Skip to content

Commit

Permalink
fix: mark more fields as required - add ComputedUserset (#109)
Browse files Browse the repository at this point in the history 
fix: mark more fields as required
  • Loading branch information
@rhamzeh
rhamzeh authored Dec 1, 2023
1 parent 4281354 commit 79c1ad3
Show file tree
Hide file tree
Showing 7 changed files with 779 additions and 467 deletions.
1 change: 1 addition & 0 deletions docs/openapiv2/apidocs.swagger.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

37 changes: 27 additions & 10 deletions openfga/v1/authzmodel.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,14 @@ import "validate/validate.proto";

message AuthorizationModel {
string id = 1 [
(validate.rules).string = {pattern: "^[ABCDEFGHJKMNPQRSTVWXYZ0-9]{26}$"},
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {pattern: "^[ABCDEFGHJKMNPQRSTVWXYZ0-9]{26}$", ignore_empty: false},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {example: "\"01G5JAVJ41T49E9TT3SKVS7X1J\""}
];

string schema_version = 2 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {pattern: "^[1-9].[1-9]$", ignore_empty: false},
json_name = "schema_version"
];

Expand All @@ -26,13 +28,13 @@ message AuthorizationModel {
map<string, Condition> conditions = 4 [
json_name = "conditions",
(validate.rules).map.max_pairs = 25,
(validate.rules).map.keys.string = {pattern: "^[^:#@\\s]{1,50}$"}
(validate.rules).map.keys.string = {pattern: "^[^:#@\\s]{1,50}$", ignore_empty: false}
];
}

message TypeDefinition {
string type = 1 [
(validate.rules).string = {pattern: "^[^:#@\\s]{1,254}$"},
(validate.rules).string = {pattern: "^[^:#@\\s]{1,254}$", ignore_empty: false},
(google.api.field_behavior) = REQUIRED,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {example: "\"document\""}
];
Expand All @@ -47,7 +49,7 @@ message TypeDefinition {
}

message Relation {
string name = 1 [(validate.rules).string = {pattern: "^[^:#@\\s]{1,50}$"}];
string name = 1 [(validate.rules).string = {pattern: "^[^:#@\\s]{1,50}$", ignore_empty: false}];

Userset rewrite = 2 [
(validate.rules).message.required = true,
Expand All @@ -72,7 +74,7 @@ message RelationMetadata {
// RelationReference represents a relation of a particular object type (e.g. 'document#viewer').
message RelationReference {
string type = 1 [
(validate.rules).string = {pattern: "^[^:#@\\s]{1,254}$"},
(validate.rules).string = {pattern: "^[^:#@\\s]{1,254}$", ignore_empty: false},
(google.api.field_behavior) = REQUIRED,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {example: "\"group\""}
];
Expand All @@ -96,7 +98,9 @@ message RelationReference {
message Wildcard {}

message Usersets {
repeated Userset child = 1 [(google.api.field_behavior) = REQUIRED];
repeated Userset child = 1 [
(google.api.field_behavior) = REQUIRED
];
}

message Difference {
Expand Down Expand Up @@ -131,23 +135,36 @@ message ObjectRelation {
string relation = 2 [(validate.rules).string = {max_bytes: 50}];
}

message ComputedUserset {
string relation = 1 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {max_bytes: 50, ignore_empty: false}
];
}

message TupleToUserset {
// The target object/relation
ObjectRelation tupleset = 1 [(google.api.field_behavior) = REQUIRED];
ObjectRelation computed_userset = 2 [(google.api.field_behavior) = REQUIRED];
ObjectRelation tupleset = 1 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).message.required = true
];
ObjectRelation computed_userset = 2 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).message.required = true
];
}

message Condition {
// A unique name for the condition
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {pattern: "^[^:#@\\s]{1,50}$"}
(validate.rules).string = {pattern: "^[^:#@\\s]{1,50}$", ignore_empty: false}
];

// A Google CEL expression, expressed as a string.
string expression = 2 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {max_bytes: 512}
(validate.rules).string = {max_bytes: 512, ignore_empty: false}
];

// A map of parameter names to the parameter's defined type reference.
Expand Down
63 changes: 47 additions & 16 deletions openfga/v1/openfga.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,21 +15,21 @@ import "validate/validate.proto";
// See https://openfga.dev/docs/concepts#what-is-an-object
message Object {
string type = 1 [
(validate.rules).string = {pattern: "^[^:#@\\s]{1,254}$"},
(validate.rules).string = {pattern: "^[^:#@\\s]{1,254}$", ignore_empty: false},
(google.api.field_behavior) = REQUIRED,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {example: "\"document\""}
];

string id = 2 [
(validate.rules).string = {pattern: "[^#:\\s]+$"},
(validate.rules).string = {pattern: "[^#:\\s]+$", ignore_empty: false},
(google.api.field_behavior) = REQUIRED
];
}

message RelationshipCondition {
// A reference (by name) of the relationship condition defined in the authorization model.
string name = 1 [
(validate.rules).string = {pattern: "^[^\\s]{2,256}$"},
(validate.rules).string = {pattern: "^[^\\s]{2,256}$", ignore_empty: false},
(google.api.field_behavior) = REQUIRED,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
max_length: 256,
Expand All @@ -40,7 +40,10 @@ message RelationshipCondition {
// Additional context/data to persist along with the condition.
// The keys must match the parameters defined by the condition, and the value types must
// match the parameter type definitions.
google.protobuf.Struct context = 2 [(google.api.field_behavior) = REQUIRED];
google.protobuf.Struct context = 2 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).message.required = true
];
}

message TupleKeyWithoutCondition {
Expand Down Expand Up @@ -81,7 +84,7 @@ message TupleKeyWithoutCondition {
message TupleKey {
string user = 1 [

Check failure on line 85 in openfga/v1/openfga.proto

View workflow job for this annotation

GitHub Actions / build 

Field "1" with name "user" on message "TupleKey" changed option "json_name" from "object" to "user".

Check failure on line 85 in openfga/v1/openfga.proto

View workflow job for this annotation

GitHub Actions / build 

Field "1" on message "TupleKey" changed name from "object" to "user".
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {max_bytes: 512},
(validate.rules).string = {max_bytes: 512, ignore_empty: false},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
max_length: 512,
example: "\"user:anne\""
Expand Down Expand Up @@ -116,7 +119,10 @@ message TupleKey {
}

message Tuple {
TupleKey key = 1 [(google.api.field_behavior) = REQUIRED];
TupleKey key = 1 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).message.required = true
];
google.protobuf.Timestamp timestamp = 2 [(google.api.field_behavior) = REQUIRED];
}

Expand Down Expand Up @@ -156,25 +162,43 @@ message UsersetTree {
}

message Nodes {
repeated Node nodes = 1 [(google.api.field_behavior) = REQUIRED];
repeated Node nodes = 1 [
(google.api.field_behavior) = REQUIRED
];
}

message Users {
repeated string users = 1 [(google.api.field_behavior) = REQUIRED];
repeated string users = 1 [
(google.api.field_behavior) = REQUIRED
];
}

message Computed {
string userset = 1 [(google.api.field_behavior) = REQUIRED];
string userset = 1 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {ignore_empty: false}
];
}

message TupleToUserset {
string tupleset = 1 [(google.api.field_behavior) = REQUIRED];
repeated Computed computed = 2 [(google.api.field_behavior) = REQUIRED];
string tupleset = 1 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {ignore_empty: false}
];
repeated Computed computed = 2 [
(google.api.field_behavior) = REQUIRED
];
}

message Difference {
Node base = 1 [(google.api.field_behavior) = REQUIRED];
Node subtract = 2 [(google.api.field_behavior) = REQUIRED];
Node base = 1 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).message.required = true
];
Node subtract = 2 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).message.required = true
];
}

message Node {
Expand All @@ -199,7 +223,8 @@ enum TupleOperation {
message TupleChange {
TupleKey tuple_key = 1 [
json_name = "tuple_key",
(google.api.field_behavior) = REQUIRED
(google.api.field_behavior) = REQUIRED,
(validate.rules).message.required = true
];
TupleOperation operation = 2 [
(validate.rules).enum.defined_only = true,
Expand All @@ -209,8 +234,14 @@ message TupleChange {
}

message Store {
string id = 1 [(google.api.field_behavior) = REQUIRED];
string name = 2 [(google.api.field_behavior) = REQUIRED];
string id = 1 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {ignore_empty: false}
];
string name = 2 [
(google.api.field_behavior) = REQUIRED,
(validate.rules).string = {ignore_empty: false}
];
google.protobuf.Timestamp created_at = 3 [
json_name = "created_at",
(google.api.field_behavior) = REQUIRED
Expand Down
Loading

0 comments on commit 79c1ad3

Please sign in to comment.