diff --git a/buf.lock b/buf.lock index 25a03bff..57eef72b 100644 --- a/buf.lock +++ b/buf.lock @@ -1,17 +1,24 @@ # Generated by buf. DO NOT EDIT. version: v1 deps: + - remote: buf.build + owner: envoyproxy + repository: protoc-gen-validate + branch: main + commit: bb405eae115246f0b5ccf8997136e3d8 + digest: b1-BJUoAjBMVXaIMUNFJ5kdGr-be0QDwhDSTEDQpoxXzys= + create_time: 2021-08-20T15:05:15.02577Z - remote: buf.build owner: googleapis repository: googleapis branch: main - commit: d1a849b8f8304950832335723096e954 - digest: b1-zJkwX0YeOp1Wa0Jaj_RqMLa2-oEzePH6PJEK8aaMeI4= - create_time: 2021-08-26T15:07:19.652533Z + commit: e16155da3b4a49e48bd18cdcb029004d + digest: b1--CthFBW4QSXRq35NiPd7Uu9WN2xWeV9_GVRe5mbTVuI= + create_time: 2021-09-30T15:08:49.529359Z - remote: buf.build owner: grpc-ecosystem repository: grpc-gateway branch: main - commit: d1922677830c448eb65ec590f3abc734 - digest: b1-zmmsl0XlsSF4_BhZe7w9NMdImBCRtMSn68rmn9H1faQ= - create_time: 2021-08-17T02:45:07.151993Z + commit: de24a84aed3d4d84806740946b55d947 + digest: b1-Q-mEW3P3NR5UL8gm0pr3YWFSo5DAtrBqqgvkwH2WFWw= + create_time: 2021-09-08T00:32:28.231758Z diff --git a/buf.yaml b/buf.yaml index 55b84a91..8870c7e5 100644 --- a/buf.yaml +++ b/buf.yaml @@ -3,6 +3,7 @@ name: buf.build/odpf/proton deps: - buf.build/googleapis/googleapis - buf.build/grpc-ecosystem/grpc-gateway + - buf.build/envoyproxy/protoc-gen-validate breaking: use: - WIRE diff --git a/odpf/shield/v1/shield.proto b/odpf/shield/v1/shield.proto new file mode 100644 index 00000000..6c1c403d --- /dev/null +++ b/odpf/shield/v1/shield.proto @@ -0,0 +1,536 @@ +syntax = "proto3"; +package odpf.shield.v1; + +import "google/api/annotations.proto"; +import "protoc-gen-openapiv2/options/annotations.proto"; +import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; +import "validate/validate.proto"; + +option go_package = "github.com/odpf/proton/shield/v1;shieldv1"; +option java_package = "io.odpf.proton.shield.v1"; +option java_outer_classname = "Shield"; + + +// These annotations are used when generating the OpenAPI file. +option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { + info: { + title: "Shield", + version: "0.1.0"; + }; + schemes: HTTP; +}; + +service ShieldService { + // Users + rpc ListUsers(ListUsersRequest) returns (ListUsersResponse) { + option (google.api.http) = { + get: "/v1/users" + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "User"; + summary: "Get All Users"; + }; + } + rpc CreateUser(CreateUserRequest) returns (CreateUserResponse) { + option (google.api.http) = { + post: "/v1/users", + body: "body"; + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "User"; + summary: "Create User"; + }; + } + + rpc GetUser(GetUserRequest) returns (GetUserResponse) { + option (google.api.http) = { + get: "/v1/users/{id}", + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "User"; + summary: "Get a User by id"; + }; + } + + rpc GetCurrentUser(GetCurrentUserRequest) returns (GetCurrentUserResponse) { + option (google.api.http) = { + get: "/v1/users/self", + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "User"; + summary: "Get current user"; + }; + } + + rpc UpdateUser(UpdateUserRequest) returns (UpdateUserResponse) { + option (google.api.http) = { + put: "/v1/users/{id}", + body: "body"; + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "User"; + summary: "Update User by ID"; + }; + } + + rpc UpdateCurrentUser(UpdateCurrentUserRequest) returns (UpdateCurrentUserResponse) { + option (google.api.http) = { + put: "/v1/users/self", + body: "body"; + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "User"; + summary: "Update current User"; + }; + } + + // Group + rpc ListGroups(ListGroupsRequest) returns (ListGroupsResponse) { + option (google.api.http) = { + get: "/v1/groups", + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Group"; + summary: "Get all Groups"; + }; + } + + rpc CreateGroup(CreateGroupRequest) returns (CreateGroupResponse) { + option (google.api.http) = { + post: "/v1/groups", + body: "body"; + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Group"; + summary: "Create Group"; + }; + } + + rpc GetGroup(GetGroupRequest) returns (GetGroupResponse) { + option (google.api.http) = { + get: "/v1/groups/{id}", + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Group"; + summary: "Get Group by ID"; + }; + } + + rpc ListGroupUsers(ListGroupUsersRequest) returns (ListGroupUsersResponse) { + option (google.api.http) = { + get: "/v1/groups/{id}/users", + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Group"; + summary: "Get all Users in a Group"; + }; + } + + rpc UpdateGroup(UpdateGroupRequest) returns (UpdateGroupResponse) { + option (google.api.http) = { + put: "/v1/groups/{id}", + body: "body"; + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Group"; + summary: "Update Group by ID"; + }; + } + + // Roles + rpc ListRoles(ListRolesRequest) returns (ListRolesResponse) { + option (google.api.http) = { + get: "/v1/roles", + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Role"; + summary: "Get all Roles"; + }; + } + + rpc CreateRole(CreateRoleRequest) returns (CreateRoleResponse) { + option (google.api.http) = { + post: "/v1/roles", + body: "body"; + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Role"; + summary: "Create Role"; + }; + } + + rpc GetRole(GetRoleRequest) returns (GetRoleResponse) { + option (google.api.http) = { + get: "/v1/roles/{id}", + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Role"; + summary: "Get Role by ID"; + }; + } + + rpc UpdateRole(UpdateRoleRequest) returns (UpdateRoleResponse) { + option (google.api.http) = { + put: "/v1/roles/{id}", + body: "body"; + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Role"; + summary: "Update Role by ID"; + }; + } + + // Organizations + rpc ListOrganizations(ListOrganizationsRequest) returns (ListOrganizationsResponse) { + option (google.api.http) = { + get: "/v1/organizations" + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Organization"; + summary: "Get all Organization"; + }; + } + + rpc CreateOrganization(CreateOrganizationRequest) returns (CreateOrganizationResponse) { + option (google.api.http) = { + post: "/v1/organizations", + body: "body" + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Organization"; + summary: "Create Organization"; + }; + } + + rpc GetOrganization(GetOrganizationRequest) returns (GetOrganizationResponse) { + option (google.api.http) = { + get: "/v1/organizations/{id}", + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Organization"; + summary: "Get Organization by ID"; + }; + } + + rpc UpdateOrganization(UpdateOrganizationRequest) returns (UpdateOrganizationResponse) { + option (google.api.http) = { + put: "/v1/organizations/{id}", + body: "body" + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Organization"; + summary: "Update Organization by ID"; + }; + } + + // Projects + rpc ListProjects(ListProjectsRequest) returns (ListProjectsResponse) { + option (google.api.http) = { + get: "/v1/projects" + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Project"; + summary: "Get all Project"; + }; + } + + rpc CreateProject(CreateProjectRequest) returns (CreateProjectResponse) { + option (google.api.http) = { + post: "/v1/projects", + body: "body" + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Project"; + summary: "Create Project"; + }; + } + + rpc GetProject(GetProjectRequest) returns (GetProjectResponse) { + option (google.api.http) = { + get: "/v1/projects/{id}", + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Project"; + summary: "Get Project by ID"; + }; + } + + rpc UpdateProject(UpdateProjectRequest) returns (UpdateProjectResponse) { + option (google.api.http) = { + put: "/v1/projects/{id}", + body: "body" + }; + option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { + tags: "Project"; + summary: "Update Project by ID"; + }; + } + +} + +message UserRequestBody { + string name = 1 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + string email = 2 [(validate.rules).string.email = true]; + google.protobuf.Struct metadata = 3; +} + +message CreateUserRequest { + UserRequestBody body = 1; +} + +message User { + string id = 1; + string name = 2 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + string slug = 3; + string email = 4 [(validate.rules).string.email = true]; + google.protobuf.Struct metadata = 5; + google.protobuf.Timestamp created_at = 6; + google.protobuf.Timestamp updated_at = 7; +} + +message CreateUserResponse { + User user = 1; +} + +message GetUserResponse { + User user = 1; +} + +message GetCurrentUserResponse { + User user = 1; +} + +message UpdateUserResponse { + User user = 1; +} + +message UpdateCurrentUserResponse { + User user = 1; +} + +message UpdateUserRequest { + string id = 1; + UserRequestBody body = 2; +} + +message GetUserRequest { + string id = 1; +} + +message GetCurrentUserRequest { +} + +message ListUsersRequest { + google.protobuf.Struct fields = 1; +} + +message ListUsersResponse { + repeated User users = 1; +} + +message GroupRequestBody { + string name = 1 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + string slug = 2; + google.protobuf.Struct metadata = 3; +} + +message CreateGroupRequest { + GroupRequestBody body = 1; +} + +message Group { + string id = 1; + string name = 2 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + string slug = 3; + repeated User admins = 4; + int32 member_count = 5; + string org_id = 6; + google.protobuf.Struct metadata = 7; + google.protobuf.Timestamp created_at = 8; + google.protobuf.Timestamp updated_at = 9; +} + +message CreateGroupResponse { + Group group = 1; +} + +message GetGroupResponse { + Group group = 1; +} + +message UpdateGroupResponse { + Group group = 1; +} + +message ListGroupUsersResponse { + repeated User users = 1; +} + +message UpdateGroupRequest { + string id = 1; + GroupRequestBody body = 2; +} + +message UpdateCurrentUserRequest { + GroupRequestBody body = 1; +} + +message GetGroupRequest { + string id = 1; +} + +message ListGroupUsersRequest { + string id = 1; +} + +message ListGroupsRequest { + string user_id = 1; +} + +message ListGroupsResponse { + repeated Group groups = 1; +} + +message Role { + string id = 1; + string name = 2 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + repeated string tags = 3; + repeated string actions = 4; + google.protobuf.Struct metadata = 5; + google.protobuf.Timestamp created_at = 6; + google.protobuf.Timestamp updated_at = 7; +} + +message RoleRequestBody { + string name = 1 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + repeated string tags = 2; + repeated string actions = 3; + google.protobuf.Struct metadata = 4; +} + +message CreateRoleRequest { + RoleRequestBody body = 1; +} + +message CreateRoleResponse { + Role role = 1; +} + +message GetRoleResponse { + Role role = 1; +} + +message UpdateRoleResponse { + Role role = 1; +} + +message GetRoleRequest { + string id = 1; +} + +message UpdateRoleRequest { + string id = 1; + RoleRequestBody body = 2; +} + +message ListRolesRequest { +} + +message ListRolesResponse { + repeated Role roles = 1; +} + +message OrganizationRequestBody { + string name = 1 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + string slug = 2; + google.protobuf.Struct metadata = 3; +} + +message CreateOrganizationRequest { + OrganizationRequestBody body = 1; +} + +message Organization { + string id = 1; + string name = 2 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + string slug = 3; + google.protobuf.Struct metadata = 4; + google.protobuf.Timestamp created_at = 5; + google.protobuf.Timestamp updated_at = 6; +} + +message CreateOrganizationResponse { + Organization organization = 1; +} + +message GetOrganizationResponse { + Organization organization = 1; +} + +message UpdateOrganizationResponse { + Organization organization = 1; +} + +message ListOrganizationsRequest { +} + +message ListOrganizationsResponse { + repeated Organization organizations = 1; +} + +message GetOrganizationRequest { + string id = 1; +} + +message UpdateOrganizationRequest { + string id = 1; + OrganizationRequestBody body = 2; +} + +message ProjectRequestBody { + string name = 1 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + string slug = 2; + google.protobuf.Struct metadata = 3; +} + +message CreateProjectRequest { + ProjectRequestBody body = 1; +} + +message Project { + string id = 1; + string name = 2 [(validate.rules).string.pattern = "^[A-Za-z0-9_-]+$"]; + string slug = 3; + google.protobuf.Struct metadata = 4; + google.protobuf.Timestamp created_at = 5; + google.protobuf.Timestamp updated_at = 6; +} + +message CreateProjectResponse { + Project project = 1; +} + +message GetProjectResponse { + Project project = 1; +} + +message UpdateProjectResponse { + Project project = 1; +} + +message ListProjectsRequest { +} + +message ListProjectsResponse { + repeated Project projects = 1; +} + +message GetProjectRequest { + string id = 1; +} + +message UpdateProjectRequest { + string id = 1; + ProjectRequestBody body = 2; +}