From 4a9127d92cccae553c937a9615e255662d711761 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Wed, 18 Jun 2025 15:59:28 -0600
Subject: feat: add ability rpc endpoint

---
 Makefile            |  1 +
 build.rs            |  1 +
 proto/ability.proto | 16 ++++++++++++++++
 src/server.rs       | 25 +++++++++++++++++++++++++
 4 files changed, 43 insertions(+)
 create mode 100644 proto/ability.proto

diff --git a/Makefile b/Makefile
index 96b2f09..cc4f79f 100644
--- a/Makefile
+++ b/Makefile
@@ -23,3 +23,4 @@ test:
 .PHONY: grpcurl
 grpcurl:
 	@grpcurl -plaintext -import-path ./proto -proto helloworld.proto -d '{"name": "Tonic"}' '[::1]:50051' helloworld.Greeter/SayHello
+	@grpcurl -plaintext -import-path ./proto -proto ability.proto -d '{"subject": "gid://example/User/1", "permission": "gid://example/Permission/1", "resource": "gid://example/Project/1"}' '[::1]:50051' authz.rpc.Ability/Allowed
diff --git a/build.rs b/build.rs
index 7c661fe..3294804 100644
--- a/build.rs
+++ b/build.rs
@@ -1,4 +1,5 @@
 fn main() -> Result<(), Box<dyn std::error::Error>> {
     tonic_build::compile_protos("proto/helloworld.proto")?;
+    tonic_build::compile_protos("proto/ability.proto")?;
     Ok(())
 }
diff --git a/proto/ability.proto b/proto/ability.proto
new file mode 100644
index 0000000..ccef946
--- /dev/null
+++ b/proto/ability.proto
@@ -0,0 +1,16 @@
+syntax = "proto3";
+package authz.rpc;
+
+service Ability {
+  rpc Allowed (AllowRequest) returns (AllowReply) {}
+}
+
+message AllowRequest {
+  string subject = 1;
+  string permission = 2;
+  string resource = 3;
+}
+
+message AllowReply {
+  bool result = 1;
+}
diff --git a/src/server.rs b/src/server.rs
index d6a8bca..b52c56f 100644
--- a/src/server.rs
+++ b/src/server.rs
@@ -3,6 +3,29 @@ use tonic::{Request, Response, Status, transport::Server};
 use hello_world::greeter_server::{Greeter, GreeterServer};
 use hello_world::{HelloReply, HelloRequest};
 
+use authz_rpc::ability_server::{Ability, AbilityServer};
+use authz_rpc::{AllowReply, AllowRequest};
+
+pub mod authz_rpc {
+    tonic::include_proto!("authz.rpc");
+}
+
+#[derive(Debug, Default)]
+pub struct MyAbility {}
+
+#[tonic::async_trait]
+impl Ability for MyAbility {
+    async fn allowed(
+        &self,
+        request: Request<AllowRequest>,
+    ) -> Result<Response<AllowReply>, Status> {
+        println!("Got a request: {:?}", request);
+
+        let reply = AllowReply { result: true };
+        Ok(Response::new(reply))
+    }
+}
+
 pub mod hello_world {
     tonic::include_proto!("helloworld");
 }
@@ -29,10 +52,12 @@ impl Greeter for MyGreeter {
 #[tokio::main]
 async fn main() -> Result<(), Box<dyn std::error::Error>> {
     let addr = "[::1]:50051".parse()?;
+    let ability = MyAbility::default();
     let greeter = MyGreeter::default();
 
     Server::builder()
         .add_service(GreeterServer::new(greeter))
+        .add_service(AbilityServer::new(ability))
         .serve(addr)
         .await?;
 
-- 
cgit v1.2.3