// @generated // This file is @generated by prost-build. /// Relationship specifies how a resource relates to a subject. Relationships /// form the data for the graph over which all permissions questions are /// answered. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct Relationship { /// resource is the resource to which the subject is related, in some manner #[prost(message, optional, tag="1")] pub resource: ::core::option::Option, /// relation is how the resource and subject are related. #[prost(string, tag="2")] pub relation: ::prost::alloc::string::String, /// subject is the subject to which the resource is related, in some manner. #[prost(message, optional, tag="3")] pub subject: ::core::option::Option, /// optional_caveat is a reference to a the caveat that must be enforced over the relationship #[prost(message, optional, tag="4")] pub optional_caveat: ::core::option::Option, /// optional_expires_at is the time at which the relationship expires, if any. #[prost(message, optional, tag="5")] pub optional_expires_at: ::core::option::Option, } /// ContextualizedCaveat represents a reference to a caveat to be used by caveated relationships. /// The context consists of key-value pairs that will be injected at evaluation time. /// The keys must match the arguments defined on the caveat in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ContextualizedCaveat { /// caveat_name is the name of the caveat expression to use, as defined in the schema #[prost(string, tag="1")] pub caveat_name: ::prost::alloc::string::String, /// context consists of any named values that are defined at write time for the caveat expression #[prost(message, optional, tag="2")] pub context: ::core::option::Option, } /// SubjectReference is used for referring to the subject portion of a /// Relationship. The relation component is optional and is used for defining a /// sub-relation on the subject, e.g. group:123#members #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct SubjectReference { #[prost(message, optional, tag="1")] pub object: ::core::option::Option, #[prost(string, tag="2")] pub optional_relation: ::prost::alloc::string::String, } /// ObjectReference is used to refer to a specific object in the system. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ObjectReference { #[prost(string, tag="1")] pub object_type: ::prost::alloc::string::String, #[prost(string, tag="2")] pub object_id: ::prost::alloc::string::String, } /// ZedToken is used to provide causality metadata between Write and Check /// requests. /// /// See the authzed.api.v1.Consistency message for more information. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ZedToken { #[prost(string, tag="1")] pub token: ::prost::alloc::string::String, } /// Cursor is used to provide resumption of listing between calls to APIs /// such as LookupResources. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct Cursor { #[prost(string, tag="1")] pub token: ::prost::alloc::string::String, } /// RelationshipUpdate is used for mutating a single relationship within the /// service. /// /// CREATE will create the relationship only if it doesn't exist, and error /// otherwise. /// /// TOUCH will upsert the relationship, and will not error if it /// already exists. /// /// DELETE will delete the relationship. If the relationship does not exist, /// this operation will no-op. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct RelationshipUpdate { #[prost(enumeration="relationship_update::Operation", tag="1")] pub operation: i32, #[prost(message, optional, tag="2")] pub relationship: ::core::option::Option, } /// Nested message and enum types in `RelationshipUpdate`. pub mod relationship_update { #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Operation { Unspecified = 0, Create = 1, Touch = 2, Delete = 3, } impl Operation { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { Operation::Unspecified => "OPERATION_UNSPECIFIED", Operation::Create => "OPERATION_CREATE", Operation::Touch => "OPERATION_TOUCH", Operation::Delete => "OPERATION_DELETE", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "OPERATION_UNSPECIFIED" => Some(Self::Unspecified), "OPERATION_CREATE" => Some(Self::Create), "OPERATION_TOUCH" => Some(Self::Touch), "OPERATION_DELETE" => Some(Self::Delete), _ => None, } } } } /// PermissionRelationshipTree is used for representing a tree of a resource and /// its permission relationships with other objects. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct PermissionRelationshipTree { #[prost(message, optional, tag="3")] pub expanded_object: ::core::option::Option, #[prost(string, tag="4")] pub expanded_relation: ::prost::alloc::string::String, #[prost(oneof="permission_relationship_tree::TreeType", tags="1, 2")] pub tree_type: ::core::option::Option, } /// Nested message and enum types in `PermissionRelationshipTree`. pub mod permission_relationship_tree { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum TreeType { #[prost(message, tag="1")] Intermediate(super::AlgebraicSubjectSet), #[prost(message, tag="2")] Leaf(super::DirectSubjectSet), } } /// AlgebraicSubjectSet is a subject set which is computed based on applying the /// specified operation to the operands according to the algebra of sets. /// /// UNION is a logical set containing the subject members from all operands. /// /// INTERSECTION is a logical set containing only the subject members which are /// present in all operands. /// /// EXCLUSION is a logical set containing only the subject members which are /// present in the first operand, and none of the other operands. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct AlgebraicSubjectSet { #[prost(enumeration="algebraic_subject_set::Operation", tag="1")] pub operation: i32, #[prost(message, repeated, tag="2")] pub children: ::prost::alloc::vec::Vec, } /// Nested message and enum types in `AlgebraicSubjectSet`. pub mod algebraic_subject_set { #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Operation { Unspecified = 0, Union = 1, Intersection = 2, Exclusion = 3, } impl Operation { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { Operation::Unspecified => "OPERATION_UNSPECIFIED", Operation::Union => "OPERATION_UNION", Operation::Intersection => "OPERATION_INTERSECTION", Operation::Exclusion => "OPERATION_EXCLUSION", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "OPERATION_UNSPECIFIED" => Some(Self::Unspecified), "OPERATION_UNION" => Some(Self::Union), "OPERATION_INTERSECTION" => Some(Self::Intersection), "OPERATION_EXCLUSION" => Some(Self::Exclusion), _ => None, } } } } /// DirectSubjectSet is a subject set which is simply a collection of subjects. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct DirectSubjectSet { #[prost(message, repeated, tag="1")] pub subjects: ::prost::alloc::vec::Vec, } /// PartialCaveatInfo carries information necessary for the client to take action /// in the event a response contains a partially evaluated caveat #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct PartialCaveatInfo { /// missing_required_context is a list of one or more fields that were missing and prevented caveats /// from being fully evaluated #[prost(string, repeated, tag="1")] pub missing_required_context: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, } /// DebugInformation defines debug information returned by an API call in a footer when /// requested with a specific debugging header. /// /// The specific debug information returned will depend on the type of the API call made. /// /// See the github.com/authzed/authzed-go project for the specific header and footer names. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct DebugInformation { /// check holds debug information about a check request. #[prost(message, optional, tag="1")] pub check: ::core::option::Option, /// schema_used holds the schema used for the request. #[prost(string, tag="2")] pub schema_used: ::prost::alloc::string::String, } /// CheckDebugTrace is a recursive trace of the requests made for resolving a CheckPermission /// API call. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct CheckDebugTrace { /// resource holds the resource on which the Check was performed. /// for batched calls, the object_id field contains a comma-separated list of object IDs /// for all the resources checked in the batch. #[prost(message, optional, tag="1")] pub resource: ::core::option::Option, /// permission holds the name of the permission or relation on which the Check was performed. #[prost(string, tag="2")] pub permission: ::prost::alloc::string::String, /// permission_type holds information indicating whether it was a permission or relation. #[prost(enumeration="check_debug_trace::PermissionType", tag="3")] pub permission_type: i32, /// subject holds the subject on which the Check was performed. This will be static across all calls within /// the same Check tree. #[prost(message, optional, tag="4")] pub subject: ::core::option::Option, /// result holds the result of the Check call. #[prost(enumeration="check_debug_trace::Permissionship", tag="5")] pub result: i32, /// caveat_evaluation_info holds information about the caveat evaluated for this step of the trace. #[prost(message, optional, tag="8")] pub caveat_evaluation_info: ::core::option::Option, /// duration holds the time spent executing this Check operation. #[prost(message, optional, tag="9")] pub duration: ::core::option::Option, /// optional_expires_at is the time at which at least one of the relationships used to /// compute this result, expires (if any). This is *not* related to the caching window. #[prost(message, optional, tag="10")] pub optional_expires_at: ::core::option::Option, /// trace_operation_id is a unique identifier for this trace's operation, that will /// be shared for all traces created for the same check operation in SpiceDB. /// /// In cases where SpiceDB performs automatic batching of subproblems, this ID can be used /// to correlate work that was shared across multiple traces. /// /// This identifier is generated by SpiceDB, is to be considered opaque to the caller /// and only guaranteed to be unique within the same overall Check or CheckBulk operation. #[prost(string, tag="11")] pub trace_operation_id: ::prost::alloc::string::String, /// source holds the source of the result. It is of the form: /// `:`, where sourcetype can be, among others: /// `spicedb`, `materialize`, etc. #[prost(string, tag="12")] pub source: ::prost::alloc::string::String, /// resolution holds information about how the problem was resolved. #[prost(oneof="check_debug_trace::Resolution", tags="6, 7")] pub resolution: ::core::option::Option, } /// Nested message and enum types in `CheckDebugTrace`. pub mod check_debug_trace { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct SubProblems { #[prost(message, repeated, tag="1")] pub traces: ::prost::alloc::vec::Vec, } #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum PermissionType { Unspecified = 0, Relation = 1, Permission = 2, } impl PermissionType { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { PermissionType::Unspecified => "PERMISSION_TYPE_UNSPECIFIED", PermissionType::Relation => "PERMISSION_TYPE_RELATION", PermissionType::Permission => "PERMISSION_TYPE_PERMISSION", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "PERMISSION_TYPE_UNSPECIFIED" => Some(Self::Unspecified), "PERMISSION_TYPE_RELATION" => Some(Self::Relation), "PERMISSION_TYPE_PERMISSION" => Some(Self::Permission), _ => None, } } } #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Permissionship { Unspecified = 0, NoPermission = 1, HasPermission = 2, ConditionalPermission = 3, } impl Permissionship { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { Permissionship::Unspecified => "PERMISSIONSHIP_UNSPECIFIED", Permissionship::NoPermission => "PERMISSIONSHIP_NO_PERMISSION", Permissionship::HasPermission => "PERMISSIONSHIP_HAS_PERMISSION", Permissionship::ConditionalPermission => "PERMISSIONSHIP_CONDITIONAL_PERMISSION", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified), "PERMISSIONSHIP_NO_PERMISSION" => Some(Self::NoPermission), "PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission), "PERMISSIONSHIP_CONDITIONAL_PERMISSION" => Some(Self::ConditionalPermission), _ => None, } } } /// resolution holds information about how the problem was resolved. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Resolution { /// was_cached_result, if true, indicates that the result was found in the cache and returned directly. #[prost(bool, tag="6")] WasCachedResult(bool), /// sub_problems holds the sub problems that were executed to resolve the answer to this Check. An empty list /// and a permissionship of PERMISSIONSHIP_HAS_PERMISSION indicates the subject was found within this relation. #[prost(message, tag="7")] SubProblems(SubProblems), } } /// CaveatEvalInfo holds information about a caveat expression that was evaluated. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct CaveatEvalInfo { /// expression is the expression that was evaluated. #[prost(string, tag="1")] pub expression: ::prost::alloc::string::String, /// result is the result of the evaluation. #[prost(enumeration="caveat_eval_info::Result", tag="2")] pub result: i32, /// context consists of any named values that were used for evaluating the caveat expression. #[prost(message, optional, tag="3")] pub context: ::core::option::Option, /// partial_caveat_info holds information of a partially-evaluated caveated response, if applicable. #[prost(message, optional, tag="4")] pub partial_caveat_info: ::core::option::Option, /// caveat_name is the name of the caveat that was executed, if applicable. #[prost(string, tag="5")] pub caveat_name: ::prost::alloc::string::String, } /// Nested message and enum types in `CaveatEvalInfo`. pub mod caveat_eval_info { #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Result { Unspecified = 0, Unevaluated = 1, False = 2, True = 3, MissingSomeContext = 4, } impl Result { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { Result::Unspecified => "RESULT_UNSPECIFIED", Result::Unevaluated => "RESULT_UNEVALUATED", Result::False => "RESULT_FALSE", Result::True => "RESULT_TRUE", Result::MissingSomeContext => "RESULT_MISSING_SOME_CONTEXT", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "RESULT_UNSPECIFIED" => Some(Self::Unspecified), "RESULT_UNEVALUATED" => Some(Self::Unevaluated), "RESULT_FALSE" => Some(Self::False), "RESULT_TRUE" => Some(Self::True), "RESULT_MISSING_SOME_CONTEXT" => Some(Self::MissingSomeContext), _ => None, } } } } /// Defines the supported values for `google.rpc.ErrorInfo.reason` for the /// `authzed.com` error domain. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum ErrorReason { /// Do not use this default value. Unspecified = 0, /// The request gave a schema that could not be parsed. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_SCHEMA_PARSE_ERROR", /// "domain": "authzed.com", /// "metadata": { /// "start_line_number": "1", /// "start_column_position": "19", /// "end_line_number": "1", /// "end_column_position": "19", /// "source_code": "somedefinition", /// } /// } /// /// The line numbers and column positions are 0-indexed and may not be present. SchemaParseError = 1, /// The request contains a schema with a type error. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_SCHEMA_TYPE_ERROR", /// "domain": "authzed.com", /// "metadata": { /// "definition_name": "somedefinition", /// ... additional keys based on the kind of type error ... /// } /// } SchemaTypeError = 2, /// The request referenced an unknown object definition in the schema. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_UNKNOWN_DEFINITION", /// "domain": "authzed.com", /// "metadata": { /// "definition_name": "somedefinition" /// } /// } UnknownDefinition = 3, /// The request referenced an unknown relation or permission under a definition in the schema. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION", /// "domain": "authzed.com", /// "metadata": { /// "definition_name": "somedefinition", /// "relation_or_permission_name": "somepermission" /// } /// } UnknownRelationOrPermission = 4, /// The WriteRelationships request contained more updates than the maximum configured. /// /// Example of an ErrorInfo: /// /// { "reason": "ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST", /// "domain": "authzed.com", /// "metadata": { /// "update_count": "525", /// "maximum_updates_allowed": "500", /// } /// } TooManyUpdatesInRequest = 5, /// The request contained more preconditions than the maximum configured. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST", /// "domain": "authzed.com", /// "metadata": { /// "precondition_count": "525", /// "maximum_preconditions_allowed": "500", /// } /// } TooManyPreconditionsInRequest = 6, /// The request contained a precondition that failed. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE", /// "domain": "authzed.com", /// "metadata": { /// "precondition_resource_type": "document", /// ... other fields for the filter ... /// "precondition_operation": "MUST_EXIST", /// } /// } WriteOrDeletePreconditionFailure = 7, /// A write or delete request was made to an instance that is deployed in read-only mode. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_SERVICE_READ_ONLY", /// "domain": "authzed.com" /// } ServiceReadOnly = 8, /// The request referenced an unknown caveat in the schema. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_UNKNOWN_CAVEAT", /// "domain": "authzed.com", /// "metadata": { /// "caveat_name": "somecaveat" /// } /// } UnknownCaveat = 9, /// The request tries to use a subject type that was not valid for a relation. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_INVALID_SUBJECT_TYPE", /// "domain": "authzed.com", /// "metadata": { /// "definition_name": "somedefinition", /// "relation_name": "somerelation", /// "subject_type": "user:*" /// } /// } InvalidSubjectType = 10, /// The request tries to specify a caveat parameter value with the wrong type. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR", /// "domain": "authzed.com", /// "metadata": { /// "definition_name": "somedefinition", /// "relation_name": "somerelation", /// "caveat_name": "somecaveat", /// "parameter_name": "someparameter", /// "expected_type": "int", /// } /// } CaveatParameterTypeError = 11, /// The request tries to perform two or more updates on the same relationship in the same WriteRelationships call. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP", /// "domain": "authzed.com", /// "metadata": { /// "definition_name": "somedefinition", /// "relationship": "somerelationship", /// } /// } UpdatesOnSameRelationship = 12, /// The request tries to write a relationship on a permission instead of a relation. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_CANNOT_UPDATE_PERMISSION", /// "domain": "authzed.com", /// "metadata": { /// "definition_name": "somedefinition", /// "permission_name": "somerelation", /// } /// } CannotUpdatePermission = 13, /// The request failed to evaluate a caveat expression due to an error. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_CAVEAT_EVALUATION_ERROR", /// "domain": "authzed.com", /// "metadata": { /// "caveat_name": "somecaveat", /// } /// } CaveatEvaluationError = 14, /// The request failed because the provided cursor was invalid in some way. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_INVALID_CURSOR", /// "domain": "authzed.com", /// "metadata": { /// ... additional keys based on the kind of cursor error ... /// } /// } InvalidCursor = 15, /// The request failed because there are too many matching relationships to be /// deleted within a single transactional deletion call. To avoid, set /// `optional_allow_partial_deletions` to true on the DeleteRelationships call. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_TOO_MANY_RELATIONSHIPS_FOR_TRANSACTIONAL_DELETE", /// "domain": "authzed.com", /// "metadata": { /// ... fields for the filter ... /// } /// } TooManyRelationshipsForTransactionalDelete = 16, /// The request failed because the client attempted to write a relationship /// with a context that exceeded the configured server limit. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_MAX_RELATIONSHIP_CONTEXT_SIZE", /// "domain": "authzed.com", /// "metadata": { /// "relationship": "relationship_exceeding_the_limit", /// "max_allowed_size": "server_max_allowed_context_size", /// "context_size": "actual_relationship_context_size" , /// } /// } MaxRelationshipContextSize = 17, /// The request failed because a relationship marked to be CREATEd /// was already present within the datastore. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_ATTEMPT_TO_RECREATE_RELATIONSHIP", /// "domain": "authzed.com", /// "metadata": { /// "relationship": "relationship_that_already_existed", /// "resource_type": "resource type", /// "resource_object_id": "resource object id", /// ... additional decomposed relationship fields ... /// } /// } AttemptToRecreateRelationship = 18, /// The request failed because it caused the maximum depth allowed to be /// exceeded. This typically indicates that there is a circular data traversal /// somewhere in the schema, but can also be raised if the data traversal is simply /// too deep. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_MAXIMUM_DEPTH_EXCEEDED", /// "domain": "authzed.com", /// "metadata": { /// "maximum_depth_allowed": "50", /// ... additional fields based on request type ... /// } /// } MaximumDepthExceeded = 19, /// The request failed due to a serialization error in the backend database. /// This typically indicates that various in flight transactions conflicted with each other /// and the database had to abort one or more of them. SpiceDB will retry a few times before returning /// the error to the client. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_SERIALIZATION_FAILURE", /// "domain": "authzed.com", /// "metadata": {} /// } SerializationFailure = 20, /// The request contained more check items than the maximum configured. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_TOO_MANY_CHECKS_IN_REQUEST", /// "domain": "authzed.com", /// "metadata": { /// "check_count": "525", /// "maximum_checks_allowed": "500", /// } /// } TooManyChecksInRequest = 21, /// The request's specified limit is too large. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_EXCEEDS_MAXIMUM_ALLOWABLE_LIMIT", /// "domain": "authzed.com", /// "metadata": { /// "limit_provided": "525", /// "maximum_limit_allowed": "500", /// } /// } ExceedsMaximumAllowableLimit = 22, /// The request failed because the provided filter was invalid in some way. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_INVALID_FILTER", /// "domain": "authzed.com", /// "metadata": { /// "filter": "...", /// } /// } InvalidFilter = 23, /// The request failed because too many concurrent updates were attempted /// against the in-memory datastore. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_INMEMORY_TOO_MANY_CONCURRENT_UPDATES", /// "domain": "authzed.com", /// "metadata": {} /// } InmemoryTooManyConcurrentUpdates = 24, /// The request failed because the precondition specified is empty. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_EMPTY_PRECONDITION", /// "domain": "authzed.com", /// "metadata": {} /// } EmptyPrecondition = 25, /// The request failed because the counter was already registered. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_COUNTER_ALREADY_REGISTERED", /// "domain": "authzed.com", /// "metadata": { "counter_name": "name" } /// } CounterAlreadyRegistered = 26, /// The request failed because the counter was not registered. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_COUNTER_NOT_REGISTERED", /// "domain": "authzed.com", /// "metadata": { "counter_name": "name" } /// } CounterNotRegistered = 27, /// The request failed because a wildcard was not allowed. For CheckPermission, /// this means that the subject or resource ID was a wildcard. For LookupResources, /// this means that the subject ID was a wildcard. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_WILDCARD_NOT_ALLOWED", /// "domain": "authzed.com", /// "metadata": { "disallowed_field": "subject_id" } /// } WildcardNotAllowed = 28, /// The request failed because the transaction metadata was too large. /// /// Example of an ErrorInfo: /// /// { /// "reason": "ERROR_REASON_TRANSACTION_METADATA_TOO_LARGE", /// "domain": "authzed.com", /// "metadata": { /// "metadata_byte_size": "1024", /// "maximum_allowed_metadata_byte_size": "512", /// } /// } TransactionMetadataTooLarge = 29, } impl ErrorReason { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { ErrorReason::Unspecified => "ERROR_REASON_UNSPECIFIED", ErrorReason::SchemaParseError => "ERROR_REASON_SCHEMA_PARSE_ERROR", ErrorReason::SchemaTypeError => "ERROR_REASON_SCHEMA_TYPE_ERROR", ErrorReason::UnknownDefinition => "ERROR_REASON_UNKNOWN_DEFINITION", ErrorReason::UnknownRelationOrPermission => "ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION", ErrorReason::TooManyUpdatesInRequest => "ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST", ErrorReason::TooManyPreconditionsInRequest => "ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST", ErrorReason::WriteOrDeletePreconditionFailure => "ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE", ErrorReason::ServiceReadOnly => "ERROR_REASON_SERVICE_READ_ONLY", ErrorReason::UnknownCaveat => "ERROR_REASON_UNKNOWN_CAVEAT", ErrorReason::InvalidSubjectType => "ERROR_REASON_INVALID_SUBJECT_TYPE", ErrorReason::CaveatParameterTypeError => "ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR", ErrorReason::UpdatesOnSameRelationship => "ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP", ErrorReason::CannotUpdatePermission => "ERROR_REASON_CANNOT_UPDATE_PERMISSION", ErrorReason::CaveatEvaluationError => "ERROR_REASON_CAVEAT_EVALUATION_ERROR", ErrorReason::InvalidCursor => "ERROR_REASON_INVALID_CURSOR", ErrorReason::TooManyRelationshipsForTransactionalDelete => "ERROR_REASON_TOO_MANY_RELATIONSHIPS_FOR_TRANSACTIONAL_DELETE", ErrorReason::MaxRelationshipContextSize => "ERROR_REASON_MAX_RELATIONSHIP_CONTEXT_SIZE", ErrorReason::AttemptToRecreateRelationship => "ERROR_REASON_ATTEMPT_TO_RECREATE_RELATIONSHIP", ErrorReason::MaximumDepthExceeded => "ERROR_REASON_MAXIMUM_DEPTH_EXCEEDED", ErrorReason::SerializationFailure => "ERROR_REASON_SERIALIZATION_FAILURE", ErrorReason::TooManyChecksInRequest => "ERROR_REASON_TOO_MANY_CHECKS_IN_REQUEST", ErrorReason::ExceedsMaximumAllowableLimit => "ERROR_REASON_EXCEEDS_MAXIMUM_ALLOWABLE_LIMIT", ErrorReason::InvalidFilter => "ERROR_REASON_INVALID_FILTER", ErrorReason::InmemoryTooManyConcurrentUpdates => "ERROR_REASON_INMEMORY_TOO_MANY_CONCURRENT_UPDATES", ErrorReason::EmptyPrecondition => "ERROR_REASON_EMPTY_PRECONDITION", ErrorReason::CounterAlreadyRegistered => "ERROR_REASON_COUNTER_ALREADY_REGISTERED", ErrorReason::CounterNotRegistered => "ERROR_REASON_COUNTER_NOT_REGISTERED", ErrorReason::WildcardNotAllowed => "ERROR_REASON_WILDCARD_NOT_ALLOWED", ErrorReason::TransactionMetadataTooLarge => "ERROR_REASON_TRANSACTION_METADATA_TOO_LARGE", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "ERROR_REASON_UNSPECIFIED" => Some(Self::Unspecified), "ERROR_REASON_SCHEMA_PARSE_ERROR" => Some(Self::SchemaParseError), "ERROR_REASON_SCHEMA_TYPE_ERROR" => Some(Self::SchemaTypeError), "ERROR_REASON_UNKNOWN_DEFINITION" => Some(Self::UnknownDefinition), "ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION" => Some(Self::UnknownRelationOrPermission), "ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST" => Some(Self::TooManyUpdatesInRequest), "ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST" => Some(Self::TooManyPreconditionsInRequest), "ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE" => Some(Self::WriteOrDeletePreconditionFailure), "ERROR_REASON_SERVICE_READ_ONLY" => Some(Self::ServiceReadOnly), "ERROR_REASON_UNKNOWN_CAVEAT" => Some(Self::UnknownCaveat), "ERROR_REASON_INVALID_SUBJECT_TYPE" => Some(Self::InvalidSubjectType), "ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR" => Some(Self::CaveatParameterTypeError), "ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP" => Some(Self::UpdatesOnSameRelationship), "ERROR_REASON_CANNOT_UPDATE_PERMISSION" => Some(Self::CannotUpdatePermission), "ERROR_REASON_CAVEAT_EVALUATION_ERROR" => Some(Self::CaveatEvaluationError), "ERROR_REASON_INVALID_CURSOR" => Some(Self::InvalidCursor), "ERROR_REASON_TOO_MANY_RELATIONSHIPS_FOR_TRANSACTIONAL_DELETE" => Some(Self::TooManyRelationshipsForTransactionalDelete), "ERROR_REASON_MAX_RELATIONSHIP_CONTEXT_SIZE" => Some(Self::MaxRelationshipContextSize), "ERROR_REASON_ATTEMPT_TO_RECREATE_RELATIONSHIP" => Some(Self::AttemptToRecreateRelationship), "ERROR_REASON_MAXIMUM_DEPTH_EXCEEDED" => Some(Self::MaximumDepthExceeded), "ERROR_REASON_SERIALIZATION_FAILURE" => Some(Self::SerializationFailure), "ERROR_REASON_TOO_MANY_CHECKS_IN_REQUEST" => Some(Self::TooManyChecksInRequest), "ERROR_REASON_EXCEEDS_MAXIMUM_ALLOWABLE_LIMIT" => Some(Self::ExceedsMaximumAllowableLimit), "ERROR_REASON_INVALID_FILTER" => Some(Self::InvalidFilter), "ERROR_REASON_INMEMORY_TOO_MANY_CONCURRENT_UPDATES" => Some(Self::InmemoryTooManyConcurrentUpdates), "ERROR_REASON_EMPTY_PRECONDITION" => Some(Self::EmptyPrecondition), "ERROR_REASON_COUNTER_ALREADY_REGISTERED" => Some(Self::CounterAlreadyRegistered), "ERROR_REASON_COUNTER_NOT_REGISTERED" => Some(Self::CounterNotRegistered), "ERROR_REASON_WILDCARD_NOT_ALLOWED" => Some(Self::WildcardNotAllowed), "ERROR_REASON_TRANSACTION_METADATA_TOO_LARGE" => Some(Self::TransactionMetadataTooLarge), _ => None, } } } /// Consistency will define how a request is handled by the backend. /// By defining a consistency requirement, and a token at which those /// requirements should be applied, where applicable. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct Consistency { #[prost(oneof="consistency::Requirement", tags="1, 2, 3, 4")] pub requirement: ::core::option::Option, } /// Nested message and enum types in `Consistency`. pub mod consistency { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Requirement { /// minimize_latency indicates that the latency for the call should be /// minimized by having the system select the fastest snapshot available. #[prost(bool, tag="1")] MinimizeLatency(bool), /// at_least_as_fresh indicates that all data used in the API call must be /// *at least as fresh* as that found in the ZedToken; more recent data might /// be used if available or faster. #[prost(message, tag="2")] AtLeastAsFresh(super::ZedToken), /// at_exact_snapshot indicates that all data used in the API call must be /// *at the given* snapshot in time; if the snapshot is no longer available, /// an error will be returned to the caller. #[prost(message, tag="3")] AtExactSnapshot(super::ZedToken), /// fully_consistent indicates that all data used in the API call *must* be /// at the most recent snapshot found. /// /// NOTE: using this method can be *quite slow*, so unless there is a need to /// do so, it is recommended to use `at_least_as_fresh` with a stored /// ZedToken. #[prost(bool, tag="4")] FullyConsistent(bool), } } /// RelationshipFilter is a collection of filters which when applied to a /// relationship will return relationships that have exactly matching fields. /// /// All fields are optional and if left unspecified will not filter relationships, /// but at least one field must be specified. /// /// NOTE: The performance of the API will be affected by the selection of fields /// on which to filter. If a field is not indexed, the performance of the API /// can be significantly slower. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct RelationshipFilter { /// resource_type is the *optional* resource type of the relationship. /// NOTE: It is not prefixed with "optional_" for legacy compatibility. #[prost(string, tag="1")] pub resource_type: ::prost::alloc::string::String, /// optional_resource_id is the *optional* resource ID of the relationship. /// If specified, optional_resource_id_prefix cannot be specified. #[prost(string, tag="2")] pub optional_resource_id: ::prost::alloc::string::String, /// optional_resource_id_prefix is the *optional* prefix for the resource ID of the relationship. /// If specified, optional_resource_id cannot be specified. #[prost(string, tag="5")] pub optional_resource_id_prefix: ::prost::alloc::string::String, /// relation is the *optional* relation of the relationship. #[prost(string, tag="3")] pub optional_relation: ::prost::alloc::string::String, /// optional_subject_filter is the optional filter for the subjects of the relationships. #[prost(message, optional, tag="4")] pub optional_subject_filter: ::core::option::Option, } /// SubjectFilter specifies a filter on the subject of a relationship. /// /// subject_type is required and all other fields are optional, and will not /// impose any additional requirements if left unspecified. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct SubjectFilter { #[prost(string, tag="1")] pub subject_type: ::prost::alloc::string::String, #[prost(string, tag="2")] pub optional_subject_id: ::prost::alloc::string::String, #[prost(message, optional, tag="3")] pub optional_relation: ::core::option::Option, } /// Nested message and enum types in `SubjectFilter`. pub mod subject_filter { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct RelationFilter { #[prost(string, tag="1")] pub relation: ::prost::alloc::string::String, } } /// ReadRelationshipsRequest specifies one or more filters used to read matching /// relationships within the system. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReadRelationshipsRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, /// relationship_filter defines the filter to be applied to the relationships /// to be returned. #[prost(message, optional, tag="2")] pub relationship_filter: ::core::option::Option, /// optional_limit, if non-zero, specifies the limit on the number of relationships to return /// before the stream is closed on the server side. By default, the stream will continue /// resolving relationships until exhausted or the stream is closed due to the client or a /// network issue. #[prost(uint32, tag="3")] pub optional_limit: u32, /// optional_cursor, if specified, indicates the cursor after which results should resume being returned. /// The cursor can be found on the ReadRelationshipsResponse object. #[prost(message, optional, tag="4")] pub optional_cursor: ::core::option::Option, } /// ReadRelationshipsResponse contains a Relationship found that matches the /// specified relationship filter(s). A instance of this response message will /// be streamed to the client for each relationship found. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReadRelationshipsResponse { /// read_at is the ZedToken at which the relationship was found. #[prost(message, optional, tag="1")] pub read_at: ::core::option::Option, /// relationship is the found relationship. #[prost(message, optional, tag="2")] pub relationship: ::core::option::Option, /// after_result_cursor holds a cursor that can be used to resume the ReadRelationships stream after this /// result. #[prost(message, optional, tag="3")] pub after_result_cursor: ::core::option::Option, } /// Precondition specifies how and the existence or absence of certain /// relationships as expressed through the accompanying filter should affect /// whether or not the operation proceeds. /// /// MUST_NOT_MATCH will fail the parent request if any relationships match the /// relationships filter. /// MUST_MATCH will fail the parent request if there are no /// relationships that match the filter. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct Precondition { #[prost(enumeration="precondition::Operation", tag="1")] pub operation: i32, #[prost(message, optional, tag="2")] pub filter: ::core::option::Option, } /// Nested message and enum types in `Precondition`. pub mod precondition { #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Operation { Unspecified = 0, MustNotMatch = 1, MustMatch = 2, } impl Operation { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { Operation::Unspecified => "OPERATION_UNSPECIFIED", Operation::MustNotMatch => "OPERATION_MUST_NOT_MATCH", Operation::MustMatch => "OPERATION_MUST_MATCH", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "OPERATION_UNSPECIFIED" => Some(Self::Unspecified), "OPERATION_MUST_NOT_MATCH" => Some(Self::MustNotMatch), "OPERATION_MUST_MATCH" => Some(Self::MustMatch), _ => None, } } } } /// WriteRelationshipsRequest contains a list of Relationship mutations that /// should be applied to the service. If the optional_preconditions parameter /// is included, all of the specified preconditions must also be satisfied before /// the write will be committed. All updates will be applied transactionally, /// and if any preconditions fail, the entire transaction will be reverted. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WriteRelationshipsRequest { #[prost(message, repeated, tag="1")] pub updates: ::prost::alloc::vec::Vec, /// To be bounded by configuration #[prost(message, repeated, tag="2")] pub optional_preconditions: ::prost::alloc::vec::Vec, /// optional_transaction_metadata is an optional field that can be used to store metadata about the transaction. /// If specified, this metadata will be supplied in the WatchResponse for the updates associated with this /// transaction. #[prost(message, optional, tag="3")] pub optional_transaction_metadata: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WriteRelationshipsResponse { #[prost(message, optional, tag="1")] pub written_at: ::core::option::Option, } /// DeleteRelationshipsRequest specifies which Relationships should be deleted, /// requesting the delete of *ALL* relationships that match the specified /// filters. If the optional_preconditions parameter is included, all of the /// specified preconditions must also be satisfied before the delete will be /// executed. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct DeleteRelationshipsRequest { #[prost(message, optional, tag="1")] pub relationship_filter: ::core::option::Option, /// To be bounded by configuration #[prost(message, repeated, tag="2")] pub optional_preconditions: ::prost::alloc::vec::Vec, /// optional_limit, if non-zero, specifies the limit on the number of relationships to be deleted. /// If there are more matching relationships found to be deleted than the limit specified here, /// the deletion call will fail with an error to prevent partial deletion. If partial deletion /// is needed, specify below that partial deletion is allowed. Partial deletions can be used /// in a loop to delete large amounts of relationships in a *non-transactional* manner. #[prost(uint32, tag="3")] pub optional_limit: u32, /// optional_allow_partial_deletions, if true and a limit is specified, will delete matching found /// relationships up to the count specified in optional_limit, and no more. #[prost(bool, tag="4")] pub optional_allow_partial_deletions: bool, /// optional_transaction_metadata is an optional field that can be used to store metadata about the transaction. /// If specified, this metadata will be supplied in the WatchResponse for the deletions associated with /// this transaction. #[prost(message, optional, tag="5")] pub optional_transaction_metadata: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct DeleteRelationshipsResponse { /// deleted_at is the revision at which the relationships were deleted. #[prost(message, optional, tag="1")] pub deleted_at: ::core::option::Option, /// deletion_progress is an enumeration of the possible outcomes that occurred when attempting to delete the specified relationships. #[prost(enumeration="delete_relationships_response::DeletionProgress", tag="2")] pub deletion_progress: i32, /// relationships_deleted_count is the number of relationships that were deleted. #[prost(uint64, tag="3")] pub relationships_deleted_count: u64, } /// Nested message and enum types in `DeleteRelationshipsResponse`. pub mod delete_relationships_response { #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum DeletionProgress { Unspecified = 0, /// DELETION_PROGRESS_COMPLETE indicates that all remaining relationships matching the filter /// were deleted. Will be returned even if no relationships were deleted. Complete = 1, /// DELETION_PROGRESS_PARTIAL indicates that a subset of the relationships matching the filter /// were deleted. Only returned if optional_allow_partial_deletions was true, an optional_limit was /// specified, and there existed more relationships matching the filter than optional_limit would allow. /// Once all remaining relationships have been deleted, DELETION_PROGRESS_COMPLETE will be returned. Partial = 2, } impl DeletionProgress { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { DeletionProgress::Unspecified => "DELETION_PROGRESS_UNSPECIFIED", DeletionProgress::Complete => "DELETION_PROGRESS_COMPLETE", DeletionProgress::Partial => "DELETION_PROGRESS_PARTIAL", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "DELETION_PROGRESS_UNSPECIFIED" => Some(Self::Unspecified), "DELETION_PROGRESS_COMPLETE" => Some(Self::Complete), "DELETION_PROGRESS_PARTIAL" => Some(Self::Partial), _ => None, } } } } /// CheckPermissionRequest issues a check on whether a subject has a permission /// or is a member of a relation, on a specific resource. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct CheckPermissionRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, /// resource is the resource on which to check the permission or relation. #[prost(message, optional, tag="2")] pub resource: ::core::option::Option, /// permission is the name of the permission (or relation) on which to execute /// the check. #[prost(string, tag="3")] pub permission: ::prost::alloc::string::String, /// subject is the subject that will be checked for the permission or relation. #[prost(message, optional, tag="4")] pub subject: ::core::option::Option, /// context consists of named values that are injected into the caveat evaluation context #[prost(message, optional, tag="5")] pub context: ::core::option::Option, /// with_tracing, if true, indicates that the response should include a debug trace. /// This can be useful for debugging and performance analysis, but adds a small amount /// of compute overhead to the request. #[prost(bool, tag="6")] pub with_tracing: bool, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct CheckPermissionResponse { #[prost(message, optional, tag="1")] pub checked_at: ::core::option::Option, /// Permissionship communicates whether or not the subject has the requested /// permission or has a relationship with the given resource, over the given /// relation. /// /// This value will be authzed.api.v1.PERMISSIONSHIP_HAS_PERMISSION if the /// requested subject is a member of the computed permission set or there /// exists a relationship with the requested relation from the given resource /// to the given subject. #[prost(enumeration="check_permission_response::Permissionship", tag="2")] pub permissionship: i32, /// partial_caveat_info holds information of a partially-evaluated caveated response #[prost(message, optional, tag="3")] pub partial_caveat_info: ::core::option::Option, /// debug_trace is the debugging trace of this check, if requested. #[prost(message, optional, tag="4")] pub debug_trace: ::core::option::Option, /// optional_expires_at is the time at which at least one of the relationships used to /// compute this result, expires (if any). This is *not* related to the caching window. #[prost(message, optional, tag="5")] pub optional_expires_at: ::core::option::Option, } /// Nested message and enum types in `CheckPermissionResponse`. pub mod check_permission_response { #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Permissionship { Unspecified = 0, NoPermission = 1, HasPermission = 2, ConditionalPermission = 3, } impl Permissionship { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { Permissionship::Unspecified => "PERMISSIONSHIP_UNSPECIFIED", Permissionship::NoPermission => "PERMISSIONSHIP_NO_PERMISSION", Permissionship::HasPermission => "PERMISSIONSHIP_HAS_PERMISSION", Permissionship::ConditionalPermission => "PERMISSIONSHIP_CONDITIONAL_PERMISSION", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified), "PERMISSIONSHIP_NO_PERMISSION" => Some(Self::NoPermission), "PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission), "PERMISSIONSHIP_CONDITIONAL_PERMISSION" => Some(Self::ConditionalPermission), _ => None, } } } } /// CheckBulkPermissionsRequest issues a check on whether a subject has permission /// or is a member of a relation on a specific resource for each item in the list. /// /// The ordering of the items in the response is maintained in the response. /// Checks with the same subject/permission will automatically be batched for performance optimization. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct CheckBulkPermissionsRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, #[prost(message, repeated, tag="2")] pub items: ::prost::alloc::vec::Vec, /// with_tracing, if true, indicates that each response should include a debug trace. /// This can be useful for debugging and performance analysis, but adds a small amount /// of compute overhead to the request. #[prost(bool, tag="3")] pub with_tracing: bool, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct CheckBulkPermissionsRequestItem { #[prost(message, optional, tag="1")] pub resource: ::core::option::Option, #[prost(string, tag="2")] pub permission: ::prost::alloc::string::String, #[prost(message, optional, tag="3")] pub subject: ::core::option::Option, #[prost(message, optional, tag="4")] pub context: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct CheckBulkPermissionsResponse { #[prost(message, optional, tag="1")] pub checked_at: ::core::option::Option, #[prost(message, repeated, tag="2")] pub pairs: ::prost::alloc::vec::Vec, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct CheckBulkPermissionsPair { #[prost(message, optional, tag="1")] pub request: ::core::option::Option, #[prost(oneof="check_bulk_permissions_pair::Response", tags="2, 3")] pub response: ::core::option::Option, } /// Nested message and enum types in `CheckBulkPermissionsPair`. pub mod check_bulk_permissions_pair { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Response { #[prost(message, tag="2")] Item(super::CheckBulkPermissionsResponseItem), #[prost(message, tag="3")] Error(super::super::super::super::google::rpc::Status), } } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct CheckBulkPermissionsResponseItem { #[prost(enumeration="check_permission_response::Permissionship", tag="1")] pub permissionship: i32, #[prost(message, optional, tag="2")] pub partial_caveat_info: ::core::option::Option, /// debug_trace is the debugging trace of this check, if requested. #[prost(message, optional, tag="3")] pub debug_trace: ::core::option::Option, } /// ExpandPermissionTreeRequest returns a tree representing the expansion of all /// relationships found accessible from a permission or relation on a particular /// resource. /// /// ExpandPermissionTreeRequest is typically used to determine the full set of /// subjects with a permission, along with the relationships that grant said /// access. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpandPermissionTreeRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, /// resource is the resource over which to run the expansion. #[prost(message, optional, tag="2")] pub resource: ::core::option::Option, /// permission is the name of the permission or relation over which to run the /// expansion for the resource. #[prost(string, tag="3")] pub permission: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpandPermissionTreeResponse { #[prost(message, optional, tag="1")] pub expanded_at: ::core::option::Option, /// tree_root is a tree structure whose leaf nodes are subjects, and /// intermediate nodes represent the various operations (union, intersection, /// exclusion) to reach those subjects. #[prost(message, optional, tag="2")] pub tree_root: ::core::option::Option, } /// LookupResourcesRequest performs a lookup of all resources of a particular /// kind on which the subject has the specified permission or the relation in /// which the subject exists, streaming back the IDs of those resources. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct LookupResourcesRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, /// resource_object_type is the type of resource object for which the IDs will /// be returned. #[prost(string, tag="2")] pub resource_object_type: ::prost::alloc::string::String, /// permission is the name of the permission or relation for which the subject /// must Check. #[prost(string, tag="3")] pub permission: ::prost::alloc::string::String, /// subject is the subject with access to the resources. #[prost(message, optional, tag="4")] pub subject: ::core::option::Option, /// context consists of named values that are injected into the caveat evaluation context #[prost(message, optional, tag="5")] pub context: ::core::option::Option, /// optional_limit, if non-zero, specifies the limit on the number of resources to return /// before the stream is closed on the server side. By default, the stream will continue /// resolving resources until exhausted or the stream is closed due to the client or a /// network issue. #[prost(uint32, tag="6")] pub optional_limit: u32, /// optional_cursor, if specified, indicates the cursor after which results should resume being returned. /// The cursor can be found on the LookupResourcesResponse object. #[prost(message, optional, tag="7")] pub optional_cursor: ::core::option::Option, } /// LookupResourcesResponse contains a single matching resource object ID for the /// requested object type, permission, and subject. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct LookupResourcesResponse { /// looked_up_at is the ZedToken at which the resource was found. #[prost(message, optional, tag="1")] pub looked_up_at: ::core::option::Option, /// resource_object_id is the object ID of the found resource. #[prost(string, tag="2")] pub resource_object_id: ::prost::alloc::string::String, /// permissionship indicates whether the response was partially evaluated or not #[prost(enumeration="LookupPermissionship", tag="3")] pub permissionship: i32, /// partial_caveat_info holds information of a partially-evaluated caveated response #[prost(message, optional, tag="4")] pub partial_caveat_info: ::core::option::Option, /// after_result_cursor holds a cursor that can be used to resume the LookupResources stream after this /// result. #[prost(message, optional, tag="5")] pub after_result_cursor: ::core::option::Option, } /// LookupSubjectsRequest performs a lookup of all subjects of a particular /// kind for which the subject has the specified permission or the relation in /// which the subject exists, streaming back the IDs of those subjects. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct LookupSubjectsRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, /// resource is the resource for which all matching subjects for the permission /// or relation will be returned. #[prost(message, optional, tag="2")] pub resource: ::core::option::Option, /// permission is the name of the permission (or relation) for which to find /// the subjects. #[prost(string, tag="3")] pub permission: ::prost::alloc::string::String, /// subject_object_type is the type of subject object for which the IDs will /// be returned. #[prost(string, tag="4")] pub subject_object_type: ::prost::alloc::string::String, /// optional_subject_relation is the optional relation for the subject. #[prost(string, tag="5")] pub optional_subject_relation: ::prost::alloc::string::String, /// context consists of named values that are injected into the caveat evaluation context #[prost(message, optional, tag="6")] pub context: ::core::option::Option, /// optional_concrete_limit is currently unimplemented for LookupSubjects /// and will return an error as of SpiceDB version 1.40.1. This will /// be implemented in a future version of SpiceDB. #[prost(uint32, tag="7")] pub optional_concrete_limit: u32, /// optional_cursor is currently unimplemented for LookupSubjects /// and will be ignored as of SpiceDB version 1.40.1. This will /// be implemented in a future version of SpiceDB. #[prost(message, optional, tag="8")] pub optional_cursor: ::core::option::Option, /// wildcard_option specifies whether wildcards should be returned by LookupSubjects. /// For backwards compatibility, defaults to WILDCARD_OPTION_INCLUDE_WILDCARDS if unspecified. #[prost(enumeration="lookup_subjects_request::WildcardOption", tag="9")] pub wildcard_option: i32, } /// Nested message and enum types in `LookupSubjectsRequest`. pub mod lookup_subjects_request { #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum WildcardOption { Unspecified = 0, IncludeWildcards = 1, ExcludeWildcards = 2, } impl WildcardOption { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { WildcardOption::Unspecified => "WILDCARD_OPTION_UNSPECIFIED", WildcardOption::IncludeWildcards => "WILDCARD_OPTION_INCLUDE_WILDCARDS", WildcardOption::ExcludeWildcards => "WILDCARD_OPTION_EXCLUDE_WILDCARDS", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "WILDCARD_OPTION_UNSPECIFIED" => Some(Self::Unspecified), "WILDCARD_OPTION_INCLUDE_WILDCARDS" => Some(Self::IncludeWildcards), "WILDCARD_OPTION_EXCLUDE_WILDCARDS" => Some(Self::ExcludeWildcards), _ => None, } } } } /// LookupSubjectsResponse contains a single matching subject object ID for the /// requested subject object type on the permission or relation. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct LookupSubjectsResponse { #[prost(message, optional, tag="1")] pub looked_up_at: ::core::option::Option, /// subject_object_id is the Object ID of the subject found. May be a `*` if /// a wildcard was found. /// deprecated: use `subject` #[deprecated] #[prost(string, tag="2")] pub subject_object_id: ::prost::alloc::string::String, /// excluded_subject_ids are the Object IDs of the subjects excluded. This list /// will only contain object IDs if `subject_object_id` is a wildcard (`*`) and /// will only be populated if exclusions exist from the wildcard. /// deprecated: use `excluded_subjects` #[deprecated] #[prost(string, repeated, tag="3")] pub excluded_subject_ids: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, /// permissionship indicates whether the response was partially evaluated or not /// deprecated: use `subject.permissionship` #[deprecated] #[prost(enumeration="LookupPermissionship", tag="4")] pub permissionship: i32, /// partial_caveat_info holds information of a partially-evaluated caveated response /// deprecated: use `subject.partial_caveat_info` #[deprecated] #[prost(message, optional, tag="5")] pub partial_caveat_info: ::core::option::Option, /// subject is the subject found, along with its permissionship. #[prost(message, optional, tag="6")] pub subject: ::core::option::Option, /// excluded_subjects are the subjects excluded. This list /// will only contain subjects if `subject.subject_object_id` is a wildcard (`*`) and /// will only be populated if exclusions exist from the wildcard. #[prost(message, repeated, tag="7")] pub excluded_subjects: ::prost::alloc::vec::Vec, /// after_result_cursor holds a cursor that can be used to resume the LookupSubjects stream after this /// result. #[prost(message, optional, tag="8")] pub after_result_cursor: ::core::option::Option, } /// ResolvedSubject is a single subject resolved within LookupSubjects. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ResolvedSubject { /// subject_object_id is the Object ID of the subject found. May be a `*` if /// a wildcard was found. #[prost(string, tag="1")] pub subject_object_id: ::prost::alloc::string::String, /// permissionship indicates whether the response was partially evaluated or not #[prost(enumeration="LookupPermissionship", tag="2")] pub permissionship: i32, /// partial_caveat_info holds information of a partially-evaluated caveated response #[prost(message, optional, tag="3")] pub partial_caveat_info: ::core::option::Option, } /// ImportBulkRelationshipsRequest represents one batch of the streaming /// ImportBulkRelationships API. The maximum size is only limited by the backing /// datastore, and optimal size should be determined by the calling client /// experimentally. When ImportBulk is invoked and receives its first request message, /// a transaction is opened to import the relationships. All requests sent to the same /// invocation are executed under this single transaction. If a relationship already /// exists within the datastore, the entire transaction will fail with an error. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ImportBulkRelationshipsRequest { #[prost(message, repeated, tag="1")] pub relationships: ::prost::alloc::vec::Vec, } /// ImportBulkRelationshipsResponse is returned on successful completion of the /// bulk load stream, and contains the total number of relationships loaded. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, Copy, PartialEq, ::prost::Message)] pub struct ImportBulkRelationshipsResponse { #[prost(uint64, tag="1")] pub num_loaded: u64, } /// ExportBulkRelationshipsRequest represents a resumable request for /// all relationships from the server. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExportBulkRelationshipsRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, /// optional_limit, if non-zero, specifies the limit on the number of /// relationships the server can return in one page. By default, the server /// will pick a page size, and the server is free to choose a smaller size /// at will. #[prost(uint32, tag="2")] pub optional_limit: u32, /// optional_cursor, if specified, indicates the cursor after which results /// should resume being returned. The cursor can be found on the /// BulkExportRelationshipsResponse object. #[prost(message, optional, tag="3")] pub optional_cursor: ::core::option::Option, /// optional_relationship_filter, if specified, indicates the /// filter to apply to each relationship to be exported. #[prost(message, optional, tag="4")] pub optional_relationship_filter: ::core::option::Option, } /// ExportBulkRelationshipsResponse is one page in a stream of relationship /// groups that meet the criteria specified by the originating request. The /// server will continue to stream back relationship groups as quickly as it can /// until all relationships have been transmitted back. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExportBulkRelationshipsResponse { #[prost(message, optional, tag="1")] pub after_result_cursor: ::core::option::Option, #[prost(message, repeated, tag="2")] pub relationships: ::prost::alloc::vec::Vec, } /// LookupPermissionship represents whether a Lookup response was partially evaluated or not #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum LookupPermissionship { Unspecified = 0, HasPermission = 1, ConditionalPermission = 2, } impl LookupPermissionship { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { LookupPermissionship::Unspecified => "LOOKUP_PERMISSIONSHIP_UNSPECIFIED", LookupPermissionship::HasPermission => "LOOKUP_PERMISSIONSHIP_HAS_PERMISSION", LookupPermissionship::ConditionalPermission => "LOOKUP_PERMISSIONSHIP_CONDITIONAL_PERMISSION", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "LOOKUP_PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified), "LOOKUP_PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission), "LOOKUP_PERMISSIONSHIP_CONDITIONAL_PERMISSION" => Some(Self::ConditionalPermission), _ => None, } } } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalRegisterRelationshipCounterRequest { /// name is the name of the counter being registered. #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, /// relationship_filter defines the filter to be applied to the relationships /// to be counted. #[prost(message, optional, tag="2")] pub relationship_filter: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, Copy, PartialEq, ::prost::Message)] pub struct ExperimentalRegisterRelationshipCounterResponse { } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalCountRelationshipsRequest { /// name is the name of the counter whose count is being requested. #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalCountRelationshipsResponse { #[prost(oneof="experimental_count_relationships_response::CounterResult", tags="1, 2")] pub counter_result: ::core::option::Option, } /// Nested message and enum types in `ExperimentalCountRelationshipsResponse`. pub mod experimental_count_relationships_response { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum CounterResult { /// counter_still_calculating is true if the counter is still calculating the count. #[prost(bool, tag="1")] CounterStillCalculating(bool), /// read_counter_value is the value of the counter at the time of the read. #[prost(message, tag="2")] ReadCounterValue(super::ReadCounterValue), } } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReadCounterValue { /// relationship_count is the count of relationships that match the filter. #[prost(uint64, tag="1")] pub relationship_count: u64, /// read_at is the ZedToken at which the relationship count applies. #[prost(message, optional, tag="2")] pub read_at: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalUnregisterRelationshipCounterRequest { /// name is the name of the counter being unregistered. #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, Copy, PartialEq, ::prost::Message)] pub struct ExperimentalUnregisterRelationshipCounterResponse { } /// NOTE: Deprecated now that BulkCheckPermission has been promoted to the stable API as "CheckBulkPermission". #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkCheckPermissionRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, #[deprecated] #[prost(message, repeated, tag="2")] pub items: ::prost::alloc::vec::Vec, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkCheckPermissionRequestItem { #[prost(message, optional, tag="1")] pub resource: ::core::option::Option, #[prost(string, tag="2")] pub permission: ::prost::alloc::string::String, #[prost(message, optional, tag="3")] pub subject: ::core::option::Option, #[prost(message, optional, tag="4")] pub context: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkCheckPermissionResponse { #[prost(message, optional, tag="1")] pub checked_at: ::core::option::Option, #[prost(message, repeated, tag="2")] pub pairs: ::prost::alloc::vec::Vec, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkCheckPermissionPair { #[prost(message, optional, tag="1")] pub request: ::core::option::Option, #[prost(oneof="bulk_check_permission_pair::Response", tags="2, 3")] pub response: ::core::option::Option, } /// Nested message and enum types in `BulkCheckPermissionPair`. pub mod bulk_check_permission_pair { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Response { #[prost(message, tag="2")] Item(super::BulkCheckPermissionResponseItem), #[prost(message, tag="3")] Error(super::super::super::super::google::rpc::Status), } } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkCheckPermissionResponseItem { #[prost(enumeration="check_permission_response::Permissionship", tag="1")] pub permissionship: i32, #[prost(message, optional, tag="2")] pub partial_caveat_info: ::core::option::Option, } /// BulkImportRelationshipsRequest represents one batch of the streaming /// BulkImportRelationships API. The maximum size is only limited by the backing /// datastore, and optimal size should be determined by the calling client /// experimentally. When BulkImport is invoked and receives its first request message, /// a transaction is opened to import the relationships. All requests sent to the same /// invocation are executed under this single transaction. If a relationship already /// exists within the datastore, the entire transaction will fail with an error. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkImportRelationshipsRequest { #[prost(message, repeated, tag="1")] pub relationships: ::prost::alloc::vec::Vec, } /// BulkImportRelationshipsResponse is returned on successful completion of the /// bulk load stream, and contains the total number of relationships loaded. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, Copy, PartialEq, ::prost::Message)] pub struct BulkImportRelationshipsResponse { #[prost(uint64, tag="1")] pub num_loaded: u64, } /// BulkExportRelationshipsRequest represents a resumable request for /// all relationships from the server. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkExportRelationshipsRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, /// optional_limit, if non-zero, specifies the limit on the number of /// relationships the server can return in one page. By default, the server /// will pick a page size, and the server is free to choose a smaller size /// at will. #[prost(uint32, tag="2")] pub optional_limit: u32, /// optional_cursor, if specified, indicates the cursor after which results /// should resume being returned. The cursor can be found on the /// BulkExportRelationshipsResponse object. #[prost(message, optional, tag="3")] pub optional_cursor: ::core::option::Option, /// optional_relationship_filter, if specified, indicates the /// filter to apply to each relationship to be exported. #[prost(message, optional, tag="4")] pub optional_relationship_filter: ::core::option::Option, } /// BulkExportRelationshipsResponse is one page in a stream of relationship /// groups that meet the criteria specified by the originating request. The /// server will continue to stream back relationship groups as quickly as it can /// until all relationships have been transmitted back. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkExportRelationshipsResponse { #[prost(message, optional, tag="1")] pub after_result_cursor: ::core::option::Option, #[prost(message, repeated, tag="2")] pub relationships: ::prost::alloc::vec::Vec, } // Reflection types //////////////////////////////////////////// #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalReflectSchemaRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, /// optional_filters defines optional filters that are applied in /// an OR fashion to the schema, before being returned #[prost(message, repeated, tag="2")] pub optional_filters: ::prost::alloc::vec::Vec, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalReflectSchemaResponse { /// definitions are the definitions defined in the schema. #[prost(message, repeated, tag="1")] pub definitions: ::prost::alloc::vec::Vec, /// caveats are the caveats defined in the schema. #[prost(message, repeated, tag="2")] pub caveats: ::prost::alloc::vec::Vec, /// read_at is the ZedToken at which the schema was read. #[prost(message, optional, tag="3")] pub read_at: ::core::option::Option, } /// ExpSchemaFilter is a filter that can be applied to the schema on reflection. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpSchemaFilter { /// optional_definition_name_filter is a prefix that is matched against the definition name. #[prost(string, tag="1")] pub optional_definition_name_filter: ::prost::alloc::string::String, /// optional_caveat_name_filter is a prefix that is matched against the caveat name. #[prost(string, tag="2")] pub optional_caveat_name_filter: ::prost::alloc::string::String, /// optional_relation_name_filter is a prefix that is matched against the relation name. #[prost(string, tag="3")] pub optional_relation_name_filter: ::prost::alloc::string::String, /// optional_permission_name_filter is a prefix that is matched against the permission name. #[prost(string, tag="4")] pub optional_permission_name_filter: ::prost::alloc::string::String, } /// ExpDefinition is the representation of a definition in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpDefinition { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, /// comment is a human-readable comments on the definition. Will include /// delimiter characters. #[prost(string, tag="2")] pub comment: ::prost::alloc::string::String, #[prost(message, repeated, tag="3")] pub relations: ::prost::alloc::vec::Vec, #[prost(message, repeated, tag="4")] pub permissions: ::prost::alloc::vec::Vec, } /// ExpCaveat is the representation of a caveat in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpCaveat { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, /// comment is a human-readable comments on the caveat. Will include /// delimiter characters. #[prost(string, tag="2")] pub comment: ::prost::alloc::string::String, #[prost(message, repeated, tag="3")] pub parameters: ::prost::alloc::vec::Vec, #[prost(string, tag="4")] pub expression: ::prost::alloc::string::String, } /// ExpCaveatParameter is the representation of a parameter in a caveat. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpCaveatParameter { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, /// type is the type of the parameter. Will be a string representing the /// type, e.g. `int` or `list` #[prost(string, tag="2")] pub r#type: ::prost::alloc::string::String, #[prost(string, tag="3")] pub parent_caveat_name: ::prost::alloc::string::String, } /// ExpRelation is the representation of a relation in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpRelation { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, #[prost(string, tag="2")] pub comment: ::prost::alloc::string::String, #[prost(string, tag="3")] pub parent_definition_name: ::prost::alloc::string::String, #[prost(message, repeated, tag="4")] pub subject_types: ::prost::alloc::vec::Vec, } /// ExpTypeReference is the representation of a type reference in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpTypeReference { /// subject_definition_name is the name of the subject's definition. #[prost(string, tag="1")] pub subject_definition_name: ::prost::alloc::string::String, /// optional_caveat_name is the name of the caveat that is applied to the subject, if any. #[prost(string, tag="2")] pub optional_caveat_name: ::prost::alloc::string::String, #[prost(oneof="exp_type_reference::Typeref", tags="3, 4, 5")] pub typeref: ::core::option::Option, } /// Nested message and enum types in `ExpTypeReference`. pub mod exp_type_reference { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Typeref { /// is_terminal_subject is true if the subject is terminal, meaning it is referenced directly vs a sub-relation. #[prost(bool, tag="3")] IsTerminalSubject(bool), /// optional_relation_name is the name of the relation that is applied to the subject, if any. #[prost(string, tag="4")] OptionalRelationName(::prost::alloc::string::String), /// is_public_wildcard is true if the subject is a public wildcard. #[prost(bool, tag="5")] IsPublicWildcard(bool), } } /// ExpPermission is the representation of a permission in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpPermission { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, /// comment is a human-readable comments on the permission. Will include /// delimiter characters. #[prost(string, tag="2")] pub comment: ::prost::alloc::string::String, #[prost(string, tag="3")] pub parent_definition_name: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalComputablePermissionsRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, #[prost(string, tag="2")] pub definition_name: ::prost::alloc::string::String, #[prost(string, tag="3")] pub relation_name: ::prost::alloc::string::String, /// optional_definition_name_match is a prefix that is matched against the definition name(s) /// for the permissions returned. /// If not specified, will be ignored. #[prost(string, tag="4")] pub optional_definition_name_filter: ::prost::alloc::string::String, } /// ExpRelationReference is a reference to a relation or permission in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpRelationReference { #[prost(string, tag="1")] pub definition_name: ::prost::alloc::string::String, #[prost(string, tag="2")] pub relation_name: ::prost::alloc::string::String, #[prost(bool, tag="3")] pub is_permission: bool, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalComputablePermissionsResponse { #[prost(message, repeated, tag="1")] pub permissions: ::prost::alloc::vec::Vec, /// read_at is the ZedToken at which the schema was read. #[prost(message, optional, tag="2")] pub read_at: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalDependentRelationsRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, #[prost(string, tag="2")] pub definition_name: ::prost::alloc::string::String, #[prost(string, tag="3")] pub permission_name: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalDependentRelationsResponse { #[prost(message, repeated, tag="1")] pub relations: ::prost::alloc::vec::Vec, /// read_at is the ZedToken at which the schema was read. #[prost(message, optional, tag="2")] pub read_at: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalDiffSchemaRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, #[prost(string, tag="2")] pub comparison_schema: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExperimentalDiffSchemaResponse { #[prost(message, repeated, tag="1")] pub diffs: ::prost::alloc::vec::Vec, /// read_at is the ZedToken at which the schema was read. #[prost(message, optional, tag="2")] pub read_at: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpRelationSubjectTypeChange { #[prost(message, optional, tag="1")] pub relation: ::core::option::Option, #[prost(message, optional, tag="2")] pub changed_subject_type: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpCaveatParameterTypeChange { #[prost(message, optional, tag="1")] pub parameter: ::core::option::Option, #[prost(string, tag="2")] pub previous_type: ::prost::alloc::string::String, } /// ExpSchemaDiff is the representation of a diff between two schemas. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExpSchemaDiff { #[prost(oneof="exp_schema_diff::Diff", tags="1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19")] pub diff: ::core::option::Option, } /// Nested message and enum types in `ExpSchemaDiff`. pub mod exp_schema_diff { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Diff { #[prost(message, tag="1")] DefinitionAdded(super::ExpDefinition), #[prost(message, tag="2")] DefinitionRemoved(super::ExpDefinition), #[prost(message, tag="3")] DefinitionDocCommentChanged(super::ExpDefinition), #[prost(message, tag="4")] RelationAdded(super::ExpRelation), #[prost(message, tag="5")] RelationRemoved(super::ExpRelation), #[prost(message, tag="6")] RelationDocCommentChanged(super::ExpRelation), #[prost(message, tag="7")] RelationSubjectTypeAdded(super::ExpRelationSubjectTypeChange), #[prost(message, tag="8")] RelationSubjectTypeRemoved(super::ExpRelationSubjectTypeChange), #[prost(message, tag="9")] PermissionAdded(super::ExpPermission), #[prost(message, tag="10")] PermissionRemoved(super::ExpPermission), #[prost(message, tag="11")] PermissionDocCommentChanged(super::ExpPermission), #[prost(message, tag="12")] PermissionExprChanged(super::ExpPermission), #[prost(message, tag="13")] CaveatAdded(super::ExpCaveat), #[prost(message, tag="14")] CaveatRemoved(super::ExpCaveat), #[prost(message, tag="15")] CaveatDocCommentChanged(super::ExpCaveat), #[prost(message, tag="16")] CaveatExprChanged(super::ExpCaveat), #[prost(message, tag="17")] CaveatParameterAdded(super::ExpCaveatParameter), #[prost(message, tag="18")] CaveatParameterRemoved(super::ExpCaveatParameter), #[prost(message, tag="19")] CaveatParameterTypeChanged(super::ExpCaveatParameterTypeChange), } } /// ReadSchemaRequest returns the schema from the database. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, Copy, PartialEq, ::prost::Message)] pub struct ReadSchemaRequest { } /// ReadSchemaResponse is the resulting data after having read the Object /// Definitions from a Schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReadSchemaResponse { /// schema_text is the textual form of the current schema in the system #[prost(string, tag="1")] pub schema_text: ::prost::alloc::string::String, /// read_at is the ZedToken at which the schema was read. #[prost(message, optional, tag="2")] pub read_at: ::core::option::Option, } /// WriteSchemaRequest is the required data used to "upsert" the Schema of a /// Permissions System. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WriteSchemaRequest { /// The Schema containing one or more Object Definitions that will be written /// to the Permissions System. /// /// 4MiB #[prost(string, tag="1")] pub schema: ::prost::alloc::string::String, } /// WriteSchemaResponse is the resulting data after having written a Schema to /// a Permissions System. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WriteSchemaResponse { /// written_at is the ZedToken at which the schema was written. #[prost(message, optional, tag="1")] pub written_at: ::core::option::Option, } // Reflection types //////////////////////////////////////////// #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectSchemaRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, /// optional_filters defines optional filters that are applied in /// an OR fashion to the schema, before being returned #[prost(message, repeated, tag="2")] pub optional_filters: ::prost::alloc::vec::Vec, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectSchemaResponse { /// definitions are the definitions defined in the schema. #[prost(message, repeated, tag="1")] pub definitions: ::prost::alloc::vec::Vec, /// caveats are the caveats defined in the schema. #[prost(message, repeated, tag="2")] pub caveats: ::prost::alloc::vec::Vec, /// read_at is the ZedToken at which the schema was read. #[prost(message, optional, tag="3")] pub read_at: ::core::option::Option, } /// ReflectionSchemaFilter is a filter that can be applied to the schema on reflection. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionSchemaFilter { /// optional_definition_name_filter is a prefix that is matched against the definition name. #[prost(string, tag="1")] pub optional_definition_name_filter: ::prost::alloc::string::String, /// optional_caveat_name_filter is a prefix that is matched against the caveat name. #[prost(string, tag="2")] pub optional_caveat_name_filter: ::prost::alloc::string::String, /// optional_relation_name_filter is a prefix that is matched against the relation name. #[prost(string, tag="3")] pub optional_relation_name_filter: ::prost::alloc::string::String, /// optional_permission_name_filter is a prefix that is matched against the permission name. #[prost(string, tag="4")] pub optional_permission_name_filter: ::prost::alloc::string::String, } /// ReflectionDefinition is the representation of a definition in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionDefinition { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, /// comment is a human-readable comments on the definition. Will include /// delimiter characters. #[prost(string, tag="2")] pub comment: ::prost::alloc::string::String, #[prost(message, repeated, tag="3")] pub relations: ::prost::alloc::vec::Vec, #[prost(message, repeated, tag="4")] pub permissions: ::prost::alloc::vec::Vec, } /// ReflectionCaveat is the representation of a caveat in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionCaveat { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, /// comment is a human-readable comments on the caveat. Will include /// delimiter characters. #[prost(string, tag="2")] pub comment: ::prost::alloc::string::String, #[prost(message, repeated, tag="3")] pub parameters: ::prost::alloc::vec::Vec, #[prost(string, tag="4")] pub expression: ::prost::alloc::string::String, } /// ReflectionCaveatParameter is the representation of a parameter in a caveat. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionCaveatParameter { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, /// type is the type of the parameter. Will be a string representing the /// type, e.g. `int` or `list` #[prost(string, tag="2")] pub r#type: ::prost::alloc::string::String, #[prost(string, tag="3")] pub parent_caveat_name: ::prost::alloc::string::String, } /// ReflectionRelation is the representation of a relation in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionRelation { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, #[prost(string, tag="2")] pub comment: ::prost::alloc::string::String, #[prost(string, tag="3")] pub parent_definition_name: ::prost::alloc::string::String, #[prost(message, repeated, tag="4")] pub subject_types: ::prost::alloc::vec::Vec, } /// ReflectionTypeReference is the representation of a type reference in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionTypeReference { /// subject_definition_name is the name of the subject's definition. #[prost(string, tag="1")] pub subject_definition_name: ::prost::alloc::string::String, /// optional_caveat_name is the name of the caveat that is applied to the subject, if any. #[prost(string, tag="2")] pub optional_caveat_name: ::prost::alloc::string::String, #[prost(oneof="reflection_type_reference::Typeref", tags="3, 4, 5")] pub typeref: ::core::option::Option, } /// Nested message and enum types in `ReflectionTypeReference`. pub mod reflection_type_reference { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Typeref { /// is_terminal_subject is true if the subject is terminal, meaning it is referenced directly vs a sub-relation. #[prost(bool, tag="3")] IsTerminalSubject(bool), /// optional_relation_name is the name of the relation that is applied to the subject, if any. #[prost(string, tag="4")] OptionalRelationName(::prost::alloc::string::String), /// is_public_wildcard is true if the subject is a public wildcard. #[prost(bool, tag="5")] IsPublicWildcard(bool), } } /// ReflectionPermission is the representation of a permission in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionPermission { #[prost(string, tag="1")] pub name: ::prost::alloc::string::String, /// comment is a human-readable comments on the permission. Will include /// delimiter characters. #[prost(string, tag="2")] pub comment: ::prost::alloc::string::String, #[prost(string, tag="3")] pub parent_definition_name: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ComputablePermissionsRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, #[prost(string, tag="2")] pub definition_name: ::prost::alloc::string::String, #[prost(string, tag="3")] pub relation_name: ::prost::alloc::string::String, /// optional_definition_name_match is a prefix that is matched against the definition name(s) /// for the permissions returned. /// If not specified, will be ignored. #[prost(string, tag="4")] pub optional_definition_name_filter: ::prost::alloc::string::String, } /// ReflectionRelationReference is a reference to a relation or permission in the schema. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionRelationReference { #[prost(string, tag="1")] pub definition_name: ::prost::alloc::string::String, #[prost(string, tag="2")] pub relation_name: ::prost::alloc::string::String, #[prost(bool, tag="3")] pub is_permission: bool, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ComputablePermissionsResponse { #[prost(message, repeated, tag="1")] pub permissions: ::prost::alloc::vec::Vec, /// read_at is the ZedToken at which the schema was read. #[prost(message, optional, tag="2")] pub read_at: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct DependentRelationsRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, #[prost(string, tag="2")] pub definition_name: ::prost::alloc::string::String, #[prost(string, tag="3")] pub permission_name: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct DependentRelationsResponse { #[prost(message, repeated, tag="1")] pub relations: ::prost::alloc::vec::Vec, /// read_at is the ZedToken at which the schema was read. #[prost(message, optional, tag="2")] pub read_at: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct DiffSchemaRequest { #[prost(message, optional, tag="1")] pub consistency: ::core::option::Option, #[prost(string, tag="2")] pub comparison_schema: ::prost::alloc::string::String, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct DiffSchemaResponse { #[prost(message, repeated, tag="1")] pub diffs: ::prost::alloc::vec::Vec, /// read_at is the ZedToken at which the schema was read. #[prost(message, optional, tag="2")] pub read_at: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionRelationSubjectTypeChange { #[prost(message, optional, tag="1")] pub relation: ::core::option::Option, #[prost(message, optional, tag="2")] pub changed_subject_type: ::core::option::Option, } #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionCaveatParameterTypeChange { #[prost(message, optional, tag="1")] pub parameter: ::core::option::Option, #[prost(string, tag="2")] pub previous_type: ::prost::alloc::string::String, } /// ReflectionSchemaDiff is the representation of a diff between two schemas. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct ReflectionSchemaDiff { #[prost(oneof="reflection_schema_diff::Diff", tags="1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19")] pub diff: ::core::option::Option, } /// Nested message and enum types in `ReflectionSchemaDiff`. pub mod reflection_schema_diff { #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Diff { #[prost(message, tag="1")] DefinitionAdded(super::ReflectionDefinition), #[prost(message, tag="2")] DefinitionRemoved(super::ReflectionDefinition), #[prost(message, tag="3")] DefinitionDocCommentChanged(super::ReflectionDefinition), #[prost(message, tag="4")] RelationAdded(super::ReflectionRelation), #[prost(message, tag="5")] RelationRemoved(super::ReflectionRelation), #[prost(message, tag="6")] RelationDocCommentChanged(super::ReflectionRelation), #[prost(message, tag="7")] RelationSubjectTypeAdded(super::ReflectionRelationSubjectTypeChange), #[prost(message, tag="8")] RelationSubjectTypeRemoved(super::ReflectionRelationSubjectTypeChange), #[prost(message, tag="9")] PermissionAdded(super::ReflectionPermission), #[prost(message, tag="10")] PermissionRemoved(super::ReflectionPermission), #[prost(message, tag="11")] PermissionDocCommentChanged(super::ReflectionPermission), #[prost(message, tag="12")] PermissionExprChanged(super::ReflectionPermission), #[prost(message, tag="13")] CaveatAdded(super::ReflectionCaveat), #[prost(message, tag="14")] CaveatRemoved(super::ReflectionCaveat), #[prost(message, tag="15")] CaveatDocCommentChanged(super::ReflectionCaveat), #[prost(message, tag="16")] CaveatExprChanged(super::ReflectionCaveat), #[prost(message, tag="17")] CaveatParameterAdded(super::ReflectionCaveatParameter), #[prost(message, tag="18")] CaveatParameterRemoved(super::ReflectionCaveatParameter), #[prost(message, tag="19")] CaveatParameterTypeChanged(super::ReflectionCaveatParameterTypeChange), } } /// WatchRequest specifies what mutations to watch for, and an optional start snapshot for when to start /// watching. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WatchRequest { /// optional_object_types is a filter of resource object types to watch for relationship changes. /// If specified, only changes to the specified object types will be returned and /// optional_relationship_filters cannot be used. #[prost(string, repeated, tag="1")] pub optional_object_types: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, /// optional_start_cursor is the ZedToken holding the point-in-time at /// which to start watching for changes. /// If not specified, the watch will begin at the current head revision /// of the datastore, returning any updates that occur after the caller /// makes the request. /// Note that if this cursor references a point-in-time containing data /// that has been garbage collected, an error will be returned. #[prost(message, optional, tag="2")] pub optional_start_cursor: ::core::option::Option, /// optional_relationship_filters, if specified, indicates the /// filter(s) to apply to each relationship to be returned by watch. /// The relationship will be returned as long as at least one filter matches, /// this allows clients to match relationships on multiple filters on a single watch call. /// If specified, optional_object_types cannot be used. #[prost(message, repeated, tag="3")] pub optional_relationship_filters: ::prost::alloc::vec::Vec, /// optional_update_kinds, if specified, indicates what kinds of mutations to include. #[prost(enumeration="WatchKind", repeated, tag="4")] pub optional_update_kinds: ::prost::alloc::vec::Vec, } /// WatchResponse contains all mutation events in ascending timestamp order, /// from the requested start snapshot to a snapshot /// encoded in the watch response. The client can use the snapshot to resume /// watching where the previous watch response left off. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] pub struct WatchResponse { /// updates are the RelationshipUpdate events that have occurred since the /// last watch response. #[prost(message, repeated, tag="1")] pub updates: ::prost::alloc::vec::Vec, /// changes_through is the ZedToken that represents the point in time /// that the watch response is current through. This token can be used /// in a subsequent WatchRequest to resume watching from this point. #[prost(message, optional, tag="2")] pub changes_through: ::core::option::Option, /// optional_transaction_metadata is an optional field that returns the transaction metadata /// given to SpiceDB during the transaction that produced the changes in this response. /// This field may not exist if no transaction metadata was provided. #[prost(message, optional, tag="3")] pub optional_transaction_metadata: ::core::option::Option, /// schema_updated, if true, indicates that the schema was changed in this revision. #[prost(bool, tag="4")] pub schema_updated: bool, /// is_checkpoint, if true, indicates that a checkpoint was reached. /// A checkpoint indicates that the server guarantees that the client /// will not observe any changes at a revision below or equal to the revision in this response. #[prost(bool, tag="5")] pub is_checkpoint: bool, } #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum WatchKind { /// Default, just relationship updates (for backwards compatibility) Unspecified = 0, IncludeRelationshipUpdates = 1, IncludeSchemaUpdates = 2, IncludeCheckpoints = 3, } impl WatchKind { /// String value of the enum field names used in the ProtoBuf definition. /// /// The values are not transformed in any way and thus are considered stable /// (if the ProtoBuf definition does not change) and safe for programmatic use. pub fn as_str_name(&self) -> &'static str { match self { WatchKind::Unspecified => "WATCH_KIND_UNSPECIFIED", WatchKind::IncludeRelationshipUpdates => "WATCH_KIND_INCLUDE_RELATIONSHIP_UPDATES", WatchKind::IncludeSchemaUpdates => "WATCH_KIND_INCLUDE_SCHEMA_UPDATES", WatchKind::IncludeCheckpoints => "WATCH_KIND_INCLUDE_CHECKPOINTS", } } /// Creates an enum from field names used in the ProtoBuf definition. pub fn from_str_name(value: &str) -> ::core::option::Option { match value { "WATCH_KIND_UNSPECIFIED" => Some(Self::Unspecified), "WATCH_KIND_INCLUDE_RELATIONSHIP_UPDATES" => Some(Self::IncludeRelationshipUpdates), "WATCH_KIND_INCLUDE_SCHEMA_UPDATES" => Some(Self::IncludeSchemaUpdates), "WATCH_KIND_INCLUDE_CHECKPOINTS" => Some(Self::IncludeCheckpoints), _ => None, } } } // @@protoc_insertion_point(module)