// @generated // This file is @generated by prost-build. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WatchPermissionsRequest { /// permissions is a list of permissions to watch for changes. At least one permission must be specified, and it must /// be a subset or equal to the permissions that were enabled for the service. #[prost(message, repeated, tag="1")] pub permissions: ::prost::alloc::vec::Vec, /// optional_starting_after is the revision token to start watching from. If not provided, the stream /// will start from the current revision at the moment of the request. #[prost(message, optional, tag="2")] pub optional_starting_after: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WatchedPermission { /// resource_type is the type of the resource to watch for changes. #[prost(string, tag="1")] pub resource_type: ::prost::alloc::string::String, /// permission is the permission to watch for changes. #[prost(string, tag="2")] pub permission: ::prost::alloc::string::String, /// subject_type is the type of the subject to watch for changes. #[prost(string, tag="3")] pub subject_type: ::prost::alloc::string::String, /// optional_subject_relation is the relation on the subject to watch for changes. #[prost(string, tag="4")] pub optional_subject_relation: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WatchPermissionsResponse { #[prost(oneof="watch_permissions_response::Response", tags="1, 2")] pub response: ::core::option::Option, } /// Nested message and enum types in `WatchPermissionsResponse`. pub mod watch_permissions_response { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Response { /// change is the computed permission delta that has occurred as result of a mutation in origin SpiceDB. /// The consumer should apply this change to the current state of the computed permissions in their target system. /// Once an event arrives with completed_revision instead, the consumer shall consider there are not more changes /// originating from that revision. /// /// The consumer should keep track of the revision in order to resume streaming in the event of consumer restarts. #[prost(message, tag="1")] Change(super::PermissionChange), /// completed_revision is the revision token that indicates all changes originating from a revision have been /// streamed and thus the revision should be considered completed. It may also be /// received without accompanying set of changes, indicating that a mutation in the origin SpiceDB cluster did /// not yield any effective changes in the computed permissions #[prost(message, tag="2")] CompletedRevision(super::super::super::v1::ZedToken), } } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct PermissionChange { /// revision represents the revision at which the change occurred. #[prost(message, optional, tag="1")] pub revision: ::core::option::Option, /// resource is the resource that the permission change is related to. #[prost(message, optional, tag="2")] pub resource: ::core::option::Option, /// permission is the permission that has changed. #[prost(string, tag="3")] pub permission: ::prost::alloc::string::String, /// subject is the subject that the permission change is related to. #[prost(message, optional, tag="4")] pub subject: ::core::option::Option, /// permissionship is the new permissionship of the subject over the resource after the change. #[prost(enumeration="permission_change::Permissionship", tag="5")] pub permissionship: i32, } /// Nested message and enum types in `PermissionChange`. pub mod permission_change { #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Permissionship { Unspecified = 0, NoPermission = 1, HasPermission = 2, ConditionalPermission = 3, } impl Permissionship { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { Permissionship::Unspecified => "PERMISSIONSHIP_UNSPECIFIED", Permissionship::NoPermission => "PERMISSIONSHIP_NO_PERMISSION", Permissionship::HasPermission => "PERMISSIONSHIP_HAS_PERMISSION", Permissionship::ConditionalPermission => "PERMISSIONSHIP_CONDITIONAL_PERMISSION", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified), "PERMISSIONSHIP_NO_PERMISSION" => Some(Self::NoPermission), "PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission), "PERMISSIONSHIP_CONDITIONAL_PERMISSION" => Some(Self::ConditionalPermission), _ => None, } } } } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WatchPermissionSetsRequest { /// optional_starting_after is used to specify the SpiceDB revision to start watching from. /// If not specified, the watch will start from the current SpiceDB revision time of the request ("head revision"). #[prost(message, optional, tag="1")] pub optional_starting_after: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WatchPermissionSetsResponse { #[prost(oneof="watch_permission_sets_response::Response", tags="1, 2, 3, 4")] pub response: ::core::option::Option, } /// Nested message and enum types in `WatchPermissionSetsResponse`. pub mod watch_permission_sets_response { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Response { /// change is the permission set delta that has occurred as result of a mutation in origin SpiceDB. /// The consumer should apply this change to the current state of the permission sets in their target system. /// Once an event arrives with completed_revision instead, the consumer shall consider the set of /// changes originating from that revision completed. /// /// The consumer should keep track of the revision in order to resume streaming in the event of consumer restarts. #[prost(message, tag="1")] Change(super::PermissionSetChange), /// completed_revision is the revision token that indicates the completion of a set of changes. It may also be /// received without accompanying set of changes, indicating that a mutation in the origin SpiceDB cluster did /// not yield any effective changes in the permission sets #[prost(message, tag="2")] CompletedRevision(super::super::super::v1::ZedToken), /// lookup_permission_sets_required is a signal that the consumer should perform a LookupPermissionSets call because /// the permission set snapshot needs to be rebuilt from scratch. This typically happens when the origin SpiceDB /// cluster has seen its schema changed. #[prost(message, tag="3")] LookupPermissionSetsRequired(super::LookupPermissionSetsRequired), /// breaking_schema_change is a signal that a breaking schema change has been written to the origin SpiceDB cluster, /// and that the consumer should expect delays in the ingestion of new changes, /// because the permission set snapshot needs to be rebuilt from scratch. Once the snapshot is ready, the consumer /// will receive a LookupPermissionSetsRequired event. #[prost(message, tag="4")] BreakingSchemaChange(super::BreakingSchemaChange), } } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct Cursor { /// limit is the number of permission sets to stream over a single LookupPermissionSets call that was requested. #[prost(uint32, tag="1")] pub limit: u32, /// token is the snapshot revision at which the cursor was computed. #[prost(message, optional, tag="4")] pub token: ::core::option::Option, /// starting_index is an offset of the permission set represented by this cursor #[prost(uint32, tag="5")] pub starting_index: u32, /// completed_members is a boolean flag that indicates that the cursor has reached the end of the permission sets #[prost(bool, tag="6")] pub completed_members: bool, /// starting_key is a string cursor used by some backends to resume the stream from a specific point. #[prost(string, tag="7")] pub starting_key: ::prost::alloc::string::String, /// cursor is a string-encoded internal materialize cursor. #[prost(string, tag="8")] pub cursor: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct LookupPermissionSetsRequest { /// limit is the number of permission sets to stream over a single LookupPermissionSets. Once the limit is reached, /// the server will close the stream. If more permission sets are available, the consume should open a new stream /// providing optional_starting_after_cursor, using the cursor from the last response. #[prost(uint32, tag="1")] pub limit: u32, /// optional_at_revision specifies the client is requesting to lookup PermissionSets at a specific revision. It's /// optional, and if not provided, PermissionSets will be looked up at the current revision. The cursor always /// takes precedence in defining the revision when present. #[prost(message, optional, tag="2")] pub optional_at_revision: ::core::option::Option, /// optional_starting_after_cursor is used to specify the offset to start streaming permission sets from. #[prost(message, optional, tag="4")] pub optional_starting_after_cursor: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct LookupPermissionSetsResponse { /// change represents the permission set delta necessary to transition an uninitialized target system to /// a specific snapshot revision. In practice it's not different from the WatchPermissionSetsResponse.change, except /// all changes will be of time SET_OPERATION_ADDED because it's assumed there is no known previous state. /// /// Applying the deltas to a previously initialized target system would yield incorrect results. #[prost(message, optional, tag="1")] pub change: ::core::option::Option, /// cursor points to a specific permission set in a revision. /// The consumer should keep track of the cursor in order to resume streaming in the event of consumer restarts. This /// is particularly important in backfill scenarios that may take hours or event days to complete. #[prost(message, optional, tag="2")] pub cursor: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct PermissionSetChange { /// revision represents the revision at which the permission set change occurred. #[prost(message, optional, tag="1")] pub at_revision: ::core::option::Option, /// operation represents the type of set operation that took place as part of the change #[prost(enumeration="permission_set_change::SetOperation", tag="2")] pub operation: i32, /// parent_set represents the permission set parent of either another set or a member #[prost(message, optional, tag="3")] pub parent_set: ::core::option::Option, #[prost(oneof="permission_set_change::Child", tags="4, 5")] pub child: ::core::option::Option, } /// Nested message and enum types in `PermissionSetChange`. pub mod permission_set_change { #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum SetOperation { Unspecified = 0, Added = 1, Removed = 2, } impl SetOperation { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { SetOperation::Unspecified => "SET_OPERATION_UNSPECIFIED", SetOperation::Added => "SET_OPERATION_ADDED", SetOperation::Removed => "SET_OPERATION_REMOVED", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "SET_OPERATION_UNSPECIFIED" => Some(Self::Unspecified), "SET_OPERATION_ADDED" => Some(Self::Added), "SET_OPERATION_REMOVED" => Some(Self::Removed), _ => None, } } } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Child { /// child_set represents the scenario where another set is considered member of the parent set #[prost(message, tag="4")] ChildSet(super::SetReference), /// child_member represents the scenario where an specific object is considered member of the parent set #[prost(message, tag="5")] ChildMember(super::MemberReference), } } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct SetReference { /// object_type is the type of object in a permission set #[prost(string, tag="1")] pub object_type: ::prost::alloc::string::String, /// object_id is the ID of a permission set #[prost(string, tag="2")] pub object_id: ::prost::alloc::string::String, /// permission_or_relation is the permission or relation referenced by this permission set #[prost(string, tag="3")] pub permission_or_relation: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct MemberReference { /// object_type is the type of object of a permission set member #[prost(string, tag="1")] pub object_type: ::prost::alloc::string::String, /// object_id is the ID of a permission set member #[prost(string, tag="2")] pub object_id: ::prost::alloc::string::String, /// optional_permission_or_relation is the permission or relation referenced by this permission set member #[prost(string, tag="3")] pub optional_permission_or_relation: ::prost::alloc::string::String, } /// LookupPermissionSetsRequired is a signal that the consumer should perform a LookupPermissionSets call because /// the permission set snapshot needs to be rebuilt from scratch. This typically happens when the origin SpiceDB /// cluster has seen its schema changed, see BreakingSchemaChange event. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct LookupPermissionSetsRequired { /// required_lookup_at is the snapshot revision at which the permission set needs to be rebuilt to. #[prost(message, optional, tag="1")] pub required_lookup_at: ::core::option::Option, } /// BreakingSchemaChange is used to signal a breaking schema change has happened, and that the consumer should /// expect delays in the ingestion of new changes, because the permission set snapshot needs to be rebuilt from scratch. /// Once the snapshot is ready, the consumer will receive a LookupPermissionSetsRequired event. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct BreakingSchemaChange { /// change_at is the revision at which a breaking schema event has happened. #[prost(message, optional, tag="1")] pub change_at: ::core::option::Option, } // @@protoc_insertion_point(module)