From 8ca3433b2a4a82723e00e64b1e5aff0b1bed95b3 Mon Sep 17 00:00:00 2001 From: benj Date: Fri, 30 Dec 2022 15:57:36 -0800 Subject: impl authZ write and check (depends on spicedb for now) --- .../secd/proto/authzed/api/v1/error_reason.proto | 197 +++++++++++++++++++++ 1 file changed, 197 insertions(+) create mode 100644 crates/secd/proto/authzed/api/v1/error_reason.proto (limited to 'crates/secd/proto/authzed/api/v1/error_reason.proto') diff --git a/crates/secd/proto/authzed/api/v1/error_reason.proto b/crates/secd/proto/authzed/api/v1/error_reason.proto new file mode 100644 index 0000000..401a3d0 --- /dev/null +++ b/crates/secd/proto/authzed/api/v1/error_reason.proto @@ -0,0 +1,197 @@ +syntax = "proto3"; +package authzed.api.v1; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1"; +option java_package = "com.authzed.api.v1"; + +// Defines the supported values for `google.rpc.ErrorInfo.reason` for the +// `authzed.com` error domain. +enum ErrorReason { + // Do not use this default value. + ERROR_REASON_UNSPECIFIED = 0; + + // The request gave a schema that could not be parsed. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_SCHEMA_PARSE_ERROR", + // "domain": "authzed.com", + // "metadata": { + // "start_line_number": "1", + // "start_column_position": "19", + // "end_line_number": "1", + // "end_column_position": "19", + // "source_code": "somedefinition", + // } + // } + // + // The line numbers and column positions are 0-indexed and may not be present. + ERROR_REASON_SCHEMA_PARSE_ERROR = 1; + + // The request contains a schema with a type error. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_SCHEMA_TYPE_ERROR", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // ... additional keys based on the kind of type error ... + // } + // } + ERROR_REASON_SCHEMA_TYPE_ERROR = 2; + + // The request referenced an unknown object definition in the schema. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_UNKNOWN_DEFINITION", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition" + // } + // } + ERROR_REASON_UNKNOWN_DEFINITION = 3; + + // The request referenced an unknown relation or permission under a definition in the schema. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "relation_or_permission_name": "somepermission" + // } + // } + ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION = 4; + + // The WriteRelationships request contained more updates than the maximum configured. + // + // Example of an ErrorInfo: + // + // { "reason": "ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST", + // "domain": "authzed.com", + // "metadata": { + // "update_count": "525", + // "maximum_updates_allowed": "500", + // } + // } + ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST = 5; + + // The request contained more preconditions than the maximum configured. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST", + // "domain": "authzed.com", + // "metadata": { + // "precondition_count": "525", + // "maximum_preconditions_allowed": "500", + // } + // } + ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST = 6; + + // The request contained a precondition that failed. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE", + // "domain": "authzed.com", + // "metadata": { + // "precondition_resource_type": "document", + // ... other fields for the filter ... + // "precondition_operation": "MUST_EXIST", + // } + // } + ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE = 7; + + // A write or delete request was made to an instance that is deployed in read-only mode. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_SERVICE_READ_ONLY", + // "domain": "authzed.com" + // } + ERROR_REASON_SERVICE_READ_ONLY = 8; + + // The request referenced an unknown caveat in the schema. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_UNKNOWN_CAVEAT", + // "domain": "authzed.com", + // "metadata": { + // "caveat_name": "somecaveat" + // } + // } + ERROR_REASON_UNKNOWN_CAVEAT = 9; + + // The request tries to use a subject type that was not valid for a relation. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_INVALID_SUBJECT_TYPE", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "relation_name": "somerelation", + // "subject_type": "user:*" + // } + // } + ERROR_REASON_INVALID_SUBJECT_TYPE = 10; + + // The request tries to specify a caveat parameter value with the wrong type. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "relation_name": "somerelation", + // "caveat_name": "somecaveat", + // "parameter_name": "someparameter", + // "expected_type": "int", + // } + // } + ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR = 11; + + // The request tries to perform two or more updates on the same relationship in the same WriteRelationships call. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "relationship": "somerelationship", + // } + // } + ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP = 12; + + // The request tries to write a relationship on a permission instead of a relation. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_CANNOT_UPDATE_PERMISSION", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "permission_name": "somerelation", + // } + // } + ERROR_REASON_CANNOT_UPDATE_PERMISSION = 13; +} \ No newline at end of file -- cgit v1.2.3