luci: go.chromium.org/luci/common/proto/access Index | Files

package access

import "go.chromium.org/luci/common/proto/access"

Package access contains Access service protocol.

Index

Package Files

access.pb.go generate.go pb.discovery.go

func FileDescriptorSet Uses

func FileDescriptorSet() *descriptor.FileDescriptorSet

FileDescriptorSet returns a descriptor set for this proto package, which includes all defined services, and all transitive dependencies.

Will not return nil.

Do NOT modify the returned descriptor.

func RegisterAccessServer Uses

func RegisterAccessServer(s prpc.Registrar, srv AccessServer)

type AccessClient Uses

type AccessClient interface {
    // PermittedActions returns a list of actions the requester can perform
    // on a given resource.
    PermittedActions(ctx context.Context, in *PermittedActionsRequest, opts ...grpc.CallOption) (*PermittedActionsResponse, error)
    // Description returns types of resources and actions that this service
    // supports.
    // It is intended to be used as self-documentation, for humans that play
    // with the API.
    // If the concepts returned by this RPC are internal, it should be restricted.
    Description(ctx context.Context, in *empty.Empty, opts ...grpc.CallOption) (*DescriptionResponse, error)
}

AccessClient is the client API for Access service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewAccessClient Uses

func NewAccessClient(cc *grpc.ClientConn) AccessClient

func NewAccessPRPCClient Uses

func NewAccessPRPCClient(client *prpc.Client) AccessClient

type AccessServer Uses

type AccessServer interface {
    // PermittedActions returns a list of actions the requester can perform
    // on a given resource.
    PermittedActions(context.Context, *PermittedActionsRequest) (*PermittedActionsResponse, error)
    // Description returns types of resources and actions that this service
    // supports.
    // It is intended to be used as self-documentation, for humans that play
    // with the API.
    // If the concepts returned by this RPC are internal, it should be restricted.
    Description(context.Context, *empty.Empty) (*DescriptionResponse, error)
}

AccessServer is the server API for Access service.

type DescriptionResponse Uses

type DescriptionResponse struct {
    // Resources is a list of resource types presented on the given service.
    Resources            []*DescriptionResponse_ResourceDescription `protobuf:"bytes,1,rep,name=resources,proto3" json:"resources,omitempty"`
    XXX_NoUnkeyedLiteral struct{}                                   `json:"-"`
    XXX_unrecognized     []byte                                     `json:"-"`
    XXX_sizecache        int32                                      `json:"-"`
}

DescriptionResponse is the response message from Access.Description.

func (*DescriptionResponse) Descriptor Uses

func (*DescriptionResponse) Descriptor() ([]byte, []int)

func (*DescriptionResponse) GetResources Uses

func (m *DescriptionResponse) GetResources() []*DescriptionResponse_ResourceDescription

func (*DescriptionResponse) ProtoMessage Uses

func (*DescriptionResponse) ProtoMessage()

func (*DescriptionResponse) Reset Uses

func (m *DescriptionResponse) Reset()

func (*DescriptionResponse) String Uses

func (m *DescriptionResponse) String() string

func (*DescriptionResponse) XXX_DiscardUnknown Uses

func (m *DescriptionResponse) XXX_DiscardUnknown()

func (*DescriptionResponse) XXX_Marshal Uses

func (m *DescriptionResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DescriptionResponse) XXX_Merge Uses

func (m *DescriptionResponse) XXX_Merge(src proto.Message)

func (*DescriptionResponse) XXX_Size Uses

func (m *DescriptionResponse) XXX_Size() int

func (*DescriptionResponse) XXX_Unmarshal Uses

func (m *DescriptionResponse) XXX_Unmarshal(b []byte) error

type DescriptionResponse_ResourceDescription Uses

type DescriptionResponse_ResourceDescription struct {
    // Kind identifies the resource type presented on the service.
    // Access.PermittedActions accepts one of resource kinds.
    // Example: "bucket" for buildbucket bucket, "package" for CIPD package.
    //
    // For implementers:
    // Kind must match regexp `^[a-z\-/]+$`.
    Kind string `protobuf:"bytes,1,opt,name=kind,proto3" json:"kind,omitempty"`
    // Comment provides more info about the resource.
    Comment string `protobuf:"bytes,2,opt,name=comment,proto3" json:"comment,omitempty"`
    // Actions defines all possible actions that can be performed on this type
    // of resource.
    //
    // Map key is an action ID, unique within the resource.
    // It is referenced from Role.allowed_actions.
    //
    // For implementers:
    // ActionId must match regexp `^[A-Z\_]+$`.
    // Recommendations:
    // - "READ", not "GET"
    // - "DELETE", not "REMOVE"
    // - prefer concrete actions ("ADD_BUILD", "CHANGE_ACL", "INCREMENT") to
    //   abstract ones ("MODIFY", "WRITE", "UPDATE").
    Actions map[string]*DescriptionResponse_ResourceDescription_Action `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
    // Roles maps a role id to a set of actions.
    // Access configurations are typically expressed with roles, not actions.
    //
    // For implementers:
    // Role IDs must match regexp `^[A-Z\_]+$`.
    // Recommendataion: if it makes sense, make role ID close to the action
    // names, e.g. READER can READ, SCHEDULER can SCHEDULE.
    Roles                map[string]*DescriptionResponse_ResourceDescription_Role `protobuf:"bytes,4,rep,name=roles,proto3" json:"roles,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
    XXX_NoUnkeyedLiteral struct{}                                                 `json:"-"`
    XXX_unrecognized     []byte                                                   `json:"-"`
    XXX_sizecache        int32                                                    `json:"-"`
}

ResourceDescription is one resource type, e.g. buildbucket bucket or swarming pool.

func (*DescriptionResponse_ResourceDescription) Descriptor Uses

func (*DescriptionResponse_ResourceDescription) Descriptor() ([]byte, []int)

func (*DescriptionResponse_ResourceDescription) GetActions Uses

func (m *DescriptionResponse_ResourceDescription) GetActions() map[string]*DescriptionResponse_ResourceDescription_Action

func (*DescriptionResponse_ResourceDescription) GetComment Uses

func (m *DescriptionResponse_ResourceDescription) GetComment() string

func (*DescriptionResponse_ResourceDescription) GetKind Uses

func (m *DescriptionResponse_ResourceDescription) GetKind() string

func (*DescriptionResponse_ResourceDescription) GetRoles Uses

func (m *DescriptionResponse_ResourceDescription) GetRoles() map[string]*DescriptionResponse_ResourceDescription_Role

func (*DescriptionResponse_ResourceDescription) ProtoMessage Uses

func (*DescriptionResponse_ResourceDescription) ProtoMessage()

func (*DescriptionResponse_ResourceDescription) Reset Uses

func (m *DescriptionResponse_ResourceDescription) Reset()

func (*DescriptionResponse_ResourceDescription) String Uses

func (m *DescriptionResponse_ResourceDescription) String() string

func (*DescriptionResponse_ResourceDescription) XXX_DiscardUnknown Uses

func (m *DescriptionResponse_ResourceDescription) XXX_DiscardUnknown()

func (*DescriptionResponse_ResourceDescription) XXX_Marshal Uses

func (m *DescriptionResponse_ResourceDescription) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DescriptionResponse_ResourceDescription) XXX_Merge Uses

func (m *DescriptionResponse_ResourceDescription) XXX_Merge(src proto.Message)

func (*DescriptionResponse_ResourceDescription) XXX_Size Uses

func (m *DescriptionResponse_ResourceDescription) XXX_Size() int

func (*DescriptionResponse_ResourceDescription) XXX_Unmarshal Uses

func (m *DescriptionResponse_ResourceDescription) XXX_Unmarshal(b []byte) error

type DescriptionResponse_ResourceDescription_Action Uses

type DescriptionResponse_ResourceDescription_Action struct {
    // Comment provides more human-readable info about the action.
    Comment              string   `protobuf:"bytes,1,opt,name=comment,proto3" json:"comment,omitempty"`
    XXX_NoUnkeyedLiteral struct{} `json:"-"`
    XXX_unrecognized     []byte   `json:"-"`
    XXX_sizecache        int32    `json:"-"`
}

Action describes what a user can do with a resource.

func (*DescriptionResponse_ResourceDescription_Action) Descriptor Uses

func (*DescriptionResponse_ResourceDescription_Action) Descriptor() ([]byte, []int)

func (*DescriptionResponse_ResourceDescription_Action) GetComment Uses

func (m *DescriptionResponse_ResourceDescription_Action) GetComment() string

func (*DescriptionResponse_ResourceDescription_Action) ProtoMessage Uses

func (*DescriptionResponse_ResourceDescription_Action) ProtoMessage()

func (*DescriptionResponse_ResourceDescription_Action) Reset Uses

func (m *DescriptionResponse_ResourceDescription_Action) Reset()

func (*DescriptionResponse_ResourceDescription_Action) String Uses

func (m *DescriptionResponse_ResourceDescription_Action) String() string

func (*DescriptionResponse_ResourceDescription_Action) XXX_DiscardUnknown Uses

func (m *DescriptionResponse_ResourceDescription_Action) XXX_DiscardUnknown()

func (*DescriptionResponse_ResourceDescription_Action) XXX_Marshal Uses

func (m *DescriptionResponse_ResourceDescription_Action) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DescriptionResponse_ResourceDescription_Action) XXX_Merge Uses

func (m *DescriptionResponse_ResourceDescription_Action) XXX_Merge(src proto.Message)

func (*DescriptionResponse_ResourceDescription_Action) XXX_Size Uses

func (m *DescriptionResponse_ResourceDescription_Action) XXX_Size() int

func (*DescriptionResponse_ResourceDescription_Action) XXX_Unmarshal Uses

func (m *DescriptionResponse_ResourceDescription_Action) XXX_Unmarshal(b []byte) error

type DescriptionResponse_ResourceDescription_Role Uses

type DescriptionResponse_ResourceDescription_Role struct {
    // AllowedActions is a set of action IDs.
    // It defines what a role bearer can do with the resource.
    AllowedActions []string `protobuf:"bytes,1,rep,name=allowed_actions,json=allowedActions,proto3" json:"allowed_actions,omitempty"`
    // Comment provides more info about the role.
    Comment              string   `protobuf:"bytes,2,opt,name=comment,proto3" json:"comment,omitempty"`
    XXX_NoUnkeyedLiteral struct{} `json:"-"`
    XXX_unrecognized     []byte   `json:"-"`
    XXX_sizecache        int32    `json:"-"`
}

Role is a named set of allowed actions.

func (*DescriptionResponse_ResourceDescription_Role) Descriptor Uses

func (*DescriptionResponse_ResourceDescription_Role) Descriptor() ([]byte, []int)

func (*DescriptionResponse_ResourceDescription_Role) GetAllowedActions Uses

func (m *DescriptionResponse_ResourceDescription_Role) GetAllowedActions() []string

func (*DescriptionResponse_ResourceDescription_Role) GetComment Uses

func (m *DescriptionResponse_ResourceDescription_Role) GetComment() string

func (*DescriptionResponse_ResourceDescription_Role) ProtoMessage Uses

func (*DescriptionResponse_ResourceDescription_Role) ProtoMessage()

func (*DescriptionResponse_ResourceDescription_Role) Reset Uses

func (m *DescriptionResponse_ResourceDescription_Role) Reset()

func (*DescriptionResponse_ResourceDescription_Role) String Uses

func (m *DescriptionResponse_ResourceDescription_Role) String() string

func (*DescriptionResponse_ResourceDescription_Role) XXX_DiscardUnknown Uses

func (m *DescriptionResponse_ResourceDescription_Role) XXX_DiscardUnknown()

func (*DescriptionResponse_ResourceDescription_Role) XXX_Marshal Uses

func (m *DescriptionResponse_ResourceDescription_Role) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DescriptionResponse_ResourceDescription_Role) XXX_Merge Uses

func (m *DescriptionResponse_ResourceDescription_Role) XXX_Merge(src proto.Message)

func (*DescriptionResponse_ResourceDescription_Role) XXX_Size Uses

func (m *DescriptionResponse_ResourceDescription_Role) XXX_Size() int

func (*DescriptionResponse_ResourceDescription_Role) XXX_Unmarshal Uses

func (m *DescriptionResponse_ResourceDescription_Role) XXX_Unmarshal(b []byte) error

type PermittedActionsRequest Uses

type PermittedActionsRequest struct {
    // ResourceKind is one of Resource.kind values returned by Access.Description.
    // It identifies the type of the resource being checked.
    ResourceKind string `protobuf:"bytes,1,opt,name=resource_kind,json=resourceKind,proto3" json:"resource_kind,omitempty"`
    // ResourceIds identifies the resources presented on this service.
    // For example, for a buildbucket bucket it would be a bucket name
    // ("luci.chromium.try").
    // For a CIPD package it would be a full package name,
    // "infra/git/linux-amd64".
    ResourceIds          []string `protobuf:"bytes,2,rep,name=resource_ids,json=resourceIds,proto3" json:"resource_ids,omitempty"`
    XXX_NoUnkeyedLiteral struct{} `json:"-"`
    XXX_unrecognized     []byte   `json:"-"`
    XXX_sizecache        int32    `json:"-"`
}

PermittedActionsRequest is a request message to Access.PermittedActions.

Besides explicit fields in the message, there is an implicit parameter: the current identity which is defined by the "Authorization" OAuth 2.0 HTTP header and, optionally, LUCI-specific delegation token header.

func (*PermittedActionsRequest) Descriptor Uses

func (*PermittedActionsRequest) Descriptor() ([]byte, []int)

func (*PermittedActionsRequest) GetResourceIds Uses

func (m *PermittedActionsRequest) GetResourceIds() []string

func (*PermittedActionsRequest) GetResourceKind Uses

func (m *PermittedActionsRequest) GetResourceKind() string

func (*PermittedActionsRequest) ProtoMessage Uses

func (*PermittedActionsRequest) ProtoMessage()

func (*PermittedActionsRequest) Reset Uses

func (m *PermittedActionsRequest) Reset()

func (*PermittedActionsRequest) String Uses

func (m *PermittedActionsRequest) String() string

func (*PermittedActionsRequest) XXX_DiscardUnknown Uses

func (m *PermittedActionsRequest) XXX_DiscardUnknown()

func (*PermittedActionsRequest) XXX_Marshal Uses

func (m *PermittedActionsRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PermittedActionsRequest) XXX_Merge Uses

func (m *PermittedActionsRequest) XXX_Merge(src proto.Message)

func (*PermittedActionsRequest) XXX_Size Uses

func (m *PermittedActionsRequest) XXX_Size() int

func (*PermittedActionsRequest) XXX_Unmarshal Uses

func (m *PermittedActionsRequest) XXX_Unmarshal(b []byte) error

type PermittedActionsResponse Uses

type PermittedActionsResponse struct {
    // Permitted maps a resource id to resource permissions.
    Permitted map[string]*PermittedActionsResponse_ResourcePermissions `protobuf:"bytes,1,rep,name=permitted,proto3" json:"permitted,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
    // ValiditiyDuration specifies for how long clients may cache this
    // information.
    ValidityDuration     *duration.Duration `protobuf:"bytes,2,opt,name=validity_duration,json=validityDuration,proto3" json:"validity_duration,omitempty"`
    XXX_NoUnkeyedLiteral struct{}           `json:"-"`
    XXX_unrecognized     []byte             `json:"-"`
    XXX_sizecache        int32              `json:"-"`
}

PermittedActionsResponse is the response message of the Accses.PermittedActions.

func (*PermittedActionsResponse) Descriptor Uses

func (*PermittedActionsResponse) Descriptor() ([]byte, []int)

func (*PermittedActionsResponse) GetPermitted Uses

func (m *PermittedActionsResponse) GetPermitted() map[string]*PermittedActionsResponse_ResourcePermissions

func (*PermittedActionsResponse) GetValidityDuration Uses

func (m *PermittedActionsResponse) GetValidityDuration() *duration.Duration

func (*PermittedActionsResponse) ProtoMessage Uses

func (*PermittedActionsResponse) ProtoMessage()

func (*PermittedActionsResponse) Reset Uses

func (m *PermittedActionsResponse) Reset()

func (*PermittedActionsResponse) String Uses

func (m *PermittedActionsResponse) String() string

func (*PermittedActionsResponse) XXX_DiscardUnknown Uses

func (m *PermittedActionsResponse) XXX_DiscardUnknown()

func (*PermittedActionsResponse) XXX_Marshal Uses

func (m *PermittedActionsResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PermittedActionsResponse) XXX_Merge Uses

func (m *PermittedActionsResponse) XXX_Merge(src proto.Message)

func (*PermittedActionsResponse) XXX_Size Uses

func (m *PermittedActionsResponse) XXX_Size() int

func (*PermittedActionsResponse) XXX_Unmarshal Uses

func (m *PermittedActionsResponse) XXX_Unmarshal(b []byte) error

type PermittedActionsResponse_ResourcePermissions Uses

type PermittedActionsResponse_ResourcePermissions struct {
    // Actions is a list of action ids that the user can do on the resource.
    // For resources that do not exist, this list must be empty.
    Actions              []string `protobuf:"bytes,1,rep,name=actions,proto3" json:"actions,omitempty"`
    XXX_NoUnkeyedLiteral struct{} `json:"-"`
    XXX_unrecognized     []byte   `json:"-"`
    XXX_sizecache        int32    `json:"-"`
}

ResourcePermissions describes what is permitted on a single resource.

func (*PermittedActionsResponse_ResourcePermissions) Descriptor Uses

func (*PermittedActionsResponse_ResourcePermissions) Descriptor() ([]byte, []int)

func (*PermittedActionsResponse_ResourcePermissions) GetActions Uses

func (m *PermittedActionsResponse_ResourcePermissions) GetActions() []string

func (*PermittedActionsResponse_ResourcePermissions) ProtoMessage Uses

func (*PermittedActionsResponse_ResourcePermissions) ProtoMessage()

func (*PermittedActionsResponse_ResourcePermissions) Reset Uses

func (m *PermittedActionsResponse_ResourcePermissions) Reset()

func (*PermittedActionsResponse_ResourcePermissions) String Uses

func (m *PermittedActionsResponse_ResourcePermissions) String() string

func (*PermittedActionsResponse_ResourcePermissions) XXX_DiscardUnknown Uses

func (m *PermittedActionsResponse_ResourcePermissions) XXX_DiscardUnknown()

func (*PermittedActionsResponse_ResourcePermissions) XXX_Marshal Uses

func (m *PermittedActionsResponse_ResourcePermissions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PermittedActionsResponse_ResourcePermissions) XXX_Merge Uses

func (m *PermittedActionsResponse_ResourcePermissions) XXX_Merge(src proto.Message)

func (*PermittedActionsResponse_ResourcePermissions) XXX_Size Uses

func (m *PermittedActionsResponse_ResourcePermissions) XXX_Size() int

func (*PermittedActionsResponse_ResourcePermissions) XXX_Unmarshal Uses

func (m *PermittedActionsResponse_ResourcePermissions) XXX_Unmarshal(b []byte) error

Package access imports 10 packages (graph) and is imported by 4 packages. Updated 2018-10-19. Refresh now. Tools for package owners.