From 4e3653cc65e16a63b4d895b5b88ed6e6337f3e23 Mon Sep 17 00:00:00 2001 From: shrey-rafay Date: Thu, 20 Jan 2022 13:38:43 +0530 Subject: [PATCH] Inital commit for authz server --- components/authz/pkg/server/abac.go | 87 + components/authz/pkg/server/adapter.go | 99 + components/authz/pkg/server/adapter_test.go | 15 + components/authz/pkg/server/enforcer.go | 181 ++ components/authz/pkg/server/management_api.go | 278 +++ .../authz/pkg/server/management_api_test.go | 294 +++ components/authz/pkg/server/model_test.go | 112 + components/authz/pkg/server/rbac_api.go | 209 ++ components/authz/pkg/server/rbac_api_test.go | 227 ++ components/authz/pkg/server/test_util.go | 37 + components/authz/proto/rpc/authz.pb.go | 1661 ++++++++++++++ components/authz/proto/rpc/authz.proto | 146 ++ components/authz/proto/rpc/authz_grpc.pb.go | 1971 +++++++++++++++++ 13 files changed, 5317 insertions(+) create mode 100644 components/authz/pkg/server/abac.go create mode 100644 components/authz/pkg/server/adapter.go create mode 100644 components/authz/pkg/server/adapter_test.go create mode 100644 components/authz/pkg/server/enforcer.go create mode 100644 components/authz/pkg/server/management_api.go create mode 100644 components/authz/pkg/server/management_api_test.go create mode 100644 components/authz/pkg/server/model_test.go create mode 100644 components/authz/pkg/server/rbac_api.go create mode 100644 components/authz/pkg/server/rbac_api_test.go create mode 100644 components/authz/pkg/server/test_util.go create mode 100644 components/authz/proto/rpc/authz.pb.go create mode 100644 components/authz/proto/rpc/authz.proto create mode 100644 components/authz/proto/rpc/authz_grpc.pb.go diff --git a/components/authz/pkg/server/abac.go b/components/authz/pkg/server/abac.go new file mode 100644 index 0000000..2f0e5af --- /dev/null +++ b/components/authz/pkg/server/abac.go @@ -0,0 +1,87 @@ +package server + +import ( + "encoding/json" + "fmt" + "strconv" + "unicode" +) + +type AbacAttrList struct { + V0 string + V1 string + V2 string + V3 string + V4 string + V5 string + V6 string + V7 string + V8 string + V9 string + V10 string + nameMap map[string]string +} + +func toUpperFirstChar(str string) string { + for i, v := range str { + return string(unicode.ToUpper(v)) + str[i+1:] + } + return "" +} + +func MakeABAC(obj interface{}) (string, error) { + data, err := json.Marshal(&obj) + if err != nil { + return "", err + } + return "ABAC::" + string(data), nil +} + +func resolveABAC(obj string) (AbacAttrList, error) { + var jsonMap map[string]interface{} + attrList := AbacAttrList{nameMap: map[string]string{}} + + err := json.Unmarshal([]byte(obj[len("ABAC::"):]), &jsonMap) + if err != nil { + return attrList, err + } + + i := 0 + for k, v := range jsonMap { + key := toUpperFirstChar(k) + value := fmt.Sprintf("%v", v) + attrList.nameMap[key] = "V" + strconv.Itoa(i) + switch i { + case 0: + attrList.V0 = value + case 1: + attrList.V1 = value + case 2: + attrList.V2 = value + case 3: + attrList.V3 = value + case 4: + attrList.V4 = value + case 5: + attrList.V5 = value + case 6: + attrList.V6 = value + case 7: + attrList.V7 = value + case 8: + attrList.V8 = value + case 9: + attrList.V9 = value + case 10: + attrList.V10 = value + } + i++ + } + + return attrList, nil +} + +func (attr AbacAttrList) GetCacheKey() string { + res, _ := MakeABAC(&attr) + return res +} diff --git a/components/authz/pkg/server/adapter.go b/components/authz/pkg/server/adapter.go new file mode 100644 index 0000000..a361883 --- /dev/null +++ b/components/authz/pkg/server/adapter.go @@ -0,0 +1,99 @@ +package server + +import ( + "encoding/json" + "errors" + "fmt" + "os" + "regexp" + "strings" + + pb "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc" + "github.com/casbin/casbin/v2/persist" + fileadapter "github.com/casbin/casbin/v2/persist/file-adapter" + gormadapter "github.com/casbin/gorm-adapter/v2" + //_ "github.com/jinzhu/gorm/dialects/mssql" + //_ "github.com/jinzhu/gorm/dialects/mysql" + //_ "github.com/jinzhu/gorm/dialects/postgres" +) + +var errDriverName = errors.New("currently supported DriverName: file | mysql | postgres | mssql") + +func newAdapter(in *pb.NewAdapterRequest) (persist.Adapter, error) { + var a persist.Adapter + in = checkLocalConfig(in) + supportDriverNames := [...]string{"file", "mysql", "postgres", "mssql"} + + switch in.DriverName { + case "file": + a = fileadapter.NewAdapter(in.ConnectString) + default: + var support = false + for _, driverName := range supportDriverNames { + if driverName == in.DriverName { + support = true + break + } + } + if !support { + return nil, errDriverName + } + + var err error + a, err = gormadapter.NewAdapter(in.DriverName, in.ConnectString, in.DbSpecified) + if err != nil { + return nil, err + } + } + + return a, nil +} + +func checkLocalConfig(in *pb.NewAdapterRequest) *pb.NewAdapterRequest { + cfg := LoadConfiguration(getLocalConfigPath()) + if in.ConnectString == "" || in.DriverName == "" { + in.DriverName = cfg.Driver + in.ConnectString = cfg.Connection + in.DbSpecified = cfg.DBSpecified + } + return in +} + +const ( + configFileDefaultPath = "config/connection_config.json" + configFilePathEnvironmentVariable = "CONNECTION_CONFIG_PATH" +) + +func getLocalConfigPath() string { + configFilePath := os.Getenv(configFilePathEnvironmentVariable) + if configFilePath == "" { + configFilePath = configFileDefaultPath + } + return configFilePath +} + +func LoadConfiguration(file string) Config { + //Loads a default config from adapter_config in case a custom adapter isn't provided by the client. + //DriverName, ConnectionString, and dbSpecified can be configured in the file. Defaults to 'file' mode. + + configFile, err := os.Open(file) + if err != nil { + fmt.Println(err.Error()) + } + decoder := json.NewDecoder(configFile) + config := Config{} + decoder.Decode(&config) + re := regexp.MustCompile(`\$\b((\w*))\b`) + config.Connection = re.ReplaceAllStringFunc(config.Connection, func(s string) string { + return os.Getenv(strings.TrimPrefix(s, `$`)) + }) + + return config +} + +type Config struct { + Driver string + Connection string + Enforcer string + DBSpecified bool +} diff --git a/components/authz/pkg/server/adapter_test.go b/components/authz/pkg/server/adapter_test.go new file mode 100644 index 0000000..0337b6d --- /dev/null +++ b/components/authz/pkg/server/adapter_test.go @@ -0,0 +1,15 @@ +package server + +import ( + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestGetLocalConfig(t *testing.T) { + assert.Equal(t, configFileDefaultPath, getLocalConfigPath(), "read from default connection config path if environment variable is not set") + + os.Setenv(configFilePathEnvironmentVariable, "dir/custom_path.json") + assert.Equal(t, "dir/custom_path.json", getLocalConfigPath()) +} diff --git a/components/authz/pkg/server/enforcer.go b/components/authz/pkg/server/enforcer.go new file mode 100644 index 0000000..c95415b --- /dev/null +++ b/components/authz/pkg/server/enforcer.go @@ -0,0 +1,181 @@ +package server + +import ( + "context" + "errors" + "io/ioutil" + "strings" + + pb "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc" + "github.com/casbin/casbin/v2" + "github.com/casbin/casbin/v2/model" + "github.com/casbin/casbin/v2/persist" +) + +// Server is used to implement proto.CasbinServer. +type Server struct { + enforcerMap map[int]*casbin.Enforcer + adapterMap map[int]persist.Adapter +} + +func NewServer() *Server { + s := Server{} + + s.enforcerMap = map[int]*casbin.Enforcer{} + s.adapterMap = map[int]persist.Adapter{} + + return &s +} + +func (s *Server) getEnforcer(handle int) (*casbin.Enforcer, error) { + if _, ok := s.enforcerMap[handle]; ok { + return s.enforcerMap[handle], nil + } else { + return nil, errors.New("enforcer not found") + } +} + +func (s *Server) getAdapter(handle int) (persist.Adapter, error) { + if _, ok := s.adapterMap[handle]; ok { + return s.adapterMap[handle], nil + } else { + return nil, errors.New("adapter not found") + } +} + +func (s *Server) addEnforcer(e *casbin.Enforcer) int { + cnt := len(s.enforcerMap) + s.enforcerMap[cnt] = e + return cnt +} + +func (s *Server) addAdapter(a persist.Adapter) int { + cnt := len(s.adapterMap) + s.adapterMap[cnt] = a + return cnt +} + +func (s *Server) NewEnforcer(ctx context.Context, in *pb.NewEnforcerRequest) (*pb.NewEnforcerReply, error) { + var a persist.Adapter + var e *casbin.Enforcer + + if in.AdapterHandle != -1 { + var err error + a, err = s.getAdapter(int(in.AdapterHandle)) + if err != nil { + return &pb.NewEnforcerReply{Handler: 0}, err + } + } + + if in.ModelText == "" { + cfg := LoadConfiguration(getLocalConfigPath()) + data, err := ioutil.ReadFile(cfg.Enforcer) + if err != nil { + return &pb.NewEnforcerReply{Handler: 0}, err + } + in.ModelText = string(data) + } + + if a == nil { + m, err := model.NewModelFromString(in.ModelText) + if err != nil { + return &pb.NewEnforcerReply{Handler: 0}, err + } + + a, err = newAdapter(&pb.NewAdapterRequest{}) + if err != nil { + return &pb.NewEnforcerReply{Handler: 0}, err + } + + e, err = casbin.NewEnforcer(m, a) + if err != nil { + return &pb.NewEnforcerReply{Handler: 0}, err + } + } else { + m, err := model.NewModelFromString(in.ModelText) + if err != nil { + return &pb.NewEnforcerReply{Handler: 0}, err + } + + e, err = casbin.NewEnforcer(m, a) + if err != nil { + return &pb.NewEnforcerReply{Handler: 0}, err + } + } + h := s.addEnforcer(e) + + return &pb.NewEnforcerReply{Handler: int32(h)}, nil +} + +func (s *Server) NewAdapter(ctx context.Context, in *pb.NewAdapterRequest) (*pb.NewAdapterReply, error) { + a, err := newAdapter(in) + if err != nil { + return nil, err + } + + h := s.addAdapter(a) + + return &pb.NewAdapterReply{Handler: int32(h)}, nil +} + +func (s *Server) parseParam(param, matcher string) (interface{}, string) { + if strings.HasPrefix(param, "ABAC::") { + attrList, err := resolveABAC(param) + if err != nil { + panic(err) + } + for k, v := range attrList.nameMap { + old := "." + k + if strings.Contains(matcher, old) { + matcher = strings.Replace(matcher, old, "."+v, -1) + } + } + return attrList, matcher + } else { + return param, matcher + } +} + +func (s *Server) Enforce(ctx context.Context, in *pb.EnforceRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{Res: false}, err + } + var param interface{} + params := make([]interface{}, 0, len(in.Params)) + m := e.GetModel()["m"]["m"].Value + + for index := range in.Params { + param, m = s.parseParam(in.Params[index], m) + params = append(params, param) + } + + res, err := e.EnforceWithMatcher(m, params...) + if err != nil { + return &pb.BoolReply{Res: false}, err + } + + return &pb.BoolReply{Res: res}, nil +} + +func (s *Server) LoadPolicy(ctx context.Context, in *pb.EmptyRequest) (*pb.EmptyReply, error) { + e, err := s.getEnforcer(int(in.Handler)) + if err != nil { + return &pb.EmptyReply{}, err + } + + err = e.LoadPolicy() + + return &pb.EmptyReply{}, err +} + +func (s *Server) SavePolicy(ctx context.Context, in *pb.EmptyRequest) (*pb.EmptyReply, error) { + e, err := s.getEnforcer(int(in.Handler)) + if err != nil { + return &pb.EmptyReply{}, err + } + + err = e.SavePolicy() + + return &pb.EmptyReply{}, err +} diff --git a/components/authz/pkg/server/management_api.go b/components/authz/pkg/server/management_api.go new file mode 100644 index 0000000..6ae6920 --- /dev/null +++ b/components/authz/pkg/server/management_api.go @@ -0,0 +1,278 @@ +package server + +import ( + "context" + + pb "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc" +) + +func (s *Server) wrapPlainPolicy(policy [][]string) *pb.Array2DReply { + if len(policy) == 0 { + return &pb.Array2DReply{} + } + + policyReply := &pb.Array2DReply{} + policyReply.D2 = make([]*pb.Array2DReplyD, len(policy)) + for e := range policy { + policyReply.D2[e] = &pb.Array2DReplyD{D1: policy[e]} + } + + return policyReply +} + +// GetAllSubjects gets the list of subjects that show up in the current policy. +func (s *Server) GetAllSubjects(ctx context.Context, in *pb.EmptyRequest) (*pb.ArrayReply, error) { + return s.GetAllNamedSubjects(ctx, &pb.SimpleGetRequest{EnforcerHandler: in.Handler, PType: "p"}) +} + +// GetAllNamedSubjects gets the list of subjects that show up in the current named policy. +func (s *Server) GetAllNamedSubjects(ctx context.Context, in *pb.SimpleGetRequest) (*pb.ArrayReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.ArrayReply{}, err + } + + return &pb.ArrayReply{Array: e.GetModel().GetValuesForFieldInPolicy("p", in.PType, 0)}, nil +} + +// GetAllObjects gets the list of objects that show up in the current policy. +func (s *Server) GetAllObjects(ctx context.Context, in *pb.EmptyRequest) (*pb.ArrayReply, error) { + return s.GetAllNamedObjects(ctx, &pb.SimpleGetRequest{EnforcerHandler: in.Handler, PType: "p"}) +} + +// GetAllNamedObjects gets the list of objects that show up in the current named policy. +func (s *Server) GetAllNamedObjects(ctx context.Context, in *pb.SimpleGetRequest) (*pb.ArrayReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.ArrayReply{}, err + } + + return &pb.ArrayReply{Array: e.GetModel().GetValuesForFieldInPolicy("p", in.PType, 1)}, nil +} + +// GetAllActions gets the list of actions that show up in the current policy. +func (s *Server) GetAllActions(ctx context.Context, in *pb.EmptyRequest) (*pb.ArrayReply, error) { + return s.GetAllNamedActions(ctx, &pb.SimpleGetRequest{EnforcerHandler: in.Handler, PType: "p"}) +} + +// GetAllNamedActions gets the list of actions that show up in the current named policy. +func (s *Server) GetAllNamedActions(ctx context.Context, in *pb.SimpleGetRequest) (*pb.ArrayReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.ArrayReply{}, err + } + + return &pb.ArrayReply{Array: e.GetModel().GetValuesForFieldInPolicy("p", in.PType, 2)}, nil +} + +// GetAllRoles gets the list of roles that show up in the current policy. +func (s *Server) GetAllRoles(ctx context.Context, in *pb.EmptyRequest) (*pb.ArrayReply, error) { + return s.GetAllNamedRoles(ctx, &pb.SimpleGetRequest{EnforcerHandler: in.Handler, PType: "g"}) +} + +// GetAllNamedRoles gets the list of roles that show up in the current named policy. +func (s *Server) GetAllNamedRoles(ctx context.Context, in *pb.SimpleGetRequest) (*pb.ArrayReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.ArrayReply{}, err + } + + return &pb.ArrayReply{Array: e.GetModel().GetValuesForFieldInPolicy("g", in.PType, 1)}, nil +} + +// GetPolicy gets all the authorization rules in the policy. +func (s *Server) GetPolicy(ctx context.Context, in *pb.EmptyRequest) (*pb.Array2DReply, error) { + return s.GetNamedPolicy(ctx, &pb.PolicyRequest{EnforcerHandler: in.Handler, PType: "p"}) +} + +// GetNamedPolicy gets all the authorization rules in the named policy. +func (s *Server) GetNamedPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.Array2DReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.Array2DReply{}, err + } + + return s.wrapPlainPolicy(e.GetModel().GetPolicy("p", in.PType)), nil +} + +// GetFilteredPolicy gets all the authorization rules in the policy, field filters can be specified. +func (s *Server) GetFilteredPolicy(ctx context.Context, in *pb.FilteredPolicyRequest) (*pb.Array2DReply, error) { + in.PType = "p" + + return s.GetFilteredNamedPolicy(ctx, in) +} + +// GetFilteredNamedPolicy gets all the authorization rules in the named policy, field filters can be specified. +func (s *Server) GetFilteredNamedPolicy(ctx context.Context, in *pb.FilteredPolicyRequest) (*pb.Array2DReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.Array2DReply{}, err + } + + return s.wrapPlainPolicy(e.GetModel().GetFilteredPolicy("p", in.PType, int(in.FieldIndex), in.FieldValues...)), nil +} + +// GetGroupingPolicy gets all the role inheritance rules in the policy. +func (s *Server) GetGroupingPolicy(ctx context.Context, in *pb.EmptyRequest) (*pb.Array2DReply, error) { + return s.GetNamedGroupingPolicy(ctx, &pb.PolicyRequest{EnforcerHandler: in.Handler, PType: "g"}) +} + +// GetNamedGroupingPolicy gets all the role inheritance rules in the policy. +func (s *Server) GetNamedGroupingPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.Array2DReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.Array2DReply{}, err + } + + return s.wrapPlainPolicy(e.GetModel().GetPolicy("g", in.PType)), nil +} + +// GetFilteredGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified. +func (s *Server) GetFilteredGroupingPolicy(ctx context.Context, in *pb.FilteredPolicyRequest) (*pb.Array2DReply, error) { + in.PType = "g" + + return s.GetFilteredNamedGroupingPolicy(ctx, in) +} + +// GetFilteredNamedGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified. +func (s *Server) GetFilteredNamedGroupingPolicy(ctx context.Context, in *pb.FilteredPolicyRequest) (*pb.Array2DReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.Array2DReply{}, err + } + + return s.wrapPlainPolicy(e.GetModel().GetFilteredPolicy("g", in.PType, int(in.FieldIndex), in.FieldValues...)), nil +} + +// HasPolicy determines whether an authorization rule exists. +func (s *Server) HasPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + return s.HasNamedPolicy(ctx, in) +} + +// HasNamedPolicy determines whether a named authorization rule exists. +func (s *Server) HasNamedPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + return &pb.BoolReply{Res: e.GetModel().HasPolicy("p", in.PType, in.Params)}, nil +} + +// HasGroupingPolicy determines whether a role inheritance rule exists. +func (s *Server) HasGroupingPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + in.PType = "g" + return s.HasNamedGroupingPolicy(ctx, in) +} + +// HasNamedGroupingPolicy determines whether a named role inheritance rule exists. +func (s *Server) HasNamedGroupingPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + return &pb.BoolReply{Res: e.GetModel().HasPolicy("g", in.PType, in.Params)}, nil +} + +func (s *Server) AddPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + in.PType = "p" + return s.AddNamedPolicy(ctx, in) +} + +func (s *Server) AddNamedPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleAdded, err := e.AddNamedPolicy(in.PType, in.Params) + return &pb.BoolReply{Res: ruleAdded}, err +} + +func (s *Server) RemovePolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + in.PType = "p" + return s.RemoveNamedPolicy(ctx, in) +} + +func (s *Server) RemoveNamedPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemoveNamedPolicy(in.PType, in.Params) + return &pb.BoolReply{Res: ruleRemoved}, err +} + +// RemoveFilteredPolicy removes an authorization rule from the current policy, field filters can be specified. +func (s *Server) RemoveFilteredPolicy(ctx context.Context, in *pb.FilteredPolicyRequest) (*pb.BoolReply, error) { + in.PType = "p" + return s.RemoveFilteredNamedPolicy(ctx, in) +} + +// RemoveFilteredNamedPolicy removes an authorization rule from the current named policy, field filters can be specified. +func (s *Server) RemoveFilteredNamedPolicy(ctx context.Context, in *pb.FilteredPolicyRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemoveFilteredNamedPolicy(in.PType, int(in.FieldIndex), in.FieldValues...) + return &pb.BoolReply{Res: ruleRemoved}, err +} + +// AddGroupingPolicy adds a role inheritance rule to the current policy. +// If the rule already exists, the function returns false and the rule will not be added. +// Otherwise the function returns true by adding the new rule. +func (s *Server) AddGroupingPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + in.PType = "g" + return s.AddNamedGroupingPolicy(ctx, in) +} + +// AddNamedGroupingPolicy adds a named role inheritance rule to the current policy. +// If the rule already exists, the function returns false and the rule will not be added. +// Otherwise the function returns true by adding the new rule. +func (s *Server) AddNamedGroupingPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleAdded, err := e.AddNamedGroupingPolicy(in.PType, in.Params) + return &pb.BoolReply{Res: ruleAdded}, err +} + +// RemoveGroupingPolicy removes a role inheritance rule from the current policy. +func (s *Server) RemoveGroupingPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + in.PType = "g" + return s.RemoveNamedGroupingPolicy(ctx, in) +} + +// RemoveNamedGroupingPolicy removes a role inheritance rule from the current named policy. +func (s *Server) RemoveNamedGroupingPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemoveNamedGroupingPolicy(in.PType, in.Params) + return &pb.BoolReply{Res: ruleRemoved}, err +} + +// RemoveFilteredGroupingPolicy removes a role inheritance rule from the current policy, field filters can be specified. +func (s *Server) RemoveFilteredGroupingPolicy(ctx context.Context, in *pb.FilteredPolicyRequest) (*pb.BoolReply, error) { + in.PType = "g" + return s.RemoveFilteredNamedGroupingPolicy(ctx, in) +} + +// RemoveFilteredNamedGroupingPolicy removes a role inheritance rule from the current named policy, field filters can be specified. +func (s *Server) RemoveFilteredNamedGroupingPolicy(ctx context.Context, in *pb.FilteredPolicyRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemoveFilteredNamedGroupingPolicy(in.PType, int(in.FieldIndex), in.FieldValues...) + return &pb.BoolReply{Res: ruleRemoved}, err +} diff --git a/components/authz/pkg/server/management_api_test.go b/components/authz/pkg/server/management_api_test.go new file mode 100644 index 0000000..5df434d --- /dev/null +++ b/components/authz/pkg/server/management_api_test.go @@ -0,0 +1,294 @@ +package server + +import ( + "testing" + + pb "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc" + "github.com/casbin/casbin/v2/util" + "github.com/stretchr/testify/assert" +) + +func testStringList(t *testing.T, title string, f func() []string, res []string) { + t.Helper() + myRes := f() + t.Log(title+": ", myRes) + + if !util.ArrayEquals(res, myRes) { + t.Error(title+": ", myRes, ", supposed to be ", res) + } +} + +func extractFromArrayReply(reply *pb.ArrayReply) func() []string { + return func() []string { + return reply.Array + } +} + +func TestGetList(t *testing.T) { + e := newTestEngine(t, "file", "../examples/rbac_policy.csv", "../examples/rbac_model.conf") + + subjects, err := e.s.GetAllSubjects(e.ctx, &pb.EmptyRequest{Handler: e.h}) + if err != nil { + t.Fatal(err) + } + testStringList(t, "Subjects", extractFromArrayReply(subjects), []string{"alice", "bob", "data2_admin", "data3_admin", "data4_admin"}) + + objects, err := e.s.GetAllObjects(e.ctx, &pb.EmptyRequest{Handler: e.h}) + if err != nil { + t.Fatal(err) + } + testStringList(t, "Objects", extractFromArrayReply(objects), []string{"data1", "data2", "data3", "data4"}) + + actions, err := e.s.GetAllActions(e.ctx, &pb.EmptyRequest{Handler: e.h}) + if err != nil { + t.Fatal(err) + } + testStringList(t, "Actions", extractFromArrayReply(actions), []string{"read", "write", "admin"}) + + roles, err := e.s.GetAllRoles(e.ctx, &pb.EmptyRequest{Handler: e.h}) + if err != nil { + t.Fatal(err) + } + testStringList(t, "Roles", extractFromArrayReply(roles), []string{"data2_admin", "data3_admin", "data4_admin"}) +} + +func extractFromArray2DReply(reply *pb.Array2DReply) [][]string { + array2d := make([][]string, len(reply.D2)) + for i := 0; i < len(reply.D2); i++ { + array2d[i] = reply.D2[i].D1 + } + + return array2d +} + +func testGetPolicy(t *testing.T, e *testEngine, res [][]string) { + t.Helper() + req := &pb.EmptyRequest{Handler: e.h} + reply, err := e.s.GetPolicy(e.ctx, req) + assert.NoError(t, err) + + myRes := extractFromArray2DReply(reply) + t.Log("Policy: ", myRes) + + if !util.Array2DEquals(res, myRes) { + t.Error("Policy: ", myRes, ", supposed to be ", res) + } +} + +func testGetFilteredPolicy(t *testing.T, e *testEngine, fieldIndex int, res [][]string, fieldValues ...string) { + t.Helper() + req := &pb.FilteredPolicyRequest{ + EnforcerHandler: e.h, FieldIndex: int32(fieldIndex), FieldValues: fieldValues} + reply, err := e.s.GetFilteredPolicy(e.ctx, req) + assert.NoError(t, err) + + myRes := extractFromArray2DReply(reply) + t.Log("Policy for ", util.ParamsToString(req.FieldValues...), ": ", myRes) + + if !util.Array2DEquals(res, myRes) { + t.Error("Policy for ", util.ParamsToString(req.FieldValues...), ": ", myRes, ", supposed to be ", res) + } +} + +func testGetGroupingPolicy(t *testing.T, e *testEngine, res [][]string) { + t.Helper() + req := &pb.EmptyRequest{Handler: e.h} + reply, err := e.s.GetGroupingPolicy(e.ctx, req) + assert.NoError(t, err) + + myRes := extractFromArray2DReply(reply) + t.Log("Grouping policy: ", myRes) + + if !util.Array2DEquals(res, myRes) { + t.Error("Grouping policy: ", myRes, ", supposed to be ", res) + } +} + +func testGetFilteredGroupingPolicy(t *testing.T, e *testEngine, fieldIndex int, res [][]string, fieldValues ...string) { + t.Helper() + req := &pb.FilteredPolicyRequest{ + EnforcerHandler: e.h, FieldIndex: int32(fieldIndex), FieldValues: fieldValues} + reply, err := e.s.GetFilteredGroupingPolicy(e.ctx, req) + assert.NoError(t, err) + + myRes := extractFromArray2DReply(reply) + t.Log("Grouping policy for ", util.ParamsToString(fieldValues...), ": ", myRes) + + if !util.Array2DEquals(res, myRes) { + t.Error("Grouping policy for ", util.ParamsToString(fieldValues...), ": ", myRes, ", supposed to be ", res) + } +} + +func testHasPolicy(t *testing.T, e *testEngine, policy []string, res bool) { + t.Helper() + req := &pb.PolicyRequest{EnforcerHandler: e.h, PType: "p", Params: policy} + reply, err := e.s.HasPolicy(e.ctx, req) + assert.NoError(t, err) + + myRes := reply.Res + t.Log("Has policy ", util.ArrayToString(policy), ": ", myRes) + + if res != myRes { + t.Error("Has policy ", util.ArrayToString(policy), ": ", myRes, ", supposed to be ", res) + } +} + +func testHasGroupingPolicy(t *testing.T, e *testEngine, policy []string, res bool) { + t.Helper() + req := &pb.PolicyRequest{EnforcerHandler: e.h, PType: "g", Params: policy} + reply, err := e.s.HasNamedGroupingPolicy(e.ctx, req) + assert.NoError(t, err) + + myRes := reply.Res + t.Log("Has grouping policy ", util.ArrayToString(policy), ": ", myRes) + + if res != myRes { + t.Error("Has grouping policy ", util.ArrayToString(policy), ": ", myRes, ", supposed to be ", res) + } +} + +func TestGetPolicyAPI(t *testing.T) { + e := newTestEngine(t, "file", "../examples/rbac_policy.csv", "../examples/rbac_model.conf") + + testGetPolicy(t, e, [][]string{ + {"alice", "data1", "read"}, + {"bob", "data2", "write"}, + {"data2_admin", "data2", "read"}, + {"data2_admin", "data2", "write"}, + {"data3_admin", "data3", "admin"}, + {"data4_admin", "data4", "read"}}) + + testGetFilteredPolicy(t, e, 0, [][]string{{"alice", "data1", "read"}}, "alice") + testGetFilteredPolicy(t, e, 0, [][]string{{"bob", "data2", "write"}}, "bob") + testGetFilteredPolicy(t, e, 0, [][]string{{"data2_admin", "data2", "read"}, + {"data2_admin", "data2", "write"}}, "data2_admin") + testGetFilteredPolicy(t, e, 1, [][]string{{"alice", "data1", "read"}}, "data1") + testGetFilteredPolicy(t, e, 1, [][]string{{"bob", "data2", "write"}, {"data2_admin", "data2", "read"}, + {"data2_admin", "data2", "write"}}, "data2") + testGetFilteredPolicy(t, e, 2, [][]string{{"alice", "data1", "read"}, {"data2_admin", "data2", "read"}, {"data4_admin", "data4", "read"}}, "read") + testGetFilteredPolicy(t, e, 2, [][]string{{"bob", "data2", "write"}, {"data2_admin", "data2", "write"}}, "write") + + testGetFilteredPolicy(t, e, 0, [][]string{{"data2_admin", "data2", "read"}, + {"data2_admin", "data2", "write"}}, "data2_admin", "data2") + // Note: "" (empty string) in fieldValues means matching all values. + testGetFilteredPolicy(t, e, 0, [][]string{{"data2_admin", "data2", "read"}}, "data2_admin", "", "read") + testGetFilteredPolicy(t, e, 1, [][]string{{"bob", "data2", "write"}, + {"data2_admin", "data2", "write"}}, "data2", "write") + + testHasPolicy(t, e, []string{"alice", "data1", "read"}, true) + testHasPolicy(t, e, []string{"bob", "data2", "write"}, true) + testHasPolicy(t, e, []string{"alice", "data2", "read"}, false) + testHasPolicy(t, e, []string{"bob", "data3", "write"}, false) + + testGetGroupingPolicy(t, e, [][]string{{"alice", "data2_admin"}, {"george", "data3_admin"}, {"data3_admin", "data4_admin"}}) + + testGetFilteredGroupingPolicy(t, e, 0, [][]string{{"alice", "data2_admin"}}, "alice") + testGetFilteredGroupingPolicy(t, e, 0, [][]string{}, "bob") + testGetFilteredGroupingPolicy(t, e, 1, [][]string{}, "data1_admin") + testGetFilteredGroupingPolicy(t, e, 1, [][]string{{"alice", "data2_admin"}}, "data2_admin") + // Note: "" (empty string) in fieldValues means matching all values. + testGetFilteredGroupingPolicy(t, e, 0, [][]string{{"alice", "data2_admin"}}, "", "data2_admin") + + testHasGroupingPolicy(t, e, []string{"alice", "data2_admin"}, true) + testHasGroupingPolicy(t, e, []string{"bob", "data2_admin"}, false) +} + +func TestModifyPolicyAPI(t *testing.T) { + e := newTestEngine(t, "file", "../examples/rbac_policy.csv", "../examples/rbac_model.conf") + + testGetPolicy(t, e, [][]string{ + {"alice", "data1", "read"}, + {"bob", "data2", "write"}, + {"data2_admin", "data2", "read"}, + {"data2_admin", "data2", "write"}, + {"data3_admin", "data3", "admin"}, + {"data4_admin", "data4", "read"}}) + + _, err := e.s.RemovePolicy(e.ctx, &pb.PolicyRequest{EnforcerHandler: e.h, Params: []string{"alice", "data1", "read"}}) + assert.NoError(t, err) + _, err = e.s.RemovePolicy(e.ctx, &pb.PolicyRequest{EnforcerHandler: e.h, Params: []string{"bob", "data2", "write"}}) + assert.NoError(t, err) + _, err = e.s.RemovePolicy(e.ctx, &pb.PolicyRequest{EnforcerHandler: e.h, Params: []string{"alice", "data1", "read"}}) + assert.NoError(t, err) + + _, err = e.s.AddPolicy(e.ctx, &pb.PolicyRequest{EnforcerHandler: e.h, Params: []string{"eve", "data3", "read"}}) + assert.NoError(t, err) + _, err = e.s.AddPolicy(e.ctx, &pb.PolicyRequest{EnforcerHandler: e.h, Params: []string{"eve", "data3", "read"}}) + assert.NoError(t, err) + + namedPolicy := []string{"eve", "data3", "read"} + _, err = e.s.RemovePolicy(e.ctx, &pb.PolicyRequest{EnforcerHandler: e.h, PType: "p", Params: namedPolicy}) + assert.NoError(t, err) + _, err = e.s.AddNamedPolicy(e.ctx, &pb.PolicyRequest{EnforcerHandler: e.h, PType: "p", Params: namedPolicy}) + assert.NoError(t, err) + + testGetPolicy(t, e, [][]string{ + {"data2_admin", "data2", "read"}, + {"data2_admin", "data2", "write"}, + {"data3_admin", "data3", "admin"}, + {"data4_admin", "data4", "read"}, + {"eve", "data3", "read"}}) + + _, err = e.s.RemoveFilteredPolicy(e.ctx, &pb.FilteredPolicyRequest{EnforcerHandler: e.h, FieldIndex: 1, FieldValues: []string{"data2"}}) + assert.NoError(t, err) + + _, err = e.s.RemoveFilteredPolicy(e.ctx, &pb.FilteredPolicyRequest{EnforcerHandler: e.h, FieldIndex: 1, FieldValues: []string{"data4"}}) + assert.NoError(t, err) + + testGetPolicy(t, e, [][]string{{"data3_admin", "data3", "admin"}, {"eve", "data3", "read"}}) +} + +func TestModifyGroupingPolicyAPI(t *testing.T) { + e := newTestEngine(t, "file", "../examples/rbac_policy.csv", "../examples/rbac_model.conf") + + testGetRoles(t, e, "alice", []string{"data2_admin"}) + testGetRoles(t, e, "bob", []string{}) + testGetRoles(t, e, "eve", []string{}) + testGetRoles(t, e, "non_exist", []string{}) + + _, err := e.s.RemoveGroupingPolicy(e.ctx, + &pb.PolicyRequest{EnforcerHandler: e.h, Params: []string{"alice", "data2_admin"}}) + assert.NoError(t, err) + + _, err = e.s.AddGroupingPolicy(e.ctx, &pb.PolicyRequest{EnforcerHandler: e.h, Params: []string{"bob", "data1_admin"}}) + assert.NoError(t, err) + + _, err = e.s.AddGroupingPolicy(e.ctx, &pb.PolicyRequest{EnforcerHandler: e.h, Params: []string{"eve", "data3_admin"}}) + assert.NoError(t, err) + + namedGroupingPolicy := []string{"alice", "data2_admin"} + testGetRoles(t, e, "alice", []string{}) + + _, err = e.s.AddNamedGroupingPolicy(e.ctx, + &pb.PolicyRequest{EnforcerHandler: e.h, PType: "g", Params: namedGroupingPolicy}) + assert.NoError(t, err) + + testGetRoles(t, e, "alice", []string{"data2_admin"}) + + _, err = e.s.RemoveNamedGroupingPolicy(e.ctx, + &pb.PolicyRequest{EnforcerHandler: e.h, PType: "g", Params: namedGroupingPolicy}) + assert.NoError(t, err) + + testGetRoles(t, e, "alice", []string{}) + testGetRoles(t, e, "bob", []string{"data1_admin"}) + testGetRoles(t, e, "eve", []string{"data3_admin"}) + testGetRoles(t, e, "non_exist", []string{}) + + testGetUsers(t, e, "data1_admin", []string{"bob"}) + testGetUsers(t, e, "data2_admin", []string{}) + testGetUsers(t, e, "data3_admin", []string{"eve", "george"}) + testGetUsers(t, e, "data4_admin", []string{"data3_admin"}) + + _, err = e.s.RemoveFilteredGroupingPolicy(e.ctx, + &pb.FilteredPolicyRequest{EnforcerHandler: e.h, FieldIndex: 0, FieldValues: []string{"bob"}}) + assert.NoError(t, err) + + testGetRoles(t, e, "alice", []string{}) + testGetRoles(t, e, "bob", []string{}) + testGetRoles(t, e, "eve", []string{"data3_admin"}) + testGetRoles(t, e, "non_exist", []string{}) + + testGetUsers(t, e, "data1_admin", []string{}) + testGetUsers(t, e, "data2_admin", []string{}) + testGetUsers(t, e, "data3_admin", []string{"george", "eve"}) +} diff --git a/components/authz/pkg/server/model_test.go b/components/authz/pkg/server/model_test.go new file mode 100644 index 0000000..8e915fb --- /dev/null +++ b/components/authz/pkg/server/model_test.go @@ -0,0 +1,112 @@ +package server + +import ( + "context" + "io/ioutil" + "testing" + + pb "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc" + "github.com/stretchr/testify/assert" +) + +func testEnforce(t *testing.T, e *testEngine, sub string, obj string, act string, res bool) { + t.Helper() + reply, err := e.s.Enforce(e.ctx, &pb.EnforceRequest{EnforcerHandler: e.h, Params: []string{sub, obj, act}}) + assert.NoError(t, err) + + if reply.Res != res { + t.Errorf("%s, %v, %s: %t, supposed to be %t", sub, obj, act, !res, res) + } else { + t.Logf("Enforce for %s, %s, %s : %v", sub, obj, act, reply.Res) + } +} + +func testEnforceWithoutUsers(t *testing.T, e *testEngine, obj string, act string, res bool) { + t.Helper() + reply, err := e.s.Enforce(e.ctx, &pb.EnforceRequest{EnforcerHandler: e.h, Params: []string{obj, act}}) + assert.NoError(t, err) + + if reply.Res != res { + t.Errorf("%s, %s: %t, supposed to be %t", obj, act, !res, res) + } +} + +func TestRBACModel(t *testing.T) { + s := NewServer() + ctx := context.Background() + + _, err := s.NewAdapter(ctx, &pb.NewAdapterRequest{DriverName: "file", ConnectString: "../examples/rbac_policy.csv"}) + if err != nil { + t.Error(err) + } + + modelText, err := ioutil.ReadFile("../examples/rbac_model.conf") + if err != nil { + t.Error(err) + } + + resp, err := s.NewEnforcer(ctx, &pb.NewEnforcerRequest{ModelText: string(modelText), AdapterHandle: 0}) + if err != nil { + t.Error(err) + } + e := resp.Handler + + sub := "alice" + obj := "data1" + act := "read" + res := true + + resp2, err := s.Enforce(ctx, &pb.EnforceRequest{EnforcerHandler: e, Params: []string{sub, obj, act}}) + if err != nil { + t.Error(err) + } + myRes := resp2.Res + + if myRes != res { + t.Errorf("%s, %s, %s: %t, supposed to be %t", sub, obj, act, myRes, res) + } +} + +func TestABACModel(t *testing.T) { + s := NewServer() + ctx := context.Background() + + modelText, err := ioutil.ReadFile("../examples/abac_model.conf") + if err != nil { + t.Error(err) + } + + resp, err := s.NewEnforcer(ctx, &pb.NewEnforcerRequest{ModelText: string(modelText), AdapterHandle: -1}) + if err != nil { + t.Error(err) + } + type ABACModel struct { + Name string + Owner string + } + e := resp.Handler + + data1, _ := MakeABAC(ABACModel{Name: "data1", Owner: "alice"}) + data2, _ := MakeABAC(ABACModel{Name: "data2", Owner: "bob"}) + + testModel(t, s, e, "alice", data1, "read", true) + testModel(t, s, e, "alice", data1, "write", true) + testModel(t, s, e, "alice", data2, "read", false) + testModel(t, s, e, "alice", data2, "write", false) + testModel(t, s, e, "bob", data1, "read", false) + testModel(t, s, e, "bob", data1, "write", false) + testModel(t, s, e, "bob", data2, "read", true) + testModel(t, s, e, "bob", data2, "write", true) + +} + +func testModel(t *testing.T, s *Server, enforcerHandler int32, sub string, obj string, act string, res bool) { + t.Helper() + + reply, err := s.Enforce(nil, &pb.EnforceRequest{EnforcerHandler: enforcerHandler, Params: []string{sub, obj, act}}) + assert.NoError(t, err) + + if reply.Res != res { + t.Errorf("%s, %v, %s: %t, supposed to be %t", sub, obj, act, !res, res) + } +} diff --git a/components/authz/pkg/server/rbac_api.go b/components/authz/pkg/server/rbac_api.go new file mode 100644 index 0000000..6a9b817 --- /dev/null +++ b/components/authz/pkg/server/rbac_api.go @@ -0,0 +1,209 @@ +package server + +import ( + "context" + + pb "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc" +) + +// GetRolesForUser gets the roles that a user has. +func (s *Server) GetRolesForUser(ctx context.Context, in *pb.UserRoleRequest) (*pb.ArrayReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.ArrayReply{}, err + } + + res, _ := e.GetModel()["g"]["g"].RM.GetRoles(in.User) + + return &pb.ArrayReply{Array: res}, nil +} + +// GetImplicitPermissionsForUser gets all permissions(including children) for a user or role. +func (s *Server) GetImplicitRolesForUser(ctx context.Context, in *pb.UserRoleRequest) (*pb.ArrayReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.ArrayReply{}, err + } + res, err := e.GetImplicitRolesForUser(in.User) + return &pb.ArrayReply{Array: res}, err +} + +// GetUsersForRole gets the users that has a role. +func (s *Server) GetUsersForRole(ctx context.Context, in *pb.UserRoleRequest) (*pb.ArrayReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.ArrayReply{}, err + } + + res, _ := e.GetModel()["g"]["g"].RM.GetUsers(in.Role) + + return &pb.ArrayReply{Array: res}, nil +} + +// HasRoleForUser determines whether a user has a role. +func (s *Server) HasRoleForUser(ctx context.Context, in *pb.UserRoleRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + roles, err := e.GetRolesForUser(in.User) + if err != nil { + return &pb.BoolReply{}, err + } + + for _, r := range roles { + if r == in.Role { + return &pb.BoolReply{Res: true}, nil + } + } + + return &pb.BoolReply{}, nil +} + +// AddRoleForUser adds a role for a user. +// Returns false if the user already has the role (aka not affected). +func (s *Server) AddRoleForUser(ctx context.Context, in *pb.UserRoleRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleAdded, err := e.AddGroupingPolicy(in.User, in.Role) + return &pb.BoolReply{Res: ruleAdded}, err +} + +// DeleteRoleForUser deletes a role for a user. +// Returns false if the user does not have the role (aka not affected). +func (s *Server) DeleteRoleForUser(ctx context.Context, in *pb.UserRoleRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemoveGroupingPolicy(in.User, in.Role) + return &pb.BoolReply{Res: ruleRemoved}, err +} + +// DeleteRolesForUser deletes all roles for a user. +// Returns false if the user does not have any roles (aka not affected). +func (s *Server) DeleteRolesForUser(ctx context.Context, in *pb.UserRoleRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemoveFilteredGroupingPolicy(0, in.User) + return &pb.BoolReply{Res: ruleRemoved}, err +} + +// DeleteUser deletes a user. +// Returns false if the user does not exist (aka not affected). +func (s *Server) DeleteUser(ctx context.Context, in *pb.UserRoleRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemoveFilteredGroupingPolicy(0, in.User) + return &pb.BoolReply{Res: ruleRemoved}, err +} + +// DeleteRole deletes a role. +func (s *Server) DeleteRole(ctx context.Context, in *pb.UserRoleRequest) (*pb.EmptyReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.EmptyReply{}, err + } + + _, err = e.DeleteRole(in.Role) + return &pb.EmptyReply{}, err +} + +// DeletePermission deletes a permission. +// Returns false if the permission does not exist (aka not affected). +func (s *Server) DeletePermission(ctx context.Context, in *pb.PermissionRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemoveFilteredPolicy(1, in.Permissions...) + return &pb.BoolReply{Res: ruleRemoved}, err +} + +// AddPermissionForUser adds a permission for a user or role. +// Returns false if the user or role already has the permission (aka not affected). +func (s *Server) AddPermissionForUser(ctx context.Context, in *pb.PermissionRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleAdded, err := e.AddPolicy(s.convertPermissions(in.User, in.Permissions...)...) + return &pb.BoolReply{Res: ruleAdded}, err +} + +// DeletePermissionForUser deletes a permission for a user or role. +// Returns false if the user or role does not have the permission (aka not affected). +func (s *Server) DeletePermissionForUser(ctx context.Context, in *pb.PermissionRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemovePolicy(s.convertPermissions(in.User, in.Permissions...)...) + return &pb.BoolReply{Res: ruleRemoved}, err +} + +// DeletePermissionsForUser deletes permissions for a user or role. +// Returns false if the user or role does not have any permissions (aka not affected). +func (s *Server) DeletePermissionsForUser(ctx context.Context, in *pb.PermissionRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + ruleRemoved, err := e.RemoveFilteredPolicy(0, in.User) + return &pb.BoolReply{Res: ruleRemoved}, err +} + +// GetPermissionsForUser gets permissions for a user or role. +func (s *Server) GetPermissionsForUser(ctx context.Context, in *pb.PermissionRequest) (*pb.Array2DReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.Array2DReply{}, err + } + + return s.wrapPlainPolicy(e.GetFilteredPolicy(0, in.User)), nil +} + +// GetImplicitPermissionsForUser gets all permissions(including children) for a user or role. +func (s *Server) GetImplicitPermissionsForUser(ctx context.Context, in *pb.PermissionRequest) (*pb.Array2DReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.Array2DReply{}, err + } + resp, err := e.GetImplicitPermissionsForUser(in.User) + return s.wrapPlainPolicy(resp), err +} + +// HasPermissionForUser determines whether a user has a permission. +func (s *Server) HasPermissionForUser(ctx context.Context, in *pb.PermissionRequest) (*pb.BoolReply, error) { + e, err := s.getEnforcer(int(in.EnforcerHandler)) + if err != nil { + return &pb.BoolReply{}, err + } + + return &pb.BoolReply{Res: e.HasPolicy(s.convertPermissions(in.User, in.Permissions...)...)}, nil +} + +func (s *Server) convertPermissions(user string, permissions ...string) []interface{} { + params := make([]interface{}, 0, len(permissions)+1) + params = append(params, user) + for _, perm := range permissions { + params = append(params, perm) + } + + return params +} diff --git a/components/authz/pkg/server/rbac_api_test.go b/components/authz/pkg/server/rbac_api_test.go new file mode 100644 index 0000000..c26c176 --- /dev/null +++ b/components/authz/pkg/server/rbac_api_test.go @@ -0,0 +1,227 @@ +package server + +import ( + "testing" + + pb "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc" + "github.com/casbin/casbin/v2/util" + "github.com/stretchr/testify/assert" +) + +func testGetRoles(t *testing.T, e *testEngine, name string, res []string) { + t.Helper() + reply, err := e.s.GetRolesForUser(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: name}) + assert.NoError(t, err) + + t.Log("Roles for ", name, ": ", reply.Array) + + if !util.SetEquals(res, reply.Array) { + t.Error("Roles for ", name, ": ", reply.Array, ", supposed to be ", res) + } +} + +func testGetImplicitRoles(t *testing.T, e *testEngine, name string, res []string) { + t.Helper() + reply, err := e.s.GetImplicitRolesForUser(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: name}) + assert.NoError(t, err) + + t.Log("Implicit Roles for ", name, ": ", reply.Array) + + if !util.SetEquals(res, reply.Array) { + t.Error("Implicit Roles for ", name, ": ", reply.Array, ", supposed to be ", res) + } +} + +func testGetUsers(t *testing.T, e *testEngine, name string, res []string) { + t.Helper() + reply, err := e.s.GetUsersForRole(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: name}) + assert.NoError(t, err) + + t.Log("Users for ", name, ": ", reply.Array) + + if !util.SetEquals(res, reply.Array) { + t.Error("Users for ", name, ": ", reply.Array, ", supposed to be ", res) + } +} + +func testHasRole(t *testing.T, e *testEngine, name string, role string, res bool) { + t.Helper() + reply, err := e.s.HasRoleForUser(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: name, Role: role}) + assert.NoError(t, err) + + t.Log(name, " has role ", role, ": ", reply.Res) + + if res != reply.Res { + t.Error(name, " has role ", role, ": ", reply.Res, ", supposed to be ", res) + } +} + +func TestRoleAPI(t *testing.T) { + e := newTestEngine(t, "file", "../examples/rbac_policy.csv", "../examples/rbac_model.conf") + + testGetRoles(t, e, "alice", []string{"data2_admin"}) + testGetRoles(t, e, "bob", []string{}) + testGetRoles(t, e, "data2_admin", []string{}) + testGetRoles(t, e, "non_exist", []string{}) + + testHasRole(t, e, "alice", "data1_admin", false) + testHasRole(t, e, "alice", "data2_admin", true) + + _, err := e.s.AddRoleForUser(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: "alice", Role: "data1_admin"}) + assert.NoError(t, err) + + testGetRoles(t, e, "alice", []string{"data1_admin", "data2_admin"}) + testGetRoles(t, e, "bob", []string{}) + testGetRoles(t, e, "data2_admin", []string{}) + + _, err = e.s.DeleteRoleForUser(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: "alice", Role: "data1_admin"}) + assert.NoError(t, err) + + testGetRoles(t, e, "alice", []string{"data2_admin"}) + testGetRoles(t, e, "bob", []string{}) + testGetRoles(t, e, "data2_admin", []string{}) + + testGetImplicitRoles(t, e, "alice", []string{"data2_admin"}) + testGetImplicitRoles(t, e, "bob", []string{}) + testGetImplicitRoles(t, e, "george", []string{"data3_admin", "data4_admin"}) + + _, err = e.s.DeleteRolesForUser(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: "alice"}) + assert.NoError(t, err) + + testGetRoles(t, e, "alice", []string{}) + testGetRoles(t, e, "bob", []string{}) + testGetRoles(t, e, "data2_admin", []string{}) + + _, err = e.s.AddRoleForUser(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: "alice", Role: "data1_admin"}) + assert.NoError(t, err) + + _, err = e.s.DeleteUser(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: "alice"}) + assert.NoError(t, err) + + testGetRoles(t, e, "alice", []string{}) + testGetRoles(t, e, "bob", []string{}) + testGetRoles(t, e, "data2_admin", []string{}) + + _, err = e.s.AddRoleForUser(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, User: "alice", Role: "data2_admin"}) + assert.NoError(t, err) + + testEnforce(t, e, "alice", "data1", "read", true) + testEnforce(t, e, "alice", "data1", "write", false) + testEnforce(t, e, "alice", "data2", "read", true) + testEnforce(t, e, "alice", "data2", "write", true) + testEnforce(t, e, "bob", "data1", "read", false) + testEnforce(t, e, "bob", "data1", "write", false) + testEnforce(t, e, "bob", "data2", "read", false) + testEnforce(t, e, "bob", "data2", "write", true) + testEnforce(t, e, "bob", "data4", "read", false) + testEnforce(t, e, "george", "data4", "write", false) + testEnforce(t, e, "george", "data4", "read", true) + + _, err = e.s.DeleteRole(e.ctx, &pb.UserRoleRequest{EnforcerHandler: e.h, Role: "data2_admin"}) + assert.NoError(t, err) + + testEnforce(t, e, "alice", "data1", "read", true) + testEnforce(t, e, "alice", "data1", "write", false) + testEnforce(t, e, "alice", "data2", "read", false) + testEnforce(t, e, "alice", "data2", "write", false) + testEnforce(t, e, "bob", "data1", "read", false) + testEnforce(t, e, "bob", "data1", "write", false) + testEnforce(t, e, "bob", "data2", "read", false) + testEnforce(t, e, "bob", "data2", "write", true) + + testGetPermissions(t, e, "alice", [][]string{{"alice", "data1", "read"}}) //Added these in this class as it's part of RBAC. + testGetPermissions(t, e, "bob", [][]string{{"bob", "data2", "write"}}) + testGetPermissions(t, e, "george", [][]string{}) + testGetPermissions(t, e, "data3_admin", [][]string{{"data3_admin", "data3", "admin"}}) + + testGetImplicitPermissions(t, e, "bob", [][]string{{"bob", "data2", "write"}}) + testGetImplicitPermissions(t, e, "data3_admin", [][]string{{"data3_admin", "data3", "admin"}, {"data4_admin", "data4", "read"}}) +} + +func testGetPermissions(t *testing.T, e *testEngine, name string, res [][]string) { + t.Helper() + reply, err := e.s.GetPermissionsForUser(e.ctx, &pb.PermissionRequest{EnforcerHandler: e.h, User: name}) + assert.NoError(t, err) + + myRes := extractFromArray2DReply(reply) + t.Log("Permissions for ", name, ": ", myRes) + + if !util.Array2DEquals(res, myRes) { + t.Error("Permissions for ", name, ": ", myRes, ", supposed to be ", res) + } +} + +func testGetImplicitPermissions(t *testing.T, e *testEngine, name string, res [][]string) { + t.Helper() + reply, err := e.s.GetImplicitPermissionsForUser(e.ctx, &pb.PermissionRequest{EnforcerHandler: e.h, User: name}) + assert.NoError(t, err) + + myRes := extractFromArray2DReply(reply) + t.Log("Implicit Permissions for ", name, ": ", myRes) + + if !util.Array2DEquals(res, myRes) { + t.Error("Implicit Permissions for ", name, ": ", myRes, ", supposed to be ", res) + } +} + +func testHasPermission(t *testing.T, e *testEngine, name string, permission []string, res bool) { + t.Helper() + reply, err := e.s.HasPermissionForUser(e.ctx, &pb.PermissionRequest{EnforcerHandler: e.h, User: name, Permissions: permission}) + assert.NoError(t, err) + + t.Log(name, " has permission ", util.ArrayToString(permission), ": ", reply.Res) + + if res != reply.Res { + t.Error(name, " has permission ", util.ArrayToString(permission), ": ", reply.Res, ", supposed to be ", res) + } +} + +func TestPermissionAPI(t *testing.T) { + e := newTestEngine(t, "file", "../examples/basic_without_resources_policy.csv", + "../examples/basic_without_resources_model.conf") + + testEnforceWithoutUsers(t, e, "alice", "read", true) + testEnforceWithoutUsers(t, e, "alice", "write", false) + testEnforceWithoutUsers(t, e, "bob", "read", false) + testEnforceWithoutUsers(t, e, "bob", "write", true) + + testGetPermissions(t, e, "alice", [][]string{{"alice", "read"}}) + testGetPermissions(t, e, "bob", [][]string{{"bob", "write"}}) + + testHasPermission(t, e, "alice", []string{"read"}, true) + testHasPermission(t, e, "alice", []string{"write"}, false) + testHasPermission(t, e, "bob", []string{"read"}, false) + testHasPermission(t, e, "bob", []string{"write"}, true) + + _, err := e.s.DeletePermission(e.ctx, &pb.PermissionRequest{EnforcerHandler: e.h, Permissions: []string{"read"}}) + assert.NoError(t, err) + + testEnforceWithoutUsers(t, e, "alice", "read", false) + testEnforceWithoutUsers(t, e, "alice", "write", false) + testEnforceWithoutUsers(t, e, "bob", "read", false) + testEnforceWithoutUsers(t, e, "bob", "write", true) + + _, err = e.s.AddPermissionForUser(e.ctx, &pb.PermissionRequest{EnforcerHandler: e.h, User: "bob", Permissions: []string{"read"}}) + assert.NoError(t, err) + + testEnforceWithoutUsers(t, e, "alice", "read", false) + testEnforceWithoutUsers(t, e, "alice", "write", false) + testEnforceWithoutUsers(t, e, "bob", "read", true) + testEnforceWithoutUsers(t, e, "bob", "write", true) + + _, err = e.s.DeletePermissionForUser(e.ctx, &pb.PermissionRequest{EnforcerHandler: e.h, User: "bob", Permissions: []string{"read"}}) + assert.NoError(t, err) + + testEnforceWithoutUsers(t, e, "alice", "read", false) + testEnforceWithoutUsers(t, e, "alice", "write", false) + testEnforceWithoutUsers(t, e, "bob", "read", false) + testEnforceWithoutUsers(t, e, "bob", "write", true) + + _, err = e.s.DeletePermissionsForUser(e.ctx, &pb.PermissionRequest{EnforcerHandler: e.h, User: "bob"}) + assert.NoError(t, err) + + testEnforceWithoutUsers(t, e, "alice", "read", false) + testEnforceWithoutUsers(t, e, "alice", "write", false) + testEnforceWithoutUsers(t, e, "bob", "read", false) + testEnforceWithoutUsers(t, e, "bob", "write", false) +} diff --git a/components/authz/pkg/server/test_util.go b/components/authz/pkg/server/test_util.go new file mode 100644 index 0000000..eb35d59 --- /dev/null +++ b/components/authz/pkg/server/test_util.go @@ -0,0 +1,37 @@ +package server + +import ( + "context" + "io/ioutil" + "testing" + + pb "github.com/RafaySystems/rcloud-base/components/authz/proto/rpc" +) + +type testEngine struct { + s *Server + ctx context.Context + h int32 +} + +func newTestEngine(t *testing.T, from, connectStr string, modelLoc string) *testEngine { + s := NewServer() + ctx := context.Background() + + _, err := s.NewAdapter(ctx, &pb.NewAdapterRequest{DriverName: from, ConnectString: connectStr}) + if err != nil { + t.Fatal(err) + } + + modelText, err := ioutil.ReadFile(modelLoc) + if err != nil { + t.Fatal(err) + } + + resp, err := s.NewEnforcer(ctx, &pb.NewEnforcerRequest{ModelText: string(modelText), AdapterHandle: 0}) + if err != nil { + t.Fatal(err) + } + + return &testEngine{s: s, ctx: ctx, h: resp.Handler} +} diff --git a/components/authz/proto/rpc/authz.pb.go b/components/authz/proto/rpc/authz.pb.go new file mode 100644 index 0000000..8f863ed --- /dev/null +++ b/components/authz/proto/rpc/authz.pb.go @@ -0,0 +1,1661 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.18.1 +// source: proto/rpc/authz.proto + +package rpc + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type NewEnforcerRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ModelText string `protobuf:"bytes,1,opt,name=modelText,proto3" json:"modelText,omitempty"` + AdapterHandle int32 `protobuf:"varint,2,opt,name=adapterHandle,proto3" json:"adapterHandle,omitempty"` +} + +func (x *NewEnforcerRequest) Reset() { + *x = NewEnforcerRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NewEnforcerRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NewEnforcerRequest) ProtoMessage() {} + +func (x *NewEnforcerRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NewEnforcerRequest.ProtoReflect.Descriptor instead. +func (*NewEnforcerRequest) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{0} +} + +func (x *NewEnforcerRequest) GetModelText() string { + if x != nil { + return x.ModelText + } + return "" +} + +func (x *NewEnforcerRequest) GetAdapterHandle() int32 { + if x != nil { + return x.AdapterHandle + } + return 0 +} + +type NewEnforcerReply struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Handler int32 `protobuf:"varint,1,opt,name=handler,proto3" json:"handler,omitempty"` +} + +func (x *NewEnforcerReply) Reset() { + *x = NewEnforcerReply{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NewEnforcerReply) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NewEnforcerReply) ProtoMessage() {} + +func (x *NewEnforcerReply) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NewEnforcerReply.ProtoReflect.Descriptor instead. +func (*NewEnforcerReply) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{1} +} + +func (x *NewEnforcerReply) GetHandler() int32 { + if x != nil { + return x.Handler + } + return 0 +} + +type NewAdapterRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + AdapterName string `protobuf:"bytes,1,opt,name=adapterName,proto3" json:"adapterName,omitempty"` + DriverName string `protobuf:"bytes,2,opt,name=driverName,proto3" json:"driverName,omitempty"` + ConnectString string `protobuf:"bytes,3,opt,name=connectString,proto3" json:"connectString,omitempty"` + DbSpecified bool `protobuf:"varint,4,opt,name=dbSpecified,proto3" json:"dbSpecified,omitempty"` +} + +func (x *NewAdapterRequest) Reset() { + *x = NewAdapterRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NewAdapterRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NewAdapterRequest) ProtoMessage() {} + +func (x *NewAdapterRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NewAdapterRequest.ProtoReflect.Descriptor instead. +func (*NewAdapterRequest) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{2} +} + +func (x *NewAdapterRequest) GetAdapterName() string { + if x != nil { + return x.AdapterName + } + return "" +} + +func (x *NewAdapterRequest) GetDriverName() string { + if x != nil { + return x.DriverName + } + return "" +} + +func (x *NewAdapterRequest) GetConnectString() string { + if x != nil { + return x.ConnectString + } + return "" +} + +func (x *NewAdapterRequest) GetDbSpecified() bool { + if x != nil { + return x.DbSpecified + } + return false +} + +type NewAdapterReply struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Handler int32 `protobuf:"varint,1,opt,name=handler,proto3" json:"handler,omitempty"` +} + +func (x *NewAdapterReply) Reset() { + *x = NewAdapterReply{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *NewAdapterReply) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*NewAdapterReply) ProtoMessage() {} + +func (x *NewAdapterReply) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use NewAdapterReply.ProtoReflect.Descriptor instead. +func (*NewAdapterReply) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{3} +} + +func (x *NewAdapterReply) GetHandler() int32 { + if x != nil { + return x.Handler + } + return 0 +} + +type EnforceRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + EnforcerHandler int32 `protobuf:"varint,1,opt,name=enforcerHandler,proto3" json:"enforcerHandler,omitempty"` + Params []string `protobuf:"bytes,2,rep,name=params,proto3" json:"params,omitempty"` +} + +func (x *EnforceRequest) Reset() { + *x = EnforceRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *EnforceRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EnforceRequest) ProtoMessage() {} + +func (x *EnforceRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EnforceRequest.ProtoReflect.Descriptor instead. +func (*EnforceRequest) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{4} +} + +func (x *EnforceRequest) GetEnforcerHandler() int32 { + if x != nil { + return x.EnforcerHandler + } + return 0 +} + +func (x *EnforceRequest) GetParams() []string { + if x != nil { + return x.Params + } + return nil +} + +type BoolReply struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Res bool `protobuf:"varint,1,opt,name=res,proto3" json:"res,omitempty"` +} + +func (x *BoolReply) Reset() { + *x = BoolReply{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *BoolReply) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*BoolReply) ProtoMessage() {} + +func (x *BoolReply) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use BoolReply.ProtoReflect.Descriptor instead. +func (*BoolReply) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{5} +} + +func (x *BoolReply) GetRes() bool { + if x != nil { + return x.Res + } + return false +} + +type EmptyRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Handler int32 `protobuf:"varint,1,opt,name=handler,proto3" json:"handler,omitempty"` +} + +func (x *EmptyRequest) Reset() { + *x = EmptyRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *EmptyRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EmptyRequest) ProtoMessage() {} + +func (x *EmptyRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EmptyRequest.ProtoReflect.Descriptor instead. +func (*EmptyRequest) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{6} +} + +func (x *EmptyRequest) GetHandler() int32 { + if x != nil { + return x.Handler + } + return 0 +} + +type EmptyReply struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *EmptyReply) Reset() { + *x = EmptyReply{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *EmptyReply) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EmptyReply) ProtoMessage() {} + +func (x *EmptyReply) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EmptyReply.ProtoReflect.Descriptor instead. +func (*EmptyReply) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{7} +} + +type PolicyRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + EnforcerHandler int32 `protobuf:"varint,1,opt,name=enforcerHandler,proto3" json:"enforcerHandler,omitempty"` + PType string `protobuf:"bytes,2,opt,name=pType,proto3" json:"pType,omitempty"` + Params []string `protobuf:"bytes,3,rep,name=params,proto3" json:"params,omitempty"` +} + +func (x *PolicyRequest) Reset() { + *x = PolicyRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PolicyRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PolicyRequest) ProtoMessage() {} + +func (x *PolicyRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[8] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PolicyRequest.ProtoReflect.Descriptor instead. +func (*PolicyRequest) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{8} +} + +func (x *PolicyRequest) GetEnforcerHandler() int32 { + if x != nil { + return x.EnforcerHandler + } + return 0 +} + +func (x *PolicyRequest) GetPType() string { + if x != nil { + return x.PType + } + return "" +} + +func (x *PolicyRequest) GetParams() []string { + if x != nil { + return x.Params + } + return nil +} + +type SimpleGetRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + EnforcerHandler int32 `protobuf:"varint,1,opt,name=enforcerHandler,proto3" json:"enforcerHandler,omitempty"` + PType string `protobuf:"bytes,2,opt,name=pType,proto3" json:"pType,omitempty"` +} + +func (x *SimpleGetRequest) Reset() { + *x = SimpleGetRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SimpleGetRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SimpleGetRequest) ProtoMessage() {} + +func (x *SimpleGetRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[9] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SimpleGetRequest.ProtoReflect.Descriptor instead. +func (*SimpleGetRequest) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{9} +} + +func (x *SimpleGetRequest) GetEnforcerHandler() int32 { + if x != nil { + return x.EnforcerHandler + } + return 0 +} + +func (x *SimpleGetRequest) GetPType() string { + if x != nil { + return x.PType + } + return "" +} + +type ArrayReply struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Array []string `protobuf:"bytes,1,rep,name=array,proto3" json:"array,omitempty"` +} + +func (x *ArrayReply) Reset() { + *x = ArrayReply{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ArrayReply) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ArrayReply) ProtoMessage() {} + +func (x *ArrayReply) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[10] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ArrayReply.ProtoReflect.Descriptor instead. +func (*ArrayReply) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{10} +} + +func (x *ArrayReply) GetArray() []string { + if x != nil { + return x.Array + } + return nil +} + +type FilteredPolicyRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + EnforcerHandler int32 `protobuf:"varint,1,opt,name=enforcerHandler,proto3" json:"enforcerHandler,omitempty"` + PType string `protobuf:"bytes,2,opt,name=pType,proto3" json:"pType,omitempty"` + FieldIndex int32 `protobuf:"varint,3,opt,name=fieldIndex,proto3" json:"fieldIndex,omitempty"` + FieldValues []string `protobuf:"bytes,4,rep,name=fieldValues,proto3" json:"fieldValues,omitempty"` +} + +func (x *FilteredPolicyRequest) Reset() { + *x = FilteredPolicyRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FilteredPolicyRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FilteredPolicyRequest) ProtoMessage() {} + +func (x *FilteredPolicyRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[11] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FilteredPolicyRequest.ProtoReflect.Descriptor instead. +func (*FilteredPolicyRequest) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{11} +} + +func (x *FilteredPolicyRequest) GetEnforcerHandler() int32 { + if x != nil { + return x.EnforcerHandler + } + return 0 +} + +func (x *FilteredPolicyRequest) GetPType() string { + if x != nil { + return x.PType + } + return "" +} + +func (x *FilteredPolicyRequest) GetFieldIndex() int32 { + if x != nil { + return x.FieldIndex + } + return 0 +} + +func (x *FilteredPolicyRequest) GetFieldValues() []string { + if x != nil { + return x.FieldValues + } + return nil +} + +type UserRoleRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + EnforcerHandler int32 `protobuf:"varint,1,opt,name=enforcerHandler,proto3" json:"enforcerHandler,omitempty"` + User string `protobuf:"bytes,2,opt,name=user,proto3" json:"user,omitempty"` + Role string `protobuf:"bytes,3,opt,name=role,proto3" json:"role,omitempty"` +} + +func (x *UserRoleRequest) Reset() { + *x = UserRoleRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UserRoleRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UserRoleRequest) ProtoMessage() {} + +func (x *UserRoleRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[12] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UserRoleRequest.ProtoReflect.Descriptor instead. +func (*UserRoleRequest) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{12} +} + +func (x *UserRoleRequest) GetEnforcerHandler() int32 { + if x != nil { + return x.EnforcerHandler + } + return 0 +} + +func (x *UserRoleRequest) GetUser() string { + if x != nil { + return x.User + } + return "" +} + +func (x *UserRoleRequest) GetRole() string { + if x != nil { + return x.Role + } + return "" +} + +type PermissionRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + EnforcerHandler int32 `protobuf:"varint,1,opt,name=enforcerHandler,proto3" json:"enforcerHandler,omitempty"` + User string `protobuf:"bytes,2,opt,name=user,proto3" json:"user,omitempty"` + Permissions []string `protobuf:"bytes,3,rep,name=permissions,proto3" json:"permissions,omitempty"` +} + +func (x *PermissionRequest) Reset() { + *x = PermissionRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PermissionRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PermissionRequest) ProtoMessage() {} + +func (x *PermissionRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[13] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PermissionRequest.ProtoReflect.Descriptor instead. +func (*PermissionRequest) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{13} +} + +func (x *PermissionRequest) GetEnforcerHandler() int32 { + if x != nil { + return x.EnforcerHandler + } + return 0 +} + +func (x *PermissionRequest) GetUser() string { + if x != nil { + return x.User + } + return "" +} + +func (x *PermissionRequest) GetPermissions() []string { + if x != nil { + return x.Permissions + } + return nil +} + +type Array2DReply struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + D2 []*Array2DReplyD `protobuf:"bytes,1,rep,name=d2,proto3" json:"d2,omitempty"` +} + +func (x *Array2DReply) Reset() { + *x = Array2DReply{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Array2DReply) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Array2DReply) ProtoMessage() {} + +func (x *Array2DReply) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[14] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Array2DReply.ProtoReflect.Descriptor instead. +func (*Array2DReply) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{14} +} + +func (x *Array2DReply) GetD2() []*Array2DReplyD { + if x != nil { + return x.D2 + } + return nil +} + +type Array2DReplyD struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + D1 []string `protobuf:"bytes,1,rep,name=d1,proto3" json:"d1,omitempty"` +} + +func (x *Array2DReplyD) Reset() { + *x = Array2DReplyD{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_rpc_authz_proto_msgTypes[15] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Array2DReplyD) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Array2DReplyD) ProtoMessage() {} + +func (x *Array2DReplyD) ProtoReflect() protoreflect.Message { + mi := &file_proto_rpc_authz_proto_msgTypes[15] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Array2DReplyD.ProtoReflect.Descriptor instead. +func (*Array2DReplyD) Descriptor() ([]byte, []int) { + return file_proto_rpc_authz_proto_rawDescGZIP(), []int{14, 0} +} + +func (x *Array2DReplyD) GetD1() []string { + if x != nil { + return x.D1 + } + return nil +} + +var File_proto_rpc_authz_proto protoreflect.FileDescriptor + +var file_proto_rpc_authz_proto_rawDesc = []byte{ + 0x0a, 0x15, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x72, 0x70, 0x63, 0x2f, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x13, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x22, 0x58, 0x0a, 0x12, + 0x4e, 0x65, 0x77, 0x45, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x54, 0x65, 0x78, 0x74, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x54, 0x65, 0x78, 0x74, + 0x12, 0x24, 0x0a, 0x0d, 0x61, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x6c, + 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0d, 0x61, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, + 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x22, 0x2c, 0x0a, 0x10, 0x4e, 0x65, 0x77, 0x45, 0x6e, 0x66, + 0x6f, 0x72, 0x63, 0x65, 0x72, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x68, 0x61, + 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x07, 0x68, 0x61, 0x6e, + 0x64, 0x6c, 0x65, 0x72, 0x22, 0x9d, 0x01, 0x0a, 0x11, 0x4e, 0x65, 0x77, 0x41, 0x64, 0x61, 0x70, + 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x20, 0x0a, 0x0b, 0x61, 0x64, + 0x61, 0x70, 0x74, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0b, 0x61, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1e, 0x0a, 0x0a, + 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0a, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0d, + 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x53, 0x74, 0x72, 0x69, + 0x6e, 0x67, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x62, 0x53, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, + 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x64, 0x62, 0x53, 0x70, 0x65, 0x63, 0x69, + 0x66, 0x69, 0x65, 0x64, 0x22, 0x2b, 0x0a, 0x0f, 0x4e, 0x65, 0x77, 0x41, 0x64, 0x61, 0x70, 0x74, + 0x65, 0x72, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x68, 0x61, 0x6e, 0x64, 0x6c, + 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x07, 0x68, 0x61, 0x6e, 0x64, 0x6c, 0x65, + 0x72, 0x22, 0x52, 0x0a, 0x0e, 0x45, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x12, 0x28, 0x0a, 0x0f, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, + 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0f, 0x65, 0x6e, + 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x12, 0x16, 0x0a, + 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06, 0x70, + 0x61, 0x72, 0x61, 0x6d, 0x73, 0x22, 0x1d, 0x0a, 0x09, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, + 0x6c, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x72, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, + 0x03, 0x72, 0x65, 0x73, 0x22, 0x28, 0x0a, 0x0c, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x68, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x07, 0x68, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x22, 0x0c, + 0x0a, 0x0a, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x67, 0x0a, 0x0d, + 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x28, 0x0a, + 0x0f, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0f, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, + 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x70, 0x54, 0x79, 0x70, 0x65, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x70, 0x54, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, + 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06, 0x70, + 0x61, 0x72, 0x61, 0x6d, 0x73, 0x22, 0x52, 0x0a, 0x10, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x47, + 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x28, 0x0a, 0x0f, 0x65, 0x6e, 0x66, + 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x05, 0x52, 0x0f, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, + 0x6c, 0x65, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x70, 0x54, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x05, 0x70, 0x54, 0x79, 0x70, 0x65, 0x22, 0x22, 0x0a, 0x0a, 0x41, 0x72, 0x72, + 0x61, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x61, 0x72, 0x72, 0x61, 0x79, + 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x61, 0x72, 0x72, 0x61, 0x79, 0x22, 0x99, 0x01, + 0x0a, 0x15, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x28, 0x0a, 0x0f, 0x65, 0x6e, 0x66, 0x6f, 0x72, + 0x63, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, + 0x52, 0x0f, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, + 0x72, 0x12, 0x14, 0x0a, 0x05, 0x70, 0x54, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x05, 0x70, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x66, 0x69, 0x65, 0x6c, 0x64, + 0x49, 0x6e, 0x64, 0x65, 0x78, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x66, 0x69, 0x65, + 0x6c, 0x64, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x20, 0x0a, 0x0b, 0x66, 0x69, 0x65, 0x6c, 0x64, + 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0b, 0x66, 0x69, + 0x65, 0x6c, 0x64, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x22, 0x63, 0x0a, 0x0f, 0x55, 0x73, 0x65, + 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x28, 0x0a, 0x0f, + 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0f, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, + 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x72, 0x6f, + 0x6c, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x72, 0x6f, 0x6c, 0x65, 0x22, 0x73, + 0x0a, 0x11, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x12, 0x28, 0x0a, 0x0f, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, + 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0f, 0x65, 0x6e, + 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x6c, 0x65, 0x72, 0x12, 0x12, 0x0a, + 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x73, 0x65, + 0x72, 0x12, 0x20, 0x0a, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, + 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, + 0x6f, 0x6e, 0x73, 0x22, 0x58, 0x0a, 0x0c, 0x41, 0x72, 0x72, 0x61, 0x79, 0x32, 0x44, 0x52, 0x65, + 0x70, 0x6c, 0x79, 0x12, 0x33, 0x0a, 0x02, 0x64, 0x32, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x23, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x32, 0x44, 0x52, 0x65, 0x70, + 0x6c, 0x79, 0x2e, 0x64, 0x52, 0x02, 0x64, 0x32, 0x1a, 0x13, 0x0a, 0x01, 0x64, 0x12, 0x0e, 0x0a, + 0x02, 0x64, 0x31, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x02, 0x64, 0x31, 0x32, 0xa5, 0x27, + 0x0a, 0x05, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x12, 0x5f, 0x0a, 0x0b, 0x4e, 0x65, 0x77, 0x45, 0x6e, + 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x12, 0x27, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x4e, 0x65, 0x77, + 0x45, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x25, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x4e, 0x65, 0x77, 0x45, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, + 0x72, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5c, 0x0a, 0x0a, 0x4e, 0x65, 0x77, 0x41, + 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x12, 0x26, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x4e, 0x65, 0x77, + 0x41, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, + 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x4e, 0x65, 0x77, 0x41, 0x64, 0x61, 0x70, 0x74, 0x65, 0x72, 0x52, + 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x50, 0x0a, 0x07, 0x45, 0x6e, 0x66, 0x6f, 0x72, 0x63, + 0x65, 0x12, 0x23, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, + 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x45, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, + 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x52, 0x0a, 0x0a, 0x4c, 0x6f, 0x61, 0x64, + 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x45, 0x6d, 0x70, + 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x52, 0x0a, 0x0a, + 0x53, 0x61, 0x76, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x21, 0x2e, 0x72, 0x61, 0x66, + 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, + 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, + 0x12, 0x51, 0x0a, 0x09, 0x41, 0x64, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, + 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, + 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, + 0x79, 0x22, 0x00, 0x12, 0x56, 0x0a, 0x0e, 0x41, 0x64, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x50, + 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, + 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x54, 0x0a, 0x0c, 0x52, + 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, + 0x00, 0x12, 0x59, 0x0a, 0x11, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x64, + 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, + 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, + 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x64, 0x0a, 0x14, + 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x50, 0x6f, + 0x6c, 0x69, 0x63, 0x79, 0x12, 0x2a, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, + 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, + 0x72, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, + 0x22, 0x00, 0x12, 0x69, 0x0a, 0x19, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x46, 0x69, 0x6c, 0x74, + 0x65, 0x72, 0x65, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, + 0x2a, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x50, 0x6f, + 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x53, 0x0a, + 0x09, 0x47, 0x65, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x21, 0x2e, 0x72, 0x61, 0x66, + 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, + 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x32, 0x44, 0x52, 0x65, 0x70, 0x6c, 0x79, + 0x22, 0x00, 0x12, 0x59, 0x0a, 0x0e, 0x47, 0x65, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x50, 0x6f, + 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, + 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, + 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, + 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, + 0x72, 0x72, 0x61, 0x79, 0x32, 0x44, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x64, 0x0a, + 0x11, 0x47, 0x65, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, + 0x63, 0x79, 0x12, 0x2a, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, + 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, + 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, + 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x32, 0x44, 0x52, 0x65, 0x70, 0x6c, + 0x79, 0x22, 0x00, 0x12, 0x69, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, + 0x65, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x2a, 0x2e, + 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, + 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x41, 0x72, 0x72, 0x61, 0x79, 0x32, 0x44, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x59, + 0x0a, 0x11, 0x41, 0x64, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, + 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, + 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, + 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5e, 0x0a, 0x16, 0x41, 0x64, 0x64, + 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, + 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, + 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, + 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5c, 0x0a, 0x14, 0x52, 0x65, 0x6d, + 0x6f, 0x76, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, + 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, + 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, + 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x61, 0x0a, 0x19, 0x52, 0x65, 0x6d, 0x6f, 0x76, + 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x69, 0x6e, 0x67, 0x50, 0x6f, + 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, + 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, + 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, + 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, + 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x6c, 0x0a, 0x1c, 0x52, 0x65, + 0x6d, 0x6f, 0x76, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, + 0x70, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x2a, 0x2e, 0x72, 0x61, 0x66, + 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, + 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x71, 0x0a, 0x21, 0x52, 0x65, 0x6d, 0x6f, + 0x76, 0x65, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x47, + 0x72, 0x6f, 0x75, 0x70, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x2a, 0x2e, + 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, + 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5b, 0x0a, 0x11, 0x47, + 0x65, 0x74, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, + 0x12, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x32, + 0x44, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x61, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x4e, + 0x61, 0x6d, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, + 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, + 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, + 0x61, 0x79, 0x32, 0x44, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x6c, 0x0a, 0x19, 0x47, + 0x65, 0x74, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x69, + 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x2a, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, + 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x46, + 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, + 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, + 0x32, 0x44, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x71, 0x0a, 0x1e, 0x47, 0x65, 0x74, + 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x47, 0x72, 0x6f, + 0x75, 0x70, 0x69, 0x6e, 0x67, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x2a, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, + 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, + 0x72, 0x61, 0x79, 0x32, 0x44, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x56, 0x0a, 0x0e, + 0x47, 0x65, 0x74, 0x41, 0x6c, 0x6c, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x12, 0x21, + 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, + 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x52, 0x65, 0x70, + 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5f, 0x0a, 0x13, 0x47, 0x65, 0x74, 0x41, 0x6c, 0x6c, 0x4e, 0x61, + 0x6d, 0x65, 0x64, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x12, 0x25, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x47, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, + 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x52, 0x65, + 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x55, 0x0a, 0x0d, 0x47, 0x65, 0x74, 0x41, 0x6c, 0x6c, 0x4f, + 0x62, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x12, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x45, 0x6d, 0x70, + 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x41, 0x72, 0x72, 0x61, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5e, 0x0a, 0x12, + 0x47, 0x65, 0x74, 0x41, 0x6c, 0x6c, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x4f, 0x62, 0x6a, 0x65, 0x63, + 0x74, 0x73, 0x12, 0x25, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, + 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x47, + 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x41, 0x72, 0x72, 0x61, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x55, 0x0a, 0x0d, + 0x47, 0x65, 0x74, 0x41, 0x6c, 0x6c, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x21, 0x2e, + 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x52, 0x65, 0x70, 0x6c, + 0x79, 0x22, 0x00, 0x12, 0x5e, 0x0a, 0x12, 0x47, 0x65, 0x74, 0x41, 0x6c, 0x6c, 0x4e, 0x61, 0x6d, + 0x65, 0x64, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x47, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x52, 0x65, 0x70, 0x6c, + 0x79, 0x22, 0x00, 0x12, 0x53, 0x0a, 0x0b, 0x47, 0x65, 0x74, 0x41, 0x6c, 0x6c, 0x52, 0x6f, 0x6c, + 0x65, 0x73, 0x12, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, + 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, + 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5c, 0x0a, 0x10, 0x47, 0x65, 0x74, 0x41, + 0x6c, 0x6c, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x73, 0x12, 0x25, 0x2e, 0x72, + 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x7a, 0x2e, 0x53, 0x69, 0x6d, 0x70, 0x6c, 0x65, 0x47, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x52, + 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x51, 0x0a, 0x09, 0x48, 0x61, 0x73, 0x50, 0x6f, 0x6c, + 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, + 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, + 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x56, 0x0a, 0x0e, 0x48, 0x61, 0x73, + 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, + 0x00, 0x12, 0x59, 0x0a, 0x11, 0x48, 0x61, 0x73, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x69, 0x6e, 0x67, + 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, + 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, + 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5e, 0x0a, 0x16, + 0x48, 0x61, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x64, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x69, 0x6e, 0x67, + 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x22, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x6f, 0x6c, + 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, + 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5a, 0x0a, 0x0f, + 0x47, 0x65, 0x74, 0x52, 0x6f, 0x6c, 0x65, 0x73, 0x46, 0x6f, 0x72, 0x55, 0x73, 0x65, 0x72, 0x12, + 0x24, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, + 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x62, 0x0a, 0x17, 0x47, 0x65, 0x74, 0x49, + 0x6d, 0x70, 0x6c, 0x69, 0x63, 0x69, 0x74, 0x52, 0x6f, 0x6c, 0x65, 0x73, 0x46, 0x6f, 0x72, 0x55, + 0x73, 0x65, 0x72, 0x12, 0x24, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x6f, + 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x41, 0x72, 0x72, 0x61, 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5a, 0x0a, 0x0f, + 0x47, 0x65, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x46, 0x6f, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x12, + 0x24, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, + 0x79, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x58, 0x0a, 0x0e, 0x48, 0x61, 0x73, 0x52, + 0x6f, 0x6c, 0x65, 0x46, 0x6f, 0x72, 0x55, 0x73, 0x65, 0x72, 0x12, 0x24, 0x2e, 0x72, 0x61, 0x66, + 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, + 0x22, 0x00, 0x12, 0x58, 0x0a, 0x0e, 0x41, 0x64, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x46, 0x6f, 0x72, + 0x55, 0x73, 0x65, 0x72, 0x12, 0x24, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, + 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, + 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, + 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5b, 0x0a, 0x11, + 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x6f, 0x6c, 0x65, 0x46, 0x6f, 0x72, 0x55, 0x73, 0x65, + 0x72, 0x12, 0x24, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, + 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, + 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, + 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5c, 0x0a, 0x12, 0x44, 0x65, 0x6c, + 0x65, 0x74, 0x65, 0x52, 0x6f, 0x6c, 0x65, 0x73, 0x46, 0x6f, 0x72, 0x55, 0x73, 0x65, 0x72, 0x12, + 0x24, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, + 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x54, 0x0a, 0x0a, 0x44, 0x65, 0x6c, 0x65, 0x74, + 0x65, 0x55, 0x73, 0x65, 0x72, 0x12, 0x24, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x55, 0x73, 0x65, 0x72, + 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x55, 0x0a, + 0x0a, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x6f, 0x6c, 0x65, 0x12, 0x24, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x1f, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, + 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x52, 0x65, 0x70, + 0x6c, 0x79, 0x22, 0x00, 0x12, 0x64, 0x0a, 0x15, 0x47, 0x65, 0x74, 0x50, 0x65, 0x72, 0x6d, 0x69, + 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x46, 0x6f, 0x72, 0x55, 0x73, 0x65, 0x72, 0x12, 0x26, 0x2e, + 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, + 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, + 0x79, 0x32, 0x44, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x6c, 0x0a, 0x1d, 0x47, 0x65, + 0x74, 0x49, 0x6d, 0x70, 0x6c, 0x69, 0x63, 0x69, 0x74, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, + 0x69, 0x6f, 0x6e, 0x73, 0x46, 0x6f, 0x72, 0x55, 0x73, 0x65, 0x72, 0x12, 0x26, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x41, 0x72, 0x72, 0x61, 0x79, 0x32, + 0x44, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x5c, 0x0a, 0x10, 0x44, 0x65, 0x6c, 0x65, + 0x74, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x26, 0x2e, 0x72, + 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x7a, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, + 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, + 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x60, 0x0a, 0x14, 0x41, 0x64, 0x64, 0x50, 0x65, 0x72, + 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x46, 0x6f, 0x72, 0x55, 0x73, 0x65, 0x72, 0x12, 0x26, + 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, + 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, + 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x63, 0x0a, 0x17, 0x44, 0x65, 0x6c, 0x65, + 0x74, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x46, 0x6f, 0x72, 0x55, + 0x73, 0x65, 0x72, 0x12, 0x26, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, + 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x64, 0x0a, + 0x18, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, + 0x6e, 0x73, 0x46, 0x6f, 0x72, 0x55, 0x73, 0x65, 0x72, 0x12, 0x26, 0x2e, 0x72, 0x61, 0x66, 0x61, + 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, + 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, 0x70, 0x6c, + 0x79, 0x22, 0x00, 0x12, 0x60, 0x0a, 0x14, 0x48, 0x61, 0x73, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, + 0x73, 0x69, 0x6f, 0x6e, 0x46, 0x6f, 0x72, 0x55, 0x73, 0x65, 0x72, 0x12, 0x26, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x72, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, + 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x52, 0x65, + 0x70, 0x6c, 0x79, 0x22, 0x00, 0x42, 0xd5, 0x01, 0x0a, 0x17, 0x63, 0x6f, 0x6d, 0x2e, 0x72, 0x61, + 0x66, 0x61, 0x79, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x72, 0x70, 0x63, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x7a, 0x42, 0x0a, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, + 0x3e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x52, 0x61, 0x66, 0x61, + 0x79, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x73, 0x2f, 0x72, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, + 0x62, 0x61, 0x73, 0x65, 0x2f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2f, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x72, 0x70, 0x63, 0xa2, + 0x02, 0x04, 0x52, 0x44, 0x52, 0x41, 0xaa, 0x02, 0x13, 0x52, 0x61, 0x66, 0x61, 0x79, 0x2e, 0x44, + 0x65, 0x76, 0x2e, 0x52, 0x70, 0x63, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x7a, 0xca, 0x02, 0x13, 0x52, + 0x61, 0x66, 0x61, 0x79, 0x5c, 0x44, 0x65, 0x76, 0x5c, 0x52, 0x70, 0x63, 0x5c, 0x41, 0x75, 0x74, + 0x68, 0x7a, 0xe2, 0x02, 0x1f, 0x52, 0x61, 0x66, 0x61, 0x79, 0x5c, 0x44, 0x65, 0x76, 0x5c, 0x52, + 0x70, 0x63, 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, + 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x16, 0x52, 0x61, 0x66, 0x61, 0x79, 0x3a, 0x3a, 0x44, 0x65, + 0x76, 0x3a, 0x3a, 0x52, 0x70, 0x63, 0x3a, 0x3a, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x62, 0x06, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_proto_rpc_authz_proto_rawDescOnce sync.Once + file_proto_rpc_authz_proto_rawDescData = file_proto_rpc_authz_proto_rawDesc +) + +func file_proto_rpc_authz_proto_rawDescGZIP() []byte { + file_proto_rpc_authz_proto_rawDescOnce.Do(func() { + file_proto_rpc_authz_proto_rawDescData = protoimpl.X.CompressGZIP(file_proto_rpc_authz_proto_rawDescData) + }) + return file_proto_rpc_authz_proto_rawDescData +} + +var file_proto_rpc_authz_proto_msgTypes = make([]protoimpl.MessageInfo, 16) +var file_proto_rpc_authz_proto_goTypes = []interface{}{ + (*NewEnforcerRequest)(nil), // 0: rafay.dev.rpc.authz.NewEnforcerRequest + (*NewEnforcerReply)(nil), // 1: rafay.dev.rpc.authz.NewEnforcerReply + (*NewAdapterRequest)(nil), // 2: rafay.dev.rpc.authz.NewAdapterRequest + (*NewAdapterReply)(nil), // 3: rafay.dev.rpc.authz.NewAdapterReply + (*EnforceRequest)(nil), // 4: rafay.dev.rpc.authz.EnforceRequest + (*BoolReply)(nil), // 5: rafay.dev.rpc.authz.BoolReply + (*EmptyRequest)(nil), // 6: rafay.dev.rpc.authz.EmptyRequest + (*EmptyReply)(nil), // 7: rafay.dev.rpc.authz.EmptyReply + (*PolicyRequest)(nil), // 8: rafay.dev.rpc.authz.PolicyRequest + (*SimpleGetRequest)(nil), // 9: rafay.dev.rpc.authz.SimpleGetRequest + (*ArrayReply)(nil), // 10: rafay.dev.rpc.authz.ArrayReply + (*FilteredPolicyRequest)(nil), // 11: rafay.dev.rpc.authz.FilteredPolicyRequest + (*UserRoleRequest)(nil), // 12: rafay.dev.rpc.authz.UserRoleRequest + (*PermissionRequest)(nil), // 13: rafay.dev.rpc.authz.PermissionRequest + (*Array2DReply)(nil), // 14: rafay.dev.rpc.authz.Array2DReply + (*Array2DReplyD)(nil), // 15: rafay.dev.rpc.authz.Array2DReply.d +} +var file_proto_rpc_authz_proto_depIdxs = []int32{ + 15, // 0: rafay.dev.rpc.authz.Array2DReply.d2:type_name -> rafay.dev.rpc.authz.Array2DReply.d + 0, // 1: rafay.dev.rpc.authz.Authz.NewEnforcer:input_type -> rafay.dev.rpc.authz.NewEnforcerRequest + 2, // 2: rafay.dev.rpc.authz.Authz.NewAdapter:input_type -> rafay.dev.rpc.authz.NewAdapterRequest + 4, // 3: rafay.dev.rpc.authz.Authz.Enforce:input_type -> rafay.dev.rpc.authz.EnforceRequest + 6, // 4: rafay.dev.rpc.authz.Authz.LoadPolicy:input_type -> rafay.dev.rpc.authz.EmptyRequest + 6, // 5: rafay.dev.rpc.authz.Authz.SavePolicy:input_type -> rafay.dev.rpc.authz.EmptyRequest + 8, // 6: rafay.dev.rpc.authz.Authz.AddPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 8, // 7: rafay.dev.rpc.authz.Authz.AddNamedPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 8, // 8: rafay.dev.rpc.authz.Authz.RemovePolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 8, // 9: rafay.dev.rpc.authz.Authz.RemoveNamedPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 11, // 10: rafay.dev.rpc.authz.Authz.RemoveFilteredPolicy:input_type -> rafay.dev.rpc.authz.FilteredPolicyRequest + 11, // 11: rafay.dev.rpc.authz.Authz.RemoveFilteredNamedPolicy:input_type -> rafay.dev.rpc.authz.FilteredPolicyRequest + 6, // 12: rafay.dev.rpc.authz.Authz.GetPolicy:input_type -> rafay.dev.rpc.authz.EmptyRequest + 8, // 13: rafay.dev.rpc.authz.Authz.GetNamedPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 11, // 14: rafay.dev.rpc.authz.Authz.GetFilteredPolicy:input_type -> rafay.dev.rpc.authz.FilteredPolicyRequest + 11, // 15: rafay.dev.rpc.authz.Authz.GetFilteredNamedPolicy:input_type -> rafay.dev.rpc.authz.FilteredPolicyRequest + 8, // 16: rafay.dev.rpc.authz.Authz.AddGroupingPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 8, // 17: rafay.dev.rpc.authz.Authz.AddNamedGroupingPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 8, // 18: rafay.dev.rpc.authz.Authz.RemoveGroupingPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 8, // 19: rafay.dev.rpc.authz.Authz.RemoveNamedGroupingPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 11, // 20: rafay.dev.rpc.authz.Authz.RemoveFilteredGroupingPolicy:input_type -> rafay.dev.rpc.authz.FilteredPolicyRequest + 11, // 21: rafay.dev.rpc.authz.Authz.RemoveFilteredNamedGroupingPolicy:input_type -> rafay.dev.rpc.authz.FilteredPolicyRequest + 6, // 22: rafay.dev.rpc.authz.Authz.GetGroupingPolicy:input_type -> rafay.dev.rpc.authz.EmptyRequest + 8, // 23: rafay.dev.rpc.authz.Authz.GetNamedGroupingPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 11, // 24: rafay.dev.rpc.authz.Authz.GetFilteredGroupingPolicy:input_type -> rafay.dev.rpc.authz.FilteredPolicyRequest + 11, // 25: rafay.dev.rpc.authz.Authz.GetFilteredNamedGroupingPolicy:input_type -> rafay.dev.rpc.authz.FilteredPolicyRequest + 6, // 26: rafay.dev.rpc.authz.Authz.GetAllSubjects:input_type -> rafay.dev.rpc.authz.EmptyRequest + 9, // 27: rafay.dev.rpc.authz.Authz.GetAllNamedSubjects:input_type -> rafay.dev.rpc.authz.SimpleGetRequest + 6, // 28: rafay.dev.rpc.authz.Authz.GetAllObjects:input_type -> rafay.dev.rpc.authz.EmptyRequest + 9, // 29: rafay.dev.rpc.authz.Authz.GetAllNamedObjects:input_type -> rafay.dev.rpc.authz.SimpleGetRequest + 6, // 30: rafay.dev.rpc.authz.Authz.GetAllActions:input_type -> rafay.dev.rpc.authz.EmptyRequest + 9, // 31: rafay.dev.rpc.authz.Authz.GetAllNamedActions:input_type -> rafay.dev.rpc.authz.SimpleGetRequest + 6, // 32: rafay.dev.rpc.authz.Authz.GetAllRoles:input_type -> rafay.dev.rpc.authz.EmptyRequest + 9, // 33: rafay.dev.rpc.authz.Authz.GetAllNamedRoles:input_type -> rafay.dev.rpc.authz.SimpleGetRequest + 8, // 34: rafay.dev.rpc.authz.Authz.HasPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 8, // 35: rafay.dev.rpc.authz.Authz.HasNamedPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 8, // 36: rafay.dev.rpc.authz.Authz.HasGroupingPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 8, // 37: rafay.dev.rpc.authz.Authz.HasNamedGroupingPolicy:input_type -> rafay.dev.rpc.authz.PolicyRequest + 12, // 38: rafay.dev.rpc.authz.Authz.GetRolesForUser:input_type -> rafay.dev.rpc.authz.UserRoleRequest + 12, // 39: rafay.dev.rpc.authz.Authz.GetImplicitRolesForUser:input_type -> rafay.dev.rpc.authz.UserRoleRequest + 12, // 40: rafay.dev.rpc.authz.Authz.GetUsersForRole:input_type -> rafay.dev.rpc.authz.UserRoleRequest + 12, // 41: rafay.dev.rpc.authz.Authz.HasRoleForUser:input_type -> rafay.dev.rpc.authz.UserRoleRequest + 12, // 42: rafay.dev.rpc.authz.Authz.AddRoleForUser:input_type -> rafay.dev.rpc.authz.UserRoleRequest + 12, // 43: rafay.dev.rpc.authz.Authz.DeleteRoleForUser:input_type -> rafay.dev.rpc.authz.UserRoleRequest + 12, // 44: rafay.dev.rpc.authz.Authz.DeleteRolesForUser:input_type -> rafay.dev.rpc.authz.UserRoleRequest + 12, // 45: rafay.dev.rpc.authz.Authz.DeleteUser:input_type -> rafay.dev.rpc.authz.UserRoleRequest + 12, // 46: rafay.dev.rpc.authz.Authz.DeleteRole:input_type -> rafay.dev.rpc.authz.UserRoleRequest + 13, // 47: rafay.dev.rpc.authz.Authz.GetPermissionsForUser:input_type -> rafay.dev.rpc.authz.PermissionRequest + 13, // 48: rafay.dev.rpc.authz.Authz.GetImplicitPermissionsForUser:input_type -> rafay.dev.rpc.authz.PermissionRequest + 13, // 49: rafay.dev.rpc.authz.Authz.DeletePermission:input_type -> rafay.dev.rpc.authz.PermissionRequest + 13, // 50: rafay.dev.rpc.authz.Authz.AddPermissionForUser:input_type -> rafay.dev.rpc.authz.PermissionRequest + 13, // 51: rafay.dev.rpc.authz.Authz.DeletePermissionForUser:input_type -> rafay.dev.rpc.authz.PermissionRequest + 13, // 52: rafay.dev.rpc.authz.Authz.DeletePermissionsForUser:input_type -> rafay.dev.rpc.authz.PermissionRequest + 13, // 53: rafay.dev.rpc.authz.Authz.HasPermissionForUser:input_type -> rafay.dev.rpc.authz.PermissionRequest + 1, // 54: rafay.dev.rpc.authz.Authz.NewEnforcer:output_type -> rafay.dev.rpc.authz.NewEnforcerReply + 3, // 55: rafay.dev.rpc.authz.Authz.NewAdapter:output_type -> rafay.dev.rpc.authz.NewAdapterReply + 5, // 56: rafay.dev.rpc.authz.Authz.Enforce:output_type -> rafay.dev.rpc.authz.BoolReply + 7, // 57: rafay.dev.rpc.authz.Authz.LoadPolicy:output_type -> rafay.dev.rpc.authz.EmptyReply + 7, // 58: rafay.dev.rpc.authz.Authz.SavePolicy:output_type -> rafay.dev.rpc.authz.EmptyReply + 5, // 59: rafay.dev.rpc.authz.Authz.AddPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 60: rafay.dev.rpc.authz.Authz.AddNamedPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 61: rafay.dev.rpc.authz.Authz.RemovePolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 62: rafay.dev.rpc.authz.Authz.RemoveNamedPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 63: rafay.dev.rpc.authz.Authz.RemoveFilteredPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 64: rafay.dev.rpc.authz.Authz.RemoveFilteredNamedPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 14, // 65: rafay.dev.rpc.authz.Authz.GetPolicy:output_type -> rafay.dev.rpc.authz.Array2DReply + 14, // 66: rafay.dev.rpc.authz.Authz.GetNamedPolicy:output_type -> rafay.dev.rpc.authz.Array2DReply + 14, // 67: rafay.dev.rpc.authz.Authz.GetFilteredPolicy:output_type -> rafay.dev.rpc.authz.Array2DReply + 14, // 68: rafay.dev.rpc.authz.Authz.GetFilteredNamedPolicy:output_type -> rafay.dev.rpc.authz.Array2DReply + 5, // 69: rafay.dev.rpc.authz.Authz.AddGroupingPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 70: rafay.dev.rpc.authz.Authz.AddNamedGroupingPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 71: rafay.dev.rpc.authz.Authz.RemoveGroupingPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 72: rafay.dev.rpc.authz.Authz.RemoveNamedGroupingPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 73: rafay.dev.rpc.authz.Authz.RemoveFilteredGroupingPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 74: rafay.dev.rpc.authz.Authz.RemoveFilteredNamedGroupingPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 14, // 75: rafay.dev.rpc.authz.Authz.GetGroupingPolicy:output_type -> rafay.dev.rpc.authz.Array2DReply + 14, // 76: rafay.dev.rpc.authz.Authz.GetNamedGroupingPolicy:output_type -> rafay.dev.rpc.authz.Array2DReply + 14, // 77: rafay.dev.rpc.authz.Authz.GetFilteredGroupingPolicy:output_type -> rafay.dev.rpc.authz.Array2DReply + 14, // 78: rafay.dev.rpc.authz.Authz.GetFilteredNamedGroupingPolicy:output_type -> rafay.dev.rpc.authz.Array2DReply + 10, // 79: rafay.dev.rpc.authz.Authz.GetAllSubjects:output_type -> rafay.dev.rpc.authz.ArrayReply + 10, // 80: rafay.dev.rpc.authz.Authz.GetAllNamedSubjects:output_type -> rafay.dev.rpc.authz.ArrayReply + 10, // 81: rafay.dev.rpc.authz.Authz.GetAllObjects:output_type -> rafay.dev.rpc.authz.ArrayReply + 10, // 82: rafay.dev.rpc.authz.Authz.GetAllNamedObjects:output_type -> rafay.dev.rpc.authz.ArrayReply + 10, // 83: rafay.dev.rpc.authz.Authz.GetAllActions:output_type -> rafay.dev.rpc.authz.ArrayReply + 10, // 84: rafay.dev.rpc.authz.Authz.GetAllNamedActions:output_type -> rafay.dev.rpc.authz.ArrayReply + 10, // 85: rafay.dev.rpc.authz.Authz.GetAllRoles:output_type -> rafay.dev.rpc.authz.ArrayReply + 10, // 86: rafay.dev.rpc.authz.Authz.GetAllNamedRoles:output_type -> rafay.dev.rpc.authz.ArrayReply + 5, // 87: rafay.dev.rpc.authz.Authz.HasPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 88: rafay.dev.rpc.authz.Authz.HasNamedPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 89: rafay.dev.rpc.authz.Authz.HasGroupingPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 90: rafay.dev.rpc.authz.Authz.HasNamedGroupingPolicy:output_type -> rafay.dev.rpc.authz.BoolReply + 10, // 91: rafay.dev.rpc.authz.Authz.GetRolesForUser:output_type -> rafay.dev.rpc.authz.ArrayReply + 10, // 92: rafay.dev.rpc.authz.Authz.GetImplicitRolesForUser:output_type -> rafay.dev.rpc.authz.ArrayReply + 10, // 93: rafay.dev.rpc.authz.Authz.GetUsersForRole:output_type -> rafay.dev.rpc.authz.ArrayReply + 5, // 94: rafay.dev.rpc.authz.Authz.HasRoleForUser:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 95: rafay.dev.rpc.authz.Authz.AddRoleForUser:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 96: rafay.dev.rpc.authz.Authz.DeleteRoleForUser:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 97: rafay.dev.rpc.authz.Authz.DeleteRolesForUser:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 98: rafay.dev.rpc.authz.Authz.DeleteUser:output_type -> rafay.dev.rpc.authz.BoolReply + 7, // 99: rafay.dev.rpc.authz.Authz.DeleteRole:output_type -> rafay.dev.rpc.authz.EmptyReply + 14, // 100: rafay.dev.rpc.authz.Authz.GetPermissionsForUser:output_type -> rafay.dev.rpc.authz.Array2DReply + 14, // 101: rafay.dev.rpc.authz.Authz.GetImplicitPermissionsForUser:output_type -> rafay.dev.rpc.authz.Array2DReply + 5, // 102: rafay.dev.rpc.authz.Authz.DeletePermission:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 103: rafay.dev.rpc.authz.Authz.AddPermissionForUser:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 104: rafay.dev.rpc.authz.Authz.DeletePermissionForUser:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 105: rafay.dev.rpc.authz.Authz.DeletePermissionsForUser:output_type -> rafay.dev.rpc.authz.BoolReply + 5, // 106: rafay.dev.rpc.authz.Authz.HasPermissionForUser:output_type -> rafay.dev.rpc.authz.BoolReply + 54, // [54:107] is the sub-list for method output_type + 1, // [1:54] is the sub-list for method input_type + 1, // [1:1] is the sub-list for extension type_name + 1, // [1:1] is the sub-list for extension extendee + 0, // [0:1] is the sub-list for field type_name +} + +func init() { file_proto_rpc_authz_proto_init() } +func file_proto_rpc_authz_proto_init() { + if File_proto_rpc_authz_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_proto_rpc_authz_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NewEnforcerRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NewEnforcerReply); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NewAdapterRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NewAdapterReply); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*EnforceRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*BoolReply); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*EmptyRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*EmptyReply); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PolicyRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SimpleGetRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ArrayReply); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FilteredPolicyRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*UserRoleRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PermissionRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Array2DReply); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_rpc_authz_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Array2DReplyD); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_proto_rpc_authz_proto_rawDesc, + NumEnums: 0, + NumMessages: 16, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_proto_rpc_authz_proto_goTypes, + DependencyIndexes: file_proto_rpc_authz_proto_depIdxs, + MessageInfos: file_proto_rpc_authz_proto_msgTypes, + }.Build() + File_proto_rpc_authz_proto = out.File + file_proto_rpc_authz_proto_rawDesc = nil + file_proto_rpc_authz_proto_goTypes = nil + file_proto_rpc_authz_proto_depIdxs = nil +} diff --git a/components/authz/proto/rpc/authz.proto b/components/authz/proto/rpc/authz.proto new file mode 100644 index 0000000..5412ef2 --- /dev/null +++ b/components/authz/proto/rpc/authz.proto @@ -0,0 +1,146 @@ +syntax = "proto3"; + +package rafay.dev.rpc.authz; + +service Authz { + rpc NewEnforcer (NewEnforcerRequest) returns (NewEnforcerReply) {} + rpc NewAdapter (NewAdapterRequest) returns (NewAdapterReply) {} + + rpc Enforce (EnforceRequest) returns (BoolReply) {} + + rpc LoadPolicy (EmptyRequest) returns (EmptyReply) {} + rpc SavePolicy (EmptyRequest) returns (EmptyReply) {} + + rpc AddPolicy (PolicyRequest) returns (BoolReply) {} + rpc AddNamedPolicy (PolicyRequest) returns (BoolReply) {} + rpc RemovePolicy (PolicyRequest) returns (BoolReply) {} + rpc RemoveNamedPolicy (PolicyRequest) returns (BoolReply) {} + rpc RemoveFilteredPolicy (FilteredPolicyRequest) returns (BoolReply) {} + rpc RemoveFilteredNamedPolicy (FilteredPolicyRequest) returns (BoolReply) {} + rpc GetPolicy (EmptyRequest) returns (Array2DReply) {} + rpc GetNamedPolicy (PolicyRequest) returns (Array2DReply) {} + rpc GetFilteredPolicy (FilteredPolicyRequest) returns (Array2DReply) {} + rpc GetFilteredNamedPolicy (FilteredPolicyRequest) returns (Array2DReply) {} + + rpc AddGroupingPolicy (PolicyRequest) returns (BoolReply) {} + rpc AddNamedGroupingPolicy (PolicyRequest) returns (BoolReply) {} + rpc RemoveGroupingPolicy (PolicyRequest) returns (BoolReply) {} + rpc RemoveNamedGroupingPolicy (PolicyRequest) returns (BoolReply) {} + rpc RemoveFilteredGroupingPolicy (FilteredPolicyRequest) returns (BoolReply) {} + rpc RemoveFilteredNamedGroupingPolicy (FilteredPolicyRequest) returns (BoolReply) {} + rpc GetGroupingPolicy (EmptyRequest) returns (Array2DReply) {} + rpc GetNamedGroupingPolicy(PolicyRequest) returns (Array2DReply) {} + rpc GetFilteredGroupingPolicy (FilteredPolicyRequest) returns (Array2DReply) {} + rpc GetFilteredNamedGroupingPolicy (FilteredPolicyRequest) returns (Array2DReply) {} + + rpc GetAllSubjects (EmptyRequest) returns (ArrayReply) {} + rpc GetAllNamedSubjects (SimpleGetRequest) returns (ArrayReply) {} + rpc GetAllObjects (EmptyRequest) returns (ArrayReply) {} + rpc GetAllNamedObjects (SimpleGetRequest) returns (ArrayReply) {} + rpc GetAllActions (EmptyRequest) returns (ArrayReply) {} + rpc GetAllNamedActions (SimpleGetRequest) returns (ArrayReply) {} + rpc GetAllRoles (EmptyRequest) returns (ArrayReply) {} + rpc GetAllNamedRoles (SimpleGetRequest) returns (ArrayReply) {} + + rpc HasPolicy (PolicyRequest) returns (BoolReply) {} + rpc HasNamedPolicy (PolicyRequest) returns (BoolReply) {} + rpc HasGroupingPolicy (PolicyRequest) returns (BoolReply) {} + rpc HasNamedGroupingPolicy (PolicyRequest) returns (BoolReply) {} + + rpc GetRolesForUser (UserRoleRequest) returns (ArrayReply) {} + rpc GetImplicitRolesForUser (UserRoleRequest) returns (ArrayReply) {} + rpc GetUsersForRole (UserRoleRequest) returns (ArrayReply) {} + rpc HasRoleForUser (UserRoleRequest) returns (BoolReply) {} + rpc AddRoleForUser (UserRoleRequest) returns (BoolReply) {} + rpc DeleteRoleForUser (UserRoleRequest) returns (BoolReply) {} + rpc DeleteRolesForUser (UserRoleRequest) returns (BoolReply) {} + rpc DeleteUser (UserRoleRequest) returns (BoolReply) {} + rpc DeleteRole (UserRoleRequest) returns (EmptyReply) {} + + rpc GetPermissionsForUser (PermissionRequest) returns (Array2DReply) {} + rpc GetImplicitPermissionsForUser (PermissionRequest) returns (Array2DReply) {} + rpc DeletePermission (PermissionRequest) returns (BoolReply) {} + rpc AddPermissionForUser (PermissionRequest) returns (BoolReply) {} + rpc DeletePermissionForUser (PermissionRequest) returns (BoolReply) {} + rpc DeletePermissionsForUser (PermissionRequest) returns (BoolReply) {} + rpc HasPermissionForUser (PermissionRequest) returns (BoolReply) {} + +} + +message NewEnforcerRequest { + string modelText = 1; + int32 adapterHandle = 2; +} + +message NewEnforcerReply { + int32 handler = 1; +} + +message NewAdapterRequest { + string adapterName = 1; + string driverName = 2; + string connectString = 3; + bool dbSpecified = 4; +} + +message NewAdapterReply { + int32 handler = 1; +} + +message EnforceRequest { + int32 enforcerHandler = 1; + repeated string params = 2; +} + +message BoolReply { + bool res = 1; +} + +message EmptyRequest { + int32 handler = 1; +} + +message EmptyReply { +} + +message PolicyRequest { + int32 enforcerHandler = 1; + string pType = 2; + repeated string params = 3; +} + +message SimpleGetRequest { + int32 enforcerHandler = 1; + string pType = 2; +} + +message ArrayReply { + repeated string array = 1; +} + +message FilteredPolicyRequest { + int32 enforcerHandler = 1; + string pType = 2; + int32 fieldIndex = 3; + repeated string fieldValues = 4; +} + +message UserRoleRequest { + int32 enforcerHandler = 1; + string user = 2; + string role = 3; +} + +message PermissionRequest { + int32 enforcerHandler = 1; + string user = 2; + repeated string permissions = 3; +} + +message Array2DReply { + message d { + repeated string d1 = 1; + } + + repeated d d2 = 1; +} diff --git a/components/authz/proto/rpc/authz_grpc.pb.go b/components/authz/proto/rpc/authz_grpc.pb.go new file mode 100644 index 0000000..5065fbf --- /dev/null +++ b/components/authz/proto/rpc/authz_grpc.pb.go @@ -0,0 +1,1971 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. + +package rpc + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +// AuthzClient is the client API for Authz service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type AuthzClient interface { + NewEnforcer(ctx context.Context, in *NewEnforcerRequest, opts ...grpc.CallOption) (*NewEnforcerReply, error) + NewAdapter(ctx context.Context, in *NewAdapterRequest, opts ...grpc.CallOption) (*NewAdapterReply, error) + Enforce(ctx context.Context, in *EnforceRequest, opts ...grpc.CallOption) (*BoolReply, error) + LoadPolicy(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*EmptyReply, error) + SavePolicy(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*EmptyReply, error) + AddPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + AddNamedPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + RemovePolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + RemoveNamedPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + RemoveFilteredPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + RemoveFilteredNamedPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + GetPolicy(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*Array2DReply, error) + GetNamedPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) + GetFilteredPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) + GetFilteredNamedPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) + AddGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + AddNamedGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + RemoveGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + RemoveNamedGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + RemoveFilteredGroupingPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + RemoveFilteredNamedGroupingPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + GetGroupingPolicy(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*Array2DReply, error) + GetNamedGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) + GetFilteredGroupingPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) + GetFilteredNamedGroupingPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) + GetAllSubjects(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*ArrayReply, error) + GetAllNamedSubjects(ctx context.Context, in *SimpleGetRequest, opts ...grpc.CallOption) (*ArrayReply, error) + GetAllObjects(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*ArrayReply, error) + GetAllNamedObjects(ctx context.Context, in *SimpleGetRequest, opts ...grpc.CallOption) (*ArrayReply, error) + GetAllActions(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*ArrayReply, error) + GetAllNamedActions(ctx context.Context, in *SimpleGetRequest, opts ...grpc.CallOption) (*ArrayReply, error) + GetAllRoles(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*ArrayReply, error) + GetAllNamedRoles(ctx context.Context, in *SimpleGetRequest, opts ...grpc.CallOption) (*ArrayReply, error) + HasPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + HasNamedPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + HasGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + HasNamedGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) + GetRolesForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*ArrayReply, error) + GetImplicitRolesForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*ArrayReply, error) + GetUsersForRole(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*ArrayReply, error) + HasRoleForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) + AddRoleForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) + DeleteRoleForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) + DeleteRolesForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) + DeleteUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) + DeleteRole(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*EmptyReply, error) + GetPermissionsForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*Array2DReply, error) + GetImplicitPermissionsForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*Array2DReply, error) + DeletePermission(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) + AddPermissionForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) + DeletePermissionForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) + DeletePermissionsForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) + HasPermissionForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) +} + +type authzClient struct { + cc grpc.ClientConnInterface +} + +func NewAuthzClient(cc grpc.ClientConnInterface) AuthzClient { + return &authzClient{cc} +} + +func (c *authzClient) NewEnforcer(ctx context.Context, in *NewEnforcerRequest, opts ...grpc.CallOption) (*NewEnforcerReply, error) { + out := new(NewEnforcerReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/NewEnforcer", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) NewAdapter(ctx context.Context, in *NewAdapterRequest, opts ...grpc.CallOption) (*NewAdapterReply, error) { + out := new(NewAdapterReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/NewAdapter", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) Enforce(ctx context.Context, in *EnforceRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/Enforce", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) LoadPolicy(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*EmptyReply, error) { + out := new(EmptyReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/LoadPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) SavePolicy(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*EmptyReply, error) { + out := new(EmptyReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/SavePolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) AddPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/AddPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) AddNamedPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/AddNamedPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) RemovePolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/RemovePolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) RemoveNamedPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/RemoveNamedPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) RemoveFilteredPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/RemoveFilteredPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) RemoveFilteredNamedPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/RemoveFilteredNamedPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetPolicy(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetNamedPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetNamedPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetFilteredPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetFilteredPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetFilteredNamedPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetFilteredNamedPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) AddGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/AddGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) AddNamedGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/AddNamedGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) RemoveGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/RemoveGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) RemoveNamedGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/RemoveNamedGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) RemoveFilteredGroupingPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/RemoveFilteredGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) RemoveFilteredNamedGroupingPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/RemoveFilteredNamedGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetGroupingPolicy(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetNamedGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetNamedGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetFilteredGroupingPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetFilteredGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetFilteredNamedGroupingPolicy(ctx context.Context, in *FilteredPolicyRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetFilteredNamedGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetAllSubjects(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetAllSubjects", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetAllNamedSubjects(ctx context.Context, in *SimpleGetRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetAllNamedSubjects", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetAllObjects(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetAllObjects", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetAllNamedObjects(ctx context.Context, in *SimpleGetRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetAllNamedObjects", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetAllActions(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetAllActions", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetAllNamedActions(ctx context.Context, in *SimpleGetRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetAllNamedActions", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetAllRoles(ctx context.Context, in *EmptyRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetAllRoles", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetAllNamedRoles(ctx context.Context, in *SimpleGetRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetAllNamedRoles", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) HasPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/HasPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) HasNamedPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/HasNamedPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) HasGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/HasGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) HasNamedGroupingPolicy(ctx context.Context, in *PolicyRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/HasNamedGroupingPolicy", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetRolesForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetRolesForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetImplicitRolesForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetImplicitRolesForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetUsersForRole(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*ArrayReply, error) { + out := new(ArrayReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetUsersForRole", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) HasRoleForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/HasRoleForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) AddRoleForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/AddRoleForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeleteRoleForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/DeleteRoleForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeleteRolesForUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/DeleteRolesForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeleteUser(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/DeleteUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeleteRole(ctx context.Context, in *UserRoleRequest, opts ...grpc.CallOption) (*EmptyReply, error) { + out := new(EmptyReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/DeleteRole", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetPermissionsForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetPermissionsForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) GetImplicitPermissionsForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*Array2DReply, error) { + out := new(Array2DReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/GetImplicitPermissionsForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeletePermission(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/DeletePermission", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) AddPermissionForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/AddPermissionForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeletePermissionForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/DeletePermissionForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) DeletePermissionsForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/DeletePermissionsForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authzClient) HasPermissionForUser(ctx context.Context, in *PermissionRequest, opts ...grpc.CallOption) (*BoolReply, error) { + out := new(BoolReply) + err := c.cc.Invoke(ctx, "/rafay.dev.rpc.authz.Authz/HasPermissionForUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// AuthzServer is the server API for Authz service. +// All implementations should embed UnimplementedAuthzServer +// for forward compatibility +type AuthzServer interface { + NewEnforcer(context.Context, *NewEnforcerRequest) (*NewEnforcerReply, error) + NewAdapter(context.Context, *NewAdapterRequest) (*NewAdapterReply, error) + Enforce(context.Context, *EnforceRequest) (*BoolReply, error) + LoadPolicy(context.Context, *EmptyRequest) (*EmptyReply, error) + SavePolicy(context.Context, *EmptyRequest) (*EmptyReply, error) + AddPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + AddNamedPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + RemovePolicy(context.Context, *PolicyRequest) (*BoolReply, error) + RemoveNamedPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + RemoveFilteredPolicy(context.Context, *FilteredPolicyRequest) (*BoolReply, error) + RemoveFilteredNamedPolicy(context.Context, *FilteredPolicyRequest) (*BoolReply, error) + GetPolicy(context.Context, *EmptyRequest) (*Array2DReply, error) + GetNamedPolicy(context.Context, *PolicyRequest) (*Array2DReply, error) + GetFilteredPolicy(context.Context, *FilteredPolicyRequest) (*Array2DReply, error) + GetFilteredNamedPolicy(context.Context, *FilteredPolicyRequest) (*Array2DReply, error) + AddGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + AddNamedGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + RemoveGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + RemoveNamedGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + RemoveFilteredGroupingPolicy(context.Context, *FilteredPolicyRequest) (*BoolReply, error) + RemoveFilteredNamedGroupingPolicy(context.Context, *FilteredPolicyRequest) (*BoolReply, error) + GetGroupingPolicy(context.Context, *EmptyRequest) (*Array2DReply, error) + GetNamedGroupingPolicy(context.Context, *PolicyRequest) (*Array2DReply, error) + GetFilteredGroupingPolicy(context.Context, *FilteredPolicyRequest) (*Array2DReply, error) + GetFilteredNamedGroupingPolicy(context.Context, *FilteredPolicyRequest) (*Array2DReply, error) + GetAllSubjects(context.Context, *EmptyRequest) (*ArrayReply, error) + GetAllNamedSubjects(context.Context, *SimpleGetRequest) (*ArrayReply, error) + GetAllObjects(context.Context, *EmptyRequest) (*ArrayReply, error) + GetAllNamedObjects(context.Context, *SimpleGetRequest) (*ArrayReply, error) + GetAllActions(context.Context, *EmptyRequest) (*ArrayReply, error) + GetAllNamedActions(context.Context, *SimpleGetRequest) (*ArrayReply, error) + GetAllRoles(context.Context, *EmptyRequest) (*ArrayReply, error) + GetAllNamedRoles(context.Context, *SimpleGetRequest) (*ArrayReply, error) + HasPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + HasNamedPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + HasGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + HasNamedGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) + GetRolesForUser(context.Context, *UserRoleRequest) (*ArrayReply, error) + GetImplicitRolesForUser(context.Context, *UserRoleRequest) (*ArrayReply, error) + GetUsersForRole(context.Context, *UserRoleRequest) (*ArrayReply, error) + HasRoleForUser(context.Context, *UserRoleRequest) (*BoolReply, error) + AddRoleForUser(context.Context, *UserRoleRequest) (*BoolReply, error) + DeleteRoleForUser(context.Context, *UserRoleRequest) (*BoolReply, error) + DeleteRolesForUser(context.Context, *UserRoleRequest) (*BoolReply, error) + DeleteUser(context.Context, *UserRoleRequest) (*BoolReply, error) + DeleteRole(context.Context, *UserRoleRequest) (*EmptyReply, error) + GetPermissionsForUser(context.Context, *PermissionRequest) (*Array2DReply, error) + GetImplicitPermissionsForUser(context.Context, *PermissionRequest) (*Array2DReply, error) + DeletePermission(context.Context, *PermissionRequest) (*BoolReply, error) + AddPermissionForUser(context.Context, *PermissionRequest) (*BoolReply, error) + DeletePermissionForUser(context.Context, *PermissionRequest) (*BoolReply, error) + DeletePermissionsForUser(context.Context, *PermissionRequest) (*BoolReply, error) + HasPermissionForUser(context.Context, *PermissionRequest) (*BoolReply, error) +} + +// UnimplementedAuthzServer should be embedded to have forward compatible implementations. +type UnimplementedAuthzServer struct { +} + +func (UnimplementedAuthzServer) NewEnforcer(context.Context, *NewEnforcerRequest) (*NewEnforcerReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method NewEnforcer not implemented") +} +func (UnimplementedAuthzServer) NewAdapter(context.Context, *NewAdapterRequest) (*NewAdapterReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method NewAdapter not implemented") +} +func (UnimplementedAuthzServer) Enforce(context.Context, *EnforceRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method Enforce not implemented") +} +func (UnimplementedAuthzServer) LoadPolicy(context.Context, *EmptyRequest) (*EmptyReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method LoadPolicy not implemented") +} +func (UnimplementedAuthzServer) SavePolicy(context.Context, *EmptyRequest) (*EmptyReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method SavePolicy not implemented") +} +func (UnimplementedAuthzServer) AddPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method AddPolicy not implemented") +} +func (UnimplementedAuthzServer) AddNamedPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method AddNamedPolicy not implemented") +} +func (UnimplementedAuthzServer) RemovePolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemovePolicy not implemented") +} +func (UnimplementedAuthzServer) RemoveNamedPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemoveNamedPolicy not implemented") +} +func (UnimplementedAuthzServer) RemoveFilteredPolicy(context.Context, *FilteredPolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemoveFilteredPolicy not implemented") +} +func (UnimplementedAuthzServer) RemoveFilteredNamedPolicy(context.Context, *FilteredPolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemoveFilteredNamedPolicy not implemented") +} +func (UnimplementedAuthzServer) GetPolicy(context.Context, *EmptyRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetPolicy not implemented") +} +func (UnimplementedAuthzServer) GetNamedPolicy(context.Context, *PolicyRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetNamedPolicy not implemented") +} +func (UnimplementedAuthzServer) GetFilteredPolicy(context.Context, *FilteredPolicyRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetFilteredPolicy not implemented") +} +func (UnimplementedAuthzServer) GetFilteredNamedPolicy(context.Context, *FilteredPolicyRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetFilteredNamedPolicy not implemented") +} +func (UnimplementedAuthzServer) AddGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method AddGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) AddNamedGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method AddNamedGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) RemoveGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemoveGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) RemoveNamedGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemoveNamedGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) RemoveFilteredGroupingPolicy(context.Context, *FilteredPolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemoveFilteredGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) RemoveFilteredNamedGroupingPolicy(context.Context, *FilteredPolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemoveFilteredNamedGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) GetGroupingPolicy(context.Context, *EmptyRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) GetNamedGroupingPolicy(context.Context, *PolicyRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetNamedGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) GetFilteredGroupingPolicy(context.Context, *FilteredPolicyRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetFilteredGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) GetFilteredNamedGroupingPolicy(context.Context, *FilteredPolicyRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetFilteredNamedGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) GetAllSubjects(context.Context, *EmptyRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetAllSubjects not implemented") +} +func (UnimplementedAuthzServer) GetAllNamedSubjects(context.Context, *SimpleGetRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetAllNamedSubjects not implemented") +} +func (UnimplementedAuthzServer) GetAllObjects(context.Context, *EmptyRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetAllObjects not implemented") +} +func (UnimplementedAuthzServer) GetAllNamedObjects(context.Context, *SimpleGetRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetAllNamedObjects not implemented") +} +func (UnimplementedAuthzServer) GetAllActions(context.Context, *EmptyRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetAllActions not implemented") +} +func (UnimplementedAuthzServer) GetAllNamedActions(context.Context, *SimpleGetRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetAllNamedActions not implemented") +} +func (UnimplementedAuthzServer) GetAllRoles(context.Context, *EmptyRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetAllRoles not implemented") +} +func (UnimplementedAuthzServer) GetAllNamedRoles(context.Context, *SimpleGetRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetAllNamedRoles not implemented") +} +func (UnimplementedAuthzServer) HasPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method HasPolicy not implemented") +} +func (UnimplementedAuthzServer) HasNamedPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method HasNamedPolicy not implemented") +} +func (UnimplementedAuthzServer) HasGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method HasGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) HasNamedGroupingPolicy(context.Context, *PolicyRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method HasNamedGroupingPolicy not implemented") +} +func (UnimplementedAuthzServer) GetRolesForUser(context.Context, *UserRoleRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetRolesForUser not implemented") +} +func (UnimplementedAuthzServer) GetImplicitRolesForUser(context.Context, *UserRoleRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetImplicitRolesForUser not implemented") +} +func (UnimplementedAuthzServer) GetUsersForRole(context.Context, *UserRoleRequest) (*ArrayReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetUsersForRole not implemented") +} +func (UnimplementedAuthzServer) HasRoleForUser(context.Context, *UserRoleRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method HasRoleForUser not implemented") +} +func (UnimplementedAuthzServer) AddRoleForUser(context.Context, *UserRoleRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method AddRoleForUser not implemented") +} +func (UnimplementedAuthzServer) DeleteRoleForUser(context.Context, *UserRoleRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteRoleForUser not implemented") +} +func (UnimplementedAuthzServer) DeleteRolesForUser(context.Context, *UserRoleRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteRolesForUser not implemented") +} +func (UnimplementedAuthzServer) DeleteUser(context.Context, *UserRoleRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteUser not implemented") +} +func (UnimplementedAuthzServer) DeleteRole(context.Context, *UserRoleRequest) (*EmptyReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteRole not implemented") +} +func (UnimplementedAuthzServer) GetPermissionsForUser(context.Context, *PermissionRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetPermissionsForUser not implemented") +} +func (UnimplementedAuthzServer) GetImplicitPermissionsForUser(context.Context, *PermissionRequest) (*Array2DReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetImplicitPermissionsForUser not implemented") +} +func (UnimplementedAuthzServer) DeletePermission(context.Context, *PermissionRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeletePermission not implemented") +} +func (UnimplementedAuthzServer) AddPermissionForUser(context.Context, *PermissionRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method AddPermissionForUser not implemented") +} +func (UnimplementedAuthzServer) DeletePermissionForUser(context.Context, *PermissionRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeletePermissionForUser not implemented") +} +func (UnimplementedAuthzServer) DeletePermissionsForUser(context.Context, *PermissionRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeletePermissionsForUser not implemented") +} +func (UnimplementedAuthzServer) HasPermissionForUser(context.Context, *PermissionRequest) (*BoolReply, error) { + return nil, status.Errorf(codes.Unimplemented, "method HasPermissionForUser not implemented") +} + +// UnsafeAuthzServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to AuthzServer will +// result in compilation errors. +type UnsafeAuthzServer interface { + mustEmbedUnimplementedAuthzServer() +} + +func RegisterAuthzServer(s grpc.ServiceRegistrar, srv AuthzServer) { + s.RegisterService(&Authz_ServiceDesc, srv) +} + +func _Authz_NewEnforcer_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(NewEnforcerRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).NewEnforcer(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/NewEnforcer", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).NewEnforcer(ctx, req.(*NewEnforcerRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_NewAdapter_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(NewAdapterRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).NewAdapter(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/NewAdapter", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).NewAdapter(ctx, req.(*NewAdapterRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_Enforce_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EnforceRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).Enforce(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/Enforce", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).Enforce(ctx, req.(*EnforceRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_LoadPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EmptyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).LoadPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/LoadPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).LoadPolicy(ctx, req.(*EmptyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_SavePolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EmptyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).SavePolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/SavePolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).SavePolicy(ctx, req.(*EmptyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_AddPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).AddPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/AddPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).AddPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_AddNamedPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).AddNamedPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/AddNamedPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).AddNamedPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_RemovePolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).RemovePolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/RemovePolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).RemovePolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_RemoveNamedPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).RemoveNamedPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/RemoveNamedPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).RemoveNamedPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_RemoveFilteredPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FilteredPolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).RemoveFilteredPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/RemoveFilteredPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).RemoveFilteredPolicy(ctx, req.(*FilteredPolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_RemoveFilteredNamedPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FilteredPolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).RemoveFilteredNamedPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/RemoveFilteredNamedPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).RemoveFilteredNamedPolicy(ctx, req.(*FilteredPolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EmptyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetPolicy(ctx, req.(*EmptyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetNamedPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetNamedPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetNamedPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetNamedPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetFilteredPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FilteredPolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetFilteredPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetFilteredPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetFilteredPolicy(ctx, req.(*FilteredPolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetFilteredNamedPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FilteredPolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetFilteredNamedPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetFilteredNamedPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetFilteredNamedPolicy(ctx, req.(*FilteredPolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_AddGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).AddGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/AddGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).AddGroupingPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_AddNamedGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).AddNamedGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/AddNamedGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).AddNamedGroupingPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_RemoveGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).RemoveGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/RemoveGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).RemoveGroupingPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_RemoveNamedGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).RemoveNamedGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/RemoveNamedGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).RemoveNamedGroupingPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_RemoveFilteredGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FilteredPolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).RemoveFilteredGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/RemoveFilteredGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).RemoveFilteredGroupingPolicy(ctx, req.(*FilteredPolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_RemoveFilteredNamedGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FilteredPolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).RemoveFilteredNamedGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/RemoveFilteredNamedGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).RemoveFilteredNamedGroupingPolicy(ctx, req.(*FilteredPolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EmptyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetGroupingPolicy(ctx, req.(*EmptyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetNamedGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetNamedGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetNamedGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetNamedGroupingPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetFilteredGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FilteredPolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetFilteredGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetFilteredGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetFilteredGroupingPolicy(ctx, req.(*FilteredPolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetFilteredNamedGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FilteredPolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetFilteredNamedGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetFilteredNamedGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetFilteredNamedGroupingPolicy(ctx, req.(*FilteredPolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetAllSubjects_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EmptyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetAllSubjects(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetAllSubjects", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetAllSubjects(ctx, req.(*EmptyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetAllNamedSubjects_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(SimpleGetRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetAllNamedSubjects(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetAllNamedSubjects", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetAllNamedSubjects(ctx, req.(*SimpleGetRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetAllObjects_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EmptyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetAllObjects(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetAllObjects", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetAllObjects(ctx, req.(*EmptyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetAllNamedObjects_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(SimpleGetRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetAllNamedObjects(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetAllNamedObjects", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetAllNamedObjects(ctx, req.(*SimpleGetRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetAllActions_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EmptyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetAllActions(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetAllActions", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetAllActions(ctx, req.(*EmptyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetAllNamedActions_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(SimpleGetRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetAllNamedActions(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetAllNamedActions", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetAllNamedActions(ctx, req.(*SimpleGetRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetAllRoles_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EmptyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetAllRoles(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetAllRoles", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetAllRoles(ctx, req.(*EmptyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetAllNamedRoles_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(SimpleGetRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetAllNamedRoles(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetAllNamedRoles", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetAllNamedRoles(ctx, req.(*SimpleGetRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_HasPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).HasPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/HasPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).HasPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_HasNamedPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).HasNamedPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/HasNamedPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).HasNamedPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_HasGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).HasGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/HasGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).HasGroupingPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_HasNamedGroupingPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).HasNamedGroupingPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/HasNamedGroupingPolicy", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).HasNamedGroupingPolicy(ctx, req.(*PolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetRolesForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRoleRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetRolesForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetRolesForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetRolesForUser(ctx, req.(*UserRoleRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetImplicitRolesForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRoleRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetImplicitRolesForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetImplicitRolesForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetImplicitRolesForUser(ctx, req.(*UserRoleRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetUsersForRole_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRoleRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetUsersForRole(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetUsersForRole", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetUsersForRole(ctx, req.(*UserRoleRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_HasRoleForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRoleRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).HasRoleForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/HasRoleForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).HasRoleForUser(ctx, req.(*UserRoleRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_AddRoleForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRoleRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).AddRoleForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/AddRoleForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).AddRoleForUser(ctx, req.(*UserRoleRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeleteRoleForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRoleRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeleteRoleForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/DeleteRoleForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeleteRoleForUser(ctx, req.(*UserRoleRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeleteRolesForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRoleRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeleteRolesForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/DeleteRolesForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeleteRolesForUser(ctx, req.(*UserRoleRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeleteUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRoleRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeleteUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/DeleteUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeleteUser(ctx, req.(*UserRoleRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeleteRole_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRoleRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeleteRole(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/DeleteRole", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeleteRole(ctx, req.(*UserRoleRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetPermissionsForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PermissionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetPermissionsForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetPermissionsForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetPermissionsForUser(ctx, req.(*PermissionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_GetImplicitPermissionsForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PermissionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).GetImplicitPermissionsForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/GetImplicitPermissionsForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).GetImplicitPermissionsForUser(ctx, req.(*PermissionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeletePermission_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PermissionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeletePermission(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/DeletePermission", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeletePermission(ctx, req.(*PermissionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_AddPermissionForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PermissionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).AddPermissionForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/AddPermissionForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).AddPermissionForUser(ctx, req.(*PermissionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeletePermissionForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PermissionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeletePermissionForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/DeletePermissionForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeletePermissionForUser(ctx, req.(*PermissionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_DeletePermissionsForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PermissionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).DeletePermissionsForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/DeletePermissionsForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).DeletePermissionsForUser(ctx, req.(*PermissionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Authz_HasPermissionForUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PermissionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthzServer).HasPermissionForUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/rafay.dev.rpc.authz.Authz/HasPermissionForUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthzServer).HasPermissionForUser(ctx, req.(*PermissionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// Authz_ServiceDesc is the grpc.ServiceDesc for Authz service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var Authz_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "rafay.dev.rpc.authz.Authz", + HandlerType: (*AuthzServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "NewEnforcer", + Handler: _Authz_NewEnforcer_Handler, + }, + { + MethodName: "NewAdapter", + Handler: _Authz_NewAdapter_Handler, + }, + { + MethodName: "Enforce", + Handler: _Authz_Enforce_Handler, + }, + { + MethodName: "LoadPolicy", + Handler: _Authz_LoadPolicy_Handler, + }, + { + MethodName: "SavePolicy", + Handler: _Authz_SavePolicy_Handler, + }, + { + MethodName: "AddPolicy", + Handler: _Authz_AddPolicy_Handler, + }, + { + MethodName: "AddNamedPolicy", + Handler: _Authz_AddNamedPolicy_Handler, + }, + { + MethodName: "RemovePolicy", + Handler: _Authz_RemovePolicy_Handler, + }, + { + MethodName: "RemoveNamedPolicy", + Handler: _Authz_RemoveNamedPolicy_Handler, + }, + { + MethodName: "RemoveFilteredPolicy", + Handler: _Authz_RemoveFilteredPolicy_Handler, + }, + { + MethodName: "RemoveFilteredNamedPolicy", + Handler: _Authz_RemoveFilteredNamedPolicy_Handler, + }, + { + MethodName: "GetPolicy", + Handler: _Authz_GetPolicy_Handler, + }, + { + MethodName: "GetNamedPolicy", + Handler: _Authz_GetNamedPolicy_Handler, + }, + { + MethodName: "GetFilteredPolicy", + Handler: _Authz_GetFilteredPolicy_Handler, + }, + { + MethodName: "GetFilteredNamedPolicy", + Handler: _Authz_GetFilteredNamedPolicy_Handler, + }, + { + MethodName: "AddGroupingPolicy", + Handler: _Authz_AddGroupingPolicy_Handler, + }, + { + MethodName: "AddNamedGroupingPolicy", + Handler: _Authz_AddNamedGroupingPolicy_Handler, + }, + { + MethodName: "RemoveGroupingPolicy", + Handler: _Authz_RemoveGroupingPolicy_Handler, + }, + { + MethodName: "RemoveNamedGroupingPolicy", + Handler: _Authz_RemoveNamedGroupingPolicy_Handler, + }, + { + MethodName: "RemoveFilteredGroupingPolicy", + Handler: _Authz_RemoveFilteredGroupingPolicy_Handler, + }, + { + MethodName: "RemoveFilteredNamedGroupingPolicy", + Handler: _Authz_RemoveFilteredNamedGroupingPolicy_Handler, + }, + { + MethodName: "GetGroupingPolicy", + Handler: _Authz_GetGroupingPolicy_Handler, + }, + { + MethodName: "GetNamedGroupingPolicy", + Handler: _Authz_GetNamedGroupingPolicy_Handler, + }, + { + MethodName: "GetFilteredGroupingPolicy", + Handler: _Authz_GetFilteredGroupingPolicy_Handler, + }, + { + MethodName: "GetFilteredNamedGroupingPolicy", + Handler: _Authz_GetFilteredNamedGroupingPolicy_Handler, + }, + { + MethodName: "GetAllSubjects", + Handler: _Authz_GetAllSubjects_Handler, + }, + { + MethodName: "GetAllNamedSubjects", + Handler: _Authz_GetAllNamedSubjects_Handler, + }, + { + MethodName: "GetAllObjects", + Handler: _Authz_GetAllObjects_Handler, + }, + { + MethodName: "GetAllNamedObjects", + Handler: _Authz_GetAllNamedObjects_Handler, + }, + { + MethodName: "GetAllActions", + Handler: _Authz_GetAllActions_Handler, + }, + { + MethodName: "GetAllNamedActions", + Handler: _Authz_GetAllNamedActions_Handler, + }, + { + MethodName: "GetAllRoles", + Handler: _Authz_GetAllRoles_Handler, + }, + { + MethodName: "GetAllNamedRoles", + Handler: _Authz_GetAllNamedRoles_Handler, + }, + { + MethodName: "HasPolicy", + Handler: _Authz_HasPolicy_Handler, + }, + { + MethodName: "HasNamedPolicy", + Handler: _Authz_HasNamedPolicy_Handler, + }, + { + MethodName: "HasGroupingPolicy", + Handler: _Authz_HasGroupingPolicy_Handler, + }, + { + MethodName: "HasNamedGroupingPolicy", + Handler: _Authz_HasNamedGroupingPolicy_Handler, + }, + { + MethodName: "GetRolesForUser", + Handler: _Authz_GetRolesForUser_Handler, + }, + { + MethodName: "GetImplicitRolesForUser", + Handler: _Authz_GetImplicitRolesForUser_Handler, + }, + { + MethodName: "GetUsersForRole", + Handler: _Authz_GetUsersForRole_Handler, + }, + { + MethodName: "HasRoleForUser", + Handler: _Authz_HasRoleForUser_Handler, + }, + { + MethodName: "AddRoleForUser", + Handler: _Authz_AddRoleForUser_Handler, + }, + { + MethodName: "DeleteRoleForUser", + Handler: _Authz_DeleteRoleForUser_Handler, + }, + { + MethodName: "DeleteRolesForUser", + Handler: _Authz_DeleteRolesForUser_Handler, + }, + { + MethodName: "DeleteUser", + Handler: _Authz_DeleteUser_Handler, + }, + { + MethodName: "DeleteRole", + Handler: _Authz_DeleteRole_Handler, + }, + { + MethodName: "GetPermissionsForUser", + Handler: _Authz_GetPermissionsForUser_Handler, + }, + { + MethodName: "GetImplicitPermissionsForUser", + Handler: _Authz_GetImplicitPermissionsForUser_Handler, + }, + { + MethodName: "DeletePermission", + Handler: _Authz_DeletePermission_Handler, + }, + { + MethodName: "AddPermissionForUser", + Handler: _Authz_AddPermissionForUser_Handler, + }, + { + MethodName: "DeletePermissionForUser", + Handler: _Authz_DeletePermissionForUser_Handler, + }, + { + MethodName: "DeletePermissionsForUser", + Handler: _Authz_DeletePermissionsForUser_Handler, + }, + { + MethodName: "HasPermissionForUser", + Handler: _Authz_HasPermissionForUser_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "proto/rpc/authz.proto", +}