsResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ReadRelationshipsRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ReadRelationshipsResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*DeleteRelationshipsRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*DeleteRelationshipsResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RelationshipFilter); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*SubjectFilter); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Relationship); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*SubjectReference); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rebac_v1_relationships_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ObjectReference); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_rebac_v1_relationships_proto_rawDesc, - NumEnums: 0, - NumMessages: 11, - NumExtensions: 0, - NumServices: 1, - }, - GoTypes: file_rebac_v1_relationships_proto_goTypes, - DependencyIndexes: file_rebac_v1_relationships_proto_depIdxs, - MessageInfos: file_rebac_v1_relationships_proto_msgTypes, - }.Build() - File_rebac_v1_relationships_proto = out.File - file_rebac_v1_relationships_proto_rawDesc = nil - file_rebac_v1_relationships_proto_goTypes = nil - file_rebac_v1_relationships_proto_depIdxs = nil -} diff --git a/api/rebac/v1/relationships.proto b/api/rebac/v1/relationships.proto deleted file mode 100644 index dbdfa08..0000000 --- a/api/rebac/v1/relationships.proto +++ /dev/null @@ -1,75 +0,0 @@ -syntax = "proto3"; - -package api.rebac.v1; - -import "google/api/annotations.proto"; - -option go_package = "ciam-rebac/api/rebac/v1;v1"; -option java_multiple_files = true; -option java_package = "api.rebac.v1"; - -service Relationships { - rpc CreateRelationships (CreateRelationshipsRequest) returns (CreateRelationshipsResponse) { - option (google.api.http) = { - post: "/v1/relationships" - body: "*" - }; - }; - rpc ReadRelationships (ReadRelationshipsRequest) returns (ReadRelationshipsResponse) { - option (google.api.http) = { - get: "/v1/relationships" - }; - }; - rpc DeleteRelationships (DeleteRelationshipsRequest) returns (DeleteRelationshipsResponse) { - option (google.api.http) = { - delete: "/v1/relationships" - }; - }; -} - -message CreateRelationshipsRequest { - bool touch = 1; - repeated Relationship relationships = 2; -} -message CreateRelationshipsResponse {} - -message ReadRelationshipsRequest { - RelationshipFilter filter = 1; -} -message ReadRelationshipsResponse { - repeated Relationship relationships = 1; -} - -message DeleteRelationshipsRequest { - RelationshipFilter filter = 1; -} -message DeleteRelationshipsResponse {} - -message RelationshipFilter { - string object_type = 1; - string object_id = 2; - string relation = 3; - SubjectFilter subject_filter = 4; -} - -message SubjectFilter { - string relation = 1; - string subject_id = 2; - string subject_type = 3; -} - -message Relationship { - ObjectReference object = 1; - string relation = 2; - SubjectReference subject = 3; -} - -message SubjectReference { - string relation = 1; - ObjectReference object = 2; -} - -message ObjectReference { - string type = 1; - string id = 2; -} \ No newline at end of file diff --git a/api/rebac/v1/relationships_grpc.pb.go b/api/rebac/v1/relationships_grpc.pb.go deleted file mode 100644 index 4c0ff35..0000000 --- a/api/rebac/v1/relationships_grpc.pb.go +++ /dev/null @@ -1,183 +0,0 @@ -// Code generated by protoc-gen-go-grpc. DO NOT EDIT. -// versions: -// - protoc-gen-go-grpc v1.3.0 -// - protoc v3.19.4 -// source: rebac/v1/relationships.proto - -package v1 - -import ( - context "context" - grpc "google.golang.org/grpc" - codes "google.golang.org/grpc/codes" - status "google.golang.org/grpc/status" -) - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the grpc package it is being compiled against. -// Requires gRPC-Go v1.32.0 or later. -const _ = grpc.SupportPackageIsVersion7 - -const ( - Relationships_CreateRelationships_FullMethodName = "/api.rebac.v1.Relationships/CreateRelationships" - Relationships_ReadRelationships_FullMethodName = "/api.rebac.v1.Relationships/ReadRelationships" - Relationships_DeleteRelationships_FullMethodName = "/api.rebac.v1.Relationships/DeleteRelationships" -) - -// RelationshipsClient is the client API for Relationships service. -// -// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. -type RelationshipsClient interface { - CreateRelationships(ctx context.Context, in *CreateRelationshipsRequest, opts ...grpc.CallOption) (*CreateRelationshipsResponse, error) - ReadRelationships(ctx context.Context, in *ReadRelationshipsRequest, opts ...grpc.CallOption) (*ReadRelationshipsResponse, error) - DeleteRelationships(ctx context.Context, in *DeleteRelationshipsRequest, opts ...grpc.CallOption) (*DeleteRelationshipsResponse, error) -} - -type relationshipsClient struct { - cc grpc.ClientConnInterface -} - -func NewRelationshipsClient(cc grpc.ClientConnInterface) RelationshipsClient { - return &relationshipsClient{cc} -} - -func (c *relationshipsClient) CreateRelationships(ctx context.Context, in *CreateRelationshipsRequest, opts ...grpc.CallOption) (*CreateRelationshipsResponse, error) { - out := new(CreateRelationshipsResponse) - err := c.cc.Invoke(ctx, Relationships_CreateRelationships_FullMethodName, in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -func (c *relationshipsClient) ReadRelationships(ctx context.Context, in *ReadRelationshipsRequest, opts ...grpc.CallOption) (*ReadRelationshipsResponse, error) { - out := new(ReadRelationshipsResponse) - err := c.cc.Invoke(ctx, Relationships_ReadRelationships_FullMethodName, in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -func (c *relationshipsClient) DeleteRelationships(ctx context.Context, in *DeleteRelationshipsRequest, opts ...grpc.CallOption) (*DeleteRelationshipsResponse, error) { - out := new(DeleteRelationshipsResponse) - err := c.cc.Invoke(ctx, Relationships_DeleteRelationships_FullMethodName, in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -// RelationshipsServer is the server API for Relationships service. -// All implementations must embed UnimplementedRelationshipsServer -// for forward compatibility -type RelationshipsServer interface { - CreateRelationships(context.Context, *CreateRelationshipsRequest) (*CreateRelationshipsResponse, error) - ReadRelationships(context.Context, *ReadRelationshipsRequest) (*ReadRelationshipsResponse, error) - DeleteRelationships(context.Context, *DeleteRelationshipsRequest) (*DeleteRelationshipsResponse, error) - mustEmbedUnimplementedRelationshipsServer() -} - -// UnimplementedRelationshipsServer must be embedded to have forward compatible implementations. -type UnimplementedRelationshipsServer struct { -} - -func (UnimplementedRelationshipsServer) CreateRelationships(context.Context, *CreateRelationshipsRequest) (*CreateRelationshipsResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method CreateRelationships not implemented") -} -func (UnimplementedRelationshipsServer) ReadRelationships(context.Context, *ReadRelationshipsRequest) (*ReadRelationshipsResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method ReadRelationships not implemented") -} -func (UnimplementedRelationshipsServer) DeleteRelationships(context.Context, *DeleteRelationshipsRequest) (*DeleteRelationshipsResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method DeleteRelationships not implemented") -} -func (UnimplementedRelationshipsServer) mustEmbedUnimplementedRelationshipsServer() {} - -// UnsafeRelationshipsServer may be embedded to opt out of forward compatibility for this service. -// Use of this interface is not recommended, as added methods to RelationshipsServer will -// result in compilation errors. -type UnsafeRelationshipsServer interface { - mustEmbedUnimplementedRelationshipsServer() -} - -func RegisterRelationshipsServer(s grpc.ServiceRegistrar, srv RelationshipsServer) { - s.RegisterService(&Relationships_ServiceDesc, srv) -} - -func _Relationships_CreateRelationships_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(CreateRelationshipsRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(RelationshipsServer).CreateRelationships(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: Relationships_CreateRelationships_FullMethodName, - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(RelationshipsServer).CreateRelationships(ctx, req.(*CreateRelationshipsRequest)) - } - return interceptor(ctx, in, info, handler) -} - -func _Relationships_ReadRelationships_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(ReadRelationshipsRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(RelationshipsServer).ReadRelationships(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: Relationships_ReadRelationships_FullMethodName, - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(RelationshipsServer).ReadRelationships(ctx, req.(*ReadRelationshipsRequest)) - } - return interceptor(ctx, in, info, handler) -} - -func _Relationships_DeleteRelationships_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(DeleteRelationshipsRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(RelationshipsServer).DeleteRelationships(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: Relationships_DeleteRelationships_FullMethodName, - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(RelationshipsServer).DeleteRelationships(ctx, req.(*DeleteRelationshipsRequest)) - } - return interceptor(ctx, in, info, handler) -} - -// Relationships_ServiceDesc is the grpc.ServiceDesc for Relationships service. -// It's only intended for direct use with grpc.RegisterService, -// and not to be introspected or modified (even as a copy) -var Relationships_ServiceDesc = grpc.ServiceDesc{ - ServiceName: "api.rebac.v1.Relationships", - HandlerType: (*RelationshipsServer)(nil), - Methods: []grpc.MethodDesc{ - { - MethodName: "CreateRelationships", - Handler: _Relationships_CreateRelationships_Handler, - }, - { - MethodName: "ReadRelationships", - Handler: _Relationships_ReadRelationships_Handler, - }, - { - MethodName: "DeleteRelationships", - Handler: _Relationships_DeleteRelationships_Handler, - }, - }, - Streams: []grpc.StreamDesc{}, - Metadata: "rebac/v1/relationships.proto", -} diff --git a/api/rebac/v1/relationships_http.pb.go b/api/rebac/v1/relationships_http.pb.go deleted file mode 100644 index c382260..0000000 --- a/api/rebac/v1/relationships_http.pb.go +++ /dev/null @@ -1,150 +0,0 @@ -// Code generated by protoc-gen-go-http. DO NOT EDIT. -// versions: -// - protoc-gen-go-http v2.7.3 -// - protoc v3.19.4 -// source: rebac/v1/relationships.proto - -package v1 - -import ( - context "context" - http "github.com/go-kratos/kratos/v2/transport/http" - binding "github.com/go-kratos/kratos/v2/transport/http/binding" -) - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the kratos package it is being compiled against. -var _ = new(context.Context) -var _ = binding.EncodeURL - -const _ = http.SupportPackageIsVersion1 - -const OperationRelationshipsCreateRelationships = "/api.rebac.v1.Relationships/CreateRelationships" -const OperationRelationshipsDeleteRelationships = "/api.rebac.v1.Relationships/DeleteRelationships" -const OperationRelationshipsReadRelationships = "/api.rebac.v1.Relationships/ReadRelationships" - -type RelationshipsHTTPServer interface { - CreateRelationships(context.Context, *CreateRelationshipsRequest) (*CreateRelationshipsResponse, error) - DeleteRelationships(context.Context, *DeleteRelationshipsRequest) (*DeleteRelationshipsResponse, error) - ReadRelationships(context.Context, *ReadRelationshipsRequest) (*ReadRelationshipsResponse, error) -} - -func RegisterRelationshipsHTTPServer(s *http.Server, srv RelationshipsHTTPServer) { - r := s.Route("/") - r.POST("/v1/relationships", _Relationships_CreateRelationships0_HTTP_Handler(srv)) - r.GET("/v1/relationships", _Relationships_ReadRelationships0_HTTP_Handler(srv)) - r.DELETE("/v1/relationships", _Relationships_DeleteRelationships0_HTTP_Handler(srv)) -} - -func _Relationships_CreateRelationships0_HTTP_Handler(srv RelationshipsHTTPServer) func(ctx http.Context) error { - return func(ctx http.Context) error { - var in CreateRelationshipsRequest - if err := ctx.Bind(&in); err != nil { - return err - } - if err := ctx.BindQuery(&in); err != nil { - return err - } - http.SetOperation(ctx, OperationRelationshipsCreateRelationships) - h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.CreateRelationships(ctx, req.(*CreateRelationshipsRequest)) - }) - out, err := h(ctx, &in) - if err != nil { - return err - } - reply := out.(*CreateRelationshipsResponse) - return ctx.Result(200, reply) - } -} - -func _Relationships_ReadRelationships0_HTTP_Handler(srv RelationshipsHTTPServer) func(ctx http.Context) error { - return func(ctx http.Context) error { - var in ReadRelationshipsRequest - if err := ctx.BindQuery(&in); err != nil { - return err - } - http.SetOperation(ctx, OperationRelationshipsReadRelationships) - h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.ReadRelationships(ctx, req.(*ReadRelationshipsRequest)) - }) - out, err := h(ctx, &in) - if err != nil { - return err - } - reply := out.(*ReadRelationshipsResponse) - return ctx.Result(200, reply) - } -} - -func _Relationships_DeleteRelationships0_HTTP_Handler(srv RelationshipsHTTPServer) func(ctx http.Context) error { - return func(ctx http.Context) error { - var in DeleteRelationshipsRequest - if err := ctx.BindQuery(&in); err != nil { - return err - } - http.SetOperation(ctx, OperationRelationshipsDeleteRelationships) - h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.DeleteRelationships(ctx, req.(*DeleteRelationshipsRequest)) - }) - out, err := h(ctx, &in) - if err != nil { - return err - } - reply := out.(*DeleteRelationshipsResponse) - return ctx.Result(200, reply) - } -} - -type RelationshipsHTTPClient interface { - CreateRelationships(ctx context.Context, req *CreateRelationshipsRequest, opts ...http.CallOption) (rsp *CreateRelationshipsResponse, err error) - DeleteRelationships(ctx context.Context, req *DeleteRelationshipsRequest, opts ...http.CallOption) (rsp *DeleteRelationshipsResponse, err error) - ReadRelationships(ctx context.Context, req *ReadRelationshipsRequest, opts ...http.CallOption) (rsp *ReadRelationshipsResponse, err error) -} - -type RelationshipsHTTPClientImpl struct { - cc *http.Client -} - -func NewRelationshipsHTTPClient(client *http.Client) RelationshipsHTTPClient { - return &RelationshipsHTTPClientImpl{client} -} - -func (c *RelationshipsHTTPClientImpl) CreateRelationships(ctx context.Context, in *CreateRelationshipsRequest, opts ...http.CallOption) (*CreateRelationshipsResponse, error) { - var out CreateRelationshipsResponse - pattern := "/v1/relationships" - path := binding.EncodeURL(pattern, in, false) - opts = append(opts, http.Operation(OperationRelationshipsCreateRelationships)) - opts = append(opts, http.PathTemplate(pattern)) - err := c.cc.Invoke(ctx, "POST", path, in, &out, opts...) - if err != nil { - return nil, err - } - return &out, nil -} - -func (c *RelationshipsHTTPClientImpl) DeleteRelationships(ctx context.Context, in *DeleteRelationshipsRequest, opts ...http.CallOption) (*DeleteRelationshipsResponse, error) { - var out DeleteRelationshipsResponse - pattern := "/v1/relationships" - path := binding.EncodeURL(pattern, in, true) - opts = append(opts, http.Operation(OperationRelationshipsDeleteRelationships)) - opts = append(opts, http.PathTemplate(pattern)) - err := c.cc.Invoke(ctx, "DELETE", path, nil, &out, opts...) - if err != nil { - return nil, err - } - return &out, nil -} - -func (c *RelationshipsHTTPClientImpl) ReadRelationships(ctx context.Context, in *ReadRelationshipsRequest, opts ...http.CallOption) (*ReadRelationshipsResponse, error) { - var out ReadRelationshipsResponse - pattern := "/v1/relationships" - path := binding.EncodeURL(pattern, in, true) - opts = append(opts, http.Operation(OperationRelationshipsReadRelationships)) - opts = append(opts, http.PathTemplate(pattern)) - err := c.cc.Invoke(ctx, "GET", path, nil, &out, opts...) - if err != nil { - return nil, err - } - return &out, nil -} diff --git a/api/relations/v0/check.pb.go b/api/relations/v0/check.pb.go new file mode 100644 index 0000000..8b87e83 --- /dev/null +++ b/api/relations/v0/check.pb.go @@ -0,0 +1,314 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.34.1 +// protoc v4.25.1 +// source: relations/v0/check.proto + +package v0 + +import ( + _ "google.golang.org/genproto/googleapis/api/annotations" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type CheckResponse_Allowed int32 + +const ( + CheckResponse_ALLOWED_UNSPECIFIED CheckResponse_Allowed = 0 + CheckResponse_ALLOWED_TRUE CheckResponse_Allowed = 1 + CheckResponse_ALLOWED_FALSE CheckResponse_Allowed = 2 // e.g. ALLOWED_CONDITIONAL = 3; +) + +// Enum value maps for CheckResponse_Allowed. +var ( + CheckResponse_Allowed_name = map[int32]string{ + 0: "ALLOWED_UNSPECIFIED", + 1: "ALLOWED_TRUE", + 2: "ALLOWED_FALSE", + } + CheckResponse_Allowed_value = map[string]int32{ + "ALLOWED_UNSPECIFIED": 0, + "ALLOWED_TRUE": 1, + "ALLOWED_FALSE": 2, + } +) + +func (x CheckResponse_Allowed) Enum() *CheckResponse_Allowed { + p := new(CheckResponse_Allowed) + *p = x + return p +} + +func (x CheckResponse_Allowed) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (CheckResponse_Allowed) Descriptor() protoreflect.EnumDescriptor { + return file_relations_v0_check_proto_enumTypes[0].Descriptor() +} + +func (CheckResponse_Allowed) Type() protoreflect.EnumType { + return &file_relations_v0_check_proto_enumTypes[0] +} + +func (x CheckResponse_Allowed) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use CheckResponse_Allowed.Descriptor instead. +func (CheckResponse_Allowed) EnumDescriptor() ([]byte, []int) { + return file_relations_v0_check_proto_rawDescGZIP(), []int{1, 0} +} + +type CheckRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Resource *ObjectReference `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"` + Relation string `protobuf:"bytes,2,opt,name=relation,proto3" json:"relation,omitempty"` + Subject *SubjectReference `protobuf:"bytes,3,opt,name=subject,proto3" json:"subject,omitempty"` +} + +func (x *CheckRequest) Reset() { + *x = CheckRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_check_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CheckRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CheckRequest) ProtoMessage() {} + +func (x *CheckRequest) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_check_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CheckRequest.ProtoReflect.Descriptor instead. +func (*CheckRequest) Descriptor() ([]byte, []int) { + return file_relations_v0_check_proto_rawDescGZIP(), []int{0} +} + +func (x *CheckRequest) GetResource() *ObjectReference { + if x != nil { + return x.Resource + } + return nil +} + +func (x *CheckRequest) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *CheckRequest) GetSubject() *SubjectReference { + if x != nil { + return x.Subject + } + return nil +} + +type CheckResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Allowed CheckResponse_Allowed `protobuf:"varint,1,opt,name=allowed,proto3,enum=kessel.relations.v0.CheckResponse_Allowed" json:"allowed,omitempty"` +} + +func (x *CheckResponse) Reset() { + *x = CheckResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_check_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CheckResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CheckResponse) ProtoMessage() {} + +func (x *CheckResponse) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_check_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CheckResponse.ProtoReflect.Descriptor instead. +func (*CheckResponse) Descriptor() ([]byte, []int) { + return file_relations_v0_check_proto_rawDescGZIP(), []int{1} +} + +func (x *CheckResponse) GetAllowed() CheckResponse_Allowed { + if x != nil { + return x.Allowed + } + return CheckResponse_ALLOWED_UNSPECIFIED +} + +var File_relations_v0_check_proto protoreflect.FileDescriptor + +var file_relations_v0_check_proto_rawDesc = []byte{ + 0x0a, 0x18, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x2f, 0x63, + 0x68, 0x65, 0x63, 0x6b, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x13, 0x6b, 0x65, 0x73, 0x73, + 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x1a, + 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, + 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, + 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xad, 0x01, 0x0a, 0x0c, 0x43, 0x68, 0x65, + 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a, 0x08, 0x72, 0x65, 0x73, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x6b, 0x65, + 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, + 0x30, 0x2e, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, + 0x65, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x3f, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, + 0x63, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, + 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x53, + 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x52, + 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x22, 0x9e, 0x01, 0x0a, 0x0d, 0x43, 0x68, 0x65, + 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x44, 0x0a, 0x07, 0x61, 0x6c, + 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2a, 0x2e, 0x6b, 0x65, + 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, + 0x30, 0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, + 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x52, 0x07, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, + 0x22, 0x47, 0x0a, 0x07, 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x12, 0x17, 0x0a, 0x13, 0x41, + 0x4c, 0x4c, 0x4f, 0x57, 0x45, 0x44, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, + 0x45, 0x44, 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x41, 0x4c, 0x4c, 0x4f, 0x57, 0x45, 0x44, 0x5f, + 0x54, 0x52, 0x55, 0x45, 0x10, 0x01, 0x12, 0x11, 0x0a, 0x0d, 0x41, 0x4c, 0x4c, 0x4f, 0x57, 0x45, + 0x44, 0x5f, 0x46, 0x41, 0x4c, 0x53, 0x45, 0x10, 0x02, 0x32, 0x7a, 0x0a, 0x12, 0x4b, 0x65, 0x73, + 0x73, 0x65, 0x6c, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, + 0x64, 0x0a, 0x05, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x21, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, + 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x43, + 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x6b, 0x65, + 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, + 0x30, 0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x14, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0e, 0x3a, 0x01, 0x2a, 0x22, 0x09, 0x2f, 0x76, 0x30, 0x2f, + 0x63, 0x68, 0x65, 0x63, 0x6b, 0x42, 0x47, 0x0a, 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x70, 0x72, 0x6f, + 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x61, 0x70, 0x69, 0x2e, + 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x50, 0x01, 0x5a, 0x1e, + 0x63, 0x69, 0x61, 0x6d, 0x2d, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x3b, 0x76, 0x30, 0x62, 0x06, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_relations_v0_check_proto_rawDescOnce sync.Once + file_relations_v0_check_proto_rawDescData = file_relations_v0_check_proto_rawDesc +) + +func file_relations_v0_check_proto_rawDescGZIP() []byte { + file_relations_v0_check_proto_rawDescOnce.Do(func() { + file_relations_v0_check_proto_rawDescData = protoimpl.X.CompressGZIP(file_relations_v0_check_proto_rawDescData) + }) + return file_relations_v0_check_proto_rawDescData +} + +var file_relations_v0_check_proto_enumTypes = make([]protoimpl.EnumInfo, 1) +var file_relations_v0_check_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_relations_v0_check_proto_goTypes = []interface{}{ + (CheckResponse_Allowed)(0), // 0: kessel.relations.v0.CheckResponse.Allowed + (*CheckRequest)(nil), // 1: kessel.relations.v0.CheckRequest + (*CheckResponse)(nil), // 2: kessel.relations.v0.CheckResponse + (*ObjectReference)(nil), // 3: kessel.relations.v0.ObjectReference + (*SubjectReference)(nil), // 4: kessel.relations.v0.SubjectReference +} +var file_relations_v0_check_proto_depIdxs = []int32{ + 3, // 0: kessel.relations.v0.CheckRequest.resource:type_name -> kessel.relations.v0.ObjectReference + 4, // 1: kessel.relations.v0.CheckRequest.subject:type_name -> kessel.relations.v0.SubjectReference + 0, // 2: kessel.relations.v0.CheckResponse.allowed:type_name -> kessel.relations.v0.CheckResponse.Allowed + 1, // 3: kessel.relations.v0.KesselCheckService.Check:input_type -> kessel.relations.v0.CheckRequest + 2, // 4: kessel.relations.v0.KesselCheckService.Check:output_type -> kessel.relations.v0.CheckResponse + 4, // [4:5] is the sub-list for method output_type + 3, // [3:4] is the sub-list for method input_type + 3, // [3:3] is the sub-list for extension type_name + 3, // [3:3] is the sub-list for extension extendee + 0, // [0:3] is the sub-list for field type_name +} + +func init() { file_relations_v0_check_proto_init() } +func file_relations_v0_check_proto_init() { + if File_relations_v0_check_proto != nil { + return + } + file_relations_v0_common_proto_init() + if !protoimpl.UnsafeEnabled { + file_relations_v0_check_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CheckRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_check_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CheckResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_relations_v0_check_proto_rawDesc, + NumEnums: 1, + NumMessages: 2, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_relations_v0_check_proto_goTypes, + DependencyIndexes: file_relations_v0_check_proto_depIdxs, + EnumInfos: file_relations_v0_check_proto_enumTypes, + MessageInfos: file_relations_v0_check_proto_msgTypes, + }.Build() + File_relations_v0_check_proto = out.File + file_relations_v0_check_proto_rawDesc = nil + file_relations_v0_check_proto_goTypes = nil + file_relations_v0_check_proto_depIdxs = nil +} diff --git a/api/rebac/v1/check.proto b/api/relations/v0/check.proto similarity index 54% rename from api/rebac/v1/check.proto rename to api/relations/v0/check.proto index 6cc8f45..d7ce52a 100644 --- a/api/rebac/v1/check.proto +++ b/api/relations/v0/check.proto @@ -1,23 +1,27 @@ syntax = "proto3"; -package api.rebac.v1; +package kessel.relations.v0; + import "google/api/annotations.proto"; -import "rebac/v1/relationships.proto"; -option go_package = "ciam-rebac/api/rebac/v1;v1"; +import "relations/v0/common.proto"; + +option go_package = "ciam-rebac/api/relations/v0;v0"; option java_multiple_files = true; -option java_package = "api.rebac.v1"; +option java_package = "org.project_kessel.api.relations.v0"; -service Check { +service KesselCheckService { + // Checks for the existence of a single Relationship + // (a Relation between a Resource and a Subject or Subject Set). rpc Check (CheckRequest) returns (CheckResponse) { option (google.api.http) = { - post: "/v1/check" + post: "/v0/check" body: "*" }; }; } message CheckRequest { - ObjectReference object = 1; + ObjectReference resource = 1; string relation = 2; SubjectReference subject = 3; } diff --git a/api/relations/v0/check_grpc.pb.go b/api/relations/v0/check_grpc.pb.go new file mode 100644 index 0000000..35b7f39 --- /dev/null +++ b/api/relations/v0/check_grpc.pb.go @@ -0,0 +1,113 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.3.0 +// - protoc v4.25.1 +// source: relations/v0/check.proto + +package v0 + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +const ( + KesselCheckService_Check_FullMethodName = "/kessel.relations.v0.KesselCheckService/Check" +) + +// KesselCheckServiceClient is the client API for KesselCheckService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type KesselCheckServiceClient interface { + // Checks for the existence of a single Relationship + // (a Relation between a Resource and a Subject or Subject Set). + Check(ctx context.Context, in *CheckRequest, opts ...grpc.CallOption) (*CheckResponse, error) +} + +type kesselCheckServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewKesselCheckServiceClient(cc grpc.ClientConnInterface) KesselCheckServiceClient { + return &kesselCheckServiceClient{cc} +} + +func (c *kesselCheckServiceClient) Check(ctx context.Context, in *CheckRequest, opts ...grpc.CallOption) (*CheckResponse, error) { + out := new(CheckResponse) + err := c.cc.Invoke(ctx, KesselCheckService_Check_FullMethodName, in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// KesselCheckServiceServer is the server API for KesselCheckService service. +// All implementations must embed UnimplementedKesselCheckServiceServer +// for forward compatibility +type KesselCheckServiceServer interface { + // Checks for the existence of a single Relationship + // (a Relation between a Resource and a Subject or Subject Set). + Check(context.Context, *CheckRequest) (*CheckResponse, error) + mustEmbedUnimplementedKesselCheckServiceServer() +} + +// UnimplementedKesselCheckServiceServer must be embedded to have forward compatible implementations. +type UnimplementedKesselCheckServiceServer struct { +} + +func (UnimplementedKesselCheckServiceServer) Check(context.Context, *CheckRequest) (*CheckResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Check not implemented") +} +func (UnimplementedKesselCheckServiceServer) mustEmbedUnimplementedKesselCheckServiceServer() {} + +// UnsafeKesselCheckServiceServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to KesselCheckServiceServer will +// result in compilation errors. +type UnsafeKesselCheckServiceServer interface { + mustEmbedUnimplementedKesselCheckServiceServer() +} + +func RegisterKesselCheckServiceServer(s grpc.ServiceRegistrar, srv KesselCheckServiceServer) { + s.RegisterService(&KesselCheckService_ServiceDesc, srv) +} + +func _KesselCheckService_Check_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CheckRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(KesselCheckServiceServer).Check(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: KesselCheckService_Check_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(KesselCheckServiceServer).Check(ctx, req.(*CheckRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// KesselCheckService_ServiceDesc is the grpc.ServiceDesc for KesselCheckService service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var KesselCheckService_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "kessel.relations.v0.KesselCheckService", + HandlerType: (*KesselCheckServiceServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "Check", + Handler: _KesselCheckService_Check_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "relations/v0/check.proto", +} diff --git a/api/rebac/v1/check_http.pb.go b/api/relations/v0/check_http.pb.go similarity index 55% rename from api/rebac/v1/check_http.pb.go rename to api/relations/v0/check_http.pb.go index 54b2b76..2b9b0e5 100644 --- a/api/rebac/v1/check_http.pb.go +++ b/api/relations/v0/check_http.pb.go @@ -1,10 +1,10 @@ // Code generated by protoc-gen-go-http. DO NOT EDIT. // versions: // - protoc-gen-go-http v2.7.3 -// - protoc v3.19.4 -// source: rebac/v1/check.proto +// - protoc v4.25.1 +// source: relations/v0/check.proto -package v1 +package v0 import ( context "context" @@ -19,18 +19,20 @@ var _ = binding.EncodeURL const _ = http.SupportPackageIsVersion1 -const OperationCheckCheck = "/api.rebac.v1.Check/Check" +const OperationKesselCheckServiceCheck = "/kessel.relations.v0.KesselCheckService/Check" -type CheckHTTPServer interface { +type KesselCheckServiceHTTPServer interface { + // Check Checks for the existence of a single Relationship + // (a Relation between a Resource and a Subject or Subject Set). Check(context.Context, *CheckRequest) (*CheckResponse, error) } -func RegisterCheckHTTPServer(s *http.Server, srv CheckHTTPServer) { +func RegisterKesselCheckServiceHTTPServer(s *http.Server, srv KesselCheckServiceHTTPServer) { r := s.Route("/") - r.POST("/v1/check", _Check_Check0_HTTP_Handler(srv)) + r.POST("/v0/check", _KesselCheckService_Check0_HTTP_Handler(srv)) } -func _Check_Check0_HTTP_Handler(srv CheckHTTPServer) func(ctx http.Context) error { +func _KesselCheckService_Check0_HTTP_Handler(srv KesselCheckServiceHTTPServer) func(ctx http.Context) error { return func(ctx http.Context) error { var in CheckRequest if err := ctx.Bind(&in); err != nil { @@ -39,7 +41,7 @@ func _Check_Check0_HTTP_Handler(srv CheckHTTPServer) func(ctx http.Context) erro if err := ctx.BindQuery(&in); err != nil { return err } - http.SetOperation(ctx, OperationCheckCheck) + http.SetOperation(ctx, OperationKesselCheckServiceCheck) h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) { return srv.Check(ctx, req.(*CheckRequest)) }) @@ -52,23 +54,23 @@ func _Check_Check0_HTTP_Handler(srv CheckHTTPServer) func(ctx http.Context) erro } } -type CheckHTTPClient interface { +type KesselCheckServiceHTTPClient interface { Check(ctx context.Context, req *CheckRequest, opts ...http.CallOption) (rsp *CheckResponse, err error) } -type CheckHTTPClientImpl struct { +type KesselCheckServiceHTTPClientImpl struct { cc *http.Client } -func NewCheckHTTPClient(client *http.Client) CheckHTTPClient { - return &CheckHTTPClientImpl{client} +func NewKesselCheckServiceHTTPClient(client *http.Client) KesselCheckServiceHTTPClient { + return &KesselCheckServiceHTTPClientImpl{client} } -func (c *CheckHTTPClientImpl) Check(ctx context.Context, in *CheckRequest, opts ...http.CallOption) (*CheckResponse, error) { +func (c *KesselCheckServiceHTTPClientImpl) Check(ctx context.Context, in *CheckRequest, opts ...http.CallOption) (*CheckResponse, error) { var out CheckResponse - pattern := "/v1/check" + pattern := "/v0/check" path := binding.EncodeURL(pattern, in, false) - opts = append(opts, http.Operation(OperationCheckCheck)) + opts = append(opts, http.Operation(OperationKesselCheckServiceCheck)) opts = append(opts, http.PathTemplate(pattern)) err := c.cc.Invoke(ctx, "POST", path, in, &out, opts...) if err != nil { diff --git a/api/relations/v0/common.pb.go b/api/relations/v0/common.pb.go new file mode 100644 index 0000000..54806b5 --- /dev/null +++ b/api/relations/v0/common.pb.go @@ -0,0 +1,551 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.34.1 +// protoc v4.25.1 +// source: relations/v0/common.proto + +package v0 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// A _Relationship_ is the realization of a _Relation_ (a string) +// between a _Resource_ and a _Subject_ or a _Subject Set_ (known as a Userset in Zanzibar). +// +// All Relationships are object-object relations. +// "Resource" and "Subject" are relative terms which define the direction of a Relation. +// That is, Relations are unidirectional. +// If you reverse the Subject and Resource, it is a different Relation and a different Relationship. +// Conventionally, we generally refer to the Resource first, then Subject, +// following the direction of typical graph traversal (Resource to Subject). +type Relationship struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Resource *ObjectReference `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"` + Relation string `protobuf:"bytes,2,opt,name=relation,proto3" json:"relation,omitempty"` + Subject *SubjectReference `protobuf:"bytes,3,opt,name=subject,proto3" json:"subject,omitempty"` +} + +func (x *Relationship) Reset() { + *x = Relationship{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_common_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Relationship) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Relationship) ProtoMessage() {} + +func (x *Relationship) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_common_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Relationship.ProtoReflect.Descriptor instead. +func (*Relationship) Descriptor() ([]byte, []int) { + return file_relations_v0_common_proto_rawDescGZIP(), []int{0} +} + +func (x *Relationship) GetResource() *ObjectReference { + if x != nil { + return x.Resource + } + return nil +} + +func (x *Relationship) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *Relationship) GetSubject() *SubjectReference { + if x != nil { + return x.Subject + } + return nil +} + +// A reference to a Subject or, if a `relation` is provided, a Subject Set. +type SubjectReference struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // An optional relation which points to a set of Subjects instead of the single Subject. + // e.g. "members" or "owners" of a group identified in `subject`. + Relation *string `protobuf:"bytes,1,opt,name=relation,proto3,oneof" json:"relation,omitempty"` + Subject *ObjectReference `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"` +} + +func (x *SubjectReference) Reset() { + *x = SubjectReference{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_common_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SubjectReference) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SubjectReference) ProtoMessage() {} + +func (x *SubjectReference) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_common_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SubjectReference.ProtoReflect.Descriptor instead. +func (*SubjectReference) Descriptor() ([]byte, []int) { + return file_relations_v0_common_proto_rawDescGZIP(), []int{1} +} + +func (x *SubjectReference) GetRelation() string { + if x != nil && x.Relation != nil { + return *x.Relation + } + return "" +} + +func (x *SubjectReference) GetSubject() *ObjectReference { + if x != nil { + return x.Subject + } + return nil +} + +type RequestPagination struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Limit uint32 `protobuf:"varint,1,opt,name=limit,proto3" json:"limit,omitempty"` + ContinuationToken *string `protobuf:"bytes,2,opt,name=continuation_token,json=continuationToken,proto3,oneof" json:"continuation_token,omitempty"` +} + +func (x *RequestPagination) Reset() { + *x = RequestPagination{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_common_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RequestPagination) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RequestPagination) ProtoMessage() {} + +func (x *RequestPagination) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_common_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RequestPagination.ProtoReflect.Descriptor instead. +func (*RequestPagination) Descriptor() ([]byte, []int) { + return file_relations_v0_common_proto_rawDescGZIP(), []int{2} +} + +func (x *RequestPagination) GetLimit() uint32 { + if x != nil { + return x.Limit + } + return 0 +} + +func (x *RequestPagination) GetContinuationToken() string { + if x != nil && x.ContinuationToken != nil { + return *x.ContinuationToken + } + return "" +} + +type ResponsePagination struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ContinuationToken string `protobuf:"bytes,1,opt,name=continuation_token,json=continuationToken,proto3" json:"continuation_token,omitempty"` +} + +func (x *ResponsePagination) Reset() { + *x = ResponsePagination{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_common_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ResponsePagination) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ResponsePagination) ProtoMessage() {} + +func (x *ResponsePagination) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_common_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ResponsePagination.ProtoReflect.Descriptor instead. +func (*ResponsePagination) Descriptor() ([]byte, []int) { + return file_relations_v0_common_proto_rawDescGZIP(), []int{3} +} + +func (x *ResponsePagination) GetContinuationToken() string { + if x != nil { + return x.ContinuationToken + } + return "" +} + +type ObjectReference struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Type *ObjectType `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"` + Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` +} + +func (x *ObjectReference) Reset() { + *x = ObjectReference{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_common_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ObjectReference) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ObjectReference) ProtoMessage() {} + +func (x *ObjectReference) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_common_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ObjectReference.ProtoReflect.Descriptor instead. +func (*ObjectReference) Descriptor() ([]byte, []int) { + return file_relations_v0_common_proto_rawDescGZIP(), []int{4} +} + +func (x *ObjectReference) GetType() *ObjectType { + if x != nil { + return x.Type + } + return nil +} + +func (x *ObjectReference) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +type ObjectType struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Namespace string `protobuf:"bytes,1,opt,name=namespace,proto3" json:"namespace,omitempty"` + Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"` +} + +func (x *ObjectType) Reset() { + *x = ObjectType{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_common_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ObjectType) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ObjectType) ProtoMessage() {} + +func (x *ObjectType) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_common_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ObjectType.ProtoReflect.Descriptor instead. +func (*ObjectType) Descriptor() ([]byte, []int) { + return file_relations_v0_common_proto_rawDescGZIP(), []int{5} +} + +func (x *ObjectType) GetNamespace() string { + if x != nil { + return x.Namespace + } + return "" +} + +func (x *ObjectType) GetType() string { + if x != nil { + return x.Type + } + return "" +} + +var File_relations_v0_common_proto protoreflect.FileDescriptor + +var file_relations_v0_common_proto_rawDesc = []byte{ + 0x0a, 0x19, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x2f, 0x63, + 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x13, 0x6b, 0x65, 0x73, + 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, + 0x22, 0xad, 0x01, 0x0a, 0x0c, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, + 0x70, 0x12, 0x40, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, + 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, + 0x72, 0x63, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, + 0x3f, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x25, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, + 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, + 0x22, 0x80, 0x01, 0x0a, 0x10, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, + 0x72, 0x65, 0x6e, 0x63, 0x65, 0x12, 0x1f, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x88, 0x01, 0x01, 0x12, 0x3e, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, + 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, + 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x4f, 0x62, + 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x52, 0x07, 0x73, + 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x42, 0x0b, 0x0a, 0x09, 0x5f, 0x72, 0x65, 0x6c, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x22, 0x74, 0x0a, 0x11, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x50, 0x61, + 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x6c, 0x69, 0x6d, 0x69, + 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x12, 0x32, + 0x0a, 0x12, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, + 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x11, 0x63, 0x6f, + 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x88, + 0x01, 0x01, 0x42, 0x15, 0x0a, 0x13, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x43, 0x0a, 0x12, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, + 0x2d, 0x0a, 0x12, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, + 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x63, 0x6f, 0x6e, + 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x56, + 0x0a, 0x0f, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, + 0x65, 0x12, 0x33, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x1f, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x54, 0x79, 0x70, 0x65, + 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0x3e, 0x0a, 0x0a, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, + 0x54, 0x79, 0x70, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, + 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x42, 0x47, 0x0a, 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x70, 0x72, + 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x50, 0x01, 0x5a, + 0x1e, 0x63, 0x69, 0x61, 0x6d, 0x2d, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, 0x61, 0x70, 0x69, 0x2f, + 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x3b, 0x76, 0x30, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_relations_v0_common_proto_rawDescOnce sync.Once + file_relations_v0_common_proto_rawDescData = file_relations_v0_common_proto_rawDesc +) + +func file_relations_v0_common_proto_rawDescGZIP() []byte { + file_relations_v0_common_proto_rawDescOnce.Do(func() { + file_relations_v0_common_proto_rawDescData = protoimpl.X.CompressGZIP(file_relations_v0_common_proto_rawDescData) + }) + return file_relations_v0_common_proto_rawDescData +} + +var file_relations_v0_common_proto_msgTypes = make([]protoimpl.MessageInfo, 6) +var file_relations_v0_common_proto_goTypes = []interface{}{ + (*Relationship)(nil), // 0: kessel.relations.v0.Relationship + (*SubjectReference)(nil), // 1: kessel.relations.v0.SubjectReference + (*RequestPagination)(nil), // 2: kessel.relations.v0.RequestPagination + (*ResponsePagination)(nil), // 3: kessel.relations.v0.ResponsePagination + (*ObjectReference)(nil), // 4: kessel.relations.v0.ObjectReference + (*ObjectType)(nil), // 5: kessel.relations.v0.ObjectType +} +var file_relations_v0_common_proto_depIdxs = []int32{ + 4, // 0: kessel.relations.v0.Relationship.resource:type_name -> kessel.relations.v0.ObjectReference + 1, // 1: kessel.relations.v0.Relationship.subject:type_name -> kessel.relations.v0.SubjectReference + 4, // 2: kessel.relations.v0.SubjectReference.subject:type_name -> kessel.relations.v0.ObjectReference + 5, // 3: kessel.relations.v0.ObjectReference.type:type_name -> kessel.relations.v0.ObjectType + 4, // [4:4] is the sub-list for method output_type + 4, // [4:4] is the sub-list for method input_type + 4, // [4:4] is the sub-list for extension type_name + 4, // [4:4] is the sub-list for extension extendee + 0, // [0:4] is the sub-list for field type_name +} + +func init() { file_relations_v0_common_proto_init() } +func file_relations_v0_common_proto_init() { + if File_relations_v0_common_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_relations_v0_common_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Relationship); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_common_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SubjectReference); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_common_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RequestPagination); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_common_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ResponsePagination); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_common_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ObjectReference); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_common_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ObjectType); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + file_relations_v0_common_proto_msgTypes[1].OneofWrappers = []interface{}{} + file_relations_v0_common_proto_msgTypes[2].OneofWrappers = []interface{}{} + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_relations_v0_common_proto_rawDesc, + NumEnums: 0, + NumMessages: 6, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_relations_v0_common_proto_goTypes, + DependencyIndexes: file_relations_v0_common_proto_depIdxs, + MessageInfos: file_relations_v0_common_proto_msgTypes, + }.Build() + File_relations_v0_common_proto = out.File + file_relations_v0_common_proto_rawDesc = nil + file_relations_v0_common_proto_goTypes = nil + file_relations_v0_common_proto_depIdxs = nil +} diff --git a/api/relations/v0/common.proto b/api/relations/v0/common.proto new file mode 100644 index 0000000..7590fdb --- /dev/null +++ b/api/relations/v0/common.proto @@ -0,0 +1,49 @@ +syntax = "proto3"; + +package kessel.relations.v0; + +option go_package = "ciam-rebac/api/relations/v0;v0"; +option java_multiple_files = true; +option java_package = "org.project_kessel.api.relations.v0"; + +// A _Relationship_ is the realization of a _Relation_ (a string) +// between a _Resource_ and a _Subject_ or a _Subject Set_ (known as a Userset in Zanzibar). +// +// All Relationships are object-object relations. +// "Resource" and "Subject" are relative terms which define the direction of a Relation. +// That is, Relations are unidirectional. +// If you reverse the Subject and Resource, it is a different Relation and a different Relationship. +// Conventionally, we generally refer to the Resource first, then Subject, +// following the direction of typical graph traversal (Resource to Subject). +message Relationship { + ObjectReference resource = 1; + string relation = 2; + SubjectReference subject = 3; +} + +// A reference to a Subject or, if a `relation` is provided, a Subject Set. +message SubjectReference { + // An optional relation which points to a set of Subjects instead of the single Subject. + // e.g. "members" or "owners" of a group identified in `subject`. + optional string relation = 1; + ObjectReference subject = 2; +} + +message RequestPagination { + uint32 limit = 1; + optional string continuation_token = 2; +} + +message ResponsePagination { + string continuation_token = 1; +} + +message ObjectReference { + ObjectType type = 1; + string id = 2; +} + +message ObjectType { + string namespace = 1; + string type = 2; +} diff --git a/api/relations/v0/lookup.pb.go b/api/relations/v0/lookup.pb.go new file mode 100644 index 0000000..44e4ff0 --- /dev/null +++ b/api/relations/v0/lookup.pb.go @@ -0,0 +1,305 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.34.1 +// protoc v4.25.1 +// source: relations/v0/lookup.proto + +package v0 + +import ( + _ "google.golang.org/genproto/googleapis/api/annotations" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type LookupSubjectsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Resource *ObjectReference `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"` + Relation string `protobuf:"bytes,2,opt,name=relation,proto3" json:"relation,omitempty"` + SubjectType *ObjectType `protobuf:"bytes,3,opt,name=subject_type,json=subjectType,proto3" json:"subject_type,omitempty"` + SubjectRelation *string `protobuf:"bytes,4,opt,name=subject_relation,json=subjectRelation,proto3,oneof" json:"subject_relation,omitempty"` + Pagination *RequestPagination `protobuf:"bytes,5,opt,name=pagination,proto3,oneof" json:"pagination,omitempty"` +} + +func (x *LookupSubjectsRequest) Reset() { + *x = LookupSubjectsRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_lookup_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *LookupSubjectsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*LookupSubjectsRequest) ProtoMessage() {} + +func (x *LookupSubjectsRequest) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_lookup_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use LookupSubjectsRequest.ProtoReflect.Descriptor instead. +func (*LookupSubjectsRequest) Descriptor() ([]byte, []int) { + return file_relations_v0_lookup_proto_rawDescGZIP(), []int{0} +} + +func (x *LookupSubjectsRequest) GetResource() *ObjectReference { + if x != nil { + return x.Resource + } + return nil +} + +func (x *LookupSubjectsRequest) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *LookupSubjectsRequest) GetSubjectType() *ObjectType { + if x != nil { + return x.SubjectType + } + return nil +} + +func (x *LookupSubjectsRequest) GetSubjectRelation() string { + if x != nil && x.SubjectRelation != nil { + return *x.SubjectRelation + } + return "" +} + +func (x *LookupSubjectsRequest) GetPagination() *RequestPagination { + if x != nil { + return x.Pagination + } + return nil +} + +type LookupSubjectsResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Subject *SubjectReference `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"` + Pagination *ResponsePagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *LookupSubjectsResponse) Reset() { + *x = LookupSubjectsResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_lookup_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *LookupSubjectsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*LookupSubjectsResponse) ProtoMessage() {} + +func (x *LookupSubjectsResponse) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_lookup_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use LookupSubjectsResponse.ProtoReflect.Descriptor instead. +func (*LookupSubjectsResponse) Descriptor() ([]byte, []int) { + return file_relations_v0_lookup_proto_rawDescGZIP(), []int{1} +} + +func (x *LookupSubjectsResponse) GetSubject() *SubjectReference { + if x != nil { + return x.Subject + } + return nil +} + +func (x *LookupSubjectsResponse) GetPagination() *ResponsePagination { + if x != nil { + return x.Pagination + } + return nil +} + +var File_relations_v0_lookup_proto protoreflect.FileDescriptor + +var file_relations_v0_lookup_proto_rawDesc = []byte{ + 0x0a, 0x19, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x2f, 0x6c, + 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x13, 0x6b, 0x65, 0x73, + 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, + 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, + 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, + 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x2f, 0x63, 0x6f, 0x6d, + 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xda, 0x02, 0x0a, 0x15, 0x4c, 0x6f, + 0x6f, 0x6b, 0x75, 0x70, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x4f, 0x62, 0x6a, 0x65, + 0x63, 0x74, 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x52, 0x08, 0x72, 0x65, 0x73, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x12, 0x42, 0x0a, 0x0c, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x79, 0x70, + 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, + 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x4f, 0x62, + 0x6a, 0x65, 0x63, 0x74, 0x54, 0x79, 0x70, 0x65, 0x52, 0x0b, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, + 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2e, 0x0a, 0x10, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, + 0x5f, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, + 0x00, 0x52, 0x0f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x88, 0x01, 0x01, 0x12, 0x4b, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x6b, 0x65, 0x73, 0x73, + 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x48, 0x01, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x88, + 0x01, 0x01, 0x42, 0x13, 0x0a, 0x11, 0x5f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x70, 0x61, 0x67, 0x69, + 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xa2, 0x01, 0x0a, 0x16, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, + 0x70, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x12, 0x3f, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, + 0x52, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, + 0x63, 0x74, 0x12, 0x47, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, + 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, + 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x32, 0x99, 0x01, 0x0a, 0x13, + 0x4b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x53, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x12, 0x81, 0x01, 0x0a, 0x0e, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x53, 0x75, + 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x12, 0x2a, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, + 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x4c, 0x6f, 0x6f, + 0x6b, 0x75, 0x70, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x1a, 0x2b, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x53, + 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x14, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0e, 0x12, 0x0c, 0x2f, 0x76, 0x30, 0x2f, 0x73, 0x75, 0x62, + 0x6a, 0x65, 0x63, 0x74, 0x73, 0x30, 0x01, 0x42, 0x47, 0x0a, 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x70, + 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x61, 0x70, + 0x69, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x50, 0x01, + 0x5a, 0x1e, 0x63, 0x69, 0x61, 0x6d, 0x2d, 0x72, 0x65, 0x62, 0x61, 0x63, 0x2f, 0x61, 0x70, 0x69, + 0x2f, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x3b, 0x76, 0x30, + 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_relations_v0_lookup_proto_rawDescOnce sync.Once + file_relations_v0_lookup_proto_rawDescData = file_relations_v0_lookup_proto_rawDesc +) + +func file_relations_v0_lookup_proto_rawDescGZIP() []byte { + file_relations_v0_lookup_proto_rawDescOnce.Do(func() { + file_relations_v0_lookup_proto_rawDescData = protoimpl.X.CompressGZIP(file_relations_v0_lookup_proto_rawDescData) + }) + return file_relations_v0_lookup_proto_rawDescData +} + +var file_relations_v0_lookup_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_relations_v0_lookup_proto_goTypes = []interface{}{ + (*LookupSubjectsRequest)(nil), // 0: kessel.relations.v0.LookupSubjectsRequest + (*LookupSubjectsResponse)(nil), // 1: kessel.relations.v0.LookupSubjectsResponse + (*ObjectReference)(nil), // 2: kessel.relations.v0.ObjectReference + (*ObjectType)(nil), // 3: kessel.relations.v0.ObjectType + (*RequestPagination)(nil), // 4: kessel.relations.v0.RequestPagination + (*SubjectReference)(nil), // 5: kessel.relations.v0.SubjectReference + (*ResponsePagination)(nil), // 6: kessel.relations.v0.ResponsePagination +} +var file_relations_v0_lookup_proto_depIdxs = []int32{ + 2, // 0: kessel.relations.v0.LookupSubjectsRequest.resource:type_name -> kessel.relations.v0.ObjectReference + 3, // 1: kessel.relations.v0.LookupSubjectsRequest.subject_type:type_name -> kessel.relations.v0.ObjectType + 4, // 2: kessel.relations.v0.LookupSubjectsRequest.pagination:type_name -> kessel.relations.v0.RequestPagination + 5, // 3: kessel.relations.v0.LookupSubjectsResponse.subject:type_name -> kessel.relations.v0.SubjectReference + 6, // 4: kessel.relations.v0.LookupSubjectsResponse.pagination:type_name -> kessel.relations.v0.ResponsePagination + 0, // 5: kessel.relations.v0.KesselLookupService.LookupSubjects:input_type -> kessel.relations.v0.LookupSubjectsRequest + 1, // 6: kessel.relations.v0.KesselLookupService.LookupSubjects:output_type -> kessel.relations.v0.LookupSubjectsResponse + 6, // [6:7] is the sub-list for method output_type + 5, // [5:6] is the sub-list for method input_type + 5, // [5:5] is the sub-list for extension type_name + 5, // [5:5] is the sub-list for extension extendee + 0, // [0:5] is the sub-list for field type_name +} + +func init() { file_relations_v0_lookup_proto_init() } +func file_relations_v0_lookup_proto_init() { + if File_relations_v0_lookup_proto != nil { + return + } + file_relations_v0_common_proto_init() + if !protoimpl.UnsafeEnabled { + file_relations_v0_lookup_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*LookupSubjectsRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_lookup_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*LookupSubjectsResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + file_relations_v0_lookup_proto_msgTypes[0].OneofWrappers = []interface{}{} + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_relations_v0_lookup_proto_rawDesc, + NumEnums: 0, + NumMessages: 2, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_relations_v0_lookup_proto_goTypes, + DependencyIndexes: file_relations_v0_lookup_proto_depIdxs, + MessageInfos: file_relations_v0_lookup_proto_msgTypes, + }.Build() + File_relations_v0_lookup_proto = out.File + file_relations_v0_lookup_proto_rawDesc = nil + file_relations_v0_lookup_proto_goTypes = nil + file_relations_v0_lookup_proto_depIdxs = nil +} diff --git a/api/relations/v0/lookup.proto b/api/relations/v0/lookup.proto new file mode 100644 index 0000000..de97bab --- /dev/null +++ b/api/relations/v0/lookup.proto @@ -0,0 +1,31 @@ +syntax = "proto3"; + +package kessel.relations.v0; + +import "google/api/annotations.proto"; +import "relations/v0/common.proto"; + +option go_package = "ciam-rebac/api/relations/v0;v0"; +option java_multiple_files = true; +option java_package = "org.project_kessel.api.relations.v0"; + +service KesselLookupService { + rpc LookupSubjects(LookupSubjectsRequest) returns (stream LookupSubjectsResponse) { + option (google.api.http) = { + get: "/v0/subjects" + }; + }; +} + +message LookupSubjectsRequest { + ObjectReference resource = 1; + string relation = 2; + ObjectType subject_type = 3; + optional string subject_relation = 4; + optional RequestPagination pagination = 5; +} + +message LookupSubjectsResponse { + SubjectReference subject = 1; + ResponsePagination pagination = 2; +} \ No newline at end of file diff --git a/api/relations/v0/lookup_grpc.pb.go b/api/relations/v0/lookup_grpc.pb.go new file mode 100644 index 0000000..acb97ff --- /dev/null +++ b/api/relations/v0/lookup_grpc.pb.go @@ -0,0 +1,136 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.3.0 +// - protoc v4.25.1 +// source: relations/v0/lookup.proto + +package v0 + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +const ( + KesselLookupService_LookupSubjects_FullMethodName = "/kessel.relations.v0.KesselLookupService/LookupSubjects" +) + +// KesselLookupServiceClient is the client API for KesselLookupService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type KesselLookupServiceClient interface { + LookupSubjects(ctx context.Context, in *LookupSubjectsRequest, opts ...grpc.CallOption) (KesselLookupService_LookupSubjectsClient, error) +} + +type kesselLookupServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewKesselLookupServiceClient(cc grpc.ClientConnInterface) KesselLookupServiceClient { + return &kesselLookupServiceClient{cc} +} + +func (c *kesselLookupServiceClient) LookupSubjects(ctx context.Context, in *LookupSubjectsRequest, opts ...grpc.CallOption) (KesselLookupService_LookupSubjectsClient, error) { + stream, err := c.cc.NewStream(ctx, &KesselLookupService_ServiceDesc.Streams[0], KesselLookupService_LookupSubjects_FullMethodName, opts...) + if err != nil { + return nil, err + } + x := &kesselLookupServiceLookupSubjectsClient{stream} + if err := x.ClientStream.SendMsg(in); err != nil { + return nil, err + } + if err := x.ClientStream.CloseSend(); err != nil { + return nil, err + } + return x, nil +} + +type KesselLookupService_LookupSubjectsClient interface { + Recv() (*LookupSubjectsResponse, error) + grpc.ClientStream +} + +type kesselLookupServiceLookupSubjectsClient struct { + grpc.ClientStream +} + +func (x *kesselLookupServiceLookupSubjectsClient) Recv() (*LookupSubjectsResponse, error) { + m := new(LookupSubjectsResponse) + if err := x.ClientStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} + +// KesselLookupServiceServer is the server API for KesselLookupService service. +// All implementations must embed UnimplementedKesselLookupServiceServer +// for forward compatibility +type KesselLookupServiceServer interface { + LookupSubjects(*LookupSubjectsRequest, KesselLookupService_LookupSubjectsServer) error + mustEmbedUnimplementedKesselLookupServiceServer() +} + +// UnimplementedKesselLookupServiceServer must be embedded to have forward compatible implementations. +type UnimplementedKesselLookupServiceServer struct { +} + +func (UnimplementedKesselLookupServiceServer) LookupSubjects(*LookupSubjectsRequest, KesselLookupService_LookupSubjectsServer) error { + return status.Errorf(codes.Unimplemented, "method LookupSubjects not implemented") +} +func (UnimplementedKesselLookupServiceServer) mustEmbedUnimplementedKesselLookupServiceServer() {} + +// UnsafeKesselLookupServiceServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to KesselLookupServiceServer will +// result in compilation errors. +type UnsafeKesselLookupServiceServer interface { + mustEmbedUnimplementedKesselLookupServiceServer() +} + +func RegisterKesselLookupServiceServer(s grpc.ServiceRegistrar, srv KesselLookupServiceServer) { + s.RegisterService(&KesselLookupService_ServiceDesc, srv) +} + +func _KesselLookupService_LookupSubjects_Handler(srv interface{}, stream grpc.ServerStream) error { + m := new(LookupSubjectsRequest) + if err := stream.RecvMsg(m); err != nil { + return err + } + return srv.(KesselLookupServiceServer).LookupSubjects(m, &kesselLookupServiceLookupSubjectsServer{stream}) +} + +type KesselLookupService_LookupSubjectsServer interface { + Send(*LookupSubjectsResponse) error + grpc.ServerStream +} + +type kesselLookupServiceLookupSubjectsServer struct { + grpc.ServerStream +} + +func (x *kesselLookupServiceLookupSubjectsServer) Send(m *LookupSubjectsResponse) error { + return x.ServerStream.SendMsg(m) +} + +// KesselLookupService_ServiceDesc is the grpc.ServiceDesc for KesselLookupService service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var KesselLookupService_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "kessel.relations.v0.KesselLookupService", + HandlerType: (*KesselLookupServiceServer)(nil), + Methods: []grpc.MethodDesc{}, + Streams: []grpc.StreamDesc{ + { + StreamName: "LookupSubjects", + Handler: _KesselLookupService_LookupSubjects_Handler, + ServerStreams: true, + }, + }, + Metadata: "relations/v0/lookup.proto", +} diff --git a/api/relations/v0/relation_tuples.pb.go b/api/relations/v0/relation_tuples.pb.go new file mode 100644 index 0000000..64bb311 --- /dev/null +++ b/api/relations/v0/relation_tuples.pb.go @@ -0,0 +1,756 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.34.1 +// protoc v4.25.1 +// source: relations/v0/relation_tuples.proto + +package v0 + +import ( + _ "google.golang.org/genproto/googleapis/api/annotations" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type CreateTuplesRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Whether or not the request should ignore existing tuples (`true`), + // or if the request should fail if the same tuple already exists (`false`). + // + // Defaults to `false`. + Upsert bool `protobuf:"varint,1,opt,name=upsert,proto3" json:"upsert,omitempty"` + Tuples []*Relationship `protobuf:"bytes,2,rep,name=tuples,proto3" json:"tuples,omitempty"` +} + +func (x *CreateTuplesRequest) Reset() { + *x = CreateTuplesRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CreateTuplesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateTuplesRequest) ProtoMessage() {} + +func (x *CreateTuplesRequest) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateTuplesRequest.ProtoReflect.Descriptor instead. +func (*CreateTuplesRequest) Descriptor() ([]byte, []int) { + return file_relations_v0_relation_tuples_proto_rawDescGZIP(), []int{0} +} + +func (x *CreateTuplesRequest) GetUpsert() bool { + if x != nil { + return x.Upsert + } + return false +} + +func (x *CreateTuplesRequest) GetTuples() []*Relationship { + if x != nil { + return x.Tuples + } + return nil +} + +type CreateTuplesResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *CreateTuplesResponse) Reset() { + *x = CreateTuplesResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CreateTuplesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateTuplesResponse) ProtoMessage() {} + +func (x *CreateTuplesResponse) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateTuplesResponse.ProtoReflect.Descriptor instead. +func (*CreateTuplesResponse) Descriptor() ([]byte, []int) { + return file_relations_v0_relation_tuples_proto_rawDescGZIP(), []int{1} +} + +type ReadTuplesRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Filter *RelationTupleFilter `protobuf:"bytes,1,opt,name=filter,proto3" json:"filter,omitempty"` + Pagination *RequestPagination `protobuf:"bytes,2,opt,name=pagination,proto3,oneof" json:"pagination,omitempty"` +} + +func (x *ReadTuplesRequest) Reset() { + *x = ReadTuplesRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ReadTuplesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ReadTuplesRequest) ProtoMessage() {} + +func (x *ReadTuplesRequest) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ReadTuplesRequest.ProtoReflect.Descriptor instead. +func (*ReadTuplesRequest) Descriptor() ([]byte, []int) { + return file_relations_v0_relation_tuples_proto_rawDescGZIP(), []int{2} +} + +func (x *ReadTuplesRequest) GetFilter() *RelationTupleFilter { + if x != nil { + return x.Filter + } + return nil +} + +func (x *ReadTuplesRequest) GetPagination() *RequestPagination { + if x != nil { + return x.Pagination + } + return nil +} + +type ReadTuplesResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Tuple *Relationship `protobuf:"bytes,1,opt,name=tuple,proto3" json:"tuple,omitempty"` + Pagination *ResponsePagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *ReadTuplesResponse) Reset() { + *x = ReadTuplesResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ReadTuplesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ReadTuplesResponse) ProtoMessage() {} + +func (x *ReadTuplesResponse) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ReadTuplesResponse.ProtoReflect.Descriptor instead. +func (*ReadTuplesResponse) Descriptor() ([]byte, []int) { + return file_relations_v0_relation_tuples_proto_rawDescGZIP(), []int{3} +} + +func (x *ReadTuplesResponse) GetTuple() *Relationship { + if x != nil { + return x.Tuple + } + return nil +} + +func (x *ReadTuplesResponse) GetPagination() *ResponsePagination { + if x != nil { + return x.Pagination + } + return nil +} + +type DeleteTuplesRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Filter *RelationTupleFilter `protobuf:"bytes,1,opt,name=filter,proto3" json:"filter,omitempty"` +} + +func (x *DeleteTuplesRequest) Reset() { + *x = DeleteTuplesRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *DeleteTuplesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteTuplesRequest) ProtoMessage() {} + +func (x *DeleteTuplesRequest) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteTuplesRequest.ProtoReflect.Descriptor instead. +func (*DeleteTuplesRequest) Descriptor() ([]byte, []int) { + return file_relations_v0_relation_tuples_proto_rawDescGZIP(), []int{4} +} + +func (x *DeleteTuplesRequest) GetFilter() *RelationTupleFilter { + if x != nil { + return x.Filter + } + return nil +} + +type DeleteTuplesResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *DeleteTuplesResponse) Reset() { + *x = DeleteTuplesResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *DeleteTuplesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteTuplesResponse) ProtoMessage() {} + +func (x *DeleteTuplesResponse) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteTuplesResponse.ProtoReflect.Descriptor instead. +func (*DeleteTuplesResponse) Descriptor() ([]byte, []int) { + return file_relations_v0_relation_tuples_proto_rawDescGZIP(), []int{5} +} + +// RelationTupleFilter is used to filter tuples based on their resource, relation, and subject. +// All fields are optional but capabilities may vary based on the chosen store and its indexes. +// At least one field must be provided. +type RelationTupleFilter struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ResourceNamespace *string `protobuf:"bytes,1,opt,name=resource_namespace,json=resourceNamespace,proto3,oneof" json:"resource_namespace,omitempty"` + ResourceType *string `protobuf:"bytes,2,opt,name=resource_type,json=resourceType,proto3,oneof" json:"resource_type,omitempty"` + ResourceId *string `protobuf:"bytes,3,opt,name=resource_id,json=resourceId,proto3,oneof" json:"resource_id,omitempty"` + Relation *string `protobuf:"bytes,4,opt,name=relation,proto3,oneof" json:"relation,omitempty"` + SubjectFilter *SubjectFilter `protobuf:"bytes,5,opt,name=subject_filter,json=subjectFilter,proto3,oneof" json:"subject_filter,omitempty"` +} + +func (x *RelationTupleFilter) Reset() { + *x = RelationTupleFilter{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RelationTupleFilter) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RelationTupleFilter) ProtoMessage() {} + +func (x *RelationTupleFilter) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RelationTupleFilter.ProtoReflect.Descriptor instead. +func (*RelationTupleFilter) Descriptor() ([]byte, []int) { + return file_relations_v0_relation_tuples_proto_rawDescGZIP(), []int{6} +} + +func (x *RelationTupleFilter) GetResourceNamespace() string { + if x != nil && x.ResourceNamespace != nil { + return *x.ResourceNamespace + } + return "" +} + +func (x *RelationTupleFilter) GetResourceType() string { + if x != nil && x.ResourceType != nil { + return *x.ResourceType + } + return "" +} + +func (x *RelationTupleFilter) GetResourceId() string { + if x != nil && x.ResourceId != nil { + return *x.ResourceId + } + return "" +} + +func (x *RelationTupleFilter) GetRelation() string { + if x != nil && x.Relation != nil { + return *x.Relation + } + return "" +} + +func (x *RelationTupleFilter) GetSubjectFilter() *SubjectFilter { + if x != nil { + return x.SubjectFilter + } + return nil +} + +type SubjectFilter struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + SubjectNamespace *string `protobuf:"bytes,1,opt,name=subject_namespace,json=subjectNamespace,proto3,oneof" json:"subject_namespace,omitempty"` + SubjectType *string `protobuf:"bytes,2,opt,name=subject_type,json=subjectType,proto3,oneof" json:"subject_type,omitempty"` + SubjectId *string `protobuf:"bytes,3,opt,name=subject_id,json=subjectId,proto3,oneof" json:"subject_id,omitempty"` + Relation *string `protobuf:"bytes,4,opt,name=relation,proto3,oneof" json:"relation,omitempty"` +} + +func (x *SubjectFilter) Reset() { + *x = SubjectFilter{} + if protoimpl.UnsafeEnabled { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SubjectFilter) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SubjectFilter) ProtoMessage() {} + +func (x *SubjectFilter) ProtoReflect() protoreflect.Message { + mi := &file_relations_v0_relation_tuples_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SubjectFilter.ProtoReflect.Descriptor instead. +func (*SubjectFilter) Descriptor() ([]byte, []int) { + return file_relations_v0_relation_tuples_proto_rawDescGZIP(), []int{7} +} + +func (x *SubjectFilter) GetSubjectNamespace() string { + if x != nil && x.SubjectNamespace != nil { + return *x.SubjectNamespace + } + return "" +} + +func (x *SubjectFilter) GetSubjectType() string { + if x != nil && x.SubjectType != nil { + return *x.SubjectType + } + return "" +} + +func (x *SubjectFilter) GetSubjectId() string { + if x != nil && x.SubjectId != nil { + return *x.SubjectId + } + return "" +} + +func (x *SubjectFilter) GetRelation() string { + if x != nil && x.Relation != nil { + return *x.Relation + } + return "" +} + +var File_relations_v0_relation_tuples_proto protoreflect.FileDescriptor + +var file_relations_v0_relation_tuples_proto_rawDesc = []byte{ + 0x0a, 0x22, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x2f, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x2e, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x13, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, + 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x2f, 0x76, 0x30, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x22, 0x68, 0x0a, 0x13, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, + 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x75, 0x70, 0x73, + 0x65, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x75, 0x70, 0x73, 0x65, 0x72, + 0x74, 0x12, 0x39, 0x0a, 0x06, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x21, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x73, 0x68, 0x69, 0x70, 0x52, 0x06, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x22, 0x16, 0x0a, 0x14, + 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xb1, 0x01, 0x0a, 0x11, 0x52, 0x65, 0x61, 0x64, 0x54, 0x75, 0x70, + 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a, 0x06, 0x66, 0x69, + 0x6c, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x6b, 0x65, 0x73, + 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, + 0x2e, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x46, 0x69, + 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x4b, 0x0a, 0x0a, + 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x26, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x50, 0x61, + 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, + 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x88, 0x01, 0x01, 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x70, 0x61, + 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x96, 0x01, 0x0a, 0x12, 0x52, 0x65, 0x61, + 0x64, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, + 0x37, 0x0a, 0x05, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, + 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x68, 0x69, + 0x70, 0x52, 0x05, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x12, 0x47, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, + 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x6b, + 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, + 0x76, 0x30, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x50, 0x61, 0x67, 0x69, 0x6e, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x22, 0x57, 0x0a, 0x13, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, + 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, + 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, + 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x52, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x46, 0x69, 0x6c, 0x74, + 0x65, 0x72, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0x16, 0x0a, 0x14, 0x44, 0x65, + 0x6c, 0x65, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0xe3, 0x02, 0x0a, 0x13, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, + 0x75, 0x70, 0x6c, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x32, 0x0a, 0x12, 0x72, 0x65, + 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x11, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x88, 0x01, 0x01, 0x12, 0x28, + 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x01, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, + 0x65, 0x54, 0x79, 0x70, 0x65, 0x88, 0x01, 0x01, 0x12, 0x24, 0x0a, 0x0b, 0x72, 0x65, 0x73, 0x6f, + 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x02, 0x52, + 0x0a, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x88, 0x01, 0x01, 0x12, 0x1f, + 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, + 0x48, 0x03, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x88, 0x01, 0x01, 0x12, + 0x4e, 0x0a, 0x0e, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, + 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, + 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x53, 0x75, + 0x62, 0x6a, 0x65, 0x63, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x48, 0x04, 0x52, 0x0d, 0x73, + 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x88, 0x01, 0x01, 0x42, + 0x15, 0x0a, 0x13, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, + 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, + 0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x42, 0x0e, 0x0a, 0x0c, 0x5f, 0x72, 0x65, 0x73, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x42, 0x0b, 0x0a, 0x09, 0x5f, 0x72, 0x65, 0x6c, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x11, 0x0a, 0x0f, 0x5f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, + 0x74, 0x5f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0xf1, 0x01, 0x0a, 0x0d, 0x53, 0x75, 0x62, + 0x6a, 0x65, 0x63, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x30, 0x0a, 0x11, 0x73, 0x75, + 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x10, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, + 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x88, 0x01, 0x01, 0x12, 0x26, 0x0a, 0x0c, + 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x48, 0x01, 0x52, 0x0b, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x54, 0x79, 0x70, + 0x65, 0x88, 0x01, 0x01, 0x12, 0x22, 0x0a, 0x0a, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, + 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x02, 0x52, 0x09, 0x73, 0x75, 0x62, 0x6a, + 0x65, 0x63, 0x74, 0x49, 0x64, 0x88, 0x01, 0x01, 0x12, 0x1f, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x03, 0x52, 0x08, 0x72, 0x65, + 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x88, 0x01, 0x01, 0x42, 0x14, 0x0a, 0x12, 0x5f, 0x73, 0x75, + 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x42, + 0x0f, 0x0a, 0x0d, 0x5f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, + 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x69, 0x64, 0x42, + 0x0b, 0x0a, 0x09, 0x5f, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x32, 0xfe, 0x02, 0x0a, + 0x12, 0x4b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x53, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x12, 0x7a, 0x0a, 0x0c, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x75, 0x70, + 0x6c, 0x65, 0x73, 0x12, 0x28, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, + 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, + 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, + 0x2e, 0x76, 0x30, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x15, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0f, + 0x3a, 0x01, 0x2a, 0x22, 0x0a, 0x2f, 0x76, 0x30, 0x2f, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x12, + 0x73, 0x0a, 0x0a, 0x52, 0x65, 0x61, 0x64, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x12, 0x26, 0x2e, + 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, + 0x2e, 0x76, 0x30, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x52, 0x65, 0x61, 0x64, + 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x12, + 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0c, 0x12, 0x0a, 0x2f, 0x76, 0x30, 0x2f, 0x74, 0x75, 0x70, 0x6c, + 0x65, 0x73, 0x30, 0x01, 0x12, 0x77, 0x0a, 0x0c, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x75, + 0x70, 0x6c, 0x65, 0x73, 0x12, 0x28, 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, + 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, + 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, + 0x2e, 0x6b, 0x65, 0x73, 0x73, 0x65, 0x6c, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x73, 0x2e, 0x76, 0x30, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, + 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x12, 0x82, 0xd3, 0xe4, 0x93, 0x02, + 0x0c, 0x2a, 0x0a, 0x2f, 0x76, 0x30, 0x2f, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x42, 0x47, 0x0a, + 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6b, 0x65, 0x73, + 0x73, 0x65, 0x6c, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x73, 0x2e, 0x76, 0x30, 0x50, 0x01, 0x5a, 0x1e, 0x63, 0x69, 0x61, 0x6d, 0x2d, 0x72, 0x65, 0x62, + 0x61, 0x63, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, + 0x2f, 0x76, 0x30, 0x3b, 0x76, 0x30, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_relations_v0_relation_tuples_proto_rawDescOnce sync.Once + file_relations_v0_relation_tuples_proto_rawDescData = file_relations_v0_relation_tuples_proto_rawDesc +) + +func file_relations_v0_relation_tuples_proto_rawDescGZIP() []byte { + file_relations_v0_relation_tuples_proto_rawDescOnce.Do(func() { + file_relations_v0_relation_tuples_proto_rawDescData = protoimpl.X.CompressGZIP(file_relations_v0_relation_tuples_proto_rawDescData) + }) + return file_relations_v0_relation_tuples_proto_rawDescData +} + +var file_relations_v0_relation_tuples_proto_msgTypes = make([]protoimpl.MessageInfo, 8) +var file_relations_v0_relation_tuples_proto_goTypes = []interface{}{ + (*CreateTuplesRequest)(nil), // 0: kessel.relations.v0.CreateTuplesRequest + (*CreateTuplesResponse)(nil), // 1: kessel.relations.v0.CreateTuplesResponse + (*ReadTuplesRequest)(nil), // 2: kessel.relations.v0.ReadTuplesRequest + (*ReadTuplesResponse)(nil), // 3: kessel.relations.v0.ReadTuplesResponse + (*DeleteTuplesRequest)(nil), // 4: kessel.relations.v0.DeleteTuplesRequest + (*DeleteTuplesResponse)(nil), // 5: kessel.relations.v0.DeleteTuplesResponse + (*RelationTupleFilter)(nil), // 6: kessel.relations.v0.RelationTupleFilter + (*SubjectFilter)(nil), // 7: kessel.relations.v0.SubjectFilter + (*Relationship)(nil), // 8: kessel.relations.v0.Relationship + (*RequestPagination)(nil), // 9: kessel.relations.v0.RequestPagination + (*ResponsePagination)(nil), // 10: kessel.relations.v0.ResponsePagination +} +var file_relations_v0_relation_tuples_proto_depIdxs = []int32{ + 8, // 0: kessel.relations.v0.CreateTuplesRequest.tuples:type_name -> kessel.relations.v0.Relationship + 6, // 1: kessel.relations.v0.ReadTuplesRequest.filter:type_name -> kessel.relations.v0.RelationTupleFilter + 9, // 2: kessel.relations.v0.ReadTuplesRequest.pagination:type_name -> kessel.relations.v0.RequestPagination + 8, // 3: kessel.relations.v0.ReadTuplesResponse.tuple:type_name -> kessel.relations.v0.Relationship + 10, // 4: kessel.relations.v0.ReadTuplesResponse.pagination:type_name -> kessel.relations.v0.ResponsePagination + 6, // 5: kessel.relations.v0.DeleteTuplesRequest.filter:type_name -> kessel.relations.v0.RelationTupleFilter + 7, // 6: kessel.relations.v0.RelationTupleFilter.subject_filter:type_name -> kessel.relations.v0.SubjectFilter + 0, // 7: kessel.relations.v0.KesselTupleService.CreateTuples:input_type -> kessel.relations.v0.CreateTuplesRequest + 2, // 8: kessel.relations.v0.KesselTupleService.ReadTuples:input_type -> kessel.relations.v0.ReadTuplesRequest + 4, // 9: kessel.relations.v0.KesselTupleService.DeleteTuples:input_type -> kessel.relations.v0.DeleteTuplesRequest + 1, // 10: kessel.relations.v0.KesselTupleService.CreateTuples:output_type -> kessel.relations.v0.CreateTuplesResponse + 3, // 11: kessel.relations.v0.KesselTupleService.ReadTuples:output_type -> kessel.relations.v0.ReadTuplesResponse + 5, // 12: kessel.relations.v0.KesselTupleService.DeleteTuples:output_type -> kessel.relations.v0.DeleteTuplesResponse + 10, // [10:13] is the sub-list for method output_type + 7, // [7:10] is the sub-list for method input_type + 7, // [7:7] is the sub-list for extension type_name + 7, // [7:7] is the sub-list for extension extendee + 0, // [0:7] is the sub-list for field type_name +} + +func init() { file_relations_v0_relation_tuples_proto_init() } +func file_relations_v0_relation_tuples_proto_init() { + if File_relations_v0_relation_tuples_proto != nil { + return + } + file_relations_v0_common_proto_init() + if !protoimpl.UnsafeEnabled { + file_relations_v0_relation_tuples_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateTuplesRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_relation_tuples_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateTuplesResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_relation_tuples_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ReadTuplesRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_relation_tuples_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ReadTuplesResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_relation_tuples_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*DeleteTuplesRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_relation_tuples_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*DeleteTuplesResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_relation_tuples_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RelationTupleFilter); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_relations_v0_relation_tuples_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SubjectFilter); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + file_relations_v0_relation_tuples_proto_msgTypes[2].OneofWrappers = []interface{}{} + file_relations_v0_relation_tuples_proto_msgTypes[6].OneofWrappers = []interface{}{} + file_relations_v0_relation_tuples_proto_msgTypes[7].OneofWrappers = []interface{}{} + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_relations_v0_relation_tuples_proto_rawDesc, + NumEnums: 0, + NumMessages: 8, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_relations_v0_relation_tuples_proto_goTypes, + DependencyIndexes: file_relations_v0_relation_tuples_proto_depIdxs, + MessageInfos: file_relations_v0_relation_tuples_proto_msgTypes, + }.Build() + File_relations_v0_relation_tuples_proto = out.File + file_relations_v0_relation_tuples_proto_rawDesc = nil + file_relations_v0_relation_tuples_proto_goTypes = nil + file_relations_v0_relation_tuples_proto_depIdxs = nil +} diff --git a/api/relations/v0/relation_tuples.proto b/api/relations/v0/relation_tuples.proto new file mode 100644 index 0000000..1ffc439 --- /dev/null +++ b/api/relations/v0/relation_tuples.proto @@ -0,0 +1,78 @@ +syntax = "proto3"; + +package kessel.relations.v0; + +import "google/api/annotations.proto"; +import "relations/v0/common.proto"; + +option go_package = "ciam-rebac/api/relations/v0;v0"; +option java_multiple_files = true; +option java_package = "org.project_kessel.api.relations.v0"; + +// KesselTupleServices manages the persisted _Tuples_ stored in the system.. +// +// A Tuple is an explicitly stated, persistent relation +// between a Resource and a Subject or Subject Set. +// It has the same _shape_ as a Relationship but is not the same thing as a Relationship. +// +// A single Tuple may result in zero-to-many Relationships. +service KesselTupleService { + rpc CreateTuples (CreateTuplesRequest) returns (CreateTuplesResponse) { + option (google.api.http) = { + post: "/v0/tuples" + body: "*" + }; + }; + rpc ReadTuples (ReadTuplesRequest) returns (stream ReadTuplesResponse) { + option (google.api.http) = { + get: "/v0/tuples" + }; + }; + rpc DeleteTuples (DeleteTuplesRequest) returns (DeleteTuplesResponse) { + option (google.api.http) = { + delete: "/v0/tuples" + }; + }; +} + +message CreateTuplesRequest { + // Whether or not the request should ignore existing tuples (`true`), + // or if the request should fail if the same tuple already exists (`false`). + // + // Defaults to `false`. + bool upsert = 1; + repeated Relationship tuples = 2; +} +message CreateTuplesResponse {} + +message ReadTuplesRequest { + RelationTupleFilter filter = 1; + optional RequestPagination pagination = 2; +} +message ReadTuplesResponse { + Relationship tuple = 1; + ResponsePagination pagination = 2; +} + +message DeleteTuplesRequest { + RelationTupleFilter filter = 1; +} +message DeleteTuplesResponse {} + +// RelationTupleFilter is used to filter tuples based on their resource, relation, and subject. +// All fields are optional but capabilities may vary based on the chosen store and its indexes. +// At least one field must be provided. +message RelationTupleFilter { + optional string resource_namespace = 1; + optional string resource_type = 2; + optional string resource_id = 3; + optional string relation = 4; + optional SubjectFilter subject_filter = 5; +} + +message SubjectFilter { + optional string subject_namespace = 1; + optional string subject_type = 2; + optional string subject_id = 3; + optional string relation = 4; +} diff --git a/api/relations/v0/relation_tuples_grpc.pb.go b/api/relations/v0/relation_tuples_grpc.pb.go new file mode 100644 index 0000000..91f20f9 --- /dev/null +++ b/api/relations/v0/relation_tuples_grpc.pb.go @@ -0,0 +1,211 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.3.0 +// - protoc v4.25.1 +// source: relations/v0/relation_tuples.proto + +package v0 + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +const ( + KesselTupleService_CreateTuples_FullMethodName = "/kessel.relations.v0.KesselTupleService/CreateTuples" + KesselTupleService_ReadTuples_FullMethodName = "/kessel.relations.v0.KesselTupleService/ReadTuples" + KesselTupleService_DeleteTuples_FullMethodName = "/kessel.relations.v0.KesselTupleService/DeleteTuples" +) + +// KesselTupleServiceClient is the client API for KesselTupleService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type KesselTupleServiceClient interface { + CreateTuples(ctx context.Context, in *CreateTuplesRequest, opts ...grpc.CallOption) (*CreateTuplesResponse, error) + ReadTuples(ctx context.Context, in *ReadTuplesRequest, opts ...grpc.CallOption) (KesselTupleService_ReadTuplesClient, error) + DeleteTuples(ctx context.Context, in *DeleteTuplesRequest, opts ...grpc.CallOption) (*DeleteTuplesResponse, error) +} + +type kesselTupleServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewKesselTupleServiceClient(cc grpc.ClientConnInterface) KesselTupleServiceClient { + return &kesselTupleServiceClient{cc} +} + +func (c *kesselTupleServiceClient) CreateTuples(ctx context.Context, in *CreateTuplesRequest, opts ...grpc.CallOption) (*CreateTuplesResponse, error) { + out := new(CreateTuplesResponse) + err := c.cc.Invoke(ctx, KesselTupleService_CreateTuples_FullMethodName, in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *kesselTupleServiceClient) ReadTuples(ctx context.Context, in *ReadTuplesRequest, opts ...grpc.CallOption) (KesselTupleService_ReadTuplesClient, error) { + stream, err := c.cc.NewStream(ctx, &KesselTupleService_ServiceDesc.Streams[0], KesselTupleService_ReadTuples_FullMethodName, opts...) + if err != nil { + return nil, err + } + x := &kesselTupleServiceReadTuplesClient{stream} + if err := x.ClientStream.SendMsg(in); err != nil { + return nil, err + } + if err := x.ClientStream.CloseSend(); err != nil { + return nil, err + } + return x, nil +} + +type KesselTupleService_ReadTuplesClient interface { + Recv() (*ReadTuplesResponse, error) + grpc.ClientStream +} + +type kesselTupleServiceReadTuplesClient struct { + grpc.ClientStream +} + +func (x *kesselTupleServiceReadTuplesClient) Recv() (*ReadTuplesResponse, error) { + m := new(ReadTuplesResponse) + if err := x.ClientStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} + +func (c *kesselTupleServiceClient) DeleteTuples(ctx context.Context, in *DeleteTuplesRequest, opts ...grpc.CallOption) (*DeleteTuplesResponse, error) { + out := new(DeleteTuplesResponse) + err := c.cc.Invoke(ctx, KesselTupleService_DeleteTuples_FullMethodName, in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// KesselTupleServiceServer is the server API for KesselTupleService service. +// All implementations must embed UnimplementedKesselTupleServiceServer +// for forward compatibility +type KesselTupleServiceServer interface { + CreateTuples(context.Context, *CreateTuplesRequest) (*CreateTuplesResponse, error) + ReadTuples(*ReadTuplesRequest, KesselTupleService_ReadTuplesServer) error + DeleteTuples(context.Context, *DeleteTuplesRequest) (*DeleteTuplesResponse, error) + mustEmbedUnimplementedKesselTupleServiceServer() +} + +// UnimplementedKesselTupleServiceServer must be embedded to have forward compatible implementations. +type UnimplementedKesselTupleServiceServer struct { +} + +func (UnimplementedKesselTupleServiceServer) CreateTuples(context.Context, *CreateTuplesRequest) (*CreateTuplesResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateTuples not implemented") +} +func (UnimplementedKesselTupleServiceServer) ReadTuples(*ReadTuplesRequest, KesselTupleService_ReadTuplesServer) error { + return status.Errorf(codes.Unimplemented, "method ReadTuples not implemented") +} +func (UnimplementedKesselTupleServiceServer) DeleteTuples(context.Context, *DeleteTuplesRequest) (*DeleteTuplesResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteTuples not implemented") +} +func (UnimplementedKesselTupleServiceServer) mustEmbedUnimplementedKesselTupleServiceServer() {} + +// UnsafeKesselTupleServiceServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to KesselTupleServiceServer will +// result in compilation errors. +type UnsafeKesselTupleServiceServer interface { + mustEmbedUnimplementedKesselTupleServiceServer() +} + +func RegisterKesselTupleServiceServer(s grpc.ServiceRegistrar, srv KesselTupleServiceServer) { + s.RegisterService(&KesselTupleService_ServiceDesc, srv) +} + +func _KesselTupleService_CreateTuples_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CreateTuplesRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(KesselTupleServiceServer).CreateTuples(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: KesselTupleService_CreateTuples_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(KesselTupleServiceServer).CreateTuples(ctx, req.(*CreateTuplesRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _KesselTupleService_ReadTuples_Handler(srv interface{}, stream grpc.ServerStream) error { + m := new(ReadTuplesRequest) + if err := stream.RecvMsg(m); err != nil { + return err + } + return srv.(KesselTupleServiceServer).ReadTuples(m, &kesselTupleServiceReadTuplesServer{stream}) +} + +type KesselTupleService_ReadTuplesServer interface { + Send(*ReadTuplesResponse) error + grpc.ServerStream +} + +type kesselTupleServiceReadTuplesServer struct { + grpc.ServerStream +} + +func (x *kesselTupleServiceReadTuplesServer) Send(m *ReadTuplesResponse) error { + return x.ServerStream.SendMsg(m) +} + +func _KesselTupleService_DeleteTuples_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeleteTuplesRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(KesselTupleServiceServer).DeleteTuples(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: KesselTupleService_DeleteTuples_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(KesselTupleServiceServer).DeleteTuples(ctx, req.(*DeleteTuplesRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// KesselTupleService_ServiceDesc is the grpc.ServiceDesc for KesselTupleService service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var KesselTupleService_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "kessel.relations.v0.KesselTupleService", + HandlerType: (*KesselTupleServiceServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "CreateTuples", + Handler: _KesselTupleService_CreateTuples_Handler, + }, + { + MethodName: "DeleteTuples", + Handler: _KesselTupleService_DeleteTuples_Handler, + }, + }, + Streams: []grpc.StreamDesc{ + { + StreamName: "ReadTuples", + Handler: _KesselTupleService_ReadTuples_Handler, + ServerStreams: true, + }, + }, + Metadata: "relations/v0/relation_tuples.proto", +} diff --git a/api/relations/v0/relation_tuples_http.pb.go b/api/relations/v0/relation_tuples_http.pb.go new file mode 100644 index 0000000..3f909dc --- /dev/null +++ b/api/relations/v0/relation_tuples_http.pb.go @@ -0,0 +1,114 @@ +// Code generated by protoc-gen-go-http. DO NOT EDIT. +// versions: +// - protoc-gen-go-http v2.7.3 +// - protoc v4.25.1 +// source: relations/v0/relation_tuples.proto + +package v0 + +import ( + context "context" + http "github.com/go-kratos/kratos/v2/transport/http" + binding "github.com/go-kratos/kratos/v2/transport/http/binding" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the kratos package it is being compiled against. +var _ = new(context.Context) +var _ = binding.EncodeURL + +const _ = http.SupportPackageIsVersion1 + +const OperationKesselTupleServiceCreateTuples = "/kessel.relations.v0.KesselTupleService/CreateTuples" +const OperationKesselTupleServiceDeleteTuples = "/kessel.relations.v0.KesselTupleService/DeleteTuples" + +type KesselTupleServiceHTTPServer interface { + CreateTuples(context.Context, *CreateTuplesRequest) (*CreateTuplesResponse, error) + DeleteTuples(context.Context, *DeleteTuplesRequest) (*DeleteTuplesResponse, error) +} + +func RegisterKesselTupleServiceHTTPServer(s *http.Server, srv KesselTupleServiceHTTPServer) { + r := s.Route("/") + r.POST("/v0/tuples", _KesselTupleService_CreateTuples0_HTTP_Handler(srv)) + r.DELETE("/v0/tuples", _KesselTupleService_DeleteTuples0_HTTP_Handler(srv)) +} + +func _KesselTupleService_CreateTuples0_HTTP_Handler(srv KesselTupleServiceHTTPServer) func(ctx http.Context) error { + return func(ctx http.Context) error { + var in CreateTuplesRequest + if err := ctx.Bind(&in); err != nil { + return err + } + if err := ctx.BindQuery(&in); err != nil { + return err + } + http.SetOperation(ctx, OperationKesselTupleServiceCreateTuples) + h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.CreateTuples(ctx, req.(*CreateTuplesRequest)) + }) + out, err := h(ctx, &in) + if err != nil { + return err + } + reply := out.(*CreateTuplesResponse) + return ctx.Result(200, reply) + } +} + +func _KesselTupleService_DeleteTuples0_HTTP_Handler(srv KesselTupleServiceHTTPServer) func(ctx http.Context) error { + return func(ctx http.Context) error { + var in DeleteTuplesRequest + if err := ctx.BindQuery(&in); err != nil { + return err + } + http.SetOperation(ctx, OperationKesselTupleServiceDeleteTuples) + h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.DeleteTuples(ctx, req.(*DeleteTuplesRequest)) + }) + out, err := h(ctx, &in) + if err != nil { + return err + } + reply := out.(*DeleteTuplesResponse) + return ctx.Result(200, reply) + } +} + +type KesselTupleServiceHTTPClient interface { + CreateTuples(ctx context.Context, req *CreateTuplesRequest, opts ...http.CallOption) (rsp *CreateTuplesResponse, err error) + DeleteTuples(ctx context.Context, req *DeleteTuplesRequest, opts ...http.CallOption) (rsp *DeleteTuplesResponse, err error) +} + +type KesselTupleServiceHTTPClientImpl struct { + cc *http.Client +} + +func NewKesselTupleServiceHTTPClient(client *http.Client) KesselTupleServiceHTTPClient { + return &KesselTupleServiceHTTPClientImpl{client} +} + +func (c *KesselTupleServiceHTTPClientImpl) CreateTuples(ctx context.Context, in *CreateTuplesRequest, opts ...http.CallOption) (*CreateTuplesResponse, error) { + var out CreateTuplesResponse + pattern := "/v0/tuples" + path := binding.EncodeURL(pattern, in, false) + opts = append(opts, http.Operation(OperationKesselTupleServiceCreateTuples)) + opts = append(opts, http.PathTemplate(pattern)) + err := c.cc.Invoke(ctx, "POST", path, in, &out, opts...) + if err != nil { + return nil, err + } + return &out, nil +} + +func (c *KesselTupleServiceHTTPClientImpl) DeleteTuples(ctx context.Context, in *DeleteTuplesRequest, opts ...http.CallOption) (*DeleteTuplesResponse, error) { + var out DeleteTuplesResponse + pattern := "/v0/tuples" + path := binding.EncodeURL(pattern, in, true) + opts = append(opts, http.Operation(OperationKesselTupleServiceDeleteTuples)) + opts = append(opts, http.PathTemplate(pattern)) + err := c.cc.Invoke(ctx, "DELETE", path, nil, &out, opts...) + if err != nil { + return nil, err + } + return &out, nil +} diff --git a/cmd/ciam-rebac/wire_gen.go b/cmd/ciam-rebac/wire_gen.go index b2ce92f..314dbdf 100644 --- a/cmd/ciam-rebac/wire_gen.go +++ b/cmd/ciam-rebac/wire_gen.go @@ -35,8 +35,10 @@ func wireApp(confServer *conf.Server, confData *conf.Data, logger log.Logger) (* healthService := service.NewHealthService() checkUsecase := biz.NewCheckUsecase(spiceDbRepository, logger) checkService := service.NewCheckService(logger, checkUsecase) - grpcServer := server.NewGRPCServer(confServer, relationshipsService, healthService, checkService, logger) - httpServer := server.NewHTTPServer(confServer, relationshipsService, healthService, checkService, logger) + getSubjectsUsecase := biz.NewGetSubjectsUseCase(spiceDbRepository, logger) + lookupService := service.NewLookupService(getSubjectsUsecase) + grpcServer := server.NewGRPCServer(confServer, relationshipsService, healthService, checkService, lookupService, logger) + httpServer := server.NewHTTPServer(confServer, relationshipsService, healthService, checkService, lookupService, logger) app := newApp(logger, grpcServer, httpServer) return app, func() { cleanup() diff --git a/deploy/deploy.sh b/deploy/deploy.sh index c7e3e7a..521b7f9 100755 --- a/deploy/deploy.sh +++ b/deploy/deploy.sh @@ -18,7 +18,7 @@ source ../.secrets/postgres.env # Export tags IMAGE=quay.io/cloudservices/kessel-relations -IMAGE_TAG=latest +IMAGE_TAG=10b13ce # Function to check if a command is available command_exists() { diff --git a/deploy/kessel-relations.yaml b/deploy/kessel-relations.yaml index 22a77f1..cae00dc 100644 --- a/deploy/kessel-relations.yaml +++ b/deploy/kessel-relations.yaml @@ -148,4 +148,4 @@ parameters: value: quay.io/cloudservices/kessel-relations - description: Image Tag name: RELATIONS_IMAGE_TAG - value: latest + value: 10b13ce diff --git a/go.mod b/go.mod index cbed379..c7c64ba 100644 --- a/go.mod +++ b/go.mod @@ -33,6 +33,7 @@ require ( github.com/go-logr/logr v1.4.1 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-playground/form/v4 v4.2.0 // indirect + github.com/google/subcommands v1.2.0 // indirect github.com/google/uuid v1.6.0 // indirect github.com/gorilla/mux v1.8.1 // indirect github.com/gotestyourself/gotestyourself v2.2.0+incompatible // indirect diff --git a/go.sum b/go.sum index c7ee80f..23c390c 100644 --- a/go.sum +++ b/go.sum @@ -76,6 +76,7 @@ github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/subcommands v1.2.0 h1:vWQspBTo2nEqTUFita5/KeEWlUL8kQObDFbub/EN9oE= github.com/google/subcommands v1.2.0/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= diff --git a/internal/biz/biz.go b/internal/biz/biz.go index 9fc7e4f..4eb196d 100644 --- a/internal/biz/biz.go +++ b/internal/biz/biz.go @@ -5,4 +5,4 @@ import ( ) // ProviderSet is biz providers. -var ProviderSet = wire.NewSet(NewCreateRelationshipsUsecase, NewReadRelationshipsUsecase, NewDeleteRelationshipsUsecase, NewCheckUsecase) +var ProviderSet = wire.NewSet(NewCreateRelationshipsUsecase, NewReadRelationshipsUsecase, NewDeleteRelationshipsUsecase, NewCheckUsecase, NewGetSubjectsUseCase) diff --git a/internal/biz/lookup.go b/internal/biz/lookup.go new file mode 100644 index 0000000..0b85b05 --- /dev/null +++ b/internal/biz/lookup.go @@ -0,0 +1,57 @@ +package biz + +import ( + v0 "ciam-rebac/api/relations/v0" + "context" + + "github.com/go-kratos/kratos/v2/errors" + "github.com/go-kratos/kratos/v2/log" +) + +const ( + MaxStreamingCount uint32 = 1000 +) + +type GetSubjectsUsecase struct { + repo ZanzibarRepository + log *log.Helper +} + +func NewGetSubjectsUseCase(repo ZanzibarRepository, logger log.Logger) *GetSubjectsUsecase { + return &GetSubjectsUsecase{repo: repo, log: log.NewHelper(logger)} +} + +func (s *GetSubjectsUsecase) Get(ctx context.Context, req *v0.LookupSubjectsRequest) (chan *SubjectResult, chan error, error) { + limit := uint32(MaxStreamingCount) + continuation := ContinuationToken("") + subjectRelation := "" + + if req.Pagination != nil { + if req.Pagination.Limit < limit { + limit = req.Pagination.Limit + } + + if req.Pagination.ContinuationToken != nil { + continuation = ContinuationToken(*req.Pagination.ContinuationToken) + } + } + + if req.Resource == nil { + return nil, nil, errors.BadRequest("Invalid request", "Object is required") + } + + if req.SubjectRelation != nil { + subjectRelation = *req.SubjectRelation + } + + subs, errs, err := s.repo.LookupSubjects(ctx, req.SubjectType, subjectRelation, req.Relation, &v0.ObjectReference{ + Type: req.Resource.Type, //Need null check + Id: req.Resource.Id, + }, limit, continuation) + + if err != nil { + return nil, nil, err + } + + return subs, errs, nil +} diff --git a/internal/biz/relationships.go b/internal/biz/relationships.go index 05d11a9..ffae798 100644 --- a/internal/biz/relationships.go +++ b/internal/biz/relationships.go @@ -1,7 +1,7 @@ package biz import ( - v1 "ciam-rebac/api/rebac/v1" + v0 "ciam-rebac/api/relations/v0" "context" "github.com/go-kratos/kratos/v2/log" @@ -10,11 +10,22 @@ import ( // relationship domain objects re-used from the api layer for now, but otherwise would be defined here type TouchSemantics bool +type ContinuationToken string +type SubjectResult struct { + Subject *v0.SubjectReference + Continuation ContinuationToken +} +type RelationshipResult struct { + Relationship *v0.Relationship + Continuation ContinuationToken +} + type ZanzibarRepository interface { - Check(ctx context.Context, request *v1.CheckRequest) (*v1.CheckResponse, error) - CreateRelationships(context.Context, []*v1.Relationship, TouchSemantics) error - ReadRelationships(context.Context, *v1.RelationshipFilter) ([]*v1.Relationship, error) - DeleteRelationships(context.Context, *v1.RelationshipFilter) error + Check(ctx context.Context, request *v0.CheckRequest) (*v0.CheckResponse, error) + CreateRelationships(context.Context, []*v0.Relationship, TouchSemantics) error + ReadRelationships(ctx context.Context, filter *v0.RelationTupleFilter, limit uint32, continuation ContinuationToken) (chan *RelationshipResult, chan error, error) + DeleteRelationships(context.Context, *v0.RelationTupleFilter) error + LookupSubjects(ctx context.Context, subjectType *v0.ObjectType, subject_relation, relation string, resource *v0.ObjectReference, limit uint32, continuation ContinuationToken) (chan *SubjectResult, chan error, error) } type CheckUsecase struct { @@ -26,7 +37,7 @@ func NewCheckUsecase(repo ZanzibarRepository, logger log.Logger) *CheckUsecase { return &CheckUsecase{repo: repo, log: log.NewHelper(logger)} } -func (rc *CheckUsecase) Check(ctx context.Context, check *v1.CheckRequest) (*v1.CheckResponse, error) { +func (rc *CheckUsecase) Check(ctx context.Context, check *v0.CheckRequest) (*v0.CheckResponse, error) { rc.log.WithContext(ctx).Infof("Check: %v", check) return rc.repo.Check(ctx, check) } @@ -40,7 +51,7 @@ func NewCreateRelationshipsUsecase(repo ZanzibarRepository, logger log.Logger) * return &CreateRelationshipsUsecase{repo: repo, log: log.NewHelper(logger)} } -func (rc *CreateRelationshipsUsecase) CreateRelationships(ctx context.Context, r []*v1.Relationship, touch bool) error { +func (rc *CreateRelationshipsUsecase) CreateRelationships(ctx context.Context, r []*v0.Relationship, touch bool) error { rc.log.WithContext(ctx).Infof("CreateRelationships: %v %s", r, touch) return rc.repo.CreateRelationships(ctx, r, TouchSemantics(touch)) } @@ -54,9 +65,29 @@ func NewReadRelationshipsUsecase(repo ZanzibarRepository, logger log.Logger) *Re return &ReadRelationshipsUsecase{repo: repo, log: log.NewHelper(logger)} } -func (rc *ReadRelationshipsUsecase) ReadRelationships(ctx context.Context, r *v1.RelationshipFilter) ([]*v1.Relationship, error) { - rc.log.WithContext(ctx).Infof("ReadRelationships: %v", r) - return rc.repo.ReadRelationships(ctx, r) +func (rc *ReadRelationshipsUsecase) ReadRelationships(ctx context.Context, req *v0.ReadTuplesRequest) (chan *RelationshipResult, chan error, error) { + rc.log.WithContext(ctx).Infof("ReadRelationships: %v", req) + + limit := uint32(MaxStreamingCount) + continuation := ContinuationToken("") + + if req.Pagination != nil { + if req.Pagination.Limit < limit { + limit = req.Pagination.Limit + } + + if req.Pagination.ContinuationToken != nil { + continuation = ContinuationToken(*req.Pagination.ContinuationToken) + } + } + + relationships, errs, err := rc.repo.ReadRelationships(ctx, req.Filter, limit, continuation) + + if err != nil { + return nil, nil, err + } + + return relationships, errs, nil } type DeleteRelationshipsUsecase struct { @@ -68,7 +99,7 @@ func NewDeleteRelationshipsUsecase(repo ZanzibarRepository, logger log.Logger) * return &DeleteRelationshipsUsecase{repo: repo, log: log.NewHelper(logger)} } -func (rc *DeleteRelationshipsUsecase) DeleteRelationships(ctx context.Context, r *v1.RelationshipFilter) error { +func (rc *DeleteRelationshipsUsecase) DeleteRelationships(ctx context.Context, r *v0.RelationTupleFilter) error { rc.log.WithContext(ctx).Infof("DeleteRelationships: %v", r) return rc.repo.DeleteRelationships(ctx, r) } diff --git a/internal/conf/conf.pb.go b/internal/conf/conf.pb.go index 300d185..89bc85f 100644 --- a/internal/conf/conf.pb.go +++ b/internal/conf/conf.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.32.0 -// protoc v3.19.4 +// protoc-gen-go v1.34.1 +// protoc v4.25.1 // source: conf/conf.proto package conf diff --git a/internal/data/spicedb.go b/internal/data/spicedb.go index 8a524bd..2324b24 100644 --- a/internal/data/spicedb.go +++ b/internal/data/spicedb.go @@ -1,20 +1,22 @@ package data import ( - apiV1 "ciam-rebac/api/rebac/v1" + apiV0 "ciam-rebac/api/relations/v0" "ciam-rebac/internal/biz" "ciam-rebac/internal/conf" "context" "errors" "fmt" + "io" + "os" + "strings" + v1 "github.com/authzed/authzed-go/proto/authzed/api/v1" "github.com/authzed/authzed-go/v1" "github.com/authzed/grpcutil" "github.com/go-kratos/kratos/v2/log" "google.golang.org/grpc" "google.golang.org/grpc/credentials/insecure" - "io" - "os" ) // SpiceDbRepository . @@ -75,7 +77,68 @@ func NewSpiceDbRepository(c *conf.Data, logger log.Logger) (*SpiceDbRepository, return &SpiceDbRepository{client}, cleanup, nil } -func (s *SpiceDbRepository) CreateRelationships(ctx context.Context, rels []*apiV1.Relationship, touch biz.TouchSemantics) error { +func (s *SpiceDbRepository) LookupSubjects(ctx context.Context, subject_type *apiV0.ObjectType, subject_relation, relation string, object *apiV0.ObjectReference, limit uint32, continuation biz.ContinuationToken) (chan *biz.SubjectResult, chan error, error) { + var cursor *v1.Cursor = nil + if continuation != "" { + cursor = &v1.Cursor{ + Token: string(continuation), + } + } + + client, err := s.client.LookupSubjects(ctx, &v1.LookupSubjectsRequest{ + Resource: &v1.ObjectReference{ + ObjectType: kesselTypeToSpiceDBType(object.Type), + ObjectId: object.Id, + }, + Permission: relation, + SubjectObjectType: kesselTypeToSpiceDBType(subject_type), + WildcardOption: v1.LookupSubjectsRequest_WILDCARD_OPTION_EXCLUDE_WILDCARDS, + OptionalSubjectRelation: subject_relation, + OptionalConcreteLimit: limit, + OptionalCursor: cursor, + }) + + if err != nil { + return nil, nil, err + } + + subjects := make(chan *biz.SubjectResult) + errs := make(chan error, 1) + + go func() { + for { + msg, err := client.Recv() + if err != nil { + if !errors.Is(err, io.EOF) { + errs <- err + } + close(errs) + close(subjects) + return + } + + continuation := biz.ContinuationToken("") + if msg.AfterResultCursor != nil { + continuation = biz.ContinuationToken(msg.AfterResultCursor.Token) + } + + subj := msg.GetSubject() + subjects <- &biz.SubjectResult{ + Subject: &apiV0.SubjectReference{ + Subject: &apiV0.ObjectReference{ + Type: subject_type, + Id: subj.SubjectObjectId, + }, + }, + Continuation: continuation, + } + } + }() + + return subjects, errs, nil +} + +func (s *SpiceDbRepository) CreateRelationships(ctx context.Context, rels []*apiV0.Relationship, touch biz.TouchSemantics) error { var relationshipUpdates []*v1.RelationshipUpdate var operation v1.RelationshipUpdate_Operation @@ -99,44 +162,68 @@ func (s *SpiceDbRepository) CreateRelationships(ctx context.Context, rels []*api return err } -func (s *SpiceDbRepository) ReadRelationships(ctx context.Context, filter *apiV1.RelationshipFilter) ([]*apiV1.Relationship, error) { - req := &v1.ReadRelationshipsRequest{RelationshipFilter: createSpiceDbRelationshipFilter(filter)} - - client, err := s.client.ReadRelationships(ctx, req) +func (s *SpiceDbRepository) ReadRelationships(ctx context.Context, filter *apiV0.RelationTupleFilter, limit uint32, continuation biz.ContinuationToken) (chan *biz.RelationshipResult, chan error, error) { + var cursor *v1.Cursor = nil + if continuation != "" { + cursor = &v1.Cursor{ + Token: string(continuation), + } + } + client, err := s.client.ReadRelationships(ctx, &v1.ReadRelationshipsRequest{ + RelationshipFilter: createSpiceDbRelationshipFilter(filter), + OptionalLimit: limit, + OptionalCursor: cursor, + }) if err != nil { - return nil, err - } - - results := make([]*apiV1.Relationship, 0) - resp, err := client.Recv() - for err == nil { - results = append(results, &apiV1.Relationship{ - Object: &apiV1.ObjectReference{ - Type: resp.Relationship.Resource.ObjectType, - Id: resp.Relationship.Resource.ObjectId, - }, - Relation: resp.Relationship.Relation, - Subject: &apiV1.SubjectReference{ - Relation: resp.Relationship.Subject.OptionalRelation, - Object: &apiV1.ObjectReference{ - Type: resp.Relationship.Subject.Object.ObjectType, - Id: resp.Relationship.Subject.Object.ObjectId, - }, - }, - }) - - resp, err = client.Recv() + return nil, nil, err } - if !errors.Is(err, io.EOF) { - return nil, err - } + relationshipTuples := make(chan *biz.RelationshipResult) + errs := make(chan error, 1) + + go func() { + for { + msg, err := client.Recv() + if err != nil { + if !errors.Is(err, io.EOF) { + errs <- err + } + close(errs) + close(relationshipTuples) + return + } + + continuation := biz.ContinuationToken("") + if msg.AfterResultCursor != nil { + continuation = biz.ContinuationToken(msg.AfterResultCursor.Token) + } + + spiceDbRel := msg.GetRelationship() + relationshipTuples <- &biz.RelationshipResult{ + Relationship: &apiV0.Relationship{ + Resource: &apiV0.ObjectReference{ + Type: spicedbTypeToKesselType(spiceDbRel.Resource.ObjectType), + Id: spiceDbRel.Resource.ObjectId, + }, + Relation: msg.Relationship.Relation, + Subject: &apiV0.SubjectReference{ + Relation: optionalStringToStringPointer(spiceDbRel.Subject.OptionalRelation), + Subject: &apiV0.ObjectReference{ + Type: spicedbTypeToKesselType(spiceDbRel.Subject.Object.ObjectType), + Id: spiceDbRel.Subject.Object.ObjectId, + }, + }, + }, + Continuation: continuation, + } + } + }() - return results, nil + return relationshipTuples, errs, nil } -func (s *SpiceDbRepository) DeleteRelationships(ctx context.Context, filter *apiV1.RelationshipFilter) error { +func (s *SpiceDbRepository) DeleteRelationships(ctx context.Context, filter *apiV0.RelationTupleFilter) error { req := &v1.DeleteRelationshipsRequest{RelationshipFilter: createSpiceDbRelationshipFilter(filter)} _, err := s.client.DeleteRelationships(ctx, req) @@ -149,40 +236,40 @@ func (s *SpiceDbRepository) DeleteRelationships(ctx context.Context, filter *api return nil } -func (s *SpiceDbRepository) Check(ctx context.Context, check *apiV1.CheckRequest) (*apiV1.CheckResponse, error) { +func (s *SpiceDbRepository) Check(ctx context.Context, check *apiV0.CheckRequest) (*apiV0.CheckResponse, error) { subject := &v1.SubjectReference{ Object: &v1.ObjectReference{ - ObjectType: check.GetSubject().GetObject().GetType(), - ObjectId: check.GetSubject().GetObject().GetId(), + ObjectType: kesselTypeToSpiceDBType(check.GetSubject().GetSubject().Type), + ObjectId: check.GetSubject().GetSubject().GetId(), }, OptionalRelation: check.GetSubject().GetRelation(), } - object := &v1.ObjectReference{ - ObjectType: check.GetObject().GetType(), - ObjectId: check.GetObject().GetId(), + resource := &v1.ObjectReference{ + ObjectType: kesselTypeToSpiceDBType(check.GetResource().GetType()), + ObjectId: check.GetResource().GetId(), } checkResponse, err := s.client.CheckPermission(ctx, &v1.CheckPermissionRequest{ - Resource: object, + Resource: resource, Permission: check.GetRelation(), Subject: subject, }) if err != nil { log.Errorf("Error check permission %v", err.Error()) - return &apiV1.CheckResponse{Allowed: apiV1.CheckResponse_ALLOWED_UNSPECIFIED}, err + return &apiV0.CheckResponse{Allowed: apiV0.CheckResponse_ALLOWED_UNSPECIFIED}, err } if checkResponse.Permissionship == v1.CheckPermissionResponse_PERMISSIONSHIP_HAS_PERMISSION { - return &apiV1.CheckResponse{Allowed: apiV1.CheckResponse_ALLOWED_TRUE}, nil + return &apiV0.CheckResponse{Allowed: apiV0.CheckResponse_ALLOWED_TRUE}, nil } - return &apiV1.CheckResponse{Allowed: apiV1.CheckResponse_ALLOWED_FALSE}, nil + return &apiV0.CheckResponse{Allowed: apiV0.CheckResponse_ALLOWED_FALSE}, nil } -func createSpiceDbRelationshipFilter(filter *apiV1.RelationshipFilter) *v1.RelationshipFilter { +func createSpiceDbRelationshipFilter(filter *apiV0.RelationTupleFilter) *v1.RelationshipFilter { spiceDbRelationshipFilter := &v1.RelationshipFilter{ - ResourceType: filter.GetObjectType(), - OptionalResourceId: filter.GetObjectId(), + ResourceType: filter.GetResourceType(), + OptionalResourceId: filter.GetResourceId(), OptionalRelation: filter.GetRelation(), } @@ -204,18 +291,51 @@ func createSpiceDbRelationshipFilter(filter *apiV1.RelationshipFilter) *v1.Relat return spiceDbRelationshipFilter } -func createSpiceDbRelationship(relationship *apiV1.Relationship) *v1.Relationship { +func spicedbTypeToKesselType(spicedbType string) *apiV0.ObjectType { + kesselType := &apiV0.ObjectType{} + + parts := strings.Split(spicedbType, "/") + switch len(parts) { + case 1: + kesselType.Type = parts[0] + case 2: + kesselType.Namespace = parts[0] + kesselType.Type = parts[1] + default: + return nil //?? Error? + } + + return kesselType +} + +func kesselTypeToSpiceDBType(kesselType *apiV0.ObjectType) string { + if kesselType.Namespace != "" { + return fmt.Sprintf("%s/%s", kesselType.Namespace, kesselType.Type) + } + + return kesselType.Type +} + +func optionalStringToStringPointer(optional string) *string { + if optional == "" { + return nil + } + + return &optional +} + +func createSpiceDbRelationship(relationship *apiV0.Relationship) *v1.Relationship { subject := &v1.SubjectReference{ Object: &v1.ObjectReference{ - ObjectType: relationship.GetSubject().GetObject().GetType(), - ObjectId: relationship.GetSubject().GetObject().GetId(), + ObjectType: kesselTypeToSpiceDBType(relationship.GetSubject().GetSubject().GetType()), + ObjectId: relationship.GetSubject().GetSubject().GetId(), }, OptionalRelation: relationship.GetSubject().GetRelation(), } object := &v1.ObjectReference{ - ObjectType: relationship.GetObject().GetType(), - ObjectId: relationship.GetObject().GetId(), + ObjectType: kesselTypeToSpiceDBType(relationship.GetResource().GetType()), + ObjectId: relationship.GetResource().GetId(), } return &v1.Relationship{ diff --git a/internal/data/spicedb_test.go b/internal/data/spicedb_test.go index 3da69b6..c459dae 100644 --- a/internal/data/spicedb_test.go +++ b/internal/data/spicedb_test.go @@ -1,7 +1,7 @@ package data import ( - apiV1 "ciam-rebac/api/rebac/v1" + apiV0 "ciam-rebac/api/relations/v0" "ciam-rebac/internal/biz" "context" "fmt" @@ -49,8 +49,8 @@ func TestCreateRelationship(t *testing.T) { preExisting := CheckForRelationship(spiceDbRepo.client, "bob", "user", "", "member", "group", "bob_club") assert.False(t, preExisting) - rels := []*apiV1.Relationship{ - createRelationship("bob", "user", "", "member", "group", "bob_club"), + rels := []*apiV0.Relationship{ + createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club"), } touch := biz.TouchSemantics(false) @@ -72,8 +72,8 @@ func TestSecondCreateRelationshipFailsWithTouchFalse(t *testing.T) { preExisting := CheckForRelationship(spiceDbRepo.client, "bob", "user", "", "member", "group", "bob_club") assert.False(t, preExisting) - rels := []*apiV1.Relationship{ - createRelationship("bob", "user", "", "member", "group", "bob_club"), + rels := []*apiV0.Relationship{ + createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club"), } touch := biz.TouchSemantics(false) @@ -99,8 +99,8 @@ func TestSecondCreateRelationshipSucceedsWithTouchTrue(t *testing.T) { preExisting := CheckForRelationship(spiceDbRepo.client, "bob", "user", "", "member", "group", "bob_club") assert.False(t, preExisting) - rels := []*apiV1.Relationship{ - createRelationship("bob", "user", "", "member", "group", "bob_club"), + rels := []*apiV0.Relationship{ + createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club"), } touch := biz.TouchSemantics(false) @@ -126,8 +126,8 @@ func TestCreateRelationshipFailsWithBadSubjectType(t *testing.T) { badSubjectType := "not_a_user" - rels := []*apiV1.Relationship{ - createRelationship("bob", badSubjectType, "", "member", "group", "bob_club"), + rels := []*apiV0.Relationship{ + createRelationship("bob", simple_type(badSubjectType), "", "member", simple_type("group"), "bob_club"), } touch := biz.TouchSemantics(false) @@ -147,8 +147,8 @@ func TestCreateRelationshipFailsWithBadObjectType(t *testing.T) { badObjectType := "not_an_object" - rels := []*apiV1.Relationship{ - createRelationship("bob", "user", "", "member", badObjectType, "bob_club"), + rels := []*apiV0.Relationship{ + createRelationship("bob", simple_type("user"), "", "member", simple_type(badObjectType), "bob_club"), } touch := biz.TouchSemantics(false) @@ -169,8 +169,8 @@ func TestWriteAndReadBackRelationships(t *testing.T) { } assert.NoError(t, err) - rels := []*apiV1.Relationship{ - createRelationship("bob", "user", "", "member", "group", "bob_club"), + rels := []*apiV0.Relationship{ + createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club"), } err = spiceDbRepo.CreateRelationships(ctx, rels, biz.TouchSemantics(true)) @@ -178,20 +178,21 @@ func TestWriteAndReadBackRelationships(t *testing.T) { return } - readrels, err := spiceDbRepo.ReadRelationships(ctx, &apiV1.RelationshipFilter{ - ObjectId: "bob_club", - ObjectType: "group", - Relation: "member", - SubjectFilter: &apiV1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + readRelChan, _, err := spiceDbRepo.ReadRelationships(ctx, &apiV0.RelationTupleFilter{ + ResourceId: pointerize("bob_club"), + ResourceType: pointerize("group"), + Relation: pointerize("member"), + SubjectFilter: &apiV0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, - }) + }, 0, "") if !assert.NoError(t, err) { return } + readrels := spiceRelChanToSlice(readRelChan) assert.Equal(t, 1, len(readrels)) } @@ -205,8 +206,8 @@ func TestWriteReadBackDeleteAndReadBackRelationships(t *testing.T) { } assert.NoError(t, err) - rels := []*apiV1.Relationship{ - createRelationship("bob", "user", "", "member", "group", "bob_club"), + rels := []*apiV0.Relationship{ + createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club"), } err = spiceDbRepo.CreateRelationships(ctx, rels, biz.TouchSemantics(true)) @@ -214,29 +215,30 @@ func TestWriteReadBackDeleteAndReadBackRelationships(t *testing.T) { return } - readrels, err := spiceDbRepo.ReadRelationships(ctx, &apiV1.RelationshipFilter{ - ObjectId: "bob_club", - ObjectType: "group", - Relation: "member", - SubjectFilter: &apiV1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + readRelChan, _, err := spiceDbRepo.ReadRelationships(ctx, &apiV0.RelationTupleFilter{ + ResourceId: pointerize("bob_club"), + ResourceType: pointerize("group"), + Relation: pointerize("member"), + SubjectFilter: &apiV0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, - }) + }, 0, "") if !assert.NoError(t, err) { return } + readrels := spiceRelChanToSlice(readRelChan) assert.Equal(t, 1, len(readrels)) - err = spiceDbRepo.DeleteRelationships(ctx, &apiV1.RelationshipFilter{ - ObjectId: "bob_club", - ObjectType: "group", - Relation: "member", - SubjectFilter: &apiV1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + err = spiceDbRepo.DeleteRelationships(ctx, &apiV0.RelationTupleFilter{ + ResourceId: pointerize("bob_club"), + ResourceType: pointerize("group"), + Relation: pointerize("member"), + SubjectFilter: &apiV0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, }) @@ -244,20 +246,21 @@ func TestWriteReadBackDeleteAndReadBackRelationships(t *testing.T) { return } - readrels, err = spiceDbRepo.ReadRelationships(ctx, &apiV1.RelationshipFilter{ - ObjectId: "bob_club", - ObjectType: "group", - Relation: "member", - SubjectFilter: &apiV1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + readRelChan, _, err = spiceDbRepo.ReadRelationships(ctx, &apiV0.RelationTupleFilter{ + ResourceId: pointerize("bob_club"), + ResourceType: pointerize("group"), + Relation: pointerize("member"), + SubjectFilter: &apiV0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, - }) + }, 0, "") if !assert.NoError(t, err) { return } + readrels = spiceRelChanToSlice(readRelChan) assert.Equal(t, 0, len(readrels)) } @@ -276,12 +279,12 @@ func TestSpiceDbRepository_CheckPermission(t *testing.T) { //role_binding:rb_test#granted@role:rl1 //role_binding:rb_test#subject@user:bob //role:rl1#view_the_thing@user:* - rels := []*apiV1.Relationship{ - createRelationship("bob", "user", "", "member", "group", "bob_club"), - createRelationship("rb_test", "role_binding", "", "user_grant", "workspace", "test"), - createRelationship("rl1", "role", "", "granted", "role_binding", "rb_test"), - createRelationship("bob", "user", "", "subject", "role_binding", "rb_test"), - createRelationship("*", "user", "", "view_the_thing", "role", "rl1"), + rels := []*apiV0.Relationship{ + createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club"), + createRelationship("rb_test", simple_type("role_binding"), "", "user_grant", simple_type("workspace"), "test"), + createRelationship("rl1", simple_type("role"), "", "granted", simple_type("role_binding"), "rb_test"), + createRelationship("bob", simple_type("user"), "", "subject", simple_type("role_binding"), "rb_test"), + createRelationship("*", simple_type("user"), "", "view_the_thing", simple_type("role"), "rl1"), } err = spiceDbRepo.CreateRelationships(ctx, rels, biz.TouchSemantics(true)) @@ -289,41 +292,41 @@ func TestSpiceDbRepository_CheckPermission(t *testing.T) { return } - subject := &apiV1.SubjectReference{ - Object: &apiV1.ObjectReference{ - Type: "user", + subject := &apiV0.SubjectReference{ + Subject: &apiV0.ObjectReference{ + Type: simple_type("user"), Id: "bob", }, } - object := &apiV1.ObjectReference{ - Type: "workspace", + resource := &apiV0.ObjectReference{ + Type: simple_type("workspace"), Id: "test", } // zed permission check workspace:test view_the_thing user:bob --explain - check := apiV1.CheckRequest{ + check := apiV0.CheckRequest{ Subject: subject, Relation: "view_the_thing", - Object: object, + Resource: resource, } resp, err := spiceDbRepo.Check(ctx, &check) if !assert.NoError(t, err) { return } //apiV1.CheckResponse_ALLOWED_TRUE - checkResponse := apiV1.CheckResponse{ - Allowed: apiV1.CheckResponse_ALLOWED_TRUE, + checkResponse := apiV0.CheckResponse{ + Allowed: apiV0.CheckResponse_ALLOWED_TRUE, } assert.Equal(t, &checkResponse, resp) //Remove // role_binding:rb_test#subject@user:bob - err = spiceDbRepo.DeleteRelationships(ctx, &apiV1.RelationshipFilter{ - ObjectId: "rb_test", - ObjectType: "role_binding", - Relation: "subject", - SubjectFilter: &apiV1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + err = spiceDbRepo.DeleteRelationships(ctx, &apiV0.RelationTupleFilter{ + ResourceId: pointerize("rb_test"), + ResourceType: pointerize("role_binding"), + Relation: pointerize("subject"), + SubjectFilter: &apiV0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, }) if !assert.NoError(t, err) { @@ -331,38 +334,58 @@ func TestSpiceDbRepository_CheckPermission(t *testing.T) { } // zed permission check workspace:test view_the_thing user:bob --explain - check2 := apiV1.CheckRequest{ + check2 := apiV0.CheckRequest{ Subject: subject, Relation: "view_the_thing", - Object: object, + Resource: resource, } resp2, err := spiceDbRepo.Check(ctx, &check2) if !assert.NoError(t, err) { return } - checkResponsev2 := apiV1.CheckResponse{ - Allowed: apiV1.CheckResponse_ALLOWED_FALSE, + checkResponsev2 := apiV0.CheckResponse{ + Allowed: apiV0.CheckResponse_ALLOWED_FALSE, } assert.Equal(t, &checkResponsev2, resp2) } -func createRelationship(subjectId string, subjectType string, subjectRelationship string, relationship string, objectType string, objectId string) *apiV1.Relationship { - subject := &apiV1.SubjectReference{ - Object: &apiV1.ObjectReference{ + +func simple_type(typename string) *apiV0.ObjectType { + return &apiV0.ObjectType{Type: typename} +} + +func pointerize(value string) *string { //Used to turn string literals into pointers + return &value +} + +func createRelationship(subjectId string, subjectType *apiV0.ObjectType, subjectRelationship string, relationship string, objectType *apiV0.ObjectType, objectId string) *apiV0.Relationship { + subject := &apiV0.SubjectReference{ + Subject: &apiV0.ObjectReference{ Type: subjectType, Id: subjectId, }, - Relation: subjectRelationship, } - object := &apiV1.ObjectReference{ + if subjectRelationship != "" { + subject.Relation = &subjectRelationship + } + + resource := &apiV0.ObjectReference{ Type: objectType, Id: objectId, } - return &apiV1.Relationship{ - Object: object, + return &apiV0.Relationship{ + Resource: resource, Relation: relationship, Subject: subject, } } + +func spiceRelChanToSlice(c chan *biz.RelationshipResult) []*biz.RelationshipResult { + s := make([]*biz.RelationshipResult, 0) + for i := range c { + s = append(s, i) + } + return s +} diff --git a/internal/server/grpc.go b/internal/server/grpc.go index be5ede8..678848c 100644 --- a/internal/server/grpc.go +++ b/internal/server/grpc.go @@ -2,7 +2,7 @@ package server import ( h "ciam-rebac/api/health/v1" - v1 "ciam-rebac/api/rebac/v1" + v0 "ciam-rebac/api/relations/v0" "ciam-rebac/internal/conf" "ciam-rebac/internal/service" @@ -12,7 +12,7 @@ import ( ) // NewGRPCServer new a gRPC server. -func NewGRPCServer(c *conf.Server, relations *service.RelationshipsService, health *service.HealthService, check *service.CheckService, logger log.Logger) *grpc.Server { +func NewGRPCServer(c *conf.Server, relations *service.RelationshipsService, health *service.HealthService, check *service.CheckService, subjects *service.LookupService, logger log.Logger) *grpc.Server { var opts = []grpc.ServerOption{ grpc.Middleware( recovery.Recovery(), @@ -28,8 +28,9 @@ func NewGRPCServer(c *conf.Server, relations *service.RelationshipsService, heal opts = append(opts, grpc.Timeout(c.Grpc.Timeout.AsDuration())) } srv := grpc.NewServer(opts...) - v1.RegisterRelationshipsServer(srv, relations) - v1.RegisterCheckServer(srv, check) - h.RegisterHealthServer(srv, health) + v0.RegisterKesselTupleServiceServer(srv, relations) + v0.RegisterKesselCheckServiceServer(srv, check) + h.RegisterKesselHealthServer(srv, health) + v0.RegisterKesselLookupServiceServer(srv, subjects) return srv } diff --git a/internal/server/http.go b/internal/server/http.go index cd435b0..b2db92b 100644 --- a/internal/server/http.go +++ b/internal/server/http.go @@ -2,16 +2,17 @@ package server import ( h "ciam-rebac/api/health/v1" - v1 "ciam-rebac/api/rebac/v1" + v0 "ciam-rebac/api/relations/v0" "ciam-rebac/internal/conf" "ciam-rebac/internal/service" + "github.com/go-kratos/kratos/v2/log" "github.com/go-kratos/kratos/v2/middleware/recovery" "github.com/go-kratos/kratos/v2/transport/http" ) // NewHTTPServer new an HTTP server. -func NewHTTPServer(c *conf.Server, relationships *service.RelationshipsService, health *service.HealthService, check *service.CheckService, logger log.Logger) *http.Server { +func NewHTTPServer(c *conf.Server, relationships *service.RelationshipsService, health *service.HealthService, check *service.CheckService, subjects *service.LookupService, logger log.Logger) *http.Server { var opts = []http.ServerOption{ http.Middleware( recovery.Recovery(), @@ -32,8 +33,7 @@ func NewHTTPServer(c *conf.Server, relationships *service.RelationshipsService, srv := http.NewServer(opts...) - v1.RegisterRelationshipsHTTPServer(srv, relationships) - v1.RegisterCheckHTTPServer(srv, check) - h.RegisterHealthHTTPServer(srv, health) + v0.RegisterKesselCheckServiceHTTPServer(srv, check) + h.RegisterKesselHealthHTTPServer(srv, health) return srv } diff --git a/internal/service/check.go b/internal/service/check.go index 91b376a..57dba7b 100644 --- a/internal/service/check.go +++ b/internal/service/check.go @@ -3,13 +3,14 @@ package service import ( "ciam-rebac/internal/biz" "context" + "github.com/go-kratos/kratos/v2/log" - pb "ciam-rebac/api/rebac/v1" + pb "ciam-rebac/api/relations/v0" ) type CheckService struct { - pb.UnimplementedCheckServer + pb.UnimplementedKesselCheckServiceServer check *biz.CheckUsecase log *log.Helper } diff --git a/internal/service/health.go b/internal/service/health.go index 3fe27bd..39f8158 100644 --- a/internal/service/health.go +++ b/internal/service/health.go @@ -7,7 +7,7 @@ import ( ) type HealthService struct { - pb.UnimplementedHealthServer + pb.UnimplementedKesselHealthServer } func NewHealthService() *HealthService { diff --git a/internal/service/lookup.go b/internal/service/lookup.go new file mode 100644 index 0000000..93c74df --- /dev/null +++ b/internal/service/lookup.go @@ -0,0 +1,45 @@ +package service + +import ( + pb "ciam-rebac/api/relations/v0" + "ciam-rebac/internal/biz" +) + +type LookupService struct { + pb.UnimplementedKesselLookupServiceServer + subjectsUsecase *biz.GetSubjectsUsecase +} + +func NewLookupService(subjectsUseCase *biz.GetSubjectsUsecase) *LookupService { + return &LookupService{ + subjectsUsecase: subjectsUseCase, + } + +} + +func (s *LookupService) LookupSubjects(req *pb.LookupSubjectsRequest, conn pb.KesselLookupService_LookupSubjectsServer) error { + ctx := conn.Context() + + subs, errs, err := s.subjectsUsecase.Get(ctx, req) + + if err != nil { + return err + } + + for sub := range subs { + err = conn.Send(&pb.LookupSubjectsResponse{ + Subject: sub.Subject, + Pagination: &pb.ResponsePagination{ContinuationToken: string(sub.Continuation)}, + }) + if err != nil { + return err + } + } + + err, ok := <-errs + if ok { + return err + } + + return nil +} diff --git a/internal/service/lookup_test.go b/internal/service/lookup_test.go new file mode 100644 index 0000000..e0b92cd --- /dev/null +++ b/internal/service/lookup_test.go @@ -0,0 +1,186 @@ +package service + +import ( + v0 "ciam-rebac/api/relations/v0" + "ciam-rebac/internal/biz" + "ciam-rebac/internal/data" + "context" + "os" + "testing" + + "github.com/go-kratos/kratos/v2/log" + "github.com/go-kratos/kratos/v2/middleware/tracing" + "github.com/stretchr/testify/assert" + "google.golang.org/grpc" +) + +func TestLookupService_LookupSubjects_EmptyRequest(t *testing.T) { + t.Parallel() + ctx := context.TODO() + spicedb, err := container.CreateSpiceDbRepository() + assert.NoError(t, err) + service := createLookupService(spicedb) + responseCollector := NewLookup_SubjectsServerStub(ctx) + err = service.LookupSubjects(&v0.LookupSubjectsRequest{}, responseCollector) + + assert.Error(t, err) +} + +func TestLookupService_LookupSubjects_NoResults(t *testing.T) { + t.Parallel() + ctx := context.TODO() + spicedb, err := container.CreateSpiceDbRepository() + assert.NoError(t, err) + + err = seedThingInDefaultWorkspace(ctx, spicedb, "thing1") + assert.NoError(t, err) + container.WaitForQuantizationInterval() + + service := createLookupService(spicedb) + + responseCollector := NewLookup_SubjectsServerStub(ctx) + err = service.LookupSubjects(&v0.LookupSubjectsRequest{ + SubjectType: simple_type("user"), + Relation: "view", + Resource: &v0.ObjectReference{Type: simple_type("thing"), Id: "thing1"}, + }, responseCollector) + assert.NoError(t, err) + results := responseCollector.GetResponses() + + assert.Empty(t, results) +} + +func TestLookupService_LookupSubjects_OneResult(t *testing.T) { + t.Parallel() + ctx := context.TODO() + spicedb, err := container.CreateSpiceDbRepository() + assert.NoError(t, err) + + err = seedThingInDefaultWorkspace(ctx, spicedb, "thing1") + assert.NoError(t, err) + err = seedUserWithViewThingInDefaultWorkspace(ctx, spicedb, "u1") + assert.NoError(t, err) + container.WaitForQuantizationInterval() + + service := createLookupService(spicedb) + + responseCollector := NewLookup_SubjectsServerStub(ctx) + err = service.LookupSubjects(&v0.LookupSubjectsRequest{ + SubjectType: simple_type("user"), + Relation: "view", + Resource: &v0.ObjectReference{Type: simple_type("thing"), Id: "thing1"}, + }, responseCollector) + assert.NoError(t, err) + ids := responseCollector.GetIDs() + + assert.ElementsMatch(t, []string{"u1"}, ids) +} + +func TestLookupService_LookupSubjects_TwoResults(t *testing.T) { + t.Parallel() + ctx := context.TODO() + spicedb, err := container.CreateSpiceDbRepository() + assert.NoError(t, err) + + err = seedThingInDefaultWorkspace(ctx, spicedb, "thing1") + assert.NoError(t, err) + err = seedUserWithViewThingInDefaultWorkspace(ctx, spicedb, "u1") + assert.NoError(t, err) + err = seedUserWithViewThingInDefaultWorkspace(ctx, spicedb, "u2") + assert.NoError(t, err) + container.WaitForQuantizationInterval() + + service := createLookupService(spicedb) + + responseCollector := NewLookup_SubjectsServerStub(ctx) + err = service.LookupSubjects(&v0.LookupSubjectsRequest{ + SubjectType: simple_type("user"), + Relation: "view", + Resource: &v0.ObjectReference{Type: simple_type("thing"), Id: "thing1"}, + }, responseCollector) + assert.NoError(t, err) + ids := responseCollector.GetIDs() + + assert.ElementsMatch(t, []string{"u1", "u2"}, ids) +} + +func createLookupService(spicedb *data.SpiceDbRepository) *LookupService { + logger := log.With(log.NewStdLogger(os.Stdout), + "ts", log.DefaultTimestamp, + "caller", log.DefaultCaller, + "trace.id", tracing.TraceID(), + "span.id", tracing.SpanID(), + ) + return NewLookupService(biz.NewGetSubjectsUseCase(spicedb, logger)) +} +func seedThingInDefaultWorkspace(ctx context.Context, spicedb *data.SpiceDbRepository, thing string) error { + return spicedb.CreateRelationships(ctx, []*v0.Relationship{ + { + Resource: &v0.ObjectReference{Type: simple_type("thing"), Id: thing}, + Relation: "workspace", + Subject: &v0.SubjectReference{Subject: &v0.ObjectReference{Type: simple_type("workspace"), Id: "default"}}, + }, + }, biz.TouchSemantics(true)) +} + +func seedUserWithViewThingInDefaultWorkspace(ctx context.Context, spicedb *data.SpiceDbRepository, user string) error { + return spicedb.CreateRelationships(ctx, []*v0.Relationship{ + { + Resource: &v0.ObjectReference{Type: simple_type("role"), Id: "viewers"}, + Relation: "view_the_thing", + Subject: &v0.SubjectReference{Subject: &v0.ObjectReference{Type: simple_type("user"), Id: "*"}}, + }, + { + Resource: &v0.ObjectReference{Type: simple_type("role_binding"), Id: "default_viewers"}, + Relation: "subject", + Subject: &v0.SubjectReference{Subject: &v0.ObjectReference{Type: simple_type("user"), Id: user}}, + }, + { + Resource: &v0.ObjectReference{Type: simple_type("role_binding"), Id: "default_viewers"}, + Relation: "granted", + Subject: &v0.SubjectReference{Subject: &v0.ObjectReference{Type: simple_type("role"), Id: "viewers"}}, + }, + { + Resource: &v0.ObjectReference{Type: simple_type("workspace"), Id: "default"}, + Relation: "user_grant", + Subject: &v0.SubjectReference{Subject: &v0.ObjectReference{Type: simple_type("role_binding"), Id: "default_viewers"}}, + }, + }, biz.TouchSemantics(true)) +} + +func NewLookup_SubjectsServerStub(ctx context.Context) *Lookup_SubjectsServerStub { + return &Lookup_SubjectsServerStub{ + ServerStream: nil, + responses: []*v0.LookupSubjectsResponse{}, + ctx: ctx, + } +} + +func (s *Lookup_SubjectsServerStub) GetResponses() []*v0.LookupSubjectsResponse { + return s.responses +} + +func (s *Lookup_SubjectsServerStub) GetIDs() []string { + ids := make([]string, len(s.responses)) + + for i, r := range s.responses { + ids[i] = r.Subject.Subject.Id + } + + return ids +} + +type Lookup_SubjectsServerStub struct { + grpc.ServerStream + responses []*v0.LookupSubjectsResponse + ctx context.Context +} + +func (s *Lookup_SubjectsServerStub) Context() context.Context { + return s.ctx +} + +func (s *Lookup_SubjectsServerStub) Send(r *v0.LookupSubjectsResponse) error { + s.responses = append(s.responses, r) + return nil +} diff --git a/internal/service/relationships.go b/internal/service/relationships.go index 511595a..07df2ad 100644 --- a/internal/service/relationships.go +++ b/internal/service/relationships.go @@ -6,11 +6,11 @@ import ( "github.com/go-kratos/kratos/v2/log" - pb "ciam-rebac/api/rebac/v1" + pb "ciam-rebac/api/relations/v0" ) type RelationshipsService struct { - pb.UnimplementedRelationshipsServer + pb.UnimplementedKesselTupleServiceServer createUsecase *biz.CreateRelationshipsUsecase readUsecase *biz.ReadRelationshipsUsecase deleteUsecase *biz.DeleteRelationshipsUsecase @@ -26,30 +26,45 @@ func NewRelationshipsService(logger log.Logger, createUseCase *biz.CreateRelatio } } -func (s *RelationshipsService) CreateRelationships(ctx context.Context, req *pb.CreateRelationshipsRequest) (*pb.CreateRelationshipsResponse, error) { +func (s *RelationshipsService) CreateRelationships(ctx context.Context, req *pb.CreateTuplesRequest) (*pb.CreateTuplesResponse, error) { s.log.Infof("Create relationships request: %v", req) - err := s.createUsecase.CreateRelationships(ctx, req.Relationships, req.GetTouch()) + err := s.createUsecase.CreateRelationships(ctx, req.Tuples, req.GetUpsert()) //The generated .GetUpsert() defaults to false if err != nil { return nil, err } - return &pb.CreateRelationshipsResponse{}, nil + return &pb.CreateTuplesResponse{}, nil } -func (s *RelationshipsService) ReadRelationships(ctx context.Context, req *pb.ReadRelationshipsRequest) (*pb.ReadRelationshipsResponse, error) { - s.log.Infof("Read relationships request: %v", req) +func (s *RelationshipsService) ReadRelationships(req *pb.ReadTuplesRequest, conn pb.KesselTupleService_ReadTuplesServer) error { + ctx := conn.Context() - if relationships, err := s.readUsecase.ReadRelationships(ctx, req.GetFilter()); err != nil { - return nil, err - } else { - return &pb.ReadRelationshipsResponse{ - Relationships: relationships, - }, nil + relationships, errs, err := s.readUsecase.ReadRelationships(ctx, req) + + if err != nil { + return err + } + + for rel := range relationships { + err = conn.Send(&pb.ReadTuplesResponse{ + Tuple: rel.Relationship, + Pagination: &pb.ResponsePagination{ContinuationToken: string(rel.Continuation)}, + }) + if err != nil { + return err + } + } + + err, ok := <-errs + if ok { + return err } + + return nil } -func (s *RelationshipsService) DeleteRelationships(ctx context.Context, req *pb.DeleteRelationshipsRequest) (*pb.DeleteRelationshipsResponse, error) { +func (s *RelationshipsService) DeleteRelationships(ctx context.Context, req *pb.DeleteTuplesRequest) (*pb.DeleteTuplesResponse, error) { s.log.Infof("Delete relationships request: %v", req) err := s.deleteUsecase.DeleteRelationships(ctx, req.Filter) @@ -57,5 +72,5 @@ func (s *RelationshipsService) DeleteRelationships(ctx context.Context, req *pb. return nil, err } - return &pb.DeleteRelationshipsResponse{}, nil + return &pb.DeleteTuplesResponse{}, nil } diff --git a/internal/service/relationships_test.go b/internal/service/relationships_test.go index accd6e6..1e1546f 100644 --- a/internal/service/relationships_test.go +++ b/internal/service/relationships_test.go @@ -1,18 +1,20 @@ package service import ( - v1 "ciam-rebac/api/rebac/v1" + v0 "ciam-rebac/api/relations/v0" "ciam-rebac/internal/biz" "ciam-rebac/internal/data" "context" "fmt" + "os" + "testing" + "github.com/go-kratos/kratos/v2/log" "github.com/go-kratos/kratos/v2/middleware/tracing" "github.com/stretchr/testify/assert" + "google.golang.org/grpc" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" - "os" - "testing" ) var container *data.LocalSpiceDbContainer @@ -44,35 +46,41 @@ func TestRelationshipsService_CreateRelationships(t *testing.T) { err, relationshipsService := setup(t) assert.NoError(t, err) ctx := context.Background() - expected := createRelationship("bob", "user", "", "member", "group", "bob_club") + expected := createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club") - req := &v1.CreateRelationshipsRequest{ - Relationships: []*v1.Relationship{ + req := &v0.CreateTuplesRequest{ + Tuples: []*v0.Relationship{ expected, }, } _, err = relationshipsService.CreateRelationships(ctx, req) assert.NoError(t, err) - readReq := &v1.ReadRelationshipsRequest{Filter: &v1.RelationshipFilter{ - ObjectId: "bob_club", - ObjectType: "group", - Relation: "member", - SubjectFilter: &v1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + readReq := &v0.ReadTuplesRequest{Filter: &v0.RelationTupleFilter{ + ResourceId: pointerize("bob_club"), + ResourceType: pointerize("group"), + Relation: pointerize("member"), + SubjectFilter: &v0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, }, } - response, err := relationshipsService.ReadRelationships(ctx, readReq) - assert.NoError(t, err) - responseRelationships := response.Relationships - for _, actual := range responseRelationships { - assert.Equal(t, expected.Object.Id, actual.Object.Id) - assert.Equal(t, expected.Object.Type, actual.Object.Type) - assert.Equal(t, expected.Subject.Object.Id, actual.Subject.Object.Id) - assert.Equal(t, expected.Subject.Object.Type, actual.Subject.Object.Type) - assert.Equal(t, expected.Relation, actual.Relation) + collectingServer := NewRelationships_ReadRelationshipsServerStub(ctx) + err = relationshipsService.ReadRelationships(readReq, collectingServer) + if err != nil { + t.FailNow() + } + responseRelationships := collectingServer.responses + + for _, resp := range responseRelationships { + assert.Equal(t, expected.Resource.Id, resp.Tuple.Resource.Id) + assert.Equal(t, expected.Resource.Type.Namespace, resp.Tuple.Resource.Type.Namespace) + assert.Equal(t, expected.Resource.Type.Type, resp.Tuple.Resource.Type.Type) + assert.Equal(t, expected.Subject.Subject.Id, resp.Tuple.Subject.Subject.Id) + assert.Equal(t, expected.Subject.Subject.Type.Namespace, resp.Tuple.Subject.Subject.Type.Namespace) + assert.Equal(t, expected.Subject.Subject.Type.Type, resp.Tuple.Subject.Subject.Type.Type) + assert.Equal(t, expected.Relation, resp.Tuple.Relation) } } @@ -83,34 +91,40 @@ func TestRelationshipsService_CreateRelationshipsWithTouchFalse(t *testing.T) { assert.NoError(t, err) ctx := context.Background() - expected := createRelationship("bob", "user", "", "member", "group", "bob_club") - req := &v1.CreateRelationshipsRequest{ - Relationships: []*v1.Relationship{ + expected := createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club") + req := &v0.CreateTuplesRequest{ + Tuples: []*v0.Relationship{ expected, }, } _, err = relationshipsService.CreateRelationships(ctx, req) assert.NoError(t, err) - readReq := &v1.ReadRelationshipsRequest{Filter: &v1.RelationshipFilter{ - ObjectId: "bob_club", - ObjectType: "group", - Relation: "member", - SubjectFilter: &v1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + readReq := &v0.ReadTuplesRequest{Filter: &v0.RelationTupleFilter{ + ResourceId: pointerize("bob_club"), + ResourceType: pointerize("group"), + Relation: pointerize("member"), + SubjectFilter: &v0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, }, } - response, err := relationshipsService.ReadRelationships(ctx, readReq) - assert.NoError(t, err) - responseRelationships := response.Relationships - for _, actual := range responseRelationships { - assert.Equal(t, expected.Object.Id, actual.Object.Id) - assert.Equal(t, expected.Object.Type, actual.Object.Type) - assert.Equal(t, expected.Subject.Object.Id, actual.Subject.Object.Id) - assert.Equal(t, expected.Subject.Object.Type, actual.Subject.Object.Type) - assert.Equal(t, expected.Relation, actual.Relation) + collectingServer := NewRelationships_ReadRelationshipsServerStub(ctx) + err = relationshipsService.ReadRelationships(readReq, collectingServer) + if err != nil { + t.FailNow() + } + responseRelationships := collectingServer.responses + + for _, resp := range responseRelationships { + assert.Equal(t, expected.Resource.Id, resp.Tuple.Resource.Id) + assert.Equal(t, expected.Resource.Type.Namespace, resp.Tuple.Resource.Type.Namespace) + assert.Equal(t, expected.Resource.Type.Type, resp.Tuple.Resource.Type.Type) + assert.Equal(t, expected.Subject.Subject.Id, resp.Tuple.Subject.Subject.Id) + assert.Equal(t, expected.Subject.Subject.Type.Namespace, resp.Tuple.Subject.Subject.Type.Namespace) + assert.Equal(t, expected.Subject.Subject.Type.Type, resp.Tuple.Subject.Subject.Type.Type) + assert.Equal(t, expected.Relation, resp.Tuple.Relation) } _, err = relationshipsService.CreateRelationships(ctx, req) @@ -124,9 +138,9 @@ func TestRelationshipsService_CreateRelationshipsWithBadSubjectType(t *testing.T assert.NoError(t, err) ctx := context.Background() badSubjectType := "not_a_user" - expected := createRelationship("bob", badSubjectType, "", "member", "group", "bob_club") - req := &v1.CreateRelationshipsRequest{ - Relationships: []*v1.Relationship{ + expected := createRelationship("bob", simple_type(badSubjectType), "", "member", simple_type("group"), "bob_club") + req := &v0.CreateTuplesRequest{ + Tuples: []*v0.Relationship{ expected, }, } @@ -142,9 +156,9 @@ func TestRelationshipsService_CreateRelationshipsWithBadObjectType(t *testing.T) assert.NoError(t, err) ctx := context.Background() badObjectType := "not_an_object" - expected := createRelationship("bob", "user", "", "member", badObjectType, "bob_club") - req := &v1.CreateRelationshipsRequest{ - Relationships: []*v1.Relationship{ + expected := createRelationship("bob", simple_type("user"), "", "member", simple_type(badObjectType), "bob_club") + req := &v0.CreateTuplesRequest{ + Tuples: []*v0.Relationship{ expected, }, } @@ -159,41 +173,48 @@ func TestRelationshipsService_DeleteRelationships(t *testing.T) { err, relationshipsService := setup(t) assert.NoError(t, err) - expected := createRelationship("bob", "user", "", "member", "group", "bob_club") + expected := createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club") ctx := context.Background() - req := &v1.CreateRelationshipsRequest{ - Relationships: []*v1.Relationship{ + req := &v0.CreateTuplesRequest{ + Tuples: []*v0.Relationship{ expected, }, } _, err = relationshipsService.CreateRelationships(ctx, req) assert.NoError(t, err) - delreq := &v1.DeleteRelationshipsRequest{Filter: &v1.RelationshipFilter{ - ObjectId: "bob_club", - ObjectType: "group", - Relation: "member", - SubjectFilter: &v1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + delreq := &v0.DeleteTuplesRequest{Filter: &v0.RelationTupleFilter{ + ResourceId: pointerize("bob_club"), + ResourceType: pointerize("group"), + Relation: pointerize("member"), + SubjectFilter: &v0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, }} _, err = relationshipsService.DeleteRelationships(ctx, delreq) assert.NoError(t, err) - readReq := &v1.ReadRelationshipsRequest{Filter: &v1.RelationshipFilter{ - ObjectId: "bob_club", - ObjectType: "group", - Relation: "member", - SubjectFilter: &v1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + readReq := &v0.ReadTuplesRequest{Filter: &v0.RelationTupleFilter{ + ResourceId: pointerize("bob_club"), + ResourceType: pointerize("group"), + Relation: pointerize("member"), + SubjectFilter: &v0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, }, } - response, err := relationshipsService.ReadRelationships(ctx, readReq) - assert.Equal(t, 0, len(response.Relationships)) + + collectingServer := NewRelationships_ReadRelationshipsServerStub(ctx) + err = relationshipsService.ReadRelationships(readReq, collectingServer) + if err != nil { + t.FailNow() + } + responses := collectingServer.responses + + assert.Equal(t, 0, len(responses)) assert.NoError(t, err) } @@ -216,6 +237,8 @@ func setup(t *testing.T) (error, *RelationshipsService) { func TestRelationshipsService_ReadRelationships(t *testing.T) { t.Parallel() + ctx := context.TODO() + logger := log.With(log.NewStdLogger(os.Stdout), "ts", log.DefaultTimestamp, "caller", log.DefaultCaller, @@ -230,38 +253,91 @@ func TestRelationshipsService_ReadRelationships(t *testing.T) { deleteRelationshipsUsecase := biz.NewDeleteRelationshipsUsecase(spiceDbRepository, logger) relationshipsService := NewRelationshipsService(logger, createRelationshipsUsecase, readRelationshipsUsecase, deleteRelationshipsUsecase) - ctx := context.Background() - req := &v1.ReadRelationshipsRequest{Filter: &v1.RelationshipFilter{ - ObjectId: "bob_club", - ObjectType: "group", - Relation: "member", - SubjectFilter: &v1.SubjectFilter{ - SubjectId: "bob", - SubjectType: "user", + expected := createRelationship("bob", simple_type("user"), "", "member", simple_type("group"), "bob_club") + + reqCr := &v0.CreateTuplesRequest{ + Tuples: []*v0.Relationship{ + expected, + }, + } + _, err = relationshipsService.CreateRelationships(ctx, reqCr) + assert.NoError(t, err) + + req := &v0.ReadTuplesRequest{Filter: &v0.RelationTupleFilter{ + ResourceId: pointerize("bob_club"), + ResourceType: pointerize("group"), + Relation: pointerize("member"), + SubjectFilter: &v0.SubjectFilter{ + SubjectId: pointerize("bob"), + SubjectType: pointerize("user"), }, }, } - readResponse, err := relationshipsService.ReadRelationships(ctx, req) - assert.Equal(t, 0, len(readResponse.Relationships)) + + collectingServer := NewRelationships_ReadRelationshipsServerStub(ctx) + err = relationshipsService.ReadRelationships(req, collectingServer) + if err != nil { + t.FailNow() + } + responses := collectingServer.responses + + assert.Equal(t, 1, len(responses)) assert.NoError(t, err) } -func createRelationship(subjectId string, subjectType string, subjectRelationship string, relationship string, objectType string, objectId string) *v1.Relationship { - subject := &v1.SubjectReference{ - Object: &v1.ObjectReference{ + +func simple_type(typename string) *v0.ObjectType { + return &v0.ObjectType{Type: typename} +} + +func pointerize(value string) *string { //Used to turn string literals into pointers + return &value +} + +func createRelationship(subjectId string, subjectType *v0.ObjectType, subjectRelationship string, relationship string, objectType *v0.ObjectType, objectId string) *v0.Relationship { + subject := &v0.SubjectReference{ + Subject: &v0.ObjectReference{ Type: subjectType, Id: subjectId, }, - Relation: subjectRelationship, } - object := &v1.ObjectReference{ + if subjectRelationship != "" { + subject.Relation = &subjectRelationship + } + + resource := &v0.ObjectReference{ Type: objectType, Id: objectId, } - return &v1.Relationship{ - Object: object, + return &v0.Relationship{ + Resource: resource, Relation: relationship, Subject: subject, } } + +// Below is the boilerplate for creating test servers for streaming ReadRelationships rpc + +func NewRelationships_ReadRelationshipsServerStub(ctx context.Context) *Relationships_ReadRelationshipsServerStub { + return &Relationships_ReadRelationshipsServerStub{ + ServerStream: nil, + responses: []*v0.ReadTuplesResponse{}, + ctx: ctx, + } +} + +type Relationships_ReadRelationshipsServerStub struct { + grpc.ServerStream + responses []*v0.ReadTuplesResponse + ctx context.Context +} + +func (x *Relationships_ReadRelationshipsServerStub) Send(m *v0.ReadTuplesResponse) error { + x.responses = append(x.responses, m) + return nil +} + +func (x *Relationships_ReadRelationshipsServerStub) Context() context.Context { + return x.ctx +} diff --git a/internal/service/service.go b/internal/service/service.go index cac484b..b19b5b4 100644 --- a/internal/service/service.go +++ b/internal/service/service.go @@ -3,4 +3,4 @@ package service import "github.com/google/wire" // ProviderSet is service providers. -var ProviderSet = wire.NewSet(NewRelationshipsService, NewHealthService, NewCheckService) +var ProviderSet = wire.NewSet(NewRelationshipsService, NewHealthService, NewLookupService, NewCheckService) diff --git a/openapi.yaml b/openapi.yaml index efd6d2e..30dbb8a 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -9,37 +9,38 @@ paths: /livez: get: tags: - - Health - operationId: Health_GetLivez + - KesselHealth + operationId: KesselHealth_GetLivez responses: "200": description: OK content: application/json: schema: - $ref: '#/components/schemas/api.health.v1.GetLivezReply' + $ref: '#/components/schemas/kessel.relations.v1.GetLivezReply' /readyz: get: tags: - - Health - operationId: Health_GetReadyz + - KesselHealth + operationId: KesselHealth_GetReadyz responses: "200": description: OK content: application/json: schema: - $ref: '#/components/schemas/api.health.v1.GetReadyzReply' - /v1/check: + $ref: '#/components/schemas/kessel.relations.v1.GetReadyzReply' + /v0/check: post: tags: - - Check - operationId: Check_Check + - KesselCheckService + description: "Checks for the existence of a single Relationship \n (a Relation between a Resource and a Subject or Subject Set)." + operationId: KesselCheckService_Check requestBody: content: application/json: schema: - $ref: '#/components/schemas/api.rebac.v1.CheckRequest' + $ref: '#/components/schemas/kessel.relations.v0.CheckRequest' required: true responses: "200": @@ -47,18 +48,72 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/api.rebac.v1.CheckResponse' - /v1/relationships: + $ref: '#/components/schemas/kessel.relations.v0.CheckResponse' + /v0/subjects: get: tags: - - Relationships - operationId: Relationships_ReadRelationships + - KesselLookupService + operationId: KesselLookupService_LookupSubjects parameters: - - name: filter.objectType + - name: resource.type.namespace in: query schema: type: string - - name: filter.objectId + - name: resource.type.type + in: query + schema: + type: string + - name: resource.id + in: query + schema: + type: string + - name: relation + in: query + schema: + type: string + - name: subjectType.namespace + in: query + schema: + type: string + - name: subjectType.type + in: query + schema: + type: string + - name: subjectRelation + in: query + schema: + type: string + - name: pagination.limit + in: query + schema: + type: integer + format: uint32 + - name: pagination.continuationToken + in: query + schema: + type: string + responses: + "200": + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/kessel.relations.v0.LookupSubjectsResponse' + /v0/tuples: + get: + tags: + - KesselTupleService + operationId: KesselTupleService_ReadTuples + parameters: + - name: filter.resourceNamespace + in: query + schema: + type: string + - name: filter.resourceType + in: query + schema: + type: string + - name: filter.resourceId in: query schema: type: string @@ -66,7 +121,11 @@ paths: in: query schema: type: string - - name: filter.subjectFilter.relation + - name: filter.subjectFilter.subjectNamespace + in: query + schema: + type: string + - name: filter.subjectFilter.subjectType in: query schema: type: string @@ -74,7 +133,16 @@ paths: in: query schema: type: string - - name: filter.subjectFilter.subjectType + - name: filter.subjectFilter.relation + in: query + schema: + type: string + - name: pagination.limit + in: query + schema: + type: integer + format: uint32 + - name: pagination.continuationToken in: query schema: type: string @@ -84,16 +152,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/api.rebac.v1.ReadRelationshipsResponse' + $ref: '#/components/schemas/kessel.relations.v0.ReadTuplesResponse' post: tags: - - Relationships - operationId: Relationships_CreateRelationships + - KesselTupleService + operationId: KesselTupleService_CreateTuples requestBody: content: application/json: schema: - $ref: '#/components/schemas/api.rebac.v1.CreateRelationshipsRequest' + $ref: '#/components/schemas/kessel.relations.v0.CreateTuplesRequest' required: true responses: "200": @@ -101,17 +169,21 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/api.rebac.v1.CreateRelationshipsResponse' + $ref: '#/components/schemas/kessel.relations.v0.CreateTuplesResponse' delete: tags: - - Relationships - operationId: Relationships_DeleteRelationships + - KesselTupleService + operationId: KesselTupleService_DeleteTuples parameters: - - name: filter.objectType + - name: filter.resourceNamespace in: query schema: type: string - - name: filter.objectId + - name: filter.resourceType + in: query + schema: + type: string + - name: filter.resourceId in: query schema: type: string @@ -119,7 +191,11 @@ paths: in: query schema: type: string - - name: filter.subjectFilter.relation + - name: filter.subjectFilter.subjectNamespace + in: query + schema: + type: string + - name: filter.subjectFilter.subjectType in: query schema: type: string @@ -127,7 +203,7 @@ paths: in: query schema: type: string - - name: filter.subjectFilter.subjectType + - name: filter.subjectFilter.relation in: query schema: type: string @@ -137,76 +213,103 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/api.rebac.v1.DeleteRelationshipsResponse' + $ref: '#/components/schemas/kessel.relations.v0.DeleteTuplesResponse' components: schemas: - api.health.v1.GetLivezReply: - type: object - properties: {} - api.health.v1.GetReadyzReply: - type: object - properties: {} - api.rebac.v1.CheckRequest: + kessel.relations.v0.CheckRequest: type: object properties: - object: - $ref: '#/components/schemas/api.rebac.v1.ObjectReference' + resource: + $ref: '#/components/schemas/kessel.relations.v0.ObjectReference' relation: type: string subject: - $ref: '#/components/schemas/api.rebac.v1.SubjectReference' - api.rebac.v1.CheckResponse: + $ref: '#/components/schemas/kessel.relations.v0.SubjectReference' + kessel.relations.v0.CheckResponse: type: object properties: allowed: type: integer format: enum - api.rebac.v1.CreateRelationshipsRequest: + kessel.relations.v0.CreateTuplesRequest: type: object properties: - touch: + upsert: type: boolean - relationships: + description: "Whether or not the request should ignore existing tuples (`true`),\n or if the request should fail if the same tuple already exists (`false`).\n \n Defaults to `false`." + tuples: type: array items: - $ref: '#/components/schemas/api.rebac.v1.Relationship' - api.rebac.v1.CreateRelationshipsResponse: + $ref: '#/components/schemas/kessel.relations.v0.Relationship' + kessel.relations.v0.CreateTuplesResponse: type: object properties: {} - api.rebac.v1.DeleteRelationshipsResponse: + kessel.relations.v0.DeleteTuplesResponse: type: object properties: {} - api.rebac.v1.ObjectReference: + kessel.relations.v0.LookupSubjectsResponse: + type: object + properties: + subject: + $ref: '#/components/schemas/kessel.relations.v0.SubjectReference' + pagination: + $ref: '#/components/schemas/kessel.relations.v0.ResponsePagination' + kessel.relations.v0.ObjectReference: type: object properties: type: - type: string + $ref: '#/components/schemas/kessel.relations.v0.ObjectType' id: type: string - api.rebac.v1.ReadRelationshipsResponse: + kessel.relations.v0.ObjectType: type: object properties: - relationships: - type: array - items: - $ref: '#/components/schemas/api.rebac.v1.Relationship' - api.rebac.v1.Relationship: + namespace: + type: string + type: + type: string + kessel.relations.v0.ReadTuplesResponse: type: object properties: - object: - $ref: '#/components/schemas/api.rebac.v1.ObjectReference' + tuple: + $ref: '#/components/schemas/kessel.relations.v0.Relationship' + pagination: + $ref: '#/components/schemas/kessel.relations.v0.ResponsePagination' + kessel.relations.v0.Relationship: + type: object + properties: + resource: + $ref: '#/components/schemas/kessel.relations.v0.ObjectReference' relation: type: string subject: - $ref: '#/components/schemas/api.rebac.v1.SubjectReference' - api.rebac.v1.SubjectReference: + $ref: '#/components/schemas/kessel.relations.v0.SubjectReference' + description: "A _Relationship_ is the realization of a _Relation_ (a string) \n between a _Resource_ and a _Subject_ or a _Subject Set_ (known as a Userset in Zanzibar).\n\n All Relationships are object-object relations.\n \"Resource\" and \"Subject\" are relative terms which define the direction of a Relation.\n That is, Relations are unidirectional.\n If you reverse the Subject and Resource, it is a different Relation and a different Relationship.\n Conventionally, we generally refer to the Resource first, then Subject,\n following the direction of typical graph traversal (Resource to Subject)." + kessel.relations.v0.ResponsePagination: + type: object + properties: + continuationToken: + type: string + kessel.relations.v0.SubjectReference: type: object properties: relation: type: string - object: - $ref: '#/components/schemas/api.rebac.v1.ObjectReference' + description: |- + An optional relation which points to a set of Subjects instead of the single Subject. + e.g. "members" or "owners" of a group identified in `subject`. + subject: + $ref: '#/components/schemas/kessel.relations.v0.ObjectReference' + description: A reference to a Subject or, if a `relation` is provided, a Subject Set. + kessel.relations.v1.GetLivezReply: + type: object + properties: {} + kessel.relations.v1.GetReadyzReply: + type: object + properties: {} tags: - - name: Check - - name: Health - - name: Relationships + - name: KesselCheckService + - name: KesselHealth + - name: KesselLookupService + - name: KesselTupleService + description: "KesselTupleServices manages the persisted _Tuples_ stored in the system..\n \n A Tuple is an explicitly stated, persistent relation \n between a Resource and a Subject or Subject Set. \n It has the same _shape_ as a Relationship but is not the same thing as a Relationship.\n \n A single Tuple may result in zero-to-many Relationships."