diff --git a/components/authz/buf.gen.yaml b/components/authz/buf.gen.yaml new file mode 100644 index 0000000..d24d87f --- /dev/null +++ b/components/authz/buf.gen.yaml @@ -0,0 +1,16 @@ +version: v1 +managed: + enabled: true + go_package_prefix: + default: github.com/RafaySystems/rcloud-base/components/authz + except: + - buf.build/gogo/protobuf +plugins: + - name: go + out: . + opt: paths=source_relative + - name: go-grpc + out: . + opt: + - paths=source_relative + - require_unimplemented_servers=false diff --git a/components/authz/buf.lock b/components/authz/buf.lock new file mode 100644 index 0000000..30b0f08 --- /dev/null +++ b/components/authz/buf.lock @@ -0,0 +1,10 @@ +# Generated by buf. DO NOT EDIT. +version: v1 +deps: + - remote: buf.build + owner: gogo + repository: protobuf + branch: main + commit: 4df00b267f944190a229ce3695781e99 + digest: b1-sjLgsg7CzrkOrIjBDh3s-l0aMjE6oqTj85-OsoopKAw= + create_time: 2021-08-10T00:14:28.345069Z diff --git a/components/authz/buf.yaml b/components/authz/buf.yaml new file mode 100644 index 0000000..94b3bed --- /dev/null +++ b/components/authz/buf.yaml @@ -0,0 +1,10 @@ +version: v1 +name: buf.build/rafay/authz +deps: + - buf.build/gogo/protobuf +breaking: + use: + - FILE +lint: + use: + - DEFAULT diff --git a/components/authz/go.mod b/components/authz/go.mod new file mode 100644 index 0000000..f52295e --- /dev/null +++ b/components/authz/go.mod @@ -0,0 +1,63 @@ +module github.com/RafaySystems/rcloud-base/components/authz + +go 1.17 + +require ( + github.com/RafaySystems/rcloud-base/components/common v0.0.0-20220110062450-4091fe0a0c20 + google.golang.org/grpc v1.43.0 +) + +require ( + github.com/casbin/casbin/v2 v2.40.6 + github.com/casbin/gorm-adapter/v3 v3.4.6 + github.com/gogo/protobuf v1.3.2 + github.com/spf13/viper v1.10.1 + google.golang.org/protobuf v1.27.1 + gorm.io/driver/postgres v1.2.2 + gorm.io/gorm v1.22.5 +) + +require ( + github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible // indirect + github.com/denisenkom/go-mssqldb v0.11.0 // indirect + github.com/fsnotify/fsnotify v1.5.1 // indirect + github.com/go-sql-driver/mysql v1.6.0 // indirect + github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe // indirect + github.com/golang/protobuf v1.5.2 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/jackc/chunkreader/v2 v2.0.1 // indirect + github.com/jackc/pgconn v1.10.0 // indirect + github.com/jackc/pgio v1.0.0 // indirect + github.com/jackc/pgpassfile v1.0.0 // indirect + github.com/jackc/pgproto3/v2 v2.1.1 // indirect + github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b // indirect + github.com/jackc/pgtype v1.8.1 // indirect + github.com/jackc/pgx/v4 v4.13.0 // indirect + github.com/jinzhu/inflection v1.0.0 // indirect + github.com/jinzhu/now v1.1.4 // indirect + github.com/kr/pretty v0.2.0 // indirect + github.com/magiconair/properties v1.8.5 // indirect + github.com/mitchellh/mapstructure v1.4.3 // indirect + github.com/pelletier/go-toml v1.9.4 // indirect + github.com/spf13/afero v1.6.0 // indirect + github.com/spf13/cast v1.4.1 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect + github.com/subosito/gotenv v1.2.0 // indirect + go.uber.org/atomic v1.7.0 // indirect + go.uber.org/multierr v1.6.0 // indirect + go.uber.org/zap v1.19.1 // indirect + golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8 // indirect + golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 // indirect + golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 // indirect + golang.org/x/text v0.3.7 // indirect + google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect + gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect + gopkg.in/ini.v1 v1.66.2 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + gorm.io/driver/mysql v1.1.2 // indirect + gorm.io/driver/sqlserver v1.2.1 // indirect + gorm.io/plugin/dbresolver v1.1.0 // indirect +) + +replace github.com/RafaySystems/rcloud-base/components/common v0.0.0-unpublished => ../common/ diff --git a/components/authz/go.sum b/components/authz/go.sum new file mode 100644 index 0000000..86b1017 --- /dev/null +++ b/components/authz/go.sum @@ -0,0 +1,398 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible h1:1G1pk05UrOh0NlF1oeaaix1x8XzrfjIDK47TY0Zehcw= +github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= +github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= +github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= +github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= +github.com/RafaySystems/rcloud-base/components/common v0.0.0-20220110062450-4091fe0a0c20 h1:Ad3YKq3gV1yzfvB1YpDlNZg6iyrFfsZTJG2vxw37I9Y= +github.com/RafaySystems/rcloud-base/components/common v0.0.0-20220110062450-4091fe0a0c20/go.mod h1:9m4vhglw6qpW1EqbZ3t0U8LldwA3FhKwVJSTL98Gm54= +github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= +github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= +github.com/casbin/casbin/v2 v2.37.4/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg= +github.com/casbin/casbin/v2 v2.40.6 h1:Fy8UmYaLst1zjyQ7Uw/Kq9Vxgyk91EtZO/cUUSm3kpQ= +github.com/casbin/casbin/v2 v2.40.6/go.mod h1:sEL80qBYTbd+BPeL4iyvwYzFT3qwLaESq5aFKVLbLfA= +github.com/casbin/gorm-adapter/v3 v3.4.6 h1:JuLN3/CBTPPlvNyQqY3uXt4Zqnt+hs2sM353aCtLTP4= +github.com/casbin/gorm-adapter/v3 v3.4.6/go.mod h1:6mIYgpByH/uSkfCv4G/vr/12cVZc3rXBQ9KrqS9oTUU= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= +github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I= +github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= +github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/denisenkom/go-mssqldb v0.11.0 h1:9rHa233rhdOyrz2GcP9NM+gi2psgJZ4GWDpL/7ND8HI= +github.com/denisenkom/go-mssqldb v0.11.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= +github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWpgI= +github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= +github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= +github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= +github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw= +github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY= +github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc= +github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo= +github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= +github.com/jackc/chunkreader/v2 v2.0.1 h1:i+RDz65UE+mmpjTfyz0MoVTnzeYxroil2G82ki7MGG8= +github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= +github.com/jackc/pgconn v0.0.0-20190420214824-7e0022ef6ba3/go.mod h1:jkELnwuX+w9qN5YIfX0fl88Ehu4XC3keFuOJJk9pcnA= +github.com/jackc/pgconn v0.0.0-20190824142844-760dd75542eb/go.mod h1:lLjNuW/+OfW9/pnVKPazfWOgNfH2aPem8YQ7ilXGvJE= +github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsUgOEh9hBm+xYTstcNHg7UPMVJqRfQxq4s= +github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o= +github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY= +github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI= +github.com/jackc/pgconn v1.10.0 h1:4EYhlDVEMsJ30nNj0mmgwIUXoq7e9sMJrVC2ED6QlCU= +github.com/jackc/pgconn v1.10.0/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI= +github.com/jackc/pgio v1.0.0 h1:g12B9UwVnzGhueNavwioyEEpAmqMe1E/BN9ES+8ovkE= +github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8= +github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE= +github.com/jackc/pgmock v0.0.0-20201204152224-4fe30f7445fd/go.mod h1:hrBW0Enj2AZTNpt/7Y5rr2xe/9Mn757Wtb2xeBzPv2c= +github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65 h1:DadwsjnMwFjfWc9y5Wi/+Zz7xoE5ALHsRQlOctkOiHc= +github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65/go.mod h1:5R2h2EEX+qri8jOWMbJCtaPWkrrNc7OHwsp2TCqp7ak= +github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM= +github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= +github.com/jackc/pgproto3 v1.1.0/go.mod h1:eR5FA3leWg7p9aeAqi37XOTgTIbkABlvcPB3E5rlc78= +github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190420180111-c116219b62db/go.mod h1:bhq50y+xrl9n5mRYyCBFKkpRVTLYJVWeCc+mEAI3yXA= +github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190609003834-432c2951c711/go.mod h1:uH0AWtUmuShn0bcesswc4aBTWGvw0cAxIJp+6OB//Wg= +github.com/jackc/pgproto3/v2 v2.0.0-rc3/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM= +github.com/jackc/pgproto3/v2 v2.0.0-rc3.0.20190831210041-4c03ce451f29/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM= +github.com/jackc/pgproto3/v2 v2.0.6/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= +github.com/jackc/pgproto3/v2 v2.1.1 h1:7PQ/4gLoqnl87ZxL7xjO0DR5gYuviDCZxQJsUlFW1eI= +github.com/jackc/pgproto3/v2 v2.1.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= +github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b h1:C8S2+VttkHFdOOCXJe+YGfa4vHYwlt4Zx+IVXQ97jYg= +github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E= +github.com/jackc/pgtype v0.0.0-20190421001408-4ed0de4755e0/go.mod h1:hdSHsc1V01CGwFsrv11mJRHWJ6aifDLfdV3aVjFF0zg= +github.com/jackc/pgtype v0.0.0-20190824184912-ab885b375b90/go.mod h1:KcahbBH1nCMSo2DXpzsoWOAfFkdEtEJpPbVLq8eE+mc= +github.com/jackc/pgtype v0.0.0-20190828014616-a8802b16cc59/go.mod h1:MWlu30kVJrUS8lot6TQqcg7mtthZ9T0EoIBFiJcmcyw= +github.com/jackc/pgtype v1.8.1-0.20210724151600-32e20a603178/go.mod h1:C516IlIV9NKqfsMCXTdChteoXmwgUceqaLfjg2e3NlM= +github.com/jackc/pgtype v1.8.1 h1:9k0IXtdJXHJbyAWQgbWr1lU+MEhPXZz6RIXxfR5oxXs= +github.com/jackc/pgtype v1.8.1/go.mod h1:LUMuVrfsFfdKGLw+AFFVv6KtHOFMwRgDDzBt76IqCA4= +github.com/jackc/pgx/v4 v4.0.0-20190420224344-cc3461e65d96/go.mod h1:mdxmSJJuR08CZQyj1PVQBHy9XOp5p8/SHH6a0psbY9Y= +github.com/jackc/pgx/v4 v4.0.0-20190421002000-1b8f0016e912/go.mod h1:no/Y67Jkk/9WuGR0JG/JseM9irFbnEPbuWV2EELPNuM= +github.com/jackc/pgx/v4 v4.0.0-pre1.0.20190824185557-6972a5742186/go.mod h1:X+GQnOEnf1dqHGpw7JmHqHc1NxDoalibchSk9/RWuDc= +github.com/jackc/pgx/v4 v4.12.1-0.20210724153913-640aa07df17c/go.mod h1:1QD0+tgSXP7iUjYm9C1NxKhny7lq6ee99u/z+IHFcgs= +github.com/jackc/pgx/v4 v4.13.0 h1:JCjhT5vmhMAf/YwBHLvrBn4OGdIQBiFG6ym8Zmdx570= +github.com/jackc/pgx/v4 v4.13.0/go.mod h1:9P4X524sErlaxj0XSGZk7s+LD0eOyu1ZDUrrpznYDF0= +github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk= +github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E= +github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= +github.com/jinzhu/now v1.1.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= +github.com/jinzhu/now v1.1.2/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= +github.com/jinzhu/now v1.1.4 h1:tHnRBy1i5F2Dh8BAFxqFzxKqqvezXrL2OW1TnX+Mlas= +github.com/jinzhu/now v1.1.4/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.10.2 h1:AqzbZs4ZoCBp+GtejcpCpcxM3zlSMx29dXbUSeVtJb8= +github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/magiconair/properties v1.8.5 h1:b6kJs+EmPFMYGkow9GiUyCyOvIwYetYJ3fSaWak/Gls= +github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= +github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= +github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= +github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGgCcyj8cs= +github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/pelletier/go-toml v1.9.4 h1:tjENF6MfZAg8e4ZmZTeWaWiT2vXtsoO6+iuOjFhECwM= +github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= +github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= +github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc= +github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4= +github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ= +github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= +github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= +github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/spf13/afero v1.6.0 h1:xoax2sJ2DT8S8xA2paPFjDCScCNeWsg75VG0DLRreiY= +github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= +github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA= +github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= +github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/viper v1.10.1 h1:nuJZuYpG7gTj/XqiUwg8bA0cp1+M2mC3J4g5luUYBKk= +github.com/spf13/viper v1.10.1/go.mod h1:IGlFPqhNAPKRxohIzWpI5QEy4kuI7tcl5WvR+8qy1rU= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= +github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= +go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= +go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= +go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= +go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw= +go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/goleak v1.1.11-0.20210813005559-691160354723 h1:sHOAIxRGBp443oHZIPB+HsUGaksVCXVQENPxwTfQdH4= +go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= +go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= +go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= +go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4= +go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= +go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= +go.uber.org/zap v1.19.1 h1:ue41HOKd1vGURxrmeKIgELGb3jPW9DMUDGtsinblHwI= +go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= +golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8 h1:kACShD3qhmr/3rLmg1yXyt+N4HcwutKyPRB93s54TIU= +golang.org/x/crypto v0.0.0-20220126234351-aa10faf2a1f8/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 h1:XfKQ4OlFl8okEOr5UvAqFRVj8pY/4yfcXrddB8qAbU0= +golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa h1:I0YcKz0I7OAhddo7ya8kMnvprhcWM045PmkBdMO9zN0= +google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.43.0 h1:Eeu7bZtDZ2DpRCsLhUlcrLnvYaMK1Gz86a+hMVvELmM= +google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s= +gopkg.in/ini.v1 v1.66.2 h1:XfR1dOYubytKy4Shzc2LHrrGhU0lDCfDGG1yLPmpgsI= +gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gorm.io/driver/mysql v1.0.3/go.mod h1:twGxftLBlFgNVNakL7F+P/x9oYqoymG3YYT8cAfI9oI= +gorm.io/driver/mysql v1.1.2 h1:OofcyE2lga734MxwcCW9uB4mWNXMr50uaGRVwQL2B0M= +gorm.io/driver/mysql v1.1.2/go.mod h1:4P/X9vSc3WTrhTLZ259cpFd6xKNYiSSdSZngkSBGIMM= +gorm.io/driver/postgres v1.2.2 h1:Ka9W6feOU+rPM9m007eYLMD4QoZuYGBnQ3Jp0faGSwg= +gorm.io/driver/postgres v1.2.2/go.mod h1:Ik3tK+a3FMp8ORZl29v4b3M0RsgXsaeMXh9s9eVMXco= +gorm.io/driver/sqlserver v1.2.1 h1:KhGOjvPX7JZ5hPyQICTJfMuTz88zgJ2lk9bWiHVNHd8= +gorm.io/driver/sqlserver v1.2.1/go.mod h1:nixq0OB3iLXZDiPv6JSOjWuPgpyaRpOIIevYtA4Ulb4= +gorm.io/gorm v1.20.4/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw= +gorm.io/gorm v1.20.11/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw= +gorm.io/gorm v1.21.12/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0= +gorm.io/gorm v1.22.2/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0= +gorm.io/gorm v1.22.3/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0= +gorm.io/gorm v1.22.5 h1:lYREBgc02Be/5lSCTuysZZDb6ffL2qrat6fg9CFbvXU= +gorm.io/gorm v1.22.5/go.mod h1:l2lP/RyAtc1ynaTjFksBde/O8v9oOGIApu2/xRitmZk= +gorm.io/plugin/dbresolver v1.1.0 h1:cegr4DeprR6SkLIQlKhJLYxH8muFbJ4SmnojXvoeb00= +gorm.io/plugin/dbresolver v1.1.0/go.mod h1:tpImigFAEejCALOttyhWqsy4vfa2Uh/vAUVnL5IRF7Y= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= diff --git a/components/authz/main.go b/components/authz/main.go new file mode 100644 index 0000000..bbe3d44 --- /dev/null +++ b/components/authz/main.go @@ -0,0 +1,81 @@ +package main + +import ( + "fmt" + "net" + + "github.com/RafaySystems/rcloud-base/components/authz/pkg/enforcer" + "github.com/RafaySystems/rcloud-base/components/authz/pkg/server" + "github.com/RafaySystems/rcloud-base/components/authz/pkg/service" + pb "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc/v1" + log "github.com/RafaySystems/rcloud-base/components/common/pkg/log/v2" + "github.com/spf13/viper" + "google.golang.org/grpc" + "google.golang.org/grpc/reflection" + "gorm.io/driver/postgres" + "gorm.io/gorm" +) + +const ( + serverPortEnv = "SERVER_PORT" +) + +var ( + serverPort int + as service.AuthzService + _log = log.GetLogger() +) + +func setup() { + viper.SetDefault(serverPortEnv, 50011) + viper.BindEnv(serverPortEnv) + serverPort = viper.GetInt(serverPortEnv) + dsn := "postgres://admindbuser:admindbpassword@localhost:5432/admindb?sslmode=disable" + db, err := gorm.Open(postgres.Open(dsn), &gorm.Config{}) + if err != nil { + _log.Fatalw("unable to create db connection", "error", err) + } + enforcer, err := enforcer.NewCasbinEnforcer(db).Init() + if err != nil { + _log.Fatalw("unable to init enforcer", "error", err) + } + as = service.NewAuthzService(db, enforcer) +} + +func start() { + // TODO: check auth context + // ac := authctx.NewAuthContext(db, rc, cryptoCoreHost, cryptoCorePost) + + listener, err := net.Listen("tcp", fmt.Sprintf("0.0.0.0:%d", serverPort)) + if err != nil { + _log.Errorw("unable to listen on server address", "error", err) + return + } + + authServer := grpc.NewServer() + pb.RegisterAuthzServer(authServer, server.NewAuthzServer(as)) + reflection.Register(authServer) + _log.Info("starting auth service") + authServer.Serve(listener) +} + +func main() { + setup() + start() +} + +// TODO: check authPool, interceptors implementation. Usage: +// if !dev { +// opts = append(opts, _grpc.UnaryInterceptor( +// interceptors.NewAuthInterceptorWithOptions( +// interceptors.WithLogRequest(), +// interceptors.WithAuthPool(authPool), +// interceptors.WithExclude("POST", "/v2/sentry/bootstrap/:templateToken/register"), +// ), +// )) +// defer authPool.Close() +// } else { +// opts = append(opts, _grpc.UnaryInterceptor( +// interceptors.NewAuthInterceptorWithOptions(interceptors.WithDummy())), +// ) +// } diff --git a/components/authz/pkg/enforcer/enforcer.go b/components/authz/pkg/enforcer/enforcer.go new file mode 100644 index 0000000..52248b5 --- /dev/null +++ b/components/authz/pkg/enforcer/enforcer.go @@ -0,0 +1,57 @@ +package enforcer + +import ( + "github.com/casbin/casbin/v2" + "github.com/casbin/casbin/v2/model" + "github.com/casbin/casbin/v2/util" + gormadapter "github.com/casbin/gorm-adapter/v3" + "gorm.io/gorm" +) + +type casbinEnforcer struct { + db *gorm.DB +} + +func NewCasbinEnforcer(db *gorm.DB) *casbinEnforcer { + return &casbinEnforcer{ + db: db, + } +} + +func (e *casbinEnforcer) Init() (*casbin.CachedEnforcer, error) { + adapter, err := gormadapter.NewAdapterByDB(e.db) + if err != nil { + return nil, err + } + + modelText := ` +[request_definition] +r = sub, ns, proj, org, obj, act + +[policy_definition] +p = sub, ns, proj, org, obj, act + +[role_definition] +g = _, _ +g2 = _, _ + +[policy_effect] +e = some(where (p.eft == allow)) + +[matchers] +m = g2(r.sub, p.sub) && globMatch(r.ns, p.ns) && globMatch(r.proj, p.proj) && r.org == p.org && g(r.obj, p.obj) && globMatch(r.act, p.act) +` + m, err := model.NewModelFromString(modelText) + if err != nil { + return nil, err + } + + enforcer, err := casbin.NewCachedEnforcer(m, adapter) + if err != nil { + return nil, err + } + + enforcer.Enforcer.AddNamedDomainMatchingFunc("g", "", util.KeyMatch2) + + return enforcer, nil +} diff --git a/components/authz/pkg/server/authz.go b/components/authz/pkg/server/authz.go new file mode 100644 index 0000000..e916dab --- /dev/null +++ b/components/authz/pkg/server/authz.go @@ -0,0 +1,65 @@ +package server + +import ( + "context" + + "github.com/RafaySystems/rcloud-base/components/authz/pkg/service" + rpcv1 "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc/v1" + authzpbv1 "github.com/RafaySystems/rcloud-base/components/authz/proto/types" +) + +type authzServer struct { + as service.AuthzService +} + +func NewAuthzServer(as service.AuthzService) rpcv1.AuthzServer { + return &authzServer{as} +} + +func (s *authzServer) Enforce(ctx context.Context, p *authzpbv1.EnforceRequest) (*authzpbv1.BoolReply, error) { + return s.as.Enforce(ctx, p) +} + +func (s *authzServer) ListPolicies(ctx context.Context, p *authzpbv1.Policy) (*authzpbv1.Policies, error) { + return s.as.ListPolicies(ctx, p) +} + +// func (s *authzServer) ListGroupSubPolicies(ctx context.Context, p *authzpbv1.Policy) (*authzpbv1.Policies, error) { +// return s.ListGroupSubPolicies(ctx, p) +// } + +func (s *authzServer) CreatePolicies(ctx context.Context, p *authzpbv1.Policies) (*authzpbv1.BoolReply, error) { + return s.as.CreatePolicies(ctx, p) +} + +// func (s *authzServer) CreateGroupSubPolicies(ctx context.Context, p *authzpbv1.Policies) (*authzpbv1.BoolReply, error) { +// return &authzpbv1.BoolReply{}, nil +// } + +func (s *authzServer) DeletePolicies(ctx context.Context, p *authzpbv1.Policies) (*authzpbv1.BoolReply, error) { + return s.as.DeletePolicies(ctx, p) +} + +func (s *authzServer) ListUserGroups(ctx context.Context, p *authzpbv1.UserGroup) (*authzpbv1.UserGroups, error) { + return s.as.ListUserGroups(ctx, p) +} + +func (s *authzServer) CreateUserGroups(ctx context.Context, p *authzpbv1.UserGroups) (*authzpbv1.BoolReply, error) { + return s.as.CreateUserGroups(ctx, p) +} + +func (s *authzServer) DeleteUserGroups(ctx context.Context, p *authzpbv1.UserGroups) (*authzpbv1.BoolReply, error) { + return s.as.DeleteUserGroups(ctx, p) +} + +func (s *authzServer) ListRolePermissionMappings(ctx context.Context, p *authzpbv1.FilteredRolePermissionMapping) (*authzpbv1.RolePermissionMappingList, error) { + return s.as.ListRolePermissionMappings(ctx, p) +} + +func (s *authzServer) CreateRolePermissionMappings(ctx context.Context, p *authzpbv1.RolePermissionMappingList) (*authzpbv1.BoolReply, error) { + return s.as.CreateRolePermissionMappings(ctx, p) +} + +func (s *authzServer) DeleteRolePermissionMappings(ctx context.Context, p *authzpbv1.FilteredRolePermissionMapping) (*authzpbv1.BoolReply, error) { + return s.as.DeleteRolePermissionMappings(ctx, p) +} diff --git a/components/authz/pkg/service/authz.go b/components/authz/pkg/service/authz.go new file mode 100644 index 0000000..8bc932c --- /dev/null +++ b/components/authz/pkg/service/authz.go @@ -0,0 +1,322 @@ +package service + +import ( + "context" + "errors" + "fmt" + + authzpbv1 "github.com/RafaySystems/rcloud-base/components/authz/proto/types" + "github.com/casbin/casbin/v2" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" + "gorm.io/gorm" +) + +type AuthzService interface { + Enforce(context.Context, *authzpbv1.EnforceRequest) (*authzpbv1.BoolReply, error) + ListPolicies(context.Context, *authzpbv1.Policy) (*authzpbv1.Policies, error) + // ListGroupSubPolicies(context.Context, *authzpbv1.Policy) (*authzpbv1.Policies, error) + CreatePolicies(context.Context, *authzpbv1.Policies) (*authzpbv1.BoolReply, error) + // CreateGroupSubPolicies(context.Context, *authzpbv1.Policies) (*authzpbv1.BoolReply, error) + DeletePolicies(context.Context, *authzpbv1.Policies) (*authzpbv1.BoolReply, error) + ListUserGroups(context.Context, *authzpbv1.UserGroup) (*authzpbv1.UserGroups, error) + CreateUserGroups(ctx context.Context, p *authzpbv1.UserGroups) (*authzpbv1.BoolReply, error) + DeleteUserGroups(ctx context.Context, p *authzpbv1.UserGroups) (*authzpbv1.BoolReply, error) + ListRolePermissionMappings(ctx context.Context, p *authzpbv1.FilteredRolePermissionMapping) (*authzpbv1.RolePermissionMappingList, error) + CreateRolePermissionMappings(ctx context.Context, p *authzpbv1.RolePermissionMappingList) (*authzpbv1.BoolReply, error) + DeleteRolePermissionMappings(ctx context.Context, p *authzpbv1.FilteredRolePermissionMapping) (*authzpbv1.BoolReply, error) +} + +type authzService struct { + db *gorm.DB + enforcer *casbin.CachedEnforcer +} + +func NewAuthzService(db *gorm.DB, en *casbin.CachedEnforcer) AuthzService { + return &authzService{ + db: db, + enforcer: en, + } +} + +// TODO: remove static string conversions +// const ( +// subTypeUser = iota +// subTypeGroup = iota +// ) + +// const ( +// userPrefix = "user:" +// groupPrefix = "group:" +// ) + +// func (s *authzService) addPolicyFieldTags(subType int, p *authzpbv1.Policy) { +// if subType == subTypeUser { +// p.Sub = userPrefix + p.Sub +// } else if subType == subTypeGroup { +// p.Sub = groupPrefix + p.Sub +// } +// } + +// func (s *authzService) removePolicyFieldTags(subType int, p *authzpbv1.Policy) { +// if subType == subTypeUser { +// p.Sub = strings.Replace(p.Sub, userPrefix, "", 1) +// } else if subType == subTypeGroup { +// p.Sub = strings.Replace(p.Sub, groupPrefix, "", 1) +// } +// } + +const ( + groupGtype = "g2" + roleGtype = "g" +) + +func (s *authzService) toPolicies( /*subType int,*/ policies [][]string) *authzpbv1.Policies { + if len(policies) == 0 { + return &authzpbv1.Policies{} + } + + res := &authzpbv1.Policies{} + res.Policies = make([]*authzpbv1.Policy, len(policies)) + for i := range policies { + res.Policies[i] = &authzpbv1.Policy{ + Sub: policies[i][0], + Ns: policies[i][1], + Proj: policies[i][2], + Org: policies[i][3], + Obj: policies[i][4], + Act: policies[i][5], + } + // s.removePolicyFieldTags(subType, res.Policies[i]) + } + return res +} + +func (s *authzService) fromPolicies( /* subType int, */ policies *authzpbv1.Policies) ([][]string, error) { + res := [][]string{} + for i, p := range policies.GetPolicies() { + // s.addPolicyFieldTags() + rule := []string{p.GetSub(), p.GetNs(), p.GetProj(), p.GetOrg(), p.GetObj(), p.GetAct()} + for _, field := range rule { + if field == "" { + return res, errors.New(fmt.Sprintf("index %d: policy elements do not meet definition", i)) + } + } + res = append(res, rule) + } + + return res, nil +} + +func (s *authzService) toUserGroups(ug [][]string) *authzpbv1.UserGroups { + if len(ug) == 0 { + return &authzpbv1.UserGroups{} + } + + res := &authzpbv1.UserGroups{} + res.UserGroups = make([]*authzpbv1.UserGroup, len(ug)) + for i := range ug { + res.UserGroups[i] = &authzpbv1.UserGroup{ + User: ug[i][0], + Grp: ug[i][1], + } + } + + return res +} + +func (s *authzService) fromUserGroups(ugs *authzpbv1.UserGroups) ([][]string, error) { + res := [][]string{} + for i, p := range ugs.GetUserGroups() { + rule := []string{p.GetUser(), p.GetGrp()} + for _, field := range rule { + if field == "" { + return res, errors.New(fmt.Sprintf("index %d: request elements do not meet definition", i)) + } + } + res = append(res, rule) + } + + return res, nil +} + +func (s *authzService) toRolePermissionMappingList(r [][]string) *authzpbv1.RolePermissionMappingList { + if len(r) == 0 { + return &authzpbv1.RolePermissionMappingList{} + } + + rpms := make(map[string][]string) + for _, rpm := range r { + rpms[rpm[1]] = append(rpms[rpm[1]], rpm[0]) + } + + res := &authzpbv1.RolePermissionMappingList{} + res.RolePermissionMappingList = make([]*authzpbv1.RolePermissionMapping, len(rpms)) + var i int + for k, v := range rpms { + i++ + res.RolePermissionMappingList[i] = &authzpbv1.RolePermissionMapping{ + Role: k, + Permission: v, + } + } + + return res +} + +func (s *authzService) fromRolePermissionMappingList(r *authzpbv1.RolePermissionMappingList) ([][]string, error) { + res := [][]string{} + for i, mapping := range r.GetRolePermissionMappingList() { + for _, permission := range mapping.GetPermission() { + rule := []string{permission, mapping.Role} + for _, field := range rule { + if field == "" { + return res, errors.New(fmt.Sprintf("index %d: mapping elements do not meet definition", i)) + } + } + res = append(res, rule) + } + } + return res, nil +} + +func (s *authzService) Enforce(ctx context.Context, req *authzpbv1.EnforceRequest) (*authzpbv1.BoolReply, error) { + var param interface{} + params := make([]interface{}, 0, len(req.Params)) + for index := range req.Params { + param = req.Params[index] + params = append(params, param) + } + + res, err := s.enforcer.Enforce(params...) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, err.Error()) + } + + return &authzpbv1.BoolReply{Res: res}, nil +} + +func (s *authzService) ListPolicies(ctx context.Context, p *authzpbv1.Policy) (*authzpbv1.Policies, error) { + // s.addPolicyFieldTags(subTypeUser, p) + return s.toPolicies( /* subTypeUser, */ s.enforcer.GetFilteredPolicy(0, p.GetSub(), p.GetNs(), p.GetProj(), p.GetOrg(), p.GetObj(), p.GetAct())), nil +} + +// func (s *authzService) ListGroupSubPolicies(ctx context.Context, p *authzpbv1.Policy) (*authzpbv1.Policies, error) { +// s.addPolicyFieldTags(subTypeGroup, p) +// return s.toPolicies(subTypeGroup, s.enforcer.GetFilteredPolicy(0, p.GetSub(), p.GetNs(), p.GetProj(), p.GetOrg(), p.GetObj(), p.GetAct())), nil +// } + +func (s *authzService) CreatePolicies(ctx context.Context, p *authzpbv1.Policies) (*authzpbv1.BoolReply, error) { + if len(p.GetPolicies()) == 0 { + return &authzpbv1.BoolReply{Res: false}, nil + } + policies, err := s.fromPolicies( /* subTypeUser, */ p) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, err.Error()) + } + + // err could be from db, policy assertions; dispatcher, watcher updates (not pertinent) + res, err := s.enforcer.AddPolicies(policies) + if err != nil { + return nil, status.Errorf(codes.Internal, err.Error()) + } + return &authzpbv1.BoolReply{Res: res}, nil +} + +// func (s *authzService) CreateGroupSubPolicies(ctx context.Context, p *authzpbv1.Policies) (*authzpbv1.BoolReply, error) { +// return &authzpbv1.BoolReply{}, nil +// } + +func (s *authzService) DeletePolicies(ctx context.Context, p *authzpbv1.Policies) (*authzpbv1.BoolReply, error) { + if len(p.GetPolicies()) == 0 { + return &authzpbv1.BoolReply{Res: false}, nil + } + policies, err := s.fromPolicies( /* subTypeUser, */ p) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, err.Error()) + } + + // err could be from db, policy assertions, cache; dispatcher, watcher updates (not pertinent) + res, err := s.enforcer.RemovePolicies(policies) + if err != nil { + return nil, status.Errorf(codes.Internal, err.Error()) + } + return &authzpbv1.BoolReply{Res: res}, nil +} + +func (s *authzService) ListUserGroups(ctx context.Context, p *authzpbv1.UserGroup) (*authzpbv1.UserGroups, error) { + return s.toUserGroups(s.enforcer.GetFilteredNamedGroupingPolicy(groupGtype, 0, p.GetUser(), p.GetGrp())), nil +} + +func (s *authzService) CreateUserGroups(ctx context.Context, p *authzpbv1.UserGroups) (*authzpbv1.BoolReply, error) { + if len(p.GetUserGroups()) == 0 { + return &authzpbv1.BoolReply{Res: false}, nil + } + + ugs, err := s.fromUserGroups(p) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, err.Error()) + } + + // err could be from db, policy assertions; dispatcher, watcher updates (not pertinent) + res, err := s.enforcer.AddNamedGroupingPolicies(groupGtype, ugs) + if err != nil { + return nil, status.Errorf(codes.Internal, err.Error()) + } + + return &authzpbv1.BoolReply{Res: res}, nil +} + +func (s *authzService) DeleteUserGroups(ctx context.Context, p *authzpbv1.UserGroups) (*authzpbv1.BoolReply, error) { + if len(p.GetUserGroups()) == 0 { + return &authzpbv1.BoolReply{Res: false}, nil + } + + ugs, err := s.fromUserGroups(p) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, err.Error()) + } + + // err could be from db, policy assertions, cache; dispatcher, watcher updates (not pertinent) + res, err := s.enforcer.RemoveNamedGroupingPolicies(groupGtype, ugs) + if err != nil { + return nil, status.Errorf(codes.Internal, err.Error()) + } + + return &authzpbv1.BoolReply{Res: res}, nil +} + +// NOTE: might need identifier per permission in list if inheritance is needed +func (s *authzService) ListRolePermissionMappings(ctx context.Context, p *authzpbv1.FilteredRolePermissionMapping) (*authzpbv1.RolePermissionMappingList, error) { + // TODO: Change list of urls to permissions (many to one) + return s.toRolePermissionMappingList(s.enforcer.GetFilteredNamedGroupingPolicy(roleGtype, 0, p.GetRole())), nil +} + +func (s *authzService) CreateRolePermissionMappings(ctx context.Context, p *authzpbv1.RolePermissionMappingList) (*authzpbv1.BoolReply, error) { + // TODO: Change permissions to a list of urls (one to many) + if len(p.GetRolePermissionMappingList()) == 0 { + return &authzpbv1.BoolReply{Res: false}, nil + } + + rpms, err := s.fromRolePermissionMappingList(p) + if err != nil { + return nil, status.Errorf(codes.Internal, err.Error()) + } + + res, err := s.enforcer.AddNamedGroupingPolicies(roleGtype, rpms) + if err != nil { + return nil, status.Errorf(codes.Internal, err.Error()) + } + + return &authzpbv1.BoolReply{Res: res}, nil +} + +func (s *authzService) DeleteRolePermissionMappings(ctx context.Context, p *authzpbv1.FilteredRolePermissionMapping) (*authzpbv1.BoolReply, error) { + // TODO: Change permissions to a list of urls (one to many) + res, err := s.enforcer.RemoveFilteredNamedGroupingPolicy(roleGtype, 1, p.GetRole()) + if err != nil { + return nil, status.Errorf(codes.Internal, err.Error()) + } + + return &authzpbv1.BoolReply{Res: res}, nil +} diff --git a/components/authz/proto/rpc/v1/authz.pb.go b/components/authz/proto/rpc/v1/authz.pb.go new file mode 100644 index 0000000..f012a4e --- /dev/null +++ b/components/authz/proto/rpc/v1/authz.pb.go @@ -0,0 +1,179 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.18.1 +// source: proto/rpc/v1/authz.proto + +package authzv1 + +import ( + types "github.com/RafaySystems/rcloud-base/components/authz/proto/types" + _ "github.com/gogo/protobuf/gogoproto" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +var File_proto_rpc_v1_authz_proto protoreflect.FileDescriptor + +var file_proto_rpc_v1_authz_proto_rawDesc = []byte{ + 0x0a, 0x18, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x72, 0x70, 0x63, 0x2f, 0x76, 0x31, 0x2f, 0x61, + 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x16, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x76, 0x31, 0x1a, 0x17, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x14, 0x67, 0x6f, 0x67, + 0x6f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x67, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x32, 0xa1, 0x08, 0x0a, 0x05, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x12, 0x5a, 0x0a, 0x07, 0x45, + 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x12, 0x28, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, + 0x31, 0x2e, 0x45, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x23, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, + 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, + 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x56, 0x0a, 0x0c, 0x4c, 0x69, 0x73, 0x74, 0x50, + 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, 0x20, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, + 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x1a, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x22, 0x00, 0x12, + 0x5b, 0x0a, 0x0e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, + 0x73, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, + 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, + 0x69, 0x63, 0x69, 0x65, 0x73, 0x1a, 0x23, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, + 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5b, 0x0a, 0x0e, + 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, 0x22, + 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, + 0x65, 0x73, 0x1a, 0x23, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, + 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, + 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5d, 0x0a, 0x0e, 0x4c, 0x69, 0x73, + 0x74, 0x55, 0x73, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x12, 0x23, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x75, 0x70, + 0x1a, 0x24, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, + 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, + 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x22, 0x00, 0x12, 0x5f, 0x0a, 0x10, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x12, 0x24, 0x2e, 0x72, + 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x75, + 0x70, 0x73, 0x1a, 0x23, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, + 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, + 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5f, 0x0a, 0x10, 0x44, 0x65, 0x6c, + 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x12, 0x24, 0x2e, + 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x47, 0x72, 0x6f, + 0x75, 0x70, 0x73, 0x1a, 0x23, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x42, + 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x8c, 0x01, 0x0a, 0x1a, 0x4c, + 0x69, 0x73, 0x74, 0x52, 0x6f, 0x6c, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, + 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x37, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52, 0x6f, 0x6c, + 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, + 0x6e, 0x67, 0x1a, 0x33, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, + 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x6f, + 0x6c, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, + 0x69, 0x6e, 0x67, 0x4c, 0x69, 0x73, 0x74, 0x22, 0x00, 0x12, 0x7a, 0x0a, 0x1c, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x52, 0x6f, 0x6c, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, + 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x33, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x6f, 0x6c, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, + 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x4c, 0x69, 0x73, 0x74, 0x1a, 0x23, + 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, + 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x7e, 0x0a, 0x1c, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, + 0x6f, 0x6c, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, + 0x70, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x37, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, + 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x50, 0x65, 0x72, + 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x1a, 0x23, + 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, + 0x70, 0x6c, 0x79, 0x22, 0x00, 0x42, 0x84, 0x02, 0x0a, 0x1a, 0x63, 0x6f, 0x6d, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x76, 0x31, 0x42, 0x0a, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x50, 0x72, 0x6f, 0x74, 0x6f, + 0x50, 0x01, 0x5a, 0x49, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x52, + 0x61, 0x66, 0x61, 0x79, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x73, 0x2f, 0x72, 0x63, 0x6c, 0x6f, + 0x75, 0x64, 0x2d, 0x62, 0x61, 0x73, 0x65, 0x2f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, + 0x74, 0x73, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x72, + 0x70, 0x63, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x76, 0x31, 0xa2, 0x02, 0x04, + 0x52, 0x44, 0x52, 0x41, 0xaa, 0x02, 0x16, 0x52, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x44, 0x65, 0x76, + 0x2e, 0x52, 0x70, 0x63, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x16, + 0x52, 0x61, 0x66, 0x61, 0x79, 0x5c, 0x44, 0x65, 0x76, 0x5c, 0x52, 0x70, 0x63, 0x5c, 0x41, 0x75, + 0x74, 0x68, 0x7a, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x22, 0x52, 0x61, 0x66, 0x61, 0x79, 0x5c, 0x44, + 0x65, 0x76, 0x5c, 0x52, 0x70, 0x63, 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x5c, 0x56, 0x31, 0x5c, + 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x1a, 0x52, 0x61, + 0x66, 0x61, 0x79, 0x3a, 0x3a, 0x44, 0x65, 0x76, 0x3a, 0x3a, 0x52, 0x70, 0x63, 0x3a, 0x3a, 0x41, + 0x75, 0x74, 0x68, 0x7a, 0x3a, 0x3a, 0x56, 0x31, 0xc8, 0xe2, 0x1e, 0x01, 0xd0, 0xe2, 0x1e, 0x01, + 0xe0, 0xe2, 0x1e, 0x01, 0xc0, 0xe3, 0x1e, 0x01, 0xc8, 0xe3, 0x1e, 0x01, 0x62, 0x06, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x33, +} + +var file_proto_rpc_v1_authz_proto_goTypes = []interface{}{ + (*types.EnforceRequest)(nil), // 0: rafay.dev.types.authz.v1.EnforceRequest + (*types.Policy)(nil), // 1: rafay.dev.types.authz.v1.Policy + (*types.Policies)(nil), // 2: rafay.dev.types.authz.v1.Policies + (*types.UserGroup)(nil), // 3: rafay.dev.types.authz.v1.UserGroup + (*types.UserGroups)(nil), // 4: rafay.dev.types.authz.v1.UserGroups + (*types.FilteredRolePermissionMapping)(nil), // 5: rafay.dev.types.authz.v1.FilteredRolePermissionMapping + (*types.RolePermissionMappingList)(nil), // 6: rafay.dev.types.authz.v1.RolePermissionMappingList + (*types.BoolReply)(nil), // 7: rafay.dev.types.authz.v1.BoolReply +} +var file_proto_rpc_v1_authz_proto_depIdxs = []int32{ + 0, // 0: rafay.dev.rpc.authz.v1.Authz.Enforce:input_type -> rafay.dev.types.authz.v1.EnforceRequest + 1, // 1: rafay.dev.rpc.authz.v1.Authz.ListPolicies:input_type -> rafay.dev.types.authz.v1.Policy + 2, // 2: rafay.dev.rpc.authz.v1.Authz.CreatePolicies:input_type -> rafay.dev.types.authz.v1.Policies + 2, // 3: rafay.dev.rpc.authz.v1.Authz.DeletePolicies:input_type -> rafay.dev.types.authz.v1.Policies + 3, // 4: rafay.dev.rpc.authz.v1.Authz.ListUserGroups:input_type -> rafay.dev.types.authz.v1.UserGroup + 4, // 5: rafay.dev.rpc.authz.v1.Authz.CreateUserGroups:input_type -> rafay.dev.types.authz.v1.UserGroups + 4, // 6: rafay.dev.rpc.authz.v1.Authz.DeleteUserGroups:input_type -> rafay.dev.types.authz.v1.UserGroups + 5, // 7: rafay.dev.rpc.authz.v1.Authz.ListRolePermissionMappings:input_type -> rafay.dev.types.authz.v1.FilteredRolePermissionMapping + 6, // 8: rafay.dev.rpc.authz.v1.Authz.CreateRolePermissionMappings:input_type -> rafay.dev.types.authz.v1.RolePermissionMappingList + 5, // 9: rafay.dev.rpc.authz.v1.Authz.DeleteRolePermissionMappings:input_type -> rafay.dev.types.authz.v1.FilteredRolePermissionMapping + 7, // 10: rafay.dev.rpc.authz.v1.Authz.Enforce:output_type -> rafay.dev.types.authz.v1.BoolReply + 2, // 11: rafay.dev.rpc.authz.v1.Authz.ListPolicies:output_type -> rafay.dev.types.authz.v1.Policies + 7, // 12: rafay.dev.rpc.authz.v1.Authz.CreatePolicies:output_type -> rafay.dev.types.authz.v1.BoolReply + 7, // 13: rafay.dev.rpc.authz.v1.Authz.DeletePolicies:output_type -> rafay.dev.types.authz.v1.BoolReply + 4, // 14: rafay.dev.rpc.authz.v1.Authz.ListUserGroups:output_type -> rafay.dev.types.authz.v1.UserGroups + 7, // 15: rafay.dev.rpc.authz.v1.Authz.CreateUserGroups:output_type -> rafay.dev.types.authz.v1.BoolReply + 7, // 16: rafay.dev.rpc.authz.v1.Authz.DeleteUserGroups:output_type -> rafay.dev.types.authz.v1.BoolReply + 6, // 17: rafay.dev.rpc.authz.v1.Authz.ListRolePermissionMappings:output_type -> rafay.dev.types.authz.v1.RolePermissionMappingList + 7, // 18: rafay.dev.rpc.authz.v1.Authz.CreateRolePermissionMappings:output_type -> rafay.dev.types.authz.v1.BoolReply + 7, // 19: rafay.dev.rpc.authz.v1.Authz.DeleteRolePermissionMappings:output_type -> rafay.dev.types.authz.v1.BoolReply + 10, // [10:20] is the sub-list for method output_type + 0, // [0:10] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_proto_rpc_v1_authz_proto_init() } +func file_proto_rpc_v1_authz_proto_init() { + if File_proto_rpc_v1_authz_proto != nil { + return + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_proto_rpc_v1_authz_proto_rawDesc, + NumEnums: 0, + NumMessages: 0, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_proto_rpc_v1_authz_proto_goTypes, + DependencyIndexes: file_proto_rpc_v1_authz_proto_depIdxs, + }.Build() + File_proto_rpc_v1_authz_proto = out.File + file_proto_rpc_v1_authz_proto_rawDesc = nil + file_proto_rpc_v1_authz_proto_goTypes = nil + file_proto_rpc_v1_authz_proto_depIdxs = nil +} diff --git a/components/authz/proto/rpc/v1/authz.proto b/components/authz/proto/rpc/v1/authz.proto new file mode 100644 index 0000000..3b772dd --- /dev/null +++ b/components/authz/proto/rpc/v1/authz.proto @@ -0,0 +1,67 @@ +syntax = "proto3"; +package rafay.dev.rpc.authz.v1; + +import "proto/types/authz.proto"; +import "gogoproto/gogo.proto"; + +// Enable custom Marshal method. +option (gogoproto.marshaler_all) = true; +// Enable custom Unmarshal method. +option (gogoproto.unmarshaler_all) = true; +// Enable custom Size method (Required by Marshal and Unmarshal). +option (gogoproto.sizer_all) = true; +// Enable registration with golang/protobuf for the grpc-gateway. +option (gogoproto.goproto_registration) = true; +// Enable generation of XXX_MessageName methods for grpc-go/status. +option (gogoproto.messagename_all) = true; + +service Authz { + rpc Enforce (rafay.dev.types.authz.v1.EnforceRequest) + returns (rafay.dev.types.authz.v1.BoolReply) {}; + + // List Policies accpets Policy whose fileds are used for filtering + // Filtering is done per field for the policy + // For Example: + // The Policy obj: + // sub => "" + // ns => "" + // proj => project1 + // org => org1 + // obj => "" + // act => "" + // Returns policies related to project1 and org1 (Empty string matches all) + rpc ListPolicies (rafay.dev.types.authz.v1.Policy) + returns (rafay.dev.types.authz.v1.Policies) {}; + + rpc CreatePolicies (rafay.dev.types.authz.v1.Policies) + returns (rafay.dev.types.authz.v1.BoolReply) {}; + + /* rpc CreateUserSubPolicies (rafay.dev.types.authz.v1.Policies) */ + /* returns (rafay.dev.types.authz.v1.BoolReply) {}; */ + + /* rpc CreateGroupSubPolicies (rafay.dev.types.authz.v1.Policies) */ + /* returns (rafay.dev.types.authz.v1.BoolReply) {}; */ + + rpc DeletePolicies (rafay.dev.types.authz.v1.Policies) + returns (rafay.dev.types.authz.v1.BoolReply) {}; + + rpc ListUserGroups (rafay.dev.types.authz.v1.UserGroup) + returns (rafay.dev.types.authz.v1.UserGroups) {}; + + rpc CreateUserGroups (rafay.dev.types.authz.v1.UserGroups) + returns (rafay.dev.types.authz.v1.BoolReply) {}; + + rpc DeleteUserGroups (rafay.dev.types.authz.v1.UserGroups) + returns (rafay.dev.types.authz.v1.BoolReply) {}; + + rpc ListRolePermissionMappings (rafay.dev.types.authz.v1.FilteredRolePermissionMapping) + returns (rafay.dev.types.authz.v1.RolePermissionMappingList) {} + + rpc CreateRolePermissionMappings (rafay.dev.types.authz.v1.RolePermissionMappingList) + returns (rafay.dev.types.authz.v1.BoolReply) {}; + + rpc DeleteRolePermissionMappings (rafay.dev.types.authz.v1.FilteredRolePermissionMapping) + returns (rafay.dev.types.authz.v1.BoolReply) {}; + + // TODO: Check if HasPolicy etc, hl RBAC APIs, Update APIs are needed +} diff --git a/components/authz/proto/rpc/v1/authz_grpc.pb.go b/components/authz/proto/rpc/v1/authz_grpc.pb.go new file mode 100644 index 0000000..c0e17c6 --- /dev/null +++ b/components/authz/proto/rpc/v1/authz_grpc.pb.go @@ -0,0 +1,446 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. + +package authzv1 + +import ( + context "context" + types "github.com/RafaySystems/rcloud-base/components/authz/proto/types" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +// AuthzClient is the client API for Authz service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type AuthzClient interface { + Enforce(ctx context.Context, in *types.EnforceRequest, opts ...grpc.CallOption) (*types.BoolReply, error) + // List Policies accpets Policy whose fileds are used for filtering + // Filtering is done per field for the policy + // For Example: + // The Policy obj: + // sub => "" + // ns => "" + // proj => project1 + // org => org1 + // obj => "" + // act => "" + // Returns policies related to project1 and org1 (Empty string matches all) + ListPolicies(ctx context.Context, in *types.Policy, opts ...grpc.CallOption) (*types.Policies, error) + CreatePolicies(ctx context.Context, in *types.Policies, opts ...grpc.CallOption) (*types.BoolReply, error) + DeletePolicies(ctx context.Context, in *types.Policies, opts ...grpc.CallOption) (*types.BoolReply, error) + ListUserGroups(ctx context.Context, in *types.UserGroup, opts ...grpc.CallOption) (*types.UserGroups, error) + CreateUserGroups(ctx context.Context, in *types.UserGroups, opts ...grpc.CallOption) (*types.BoolReply, error) + DeleteUserGroups(ctx context.Context, in *types.UserGroups, opts ...grpc.CallOption) (*types.BoolReply, error) + ListRolePermissionMappings(ctx context.Context, in *types.FilteredRolePermissionMapping, opts ...grpc.CallOption) (*types.RolePermissionMappingList, error) + CreateRolePermissionMappings(ctx context.Context, in *types.RolePermissionMappingList, opts ...grpc.CallOption) (*types.BoolReply, error) + DeleteRolePermissionMappings(ctx context.Context, in *types.FilteredRolePermissionMapping, opts ...grpc.CallOption) (*types.BoolReply, error) +} + +type authzClient struct { + cc grpc.ClientConnInterface +} + +func NewAuthzClient(cc grpc.ClientConnInterface) AuthzClient { + return &authzClient{cc} +} + +func (c *authzClient) Enforce(ctx context.Context, in *types.EnforceRequest, opts ...grpc.CallOption) (*types.BoolReply, error) { + out := new(types.BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/Enforce", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) ListPolicies(ctx context.Context, in *types.Policy, opts ...grpc.CallOption) (*types.Policies, error) { + out := new(types.Policies) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/ListPolicies", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) CreatePolicies(ctx context.Context, in *types.Policies, opts ...grpc.CallOption) (*types.BoolReply, error) { + out := new(types.BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/CreatePolicies", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeletePolicies(ctx context.Context, in *types.Policies, opts ...grpc.CallOption) (*types.BoolReply, error) { + out := new(types.BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/DeletePolicies", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) ListUserGroups(ctx context.Context, in *types.UserGroup, opts ...grpc.CallOption) (*types.UserGroups, error) { + out := new(types.UserGroups) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/ListUserGroups", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) CreateUserGroups(ctx context.Context, in *types.UserGroups, opts ...grpc.CallOption) (*types.BoolReply, error) { + out := new(types.BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/CreateUserGroups", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeleteUserGroups(ctx context.Context, in *types.UserGroups, opts ...grpc.CallOption) (*types.BoolReply, error) { + out := new(types.BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/DeleteUserGroups", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) ListRolePermissionMappings(ctx context.Context, in *types.FilteredRolePermissionMapping, opts ...grpc.CallOption) (*types.RolePermissionMappingList, error) { + out := new(types.RolePermissionMappingList) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/ListRolePermissionMappings", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) CreateRolePermissionMappings(ctx context.Context, in *types.RolePermissionMappingList, opts ...grpc.CallOption) (*types.BoolReply, error) { + out := new(types.BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/CreateRolePermissionMappings", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeleteRolePermissionMappings(ctx context.Context, in *types.FilteredRolePermissionMapping, opts ...grpc.CallOption) (*types.BoolReply, error) { + out := new(types.BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.v1.Authz/DeleteRolePermissionMappings", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// AuthzServer is the server API for Authz service. +// All implementations should embed UnimplementedAuthzServer +// for forward compatibility +type AuthzServer interface { + Enforce(context.Context, *types.EnforceRequest) (*types.BoolReply, error) + // List Policies accpets Policy whose fileds are used for filtering + // Filtering is done per field for the policy + // For Example: + // The Policy obj: + // sub => "" + // ns => "" + // proj => project1 + // org => org1 + // obj => "" + // act => "" + // Returns policies related to project1 and org1 (Empty string matches all) + ListPolicies(context.Context, *types.Policy) (*types.Policies, error) + CreatePolicies(context.Context, *types.Policies) (*types.BoolReply, error) + DeletePolicies(context.Context, *types.Policies) (*types.BoolReply, error) + ListUserGroups(context.Context, *types.UserGroup) (*types.UserGroups, error) + CreateUserGroups(context.Context, *types.UserGroups) (*types.BoolReply, error) + DeleteUserGroups(context.Context, *types.UserGroups) (*types.BoolReply, error) + ListRolePermissionMappings(context.Context, *types.FilteredRolePermissionMapping) (*types.RolePermissionMappingList, error) + CreateRolePermissionMappings(context.Context, *types.RolePermissionMappingList) (*types.BoolReply, error) + DeleteRolePermissionMappings(context.Context, *types.FilteredRolePermissionMapping) (*types.BoolReply, error) +} + +// UnimplementedAuthzServer should be embedded to have forward compatible implementations. +type UnimplementedAuthzServer struct { +} + +func (UnimplementedAuthzServer) Enforce(context.Context, *types.EnforceRequest) (*types.BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method Enforce not implemented") +} +func (UnimplementedAuthzServer) ListPolicies(context.Context, *types.Policy) (*types.Policies, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListPolicies not implemented") +} +func (UnimplementedAuthzServer) CreatePolicies(context.Context, *types.Policies) (*types.BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreatePolicies not implemented") +} +func (UnimplementedAuthzServer) DeletePolicies(context.Context, *types.Policies) (*types.BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeletePolicies not implemented") +} +func (UnimplementedAuthzServer) ListUserGroups(context.Context, *types.UserGroup) (*types.UserGroups, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListUserGroups not implemented") +} +func (UnimplementedAuthzServer) CreateUserGroups(context.Context, *types.UserGroups) (*types.BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateUserGroups not implemented") +} +func (UnimplementedAuthzServer) DeleteUserGroups(context.Context, *types.UserGroups) (*types.BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteUserGroups not implemented") +} +func (UnimplementedAuthzServer) ListRolePermissionMappings(context.Context, *types.FilteredRolePermissionMapping) (*types.RolePermissionMappingList, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListRolePermissionMappings not implemented") +} +func (UnimplementedAuthzServer) CreateRolePermissionMappings(context.Context, *types.RolePermissionMappingList) (*types.BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateRolePermissionMappings not implemented") +} +func (UnimplementedAuthzServer) DeleteRolePermissionMappings(context.Context, *types.FilteredRolePermissionMapping) (*types.BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteRolePermissionMappings not implemented") +} + +// UnsafeAuthzServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to AuthzServer will +// result in compilation errors. +type UnsafeAuthzServer interface { + mustEmbedUnimplementedAuthzServer() +} + +func RegisterAuthzServer(s grpc.ServiceRegistrar, srv AuthzServer) { + s.RegisterService(&Authz_ServiceDesc, srv) +} + +func _Authz_Enforce_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.EnforceRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).Enforce(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/Enforce", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).Enforce(ctx, req.(*types.EnforceRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_ListPolicies_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.Policy) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).ListPolicies(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/ListPolicies", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).ListPolicies(ctx, req.(*types.Policy)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_CreatePolicies_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.Policies) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).CreatePolicies(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/CreatePolicies", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).CreatePolicies(ctx, req.(*types.Policies)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeletePolicies_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.Policies) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeletePolicies(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/DeletePolicies", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeletePolicies(ctx, req.(*types.Policies)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_ListUserGroups_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.UserGroup) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).ListUserGroups(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/ListUserGroups", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).ListUserGroups(ctx, req.(*types.UserGroup)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_CreateUserGroups_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.UserGroups) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).CreateUserGroups(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/CreateUserGroups", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).CreateUserGroups(ctx, req.(*types.UserGroups)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeleteUserGroups_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.UserGroups) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeleteUserGroups(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/DeleteUserGroups", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeleteUserGroups(ctx, req.(*types.UserGroups)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_ListRolePermissionMappings_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.FilteredRolePermissionMapping) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).ListRolePermissionMappings(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/ListRolePermissionMappings", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).ListRolePermissionMappings(ctx, req.(*types.FilteredRolePermissionMapping)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_CreateRolePermissionMappings_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.RolePermissionMappingList) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).CreateRolePermissionMappings(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/CreateRolePermissionMappings", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).CreateRolePermissionMappings(ctx, req.(*types.RolePermissionMappingList)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeleteRolePermissionMappings_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(types.FilteredRolePermissionMapping) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeleteRolePermissionMappings(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.v1.Authz/DeleteRolePermissionMappings", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeleteRolePermissionMappings(ctx, req.(*types.FilteredRolePermissionMapping)) + } + return interceptor(ctx, in, info, handler) +} + +// Authz_ServiceDesc is the grpc.ServiceDesc for Authz service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var Authz_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "rafay.dev.rpc.authz.v1.Authz", + HandlerType: (*AuthzServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "Enforce", + Handler: _Authz_Enforce_Handler, + }, + { + MethodName: "ListPolicies", + Handler: _Authz_ListPolicies_Handler, + }, + { + MethodName: "CreatePolicies", + Handler: _Authz_CreatePolicies_Handler, + }, + { + MethodName: "DeletePolicies", + Handler: _Authz_DeletePolicies_Handler, + }, + { + MethodName: "ListUserGroups", + Handler: _Authz_ListUserGroups_Handler, + }, + { + MethodName: "CreateUserGroups", + Handler: _Authz_CreateUserGroups_Handler, + }, + { + MethodName: "DeleteUserGroups", + Handler: _Authz_DeleteUserGroups_Handler, + }, + { + MethodName: "ListRolePermissionMappings", + Handler: _Authz_ListRolePermissionMappings_Handler, + }, + { + MethodName: "CreateRolePermissionMappings", + Handler: _Authz_CreateRolePermissionMappings_Handler, + }, + { + MethodName: "DeleteRolePermissionMappings", + Handler: _Authz_DeleteRolePermissionMappings_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "proto/rpc/v1/authz.proto", +} diff --git a/components/authz/proto/types/authz.pb.go b/components/authz/proto/types/authz.pb.go new file mode 100644 index 0000000..d973b4b --- /dev/null +++ b/components/authz/proto/types/authz.pb.go @@ -0,0 +1,743 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.18.1 +// source: proto/types/authz.proto + +package authzv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type EnforceRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Params []string `protobuf:"bytes,1,rep,name=params,proto3" json:"params,omitempty"` +} + +func (x *EnforceRequest) Reset() { + *x = EnforceRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_types_authz_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *EnforceRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EnforceRequest) ProtoMessage() {} + +func (x *EnforceRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_types_authz_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EnforceRequest.ProtoReflect.Descriptor instead. +func (*EnforceRequest) Descriptor() ([]byte, []int) { + return file_proto_types_authz_proto_rawDescGZIP(), []int{0} +} + +func (x *EnforceRequest) GetParams() []string { + if x != nil { + return x.Params + } + return nil +} + +type Policy struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Who needs the access + Sub string `protobuf:"bytes,1,opt,name=sub,proto3" json:"sub,omitempty"` + // Namespace scope, * for all ns + Ns string `protobuf:"bytes,2,opt,name=ns,proto3" json:"ns,omitempty"` + // Project scope, * for all projects + Proj string `protobuf:"bytes,3,opt,name=proj,proto3" json:"proj,omitempty"` + // Org scope + Org string `protobuf:"bytes,4,opt,name=org,proto3" json:"org,omitempty"` + // Resource for which the access is needed + Obj string `protobuf:"bytes,5,opt,name=obj,proto3" json:"obj,omitempty"` + // Action, read/write; * for both read+write + Act string `protobuf:"bytes,6,opt,name=act,proto3" json:"act,omitempty"` +} + +func (x *Policy) Reset() { + *x = Policy{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_types_authz_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Policy) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Policy) ProtoMessage() {} + +func (x *Policy) ProtoReflect() protoreflect.Message { + mi := &file_proto_types_authz_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Policy.ProtoReflect.Descriptor instead. +func (*Policy) Descriptor() ([]byte, []int) { + return file_proto_types_authz_proto_rawDescGZIP(), []int{1} +} + +func (x *Policy) GetSub() string { + if x != nil { + return x.Sub + } + return "" +} + +func (x *Policy) GetNs() string { + if x != nil { + return x.Ns + } + return "" +} + +func (x *Policy) GetProj() string { + if x != nil { + return x.Proj + } + return "" +} + +func (x *Policy) GetOrg() string { + if x != nil { + return x.Org + } + return "" +} + +func (x *Policy) GetObj() string { + if x != nil { + return x.Obj + } + return "" +} + +func (x *Policy) GetAct() string { + if x != nil { + return x.Act + } + return "" +} + +type Policies struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Policies []*Policy `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"` +} + +func (x *Policies) Reset() { + *x = Policies{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_types_authz_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Policies) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Policies) ProtoMessage() {} + +func (x *Policies) ProtoReflect() protoreflect.Message { + mi := &file_proto_types_authz_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Policies.ProtoReflect.Descriptor instead. +func (*Policies) Descriptor() ([]byte, []int) { + return file_proto_types_authz_proto_rawDescGZIP(), []int{2} +} + +func (x *Policies) GetPolicies() []*Policy { + if x != nil { + return x.Policies + } + return nil +} + +type UserGroup struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + User string `protobuf:"bytes,1,opt,name=user,proto3" json:"user,omitempty"` + Grp string `protobuf:"bytes,2,opt,name=grp,proto3" json:"grp,omitempty"` +} + +func (x *UserGroup) Reset() { + *x = UserGroup{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_types_authz_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UserGroup) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UserGroup) ProtoMessage() {} + +func (x *UserGroup) ProtoReflect() protoreflect.Message { + mi := &file_proto_types_authz_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UserGroup.ProtoReflect.Descriptor instead. +func (*UserGroup) Descriptor() ([]byte, []int) { + return file_proto_types_authz_proto_rawDescGZIP(), []int{3} +} + +func (x *UserGroup) GetUser() string { + if x != nil { + return x.User + } + return "" +} + +func (x *UserGroup) GetGrp() string { + if x != nil { + return x.Grp + } + return "" +} + +type UserGroups struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + UserGroups []*UserGroup `protobuf:"bytes,1,rep,name=user_groups,json=userGroups,proto3" json:"user_groups,omitempty"` +} + +func (x *UserGroups) Reset() { + *x = UserGroups{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_types_authz_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UserGroups) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UserGroups) ProtoMessage() {} + +func (x *UserGroups) ProtoReflect() protoreflect.Message { + mi := &file_proto_types_authz_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UserGroups.ProtoReflect.Descriptor instead. +func (*UserGroups) Descriptor() ([]byte, []int) { + return file_proto_types_authz_proto_rawDescGZIP(), []int{4} +} + +func (x *UserGroups) GetUserGroups() []*UserGroup { + if x != nil { + return x.UserGroups + } + return nil +} + +type RolePermissionMapping struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Role string `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"` + Permission []string `protobuf:"bytes,2,rep,name=permission,proto3" json:"permission,omitempty"` +} + +func (x *RolePermissionMapping) Reset() { + *x = RolePermissionMapping{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_types_authz_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RolePermissionMapping) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RolePermissionMapping) ProtoMessage() {} + +func (x *RolePermissionMapping) ProtoReflect() protoreflect.Message { + mi := &file_proto_types_authz_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RolePermissionMapping.ProtoReflect.Descriptor instead. +func (*RolePermissionMapping) Descriptor() ([]byte, []int) { + return file_proto_types_authz_proto_rawDescGZIP(), []int{5} +} + +func (x *RolePermissionMapping) GetRole() string { + if x != nil { + return x.Role + } + return "" +} + +func (x *RolePermissionMapping) GetPermission() []string { + if x != nil { + return x.Permission + } + return nil +} + +type RolePermissionMappingList struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + RolePermissionMappingList []*RolePermissionMapping `protobuf:"bytes,1,rep,name=role_permission_mapping_list,json=rolePermissionMappingList,proto3" json:"role_permission_mapping_list,omitempty"` +} + +func (x *RolePermissionMappingList) Reset() { + *x = RolePermissionMappingList{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_types_authz_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RolePermissionMappingList) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RolePermissionMappingList) ProtoMessage() {} + +func (x *RolePermissionMappingList) ProtoReflect() protoreflect.Message { + mi := &file_proto_types_authz_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RolePermissionMappingList.ProtoReflect.Descriptor instead. +func (*RolePermissionMappingList) Descriptor() ([]byte, []int) { + return file_proto_types_authz_proto_rawDescGZIP(), []int{6} +} + +func (x *RolePermissionMappingList) GetRolePermissionMappingList() []*RolePermissionMapping { + if x != nil { + return x.RolePermissionMappingList + } + return nil +} + +type FilteredRolePermissionMapping struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Role string `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"` +} + +func (x *FilteredRolePermissionMapping) Reset() { + *x = FilteredRolePermissionMapping{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_types_authz_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FilteredRolePermissionMapping) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FilteredRolePermissionMapping) ProtoMessage() {} + +func (x *FilteredRolePermissionMapping) ProtoReflect() protoreflect.Message { + mi := &file_proto_types_authz_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FilteredRolePermissionMapping.ProtoReflect.Descriptor instead. +func (*FilteredRolePermissionMapping) Descriptor() ([]byte, []int) { + return file_proto_types_authz_proto_rawDescGZIP(), []int{7} +} + +func (x *FilteredRolePermissionMapping) GetRole() string { + if x != nil { + return x.Role + } + return "" +} + +type BoolReply struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Res bool `protobuf:"varint,1,opt,name=res,proto3" json:"res,omitempty"` +} + +func (x *BoolReply) Reset() { + *x = BoolReply{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_types_authz_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *BoolReply) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*BoolReply) ProtoMessage() {} + +func (x *BoolReply) ProtoReflect() protoreflect.Message { + mi := &file_proto_types_authz_proto_msgTypes[8] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use BoolReply.ProtoReflect.Descriptor instead. +func (*BoolReply) Descriptor() ([]byte, []int) { + return file_proto_types_authz_proto_rawDescGZIP(), []int{8} +} + +func (x *BoolReply) GetRes() bool { + if x != nil { + return x.Res + } + return false +} + +var File_proto_types_authz_proto protoreflect.FileDescriptor + +var file_proto_types_authz_proto_rawDesc = []byte{ + 0x0a, 0x17, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x18, 0x72, 0x61, 0x66, 0x61, 0x79, + 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x76, 0x31, 0x22, 0x28, 0x0a, 0x0e, 0x45, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, + 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x22, 0x74, 0x0a, + 0x06, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x73, 0x75, 0x62, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x73, 0x75, 0x62, 0x12, 0x0e, 0x0a, 0x02, 0x6e, 0x73, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x6e, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x72, 0x6f, + 0x6a, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x72, 0x6f, 0x6a, 0x12, 0x10, 0x0a, + 0x03, 0x6f, 0x72, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6f, 0x72, 0x67, 0x12, + 0x10, 0x0a, 0x03, 0x6f, 0x62, 0x6a, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6f, 0x62, + 0x6a, 0x12, 0x10, 0x0a, 0x03, 0x61, 0x63, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, + 0x61, 0x63, 0x74, 0x22, 0x48, 0x0a, 0x08, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x12, + 0x3c, 0x0a, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x20, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, + 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x6f, 0x6c, + 0x69, 0x63, 0x79, 0x52, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x22, 0x31, 0x0a, + 0x09, 0x55, 0x73, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x73, + 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x10, + 0x0a, 0x03, 0x67, 0x72, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x67, 0x72, 0x70, + 0x22, 0x52, 0x0a, 0x0a, 0x55, 0x73, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x12, 0x44, + 0x0a, 0x0b, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x18, 0x01, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x2e, 0x55, + 0x73, 0x65, 0x72, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x0a, 0x75, 0x73, 0x65, 0x72, 0x47, 0x72, + 0x6f, 0x75, 0x70, 0x73, 0x22, 0x4b, 0x0a, 0x15, 0x52, 0x6f, 0x6c, 0x65, 0x50, 0x65, 0x72, 0x6d, + 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x12, 0x0a, + 0x04, 0x72, 0x6f, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x72, 0x6f, 0x6c, + 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x18, + 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, + 0x6e, 0x22, 0x8d, 0x01, 0x0a, 0x19, 0x52, 0x6f, 0x6c, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, + 0x73, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x4c, 0x69, 0x73, 0x74, 0x12, + 0x70, 0x0a, 0x1c, 0x72, 0x6f, 0x6c, 0x65, 0x5f, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, + 0x6f, 0x6e, 0x5f, 0x6d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x18, + 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, + 0x2e, 0x52, 0x6f, 0x6c, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x4d, + 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x52, 0x19, 0x72, 0x6f, 0x6c, 0x65, 0x50, 0x65, 0x72, 0x6d, + 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x4c, 0x69, 0x73, + 0x74, 0x22, 0x33, 0x0a, 0x1d, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x52, 0x6f, 0x6c, + 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x70, 0x70, 0x69, + 0x6e, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x72, 0x6f, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x04, 0x72, 0x6f, 0x6c, 0x65, 0x22, 0x1d, 0x0a, 0x09, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, + 0x70, 0x6c, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x72, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x03, 0x72, 0x65, 0x73, 0x42, 0xf9, 0x01, 0x0a, 0x1c, 0x63, 0x6f, 0x6d, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x42, 0x0a, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x50, 0x72, 0x6f, + 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x48, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, + 0x2f, 0x52, 0x61, 0x66, 0x61, 0x79, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x73, 0x2f, 0x72, 0x63, + 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x62, 0x61, 0x73, 0x65, 0x2f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, + 0x65, 0x6e, 0x74, 0x73, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x76, 0x31, 0xa2, 0x02, + 0x04, 0x52, 0x44, 0x54, 0x41, 0xaa, 0x02, 0x18, 0x52, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x44, 0x65, + 0x76, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x56, 0x31, + 0xca, 0x02, 0x18, 0x52, 0x61, 0x66, 0x61, 0x79, 0x5c, 0x44, 0x65, 0x76, 0x5c, 0x54, 0x79, 0x70, + 0x65, 0x73, 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x24, 0x52, 0x61, + 0x66, 0x61, 0x79, 0x5c, 0x44, 0x65, 0x76, 0x5c, 0x54, 0x79, 0x70, 0x65, 0x73, 0x5c, 0x41, 0x75, + 0x74, 0x68, 0x7a, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, + 0x74, 0x61, 0xea, 0x02, 0x1c, 0x52, 0x61, 0x66, 0x61, 0x79, 0x3a, 0x3a, 0x44, 0x65, 0x76, 0x3a, + 0x3a, 0x54, 0x79, 0x70, 0x65, 0x73, 0x3a, 0x3a, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x3a, 0x3a, 0x56, + 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_proto_types_authz_proto_rawDescOnce sync.Once + file_proto_types_authz_proto_rawDescData = file_proto_types_authz_proto_rawDesc +) + +func file_proto_types_authz_proto_rawDescGZIP() []byte { + file_proto_types_authz_proto_rawDescOnce.Do(func() { + file_proto_types_authz_proto_rawDescData = protoimpl.X.CompressGZIP(file_proto_types_authz_proto_rawDescData) + }) + return file_proto_types_authz_proto_rawDescData +} + +var file_proto_types_authz_proto_msgTypes = make([]protoimpl.MessageInfo, 9) +var file_proto_types_authz_proto_goTypes = []interface{}{ + (*EnforceRequest)(nil), // 0: rafay.dev.types.authz.v1.EnforceRequest + (*Policy)(nil), // 1: rafay.dev.types.authz.v1.Policy + (*Policies)(nil), // 2: rafay.dev.types.authz.v1.Policies + (*UserGroup)(nil), // 3: rafay.dev.types.authz.v1.UserGroup + (*UserGroups)(nil), // 4: rafay.dev.types.authz.v1.UserGroups + (*RolePermissionMapping)(nil), // 5: rafay.dev.types.authz.v1.RolePermissionMapping + (*RolePermissionMappingList)(nil), // 6: rafay.dev.types.authz.v1.RolePermissionMappingList + (*FilteredRolePermissionMapping)(nil), // 7: rafay.dev.types.authz.v1.FilteredRolePermissionMapping + (*BoolReply)(nil), // 8: rafay.dev.types.authz.v1.BoolReply +} +var file_proto_types_authz_proto_depIdxs = []int32{ + 1, // 0: rafay.dev.types.authz.v1.Policies.policies:type_name -> rafay.dev.types.authz.v1.Policy + 3, // 1: rafay.dev.types.authz.v1.UserGroups.user_groups:type_name -> rafay.dev.types.authz.v1.UserGroup + 5, // 2: rafay.dev.types.authz.v1.RolePermissionMappingList.role_permission_mapping_list:type_name -> rafay.dev.types.authz.v1.RolePermissionMapping + 3, // [3:3] is the sub-list for method output_type + 3, // [3:3] is the sub-list for method input_type + 3, // [3:3] is the sub-list for extension type_name + 3, // [3:3] is the sub-list for extension extendee + 0, // [0:3] is the sub-list for field type_name +} + +func init() { file_proto_types_authz_proto_init() } +func file_proto_types_authz_proto_init() { + if File_proto_types_authz_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_proto_types_authz_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*EnforceRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_types_authz_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Policy); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_types_authz_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Policies); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_types_authz_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*UserGroup); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_types_authz_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*UserGroups); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_types_authz_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RolePermissionMapping); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_types_authz_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RolePermissionMappingList); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_types_authz_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FilteredRolePermissionMapping); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_types_authz_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*BoolReply); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_proto_types_authz_proto_rawDesc, + NumEnums: 0, + NumMessages: 9, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_proto_types_authz_proto_goTypes, + DependencyIndexes: file_proto_types_authz_proto_depIdxs, + MessageInfos: file_proto_types_authz_proto_msgTypes, + }.Build() + File_proto_types_authz_proto = out.File + file_proto_types_authz_proto_rawDesc = nil + file_proto_types_authz_proto_goTypes = nil + file_proto_types_authz_proto_depIdxs = nil +} diff --git a/components/authz/proto/types/authz.proto b/components/authz/proto/types/authz.proto new file mode 100644 index 0000000..626f883 --- /dev/null +++ b/components/authz/proto/types/authz.proto @@ -0,0 +1,51 @@ +syntax = "proto3"; +package rafay.dev.types.authz.v1; + +message EnforceRequest { + repeated string params = 1; +} + +message Policy { + // Who needs the access + string sub = 1; + // Namespace scope, * for all ns + string ns = 2; + // Project scope, * for all projects + string proj = 3; + // Org scope + string org = 4; + // Resource for which the access is needed + string obj = 5; + // Action, read/write; * for both read+write + string act = 6; +} + +message Policies { + repeated Policy policies = 1; +} + +message UserGroup { + string user = 1; + string grp = 2; +} + +message UserGroups { + repeated UserGroup user_groups = 1; +} + +message RolePermissionMapping { + string role = 1; + repeated string permission = 2; +} + +message RolePermissionMappingList { + repeated RolePermissionMapping role_permission_mapping_list = 1; +} + +message FilteredRolePermissionMapping { + string role = 1; +} + +message BoolReply { + bool res = 1; +}