Skip to content

api.md

Latest commit

 

History

History
2186 lines (979 loc) · 63.4 KB

api.md

File metadata and controls

2186 lines (979 loc) · 63.4 KB

Protocol Documentation

Table of Contents

Top

aserto/directory/common/v3/common.proto

Object

Field Type Label Description
type string object type identifier
id string object instance identifier
display_name string display name object (optional)
properties google.protobuf.Struct property bag (optional)
created_at google.protobuf.Timestamp created at timestamp (UTC)
updated_at google.protobuf.Timestamp last updated timestamp (UTC)
etag string object instance etag (optional)

ObjectIdentifier

Object identifier

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier

PaginationRequest

Pagination request

Field Type Label Description
size int32 requested page size, valid value between 1-100 rows (optional, default 100)
token string pagination start token (optional, default "")

PaginationResponse

Pagination response

Field Type Label Description
next_token string next page token, when empty there are no more pages to fetch

Relation

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string object relation name
subject_type string subject type identifier
subject_id string subject instance identifier
subject_relation string subject relation name (optional)
created_at google.protobuf.Timestamp created at timestamp (UTC)
updated_at google.protobuf.Timestamp last updated timestamp (UTC)
etag string object instance etag (optional)

RelationIdentifier

Relation identifier

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string object relation name
subject_type string subject type identifier
subject_id string subject instance identifier
subject_relation string subject relation name (optional)

Top

aserto/directory/common/v4/common.proto

Manifest

Manifest

Field Type Label Description
body bytes manifest payload
updated_at google.protobuf.Timestamp last updated timestamp (UTC)
etag string manifest instance etag (optional)

Model

Model

Field Type Label Description
model google.protobuf.Struct model representation of manifest
updated_at google.protobuf.Timestamp last updated timestamp (UTC)
etag string manifest instance etag

Object

Object

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
properties google.protobuf.Struct property bag (optional)
updated_at google.protobuf.Timestamp last updated timestamp (UTC)
etag string object instance etag (optional)

ObjectIdentifier

Object identifier

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier

PaginationRequest

Pagination request

Field Type Label Description
size int32 requested page size, valid value between 1-1000 rows (optional, default 100)
token string pagination start token (optional default "")

PaginationResponse

Pagination response

Field Type Label Description
next_token string next page token, when empty there are no more pages to fetch

Relation

Relation

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string object relation name
subject_type string subject type identifier
subject_id string subject instance identifier
subject_relation string subject relation name (optional)
updated_at google.protobuf.Timestamp last updated timestamp (UTC)
etag string object instance etag (optional)

RelationIdentifier

Relation identifier

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string object relation name
subject_type string subject type identifier
subject_id string subject instance identifier
subject_relation string subject relation name (optional)

Top

aserto/directory/exporter/v3/exporter.proto

ExportRequest

Field Type Label Description
options uint32 data export options mask
start_from google.protobuf.Timestamp start export from timestamp (UTC)

ExportResponse

Field Type Label Description
object aserto.directory.common.v3.Object object instance (data)
relation aserto.directory.common.v3.Relation relation instance (data)
stats google.protobuf.Struct object and/or relation stats (no data)

Option

Name Number Description
OPTION_UNKNOWN 0 nothing selected (default initialization value)
OPTION_DATA_OBJECTS 8 object instances
OPTION_DATA_RELATIONS 16 relation instances
OPTION_DATA 24 all data = OPTION_DATA_OBJECTS
OPTION_STATS 64 stats

Exporter

Method Name Request Type Response Type Description
Export ExportRequest ExportResponse stream export objects and relations as a stream

Top

aserto/directory/importer/v3/importer.proto

ImportCounter

Field Type Label Description
recv uint64 number of messages received
set uint64 number of messages with OPCODE_SET
delete uint64 number of messages with OPCODE_DELETE
error uint64 number of messages resulting in error
type string counter of type (object

ImportRequest

Field Type Label Description
op_code Opcode operation Opcode enum value
object aserto.directory.common.v3.Object object import message
relation aserto.directory.common.v3.Relation relation import message

ImportResponse

Field Type Label Description
object ImportCounter Deprecated. object import counter
relation ImportCounter Deprecated. relation import counter
status ImportStatus import status message
counter ImportCounter import counter per type

ImportStatus

Field Type Label Description
code uint32 gRPC status code (google.golang.org/grpc/codes)
msg string gRPC status message (google.golang.org/grpc/status)
req ImportRequest req contains the original import request message

Opcode

Name Number Description
OPCODE_UNKNOWN 0
OPCODE_SET 1
OPCODE_DELETE 2
OPCODE_DELETE_WITH_RELATIONS 3

Importer

Method Name Request Type Response Type Description
Import ImportRequest stream ImportResponse stream import stream of objects and relations

Top

aserto/directory/model/v3/model.proto

Body

Field Type Label Description
data bytes manifest content

DeleteManifestRequest

Field Type Label Description
empty google.protobuf.Empty empty request

DeleteManifestResponse

Field Type Label Description
result google.protobuf.Empty empty result

GetManifestRequest

Field Type Label Description
empty google.protobuf.Empty empty request

GetManifestResponse

Field Type Label Description
metadata Metadata Manifest metadata
body Body Manifest content
model google.protobuf.Struct Model

Metadata

Field Type Label Description
updated_at google.protobuf.Timestamp last updated timestamp (UTC)
etag string object instance etag (optional)

SetManifestRequest

Field Type Label Description
body Body Manifest content

SetManifestResponse

Field Type Label Description
result google.protobuf.Empty empty result

Model

Method Name Request Type Response Type Description
GetManifest GetManifestRequest GetManifestResponse stream get manifest instance
SetManifest SetManifestRequest stream SetManifestResponse set manifest instance
DeleteManifest DeleteManifestRequest DeleteManifestResponse delete manifest instance

Top

aserto/directory/openapi/v3/openapi.proto

Top

aserto/directory/openapi/v4/openapi.proto

Top

aserto/directory/reader/v3/reader.proto

CheckPermissionRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
permission string permission name
subject_type string subject type identifier
subject_id string subject instance identifier
trace bool collect trace information (optional)

CheckPermissionResponse

Field Type Label Description
check bool check result
trace string repeated trace information

CheckRelationRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string relation name
subject_type string subject type identifier
subject_id string subject instance identifier
trace bool collect trace information (optional)

CheckRelationResponse

Field Type Label Description
check bool check result
trace string repeated trace information

CheckRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string relation name
subject_type string subject type identifier
subject_id string subject instance identifier
trace bool collect trace information (optional)

CheckResponse

Field Type Label Description
check bool check result
trace string repeated trace information
context google.protobuf.Struct context

ChecksRequest

Field Type Label Description
default CheckRequest
checks CheckRequest repeated

ChecksResponse

Field Type Label Description
checks CheckResponse repeated

GetGraphRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier (optional)
relation string relation name
subject_type string subject type identifier
subject_id string subject instance identifier (optional)
subject_relation string subject relation name (optional)
explain bool return graph paths for each result (optional)
trace bool collect trace information (optional)

GetGraphResponse

Field Type Label Description
results aserto.directory.common.v3.ObjectIdentifier repeated matching object identifiers
explanation google.protobuf.Struct explanation of results
trace string repeated trace information

GetObjectManyRequest

Field Type Label Description
param aserto.directory.common.v3.ObjectIdentifier repeated object identifier list

GetObjectManyResponse

Field Type Label Description
results aserto.directory.common.v3.Object repeated array of object instances

GetObjectRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
with_relations bool materialize the object relations objects (optional)

pagination request (optional) aserto.directory.common.v3.PaginationRequest page = 9 [(google.api.field_behavior) = OPTIONAL]; |

GetObjectResponse

Field Type Label Description
result aserto.directory.common.v3.Object object instance
relations aserto.directory.common.v3.Relation repeated object relations

pagination response aserto.directory.common.v3.PaginationResponse page = 9; |

GetObjectsRequest

Field Type Label Description
object_type string object type identifier (optional)
page aserto.directory.common.v3.PaginationRequest pagination request (optional)

GetObjectsResponse

Field Type Label Description
results aserto.directory.common.v3.Object repeated array of object instances
page aserto.directory.common.v3.PaginationResponse pagination response

GetRelationRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string relation name
subject_type string subject type identifier
subject_id string subject instance identifier
subject_relation string subject relation name (optional)
with_objects bool materialize relation objects (optional)

GetRelationResponse

Field Type Label Description
result aserto.directory.common.v3.Relation relation instance
objects GetRelationResponse.ObjectsEntry repeated map of materialized relation objects

GetRelationResponse.ObjectsEntry

Field Type Label Description
key string
value aserto.directory.common.v3.Object

GetRelationsRequest

Field Type Label Description
object_type string object type identifier (optional)
object_id string object instance identifier (optional)
relation string relation name (optional)
subject_type string subject type identifier (optional)
subject_id string subject instance identifier (optional)
subject_relation string subject relation name (optional)
with_objects bool materialize relation objects (optional)
with_empty_subject_relation bool only return relations that do not have a subject relation (optional)
page aserto.directory.common.v3.PaginationRequest pagination request (optional)

GetRelationsResponse

Field Type Label Description
results aserto.directory.common.v3.Relation repeated array of relation instances
objects GetRelationsResponse.ObjectsEntry repeated map of materialized relation objects
page aserto.directory.common.v3.PaginationResponse pagination response

GetRelationsResponse.ObjectsEntry

Field Type Label Description
key string
value aserto.directory.common.v3.Object

Reader

Method Name Request Type Response Type Description
GetObject GetObjectRequest GetObjectResponse get object
GetObjectMany GetObjectManyRequest GetObjectManyResponse get multiple objects
GetObjects GetObjectsRequest GetObjectsResponse list objects
GetRelation GetRelationRequest GetRelationResponse get relation
GetRelations GetRelationsRequest GetRelationsResponse list relations
Check CheckRequest CheckResponse check if subject has relation or permission with object
Checks ChecksRequest ChecksResponse checks validates a set of check requests in a single roundtrip
CheckPermission CheckPermissionRequest CheckPermissionResponse check permission (deprecated, use the check method) Deprecated: use directory.reader.v3.Check()
CheckRelation CheckRelationRequest CheckRelationResponse check relation (deprecated, use the check method) Deprecated: use directory.reader.v3.Check()
GetGraph GetGraphRequest GetGraphResponse get object relationship graph

Top

aserto/directory/reader/v4/reader.proto

CheckRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string relation name
subject_type string subject type identifier
subject_id string subject instance identifier
trace bool collect trace information (optional)

CheckResponse

Field Type Label Description
check bool check result
trace string repeated trace information
context google.protobuf.Struct context

ChecksRequest

Field Type Label Description
default CheckRequest default values
checks CheckRequest repeated array of check requests

ChecksResponse

Field Type Label Description
checks CheckResponse repeated array of check responses

ExportRequest

Field Type Label Description
options uint32 data export options mask
start_from google.protobuf.Timestamp start export from timestamp (UTC)

ExportResponse

Field Type Label Description
manifest aserto.directory.common.v4.Manifest manifest
model aserto.directory.common.v4.Model model
object aserto.directory.common.v4.Object object
relation aserto.directory.common.v4.Relation relation
stats google.protobuf.Struct stats

GetGraphRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier (optional)
relation string relation name
subject_type string subject type identifier
subject_id string subject instance identifier (optional)
subject_relation string subject relation name (optional)
explain bool return graph paths for each result (optional)
trace bool collect trace information (optional)

GetGraphResponse

Field Type Label Description
results aserto.directory.common.v4.ObjectIdentifier repeated matching object identifiers
explanation google.protobuf.Struct explanation of results
trace string repeated trace information

GetManifestRequest

Field Type Label Description
empty google.protobuf.Empty empty request

GetManifestResponse

Field Type Label Description
result aserto.directory.common.v4.Manifest manifest instance

GetModelRequest

Field Type Label Description
empty google.protobuf.Empty empty request

GetModelResponse

Field Type Label Description
result aserto.directory.common.v4.Model model instance

GetObjectRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
with_relations bool materialize the object relations objects (optional)

GetObjectResponse

Field Type Label Description
result aserto.directory.common.v4.Object object instance
relations aserto.directory.common.v4.Relation repeated array of associated relations of given object instance

GetObjectsRequest

Field Type Label Description
param aserto.directory.common.v4.ObjectIdentifier repeated array of object identifiers

GetObjectsResponse

Field Type Label Description
results aserto.directory.common.v4.Object repeated array of object instances

GetRelationRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string relation name
subject_type string subject type identifier
subject_id string subject instance identifier
subject_relation string subject relation name (optional)
with_objects bool materialize relation objects (optional)

GetRelationResponse

Field Type Label Description
result aserto.directory.common.v4.Relation relation instance
object aserto.directory.common.v4.Object object instance, set when with_objects=true
subject aserto.directory.common.v4.Object subject instance, set when with_objects=true

GetRelationsRequest

Field Type Label Description
param aserto.directory.common.v4.RelationIdentifier repeated array of relation identifiers

GetRelationsResponse

Field Type Label Description
results aserto.directory.common.v4.Relation repeated array of relation instances

ListObjectsRequest

Field Type Label Description
object_type string object type identifier (optional)
page aserto.directory.common.v4.PaginationRequest pagination request (optional)

ListObjectsResponse

Field Type Label Description
results aserto.directory.common.v4.Object repeated array of object instances
page aserto.directory.common.v4.PaginationResponse pagination response

ListRelationsRequest

Field Type Label Description
object_type string object type identifier (optional)
object_id string object instance identifier (optional)
relation string relation name (optional)
subject_type string subject type identifier (optional)
subject_id string subject instance identifier (optional)
subject_relation string subject relation name (optional)
with_objects bool materialize relation objects (optional)
with_empty_subject_relation bool only return relations that do not have a subject relation. (optional)
page aserto.directory.common.v4.PaginationRequest pagination request (optional)

ListRelationsResponse

Field Type Label Description
results aserto.directory.common.v4.Relation repeated array of relation instances
objects ListRelationsResponse.ObjectsEntry repeated map of materialized relation objects
page aserto.directory.common.v4.PaginationResponse pagination response

ListRelationsResponse.ObjectsEntry

Field Type Label Description
key string
value aserto.directory.common.v4.Object

Option

Name Number Description
OPTION_UNKNOWN 0 nothing selected (default initialization value)
OPTION_DATA_MANIFEST 1 manifest instances
OPTION_DATA_MODEL 2 model instances
OPTION_DATA_OBJECTS 8 object instances
OPTION_DATA_RELATIONS 16 relation instances
OPTION_DATA 24 all data = OPTION_DATA_OBJECTS
OPTION_STATS 64 stats

Reader

Directory Reader service

Method Name Request Type Response Type Description
GetManifest GetManifestRequest GetManifestResponse get manifest
GetModel GetModelRequest GetModelResponse get model
GetObject GetObjectRequest GetObjectResponse get object
GetObjects GetObjectsRequest GetObjectsResponse get multiple objects
ListObjects ListObjectsRequest ListObjectsResponse list objects
GetRelation GetRelationRequest GetRelationResponse get relation
GetRelations GetRelationsRequest GetRelationsResponse get multiple relations in a single round trip
ListRelations ListRelationsRequest ListRelationsResponse list relations
Check CheckRequest CheckResponse check if subject has relation or permission with object
Checks ChecksRequest ChecksResponse checks validates a set of check requests in a single roundtrip
GetGraph GetGraphRequest GetGraphResponse get object relationship graph
Export ExportRequest ExportResponse stream stream exporter, exports manifests, models, objects and relations

Top

aserto/directory/writer/v3/writer.proto

DeleteObjectRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
with_relations bool delete object relations, both object and subject relations (optional)

DeleteObjectResponse

Field Type Label Description
result google.protobuf.Empty empty result

DeleteRelationRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string object relation name
subject_type string subject type identifier
subject_id string subject instance identifier
subject_relation string subject relation name (optional)

DeleteRelationResponse

Field Type Label Description
result google.protobuf.Empty empty result

SetObjectRequest

Field Type Label Description
object aserto.directory.common.v3.Object object instance

SetObjectResponse

Field Type Label Description
result aserto.directory.common.v3.Object object instance

SetRelationRequest

Field Type Label Description
relation aserto.directory.common.v3.Relation relation instance

SetRelationResponse

Field Type Label Description
result aserto.directory.common.v3.Relation relation instance

Writer

Method Name Request Type Response Type Description
SetObject SetObjectRequest SetObjectResponse set object instance
DeleteObject DeleteObjectRequest DeleteObjectResponse delete object instance
SetRelation SetRelationRequest SetRelationResponse set relation instance
DeleteRelation DeleteRelationRequest DeleteRelationResponse delete relation instance

Top

aserto/directory/writer/v4/writer.proto

DeleteManifestRequest

Field Type Label Description
empty google.protobuf.Empty empty request

DeleteManifestResponse

Field Type Label Description
result google.protobuf.Empty empty result

DeleteObjectRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
with_relations bool delete object relations, both object and subject relations (optional)

DeleteObjectResponse

Field Type Label Description
result google.protobuf.Empty empty result

DeleteRelationRequest

Field Type Label Description
object_type string object type identifier
object_id string object instance identifier
relation string object relation name
subject_type string subject type identifier
subject_id string subject instance identifier
subject_relation string subject relation name (optional)

DeleteRelationResponse

Field Type Label Description
result google.protobuf.Empty empty result

ImportCounter

Field Type Label Description
type string counter of type (manifest
recv uint64 number of messages received
get uint64 number of messages with OPCODE_GET
set uint64 number of messages with OPCODE_SET
delete uint64 number of messages with OPCODE_DELETE
error uint64 number of messages resulting in error

ImportRequest

Field Type Label Description
op_code Opcode operation Opcode enum value
manifest aserto.directory.common.v4.Manifest manifest
model aserto.directory.common.v4.Manifest model
object aserto.directory.common.v4.Object object
relation aserto.directory.common.v4.Relation relation

ImportResponse

Field Type Label Description
manifest aserto.directory.common.v4.Manifest manifest
model aserto.directory.common.v4.Manifest model (GET only)
object aserto.directory.common.v4.Object object
relation aserto.directory.common.v4.Relation relation
status ImportStatus import status message
counter ImportCounter import counter per type

ImportStatus

Field Type Label Description
code uint32 gRPC status code (google.golang.org/grpc/codes)
msg string gRPC status message (google.golang.org/grpc/status)
req ImportRequest req contains the original import request message

SetManifestRequest

Field Type Label Description
body bytes manifest body

SetManifestResponse

Field Type Label Description
result aserto.directory.common.v4.Manifest manifest instance

SetObjectRequest

Field Type Label Description
object aserto.directory.common.v4.Object object instance

SetObjectResponse

Field Type Label Description
result aserto.directory.common.v4.Object object instance

SetRelationRequest

Field Type Label Description
relation aserto.directory.common.v4.Relation relation instance

SetRelationResponse

Field Type Label Description
result aserto.directory.common.v4.Relation relation instance

Opcode

Name Number Description
OPCODE_UNKNOWN 0
OPCODE_GET 1
OPCODE_SET 2
OPCODE_DELETE 3
OPCODE_DELETE_WITH_RELATIONS 4

Writer

Directory Writer service

Method Name Request Type Response Type Description
SetManifest SetManifestRequest SetManifestResponse set manifest instance
DeleteManifest DeleteManifestRequest DeleteManifestResponse delete manifest instance
SetObject SetObjectRequest SetObjectResponse set object instance
DeleteObject DeleteObjectRequest DeleteObjectResponse delete object instance
SetRelation SetRelationRequest SetRelationResponse set relation instance
DeleteRelation DeleteRelationRequest DeleteRelationResponse delete relation instance
Import ImportRequest stream ImportResponse stream import stream of objects and relations

Scalar Value Types

.proto Type Notes C++ Java Python Go C# PHP Ruby
double double double float float64 double float Float
float float float float float32 float float Float
int32 Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead. int32 int int int32 int integer Bignum or Fixnum (as required)
int64 Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead. int64 long int/long int64 long integer/string Bignum
uint32 Uses variable-length encoding. uint32 int int/long uint32 uint integer Bignum or Fixnum (as required)
uint64 Uses variable-length encoding. uint64 long int/long uint64 ulong integer/string Bignum or Fixnum (as required)
sint32 Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s. int32 int int int32 int integer Bignum or Fixnum (as required)
sint64 Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s. int64 long int/long int64 long integer/string Bignum
fixed32 Always four bytes. More efficient than uint32 if values are often greater than 2^28. uint32 int int uint32 uint integer Bignum or Fixnum (as required)
fixed64 Always eight bytes. More efficient than uint64 if values are often greater than 2^56. uint64 long int/long uint64 ulong integer/string Bignum
sfixed32 Always four bytes. int32 int int int32 int integer Bignum or Fixnum (as required)
sfixed64 Always eight bytes. int64 long int/long int64 long integer/string Bignum
bool bool boolean boolean bool bool boolean TrueClass/FalseClass
string A string must always contain UTF-8 encoded or 7-bit ASCII text. string String str/unicode string string string String (UTF-8)
bytes May contain any arbitrary sequence of bytes. string ByteString str []byte ByteString string String (ASCII-8BIT)