Skip to content

chore: update resource-mapping and subject-mapping proto examples #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jrschumacher merged 3 commits into from
Jan 19, 2024
Merged

chore: update resource-mapping and subject-mapping proto examples #47

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
658e200
chore: update resource-mapping proto examples
jrschumacher Jan 18, 2024
7912ad3
Update description
jrschumacher Jan 19, 2024
dd2dffa
Remove resource selector
jrschumacher Jan 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 1 addition & 4 deletions proto/keyaccessgrants/key_access_grants.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ syntax = "proto3";

package keyaccessgrants;

import "attributes/attributes.proto";
import "buf/validate/validate.proto";
import "common/common.proto";
import "google/api/annotations.proto";
Expand Down Expand Up @@ -36,9 +35,7 @@ message GetKeyAccessGrantResponse {
KeyAccessGrants grants = 1;
}

message ListKeyAccessGrantsRequest {
common.ResourceSelector selector = 1;
}
message ListKeyAccessGrantsRequest {}
message ListKeyAccessGrantsResponse {
repeated KeyAccessGrants grants = 1;
}
Expand Down
189 changes: 40 additions & 149 deletions proto/resourcemapping/resource_mapping.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,28 +2,48 @@ syntax = "proto3";

package resourcemapping;

import "attributes/attributes.proto";
import "buf/validate/validate.proto";
import "common/common.proto";
import "google/api/annotations.proto";

/*
Access Control Resource Encodings (ACRE). Structures supporting Resources and Attributes mappings
# Resource Mappings (aka Access Control Resource Encodings aka ACRE): Structures supporting Resources and Attributes mappings

*/
## Examples

/*
Map one or more domain specific terms (synonyms) to an attribute value by reference.
### Where

attributeId is an id of the following attribute

FQN: http://demo.com/attr/Classification/value/Confidential
UUID: 12345678-1234-1234-1234-123456789012

### Request

Example:
attributeValueRef: ref http://demo.com/attr/Classification/value/Confidential
synonymRef:
terms: ["CONFIDENTIAL", "CONTROLLED UNCLASSIFIED", "OFFICIAL-SENSITIVE", "CUI", "C"]
grpcurl -plaintext -d @ localhost:9000 resourcemapping.ResourceMappingService/CreateResourceMapping <<EOM
{
"mapping": {
"name": "Classification",
"attribute_value_id": "12345678-1234-1234-1234-123456789012",
"terms": ["CONFIDENTIAL", "CONTROLLED UNCLASSIFIED", "OFFICIAL-SENSITIVE", "CUI", "C"]
}
}
EOM

Example 2:
attributeValueRef: ref to http://demo.com/attr/Classification/Confidential
synonymRef:
terms: ["OFFICIAL-SENSITIVE"]
### Response

{
"mapping": {
"metadata": {
"id": "12345678-1234-1234-1234-123456789012",
"created_at": "2020-01-01T00:00:00Z",
"updated_at": "2020-01-01T00:00:00Z"
},
"name": "Classification",
"attribute_value_id": "12345678-1234-1234-1234-123456789012",
"terms": ["CONFIDENTIAL", "CONTROLLED UNCLASSIFIED", "OFFICIAL-SENSITIVE", "CUI", "C"]
}
}

*/
message ResourceMapping {
Expand All @@ -40,16 +60,14 @@ message ResourceMapping {
Resource Mappings
*/

message ListResourceMappingsRequest {
common.ResourceSelector selector = 1;
}
message ListResourceMappingsRequest {}

message ListResourceMappingsResponse {
repeated ResourceMapping mappings = 1;
}

message GetResourceMappingRequest {
int32 id = 1 [(buf.validate.field).required = true];
string id = 1 [(buf.validate.field).required = true];
}

message GetResourceMappingResponse {
Expand All @@ -72,159 +90,32 @@ message DeleteResourceMappingRequest {
}
message DeleteResourceMappingResponse {}

/*
Synonyms
*/

message ListResourceSynonymsRequest {
common.ResourceSelector selector = 1;
}

message ListResourceSynonymsResponse {
repeated Synonyms synonyms = 1;
}

message GetResourceSynonymRequest {
int32 id = 1 [(buf.validate.field).required = true];
}

message GetResourceSynonymResponse {
Synonyms synonym = 1;
}

message CreateResourceSynonymRequest {
Synonyms synonym = 1 [(buf.validate.field).required = true];
}
message CreateResourceSynonymResponse {}

message UpdateResourceSynonymRequest {
int32 id = 1 [(buf.validate.field).required = true];
Synonyms synonym = 2 [(buf.validate.field).required = true];
}
message UpdateResourceSynonymResponse {}

message DeleteResourceSynonymRequest {
int32 id = 1 [(buf.validate.field).required = true];
}
message DeleteResourceSynonymResponse {}

/*
Resource Groups
*/
message ListResourceGroupsRequest {
common.ResourceSelector selector = 1;
}

message ListResourceGroupsResponse {
repeated ResourceGroup groups = 1;
}

message GetResourceGroupRequest {
int32 id = 1 [(buf.validate.field).required = true];
}

message GetResourceGroupResponse {
ResourceGroup group = 1;
}

message CreateResourceGroupRequest {
ResourceGroup group = 1 [(buf.validate.field).required = true];
}
message CreateResourceGroupResponse {}

message UpdateResourceGroupRequest {
int32 id = 1 [(buf.validate.field).required = true];
ResourceGroup group = 2 [(buf.validate.field).required = true];
}
message UpdateResourceGroupResponse {}

message DeleteResourceGroupRequest {
int32 id = 1 [(buf.validate.field).required = true];
}
message DeleteResourceGroupResponse {}

service ResourceEncodingService {
/*
Resource Mappings
*/
rpc ListResourceMappings(ListResourceMappingsRequest) returns (ListResourceMappingsResponse) {
option (google.api.http) = {get: "/v1/encoding/resource/mappings"};
option (google.api.http) = {get: "/resource-mappings"};
}
rpc GetResourceMapping(GetResourceMappingRequest) returns (GetResourceMappingResponse) {
option (google.api.http) = {get: "/v1/encoding/resource/mappings/{id}"};
option (google.api.http) = {get: "/resource-mappings/{id}"};
}

rpc CreateResourceMapping(CreateResourceMappingRequest) returns (CreateResourceMappingResponse) {
option (google.api.http) = {
post: "/v1/encoding/resource/mappings"
post: "/resource-mappings"
body: "mapping"
};
}

rpc UpdateResourceMapping(UpdateResourceMappingRequest) returns (UpdateResourceMappingResponse) {
option (google.api.http) = {
post: "/v1/encoding/resource/mappings/{id}"
post: "/resource-mappings/{id}"
body: "mapping"
};
}

rpc DeleteResourceMapping(DeleteResourceMappingRequest) returns (DeleteResourceMappingResponse) {
option (google.api.http) = {delete: "/v1/encoding/resource/mappings/{id}"};
}

/*
Synonyms
*/
rpc ListResourceSynonyms(ListResourceSynonymsRequest) returns (ListResourceSynonymsResponse) {
option (google.api.http) = {get: "/v1/encoding/resource/synonyms"};
}
rpc GetResourceSynonym(GetResourceSynonymRequest) returns (GetResourceSynonymResponse) {
option (google.api.http) = {get: "/v1/encoding/resource/synonyms/{id}"};
}

rpc CreateResourceSynonym(CreateResourceSynonymRequest) returns (CreateResourceSynonymResponse) {
option (google.api.http) = {
post: "/v1/encoding/resource/synonyms"
body: "synonym"
};
}

rpc UpdateResourceSynonym(UpdateResourceSynonymRequest) returns (UpdateResourceSynonymResponse) {
option (google.api.http) = {
post: "/v1/encoding/resource/synonyms/{id}"
body: "synonym"
};
}

rpc DeleteResourceSynonym(DeleteResourceSynonymRequest) returns (DeleteResourceSynonymResponse) {
option (google.api.http) = {delete: "/v1/encoding/resource/synonyms/{id}"};
}

/*
Resource Groups
*/
rpc ListResourceGroups(ListResourceGroupsRequest) returns (ListResourceGroupsResponse) {
option (google.api.http) = {get: "/v1/encoding/resource/groups"};
}
rpc GetResourceGroup(GetResourceGroupRequest) returns (GetResourceGroupResponse) {
option (google.api.http) = {get: "/v1/encoding/resource/groups/{id}"};
}

rpc CreateResourceGroup(CreateResourceGroupRequest) returns (CreateResourceGroupResponse) {
option (google.api.http) = {
post: "/v1/encoding/resource/groups"
body: "group"
};
}

rpc UpdateResourceGroup(UpdateResourceGroupRequest) returns (UpdateResourceGroupResponse) {
option (google.api.http) = {
post: "/v1/encoding/resource/groups/{id}"
body: "group"
};
}

rpc DeleteResourceGroup(DeleteResourceGroupRequest) returns (DeleteResourceGroupResponse) {
option (google.api.http) = {delete: "/v1/encoding/resource/groups/{id}"};
option (google.api.http) = {delete: "/resource-mappings/{id}"};
}
}
Loading