1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
syntax = "proto3";
package authzed.api.v0;
option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v0";
option java_package = "com.authzed.api.v0";
import "validate/validate.proto";
message RelationTuple {
// Each tupleset specifies keys of a set of relation tuples. The set can
// include a single tuple key, or all tuples with a given object ID or
// userset in a namespace, optionally constrained by a relation name.
//
// examples:
// doc:readme#viewer@group:eng#member (fully specified)
// doc:*#*#group:eng#member (all tuples that this userset relates to)
// doc:12345#*#* (all tuples with a direct relationship to a document)
// doc:12345#writer#* (all tuples with direct write relationship with the
// document) doc:#writer#group:eng#member (all tuples that eng group has write
// relationship)
ObjectAndRelation object_and_relation = 1
[ (validate.rules).message.required = true ];
User user = 2 [ (validate.rules).message.required = true ];
}
message ObjectAndRelation {
string namespace = 1 [ (validate.rules).string = {
pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$",
max_bytes : 128,
} ];
string object_id = 2 [ (validate.rules).string = {
pattern : "^(([a-zA-Z0-9_][a-zA-Z0-9/_|-]{0,127})|\\*)$",
max_bytes : 128,
} ];
string relation = 3 [ (validate.rules).string = {
pattern : "^(\\.\\.\\.|[a-z][a-z0-9_]{1,62}[a-z0-9])$",
max_bytes : 64,
} ];
}
message RelationReference {
string namespace = 1 [ (validate.rules).string = {
pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$",
max_bytes : 128,
} ];
string relation = 3 [ (validate.rules).string = {
pattern : "^(\\.\\.\\.|[a-z][a-z0-9_]{1,62}[a-z0-9])$",
max_bytes : 64,
} ];
}
message User {
oneof user_oneof {
option (validate.required) = true;
ObjectAndRelation userset = 2 [ (validate.rules).message.required = true ];
}
}
|
