@authzed/authzed-node
Version:
authzed client for nodejs
410 lines (409 loc) • 18.9 kB
TypeScript
import { ServiceType } from "@protobuf-ts/runtime-rpc";
import type { BinaryWriteOptions } from "@protobuf-ts/runtime";
import type { IBinaryWriter } from "@protobuf-ts/runtime";
import type { BinaryReadOptions } from "@protobuf-ts/runtime";
import type { IBinaryReader } from "@protobuf-ts/runtime";
import type { PartialMessage } from "@protobuf-ts/runtime";
import { MessageType } from "@protobuf-ts/runtime";
import { ZedToken } from "../../v1/core.js";
/**
* @generated from protobuf message authzed.api.materialize.v0.WatchPermissionSetsRequest
*/
export interface WatchPermissionSetsRequest {
/**
* optional_starting_after is used to specify the SpiceDB revision to start watching from.
* If not specified, the watch will start from the current SpiceDB revision time of the request ("head revision").
*
* @generated from protobuf field: authzed.api.v1.ZedToken optional_starting_after = 1;
*/
optionalStartingAfter?: ZedToken;
}
/**
* @generated from protobuf message authzed.api.materialize.v0.WatchPermissionSetsResponse
*/
export interface WatchPermissionSetsResponse {
/**
* @generated from protobuf oneof: response
*/
response: {
oneofKind: "change";
/**
* change is the permission set delta that has occurred as result of a mutation in origin SpiceDB.
* The consumer should apply this change to the current state of the permission sets in their target system.
* Once an event arrives with completed_revision instead, the consumer shall consider the set of
* changes originating from that revision completed.
*
* The consumer should keep track of the revision in order to resume streaming in the event of consumer restarts.
*
* @generated from protobuf field: authzed.api.materialize.v0.PermissionSetChange change = 1;
*/
change: PermissionSetChange;
} | {
oneofKind: "completedRevision";
/**
* completed_revision is the revision token that indicates the completion of a set of changes. It may also be
* received without accompanying set of changes, indicating that a mutation in the origin SpiceDB cluster did
* not yield any effective changes in the permission sets
*
* @generated from protobuf field: authzed.api.v1.ZedToken completed_revision = 2;
*/
completedRevision: ZedToken;
} | {
oneofKind: "lookupPermissionSetsRequired";
/**
* lookup_permission_sets_required is a signal that the consumer should perform a LookupPermissionSets call because
* the permission set snapshot needs to be rebuilt from scratch. This typically happens when the origin SpiceDB
* cluster has seen its schema changed.
*
* @generated from protobuf field: authzed.api.materialize.v0.LookupPermissionSetsRequired lookup_permission_sets_required = 3;
*/
lookupPermissionSetsRequired: LookupPermissionSetsRequired;
} | {
oneofKind: "breakingSchemaChange";
/**
* breaking_schema_change is a signal that a breaking schema change has been written to the origin SpiceDB cluster,
* and that the consumer should expect delays in the ingestion of new changes,
* because the permission set snapshot needs to be rebuilt from scratch. Once the snapshot is ready, the consumer
* will receive a LookupPermissionSetsRequired event.
*
* @generated from protobuf field: authzed.api.materialize.v0.BreakingSchemaChange breaking_schema_change = 4;
*/
breakingSchemaChange: BreakingSchemaChange;
} | {
oneofKind: undefined;
};
}
/**
* @generated from protobuf message authzed.api.materialize.v0.Cursor
*/
export interface Cursor {
/**
* limit is the number of permission sets to stream over a single LookupPermissionSets call that was requested.
*
* @generated from protobuf field: uint32 limit = 1;
*/
limit: number;
/**
* token is the snapshot revision at which the cursor was computed.
*
* @generated from protobuf field: authzed.api.v1.ZedToken token = 4;
*/
token?: ZedToken;
/**
* starting_index is an offset of the permission set represented by this cursor
*
* @generated from protobuf field: uint32 starting_index = 5;
*/
startingIndex: number;
/**
* completed_members is a boolean flag that indicates that the cursor has reached the end of the permission sets
*
* @generated from protobuf field: bool completed_members = 6;
*/
completedMembers: boolean;
/**
* starting_key is a string cursor used by some backends to resume the stream from a specific point.
*
* @generated from protobuf field: string starting_key = 7;
*/
startingKey: string;
/**
* cursor is a string-encoded internal materialize cursor.
*
* @generated from protobuf field: string cursor = 8;
*/
cursor: string;
}
/**
* @generated from protobuf message authzed.api.materialize.v0.LookupPermissionSetsRequest
*/
export interface LookupPermissionSetsRequest {
/**
* limit is the number of permission sets to stream over a single LookupPermissionSets. Once the limit is reached,
* the server will close the stream. If more permission sets are available, the consume should open a new stream
* providing optional_starting_after_cursor, using the cursor from the last response.
*
* @generated from protobuf field: uint32 limit = 1;
*/
limit: number;
/**
* optional_at_revision specifies the client is requesting to lookup PermissionSets at a specific revision. It's
* optional, and if not provided, PermissionSets will be looked up at the current revision. The cursor always
* takes precedence in defining the revision when present.
*
* @generated from protobuf field: authzed.api.v1.ZedToken optional_at_revision = 2;
*/
optionalAtRevision?: ZedToken;
/**
* optional_starting_after_cursor is used to specify the offset to start streaming permission sets from.
*
* @generated from protobuf field: authzed.api.materialize.v0.Cursor optional_starting_after_cursor = 4;
*/
optionalStartingAfterCursor?: Cursor;
}
/**
* @generated from protobuf message authzed.api.materialize.v0.LookupPermissionSetsResponse
*/
export interface LookupPermissionSetsResponse {
/**
* change represents the permission set delta necessary to transition an uninitialized target system to
* a specific snapshot revision. In practice it's not different from the WatchPermissionSetsResponse.change, except
* all changes will be of time SET_OPERATION_ADDED because it's assumed there is no known previous state.
*
* Applying the deltas to a previously initialized target system would yield incorrect results.
*
* @generated from protobuf field: authzed.api.materialize.v0.PermissionSetChange change = 1;
*/
change?: PermissionSetChange;
/**
* cursor points to a specific permission set in a revision.
* The consumer should keep track of the cursor in order to resume streaming in the event of consumer restarts. This
* is particularly important in backfill scenarios that may take hours or event days to complete.
*
* @generated from protobuf field: authzed.api.materialize.v0.Cursor cursor = 2;
*/
cursor?: Cursor;
}
/**
* @generated from protobuf message authzed.api.materialize.v0.PermissionSetChange
*/
export interface PermissionSetChange {
/**
* revision represents the revision at which the permission set change occurred.
*
* @generated from protobuf field: authzed.api.v1.ZedToken at_revision = 1;
*/
atRevision?: ZedToken;
/**
* operation represents the type of set operation that took place as part of the change
*
* @generated from protobuf field: authzed.api.materialize.v0.PermissionSetChange.SetOperation operation = 2;
*/
operation: PermissionSetChange_SetOperation;
/**
* parent_set represents the permission set parent of either another set or a member
*
* @generated from protobuf field: authzed.api.materialize.v0.SetReference parent_set = 3;
*/
parentSet?: SetReference;
/**
* @generated from protobuf oneof: child
*/
child: {
oneofKind: "childSet";
/**
* child_set represents the scenario where another set is considered member of the parent set
*
* @generated from protobuf field: authzed.api.materialize.v0.SetReference child_set = 4;
*/
childSet: SetReference;
} | {
oneofKind: "childMember";
/**
* child_member represents the scenario where an specific object is considered member of the parent set
*
* @generated from protobuf field: authzed.api.materialize.v0.MemberReference child_member = 5;
*/
childMember: MemberReference;
} | {
oneofKind: undefined;
};
}
/**
* @generated from protobuf enum authzed.api.materialize.v0.PermissionSetChange.SetOperation
*/
export declare enum PermissionSetChange_SetOperation {
/**
* @generated from protobuf enum value: SET_OPERATION_UNSPECIFIED = 0;
*/
UNSPECIFIED = 0,
/**
* @generated from protobuf enum value: SET_OPERATION_ADDED = 1;
*/
ADDED = 1,
/**
* @generated from protobuf enum value: SET_OPERATION_REMOVED = 2;
*/
REMOVED = 2
}
/**
* @generated from protobuf message authzed.api.materialize.v0.SetReference
*/
export interface SetReference {
/**
* object_type is the type of object in a permission set
*
* @generated from protobuf field: string object_type = 1;
*/
objectType: string;
/**
* object_id is the ID of a permission set
*
* @generated from protobuf field: string object_id = 2;
*/
objectId: string;
/**
* permission_or_relation is the permission or relation referenced by this permission set
*
* @generated from protobuf field: string permission_or_relation = 3;
*/
permissionOrRelation: string;
}
/**
* @generated from protobuf message authzed.api.materialize.v0.MemberReference
*/
export interface MemberReference {
/**
* object_type is the type of object of a permission set member
*
* @generated from protobuf field: string object_type = 1;
*/
objectType: string;
/**
* object_id is the ID of a permission set member
*
* @generated from protobuf field: string object_id = 2;
*/
objectId: string;
/**
* optional_permission_or_relation is the permission or relation referenced by this permission set member
*
* @generated from protobuf field: string optional_permission_or_relation = 3;
*/
optionalPermissionOrRelation: string;
}
/**
* LookupPermissionSetsRequired is a signal that the consumer should perform a LookupPermissionSets call because
* the permission set snapshot needs to be rebuilt from scratch. This typically happens when the origin SpiceDB
* cluster has seen its schema changed, see BreakingSchemaChange event.
*
* @generated from protobuf message authzed.api.materialize.v0.LookupPermissionSetsRequired
*/
export interface LookupPermissionSetsRequired {
/**
* required_lookup_at is the snapshot revision at which the permission set needs to be rebuilt to.
*
* @generated from protobuf field: authzed.api.v1.ZedToken required_lookup_at = 1;
*/
requiredLookupAt?: ZedToken;
}
/**
* BreakingSchemaChange is used to signal a breaking schema change has happened, and that the consumer should
* expect delays in the ingestion of new changes, because the permission set snapshot needs to be rebuilt from scratch.
* Once the snapshot is ready, the consumer will receive a LookupPermissionSetsRequired event.
*
* @generated from protobuf message authzed.api.materialize.v0.BreakingSchemaChange
*/
export interface BreakingSchemaChange {
/**
* change_at is the revision at which a breaking schema event has happened.
*
* @generated from protobuf field: authzed.api.v1.ZedToken change_at = 1;
*/
changeAt?: ZedToken;
}
declare class WatchPermissionSetsRequest$Type extends MessageType<WatchPermissionSetsRequest> {
constructor();
create(value?: PartialMessage<WatchPermissionSetsRequest>): WatchPermissionSetsRequest;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: WatchPermissionSetsRequest): WatchPermissionSetsRequest;
internalBinaryWrite(message: WatchPermissionSetsRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.WatchPermissionSetsRequest
*/
export declare const WatchPermissionSetsRequest: WatchPermissionSetsRequest$Type;
declare class WatchPermissionSetsResponse$Type extends MessageType<WatchPermissionSetsResponse> {
constructor();
create(value?: PartialMessage<WatchPermissionSetsResponse>): WatchPermissionSetsResponse;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: WatchPermissionSetsResponse): WatchPermissionSetsResponse;
internalBinaryWrite(message: WatchPermissionSetsResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.WatchPermissionSetsResponse
*/
export declare const WatchPermissionSetsResponse: WatchPermissionSetsResponse$Type;
declare class Cursor$Type extends MessageType<Cursor> {
constructor();
create(value?: PartialMessage<Cursor>): Cursor;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: Cursor): Cursor;
internalBinaryWrite(message: Cursor, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.Cursor
*/
export declare const Cursor: Cursor$Type;
declare class LookupPermissionSetsRequest$Type extends MessageType<LookupPermissionSetsRequest> {
constructor();
create(value?: PartialMessage<LookupPermissionSetsRequest>): LookupPermissionSetsRequest;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LookupPermissionSetsRequest): LookupPermissionSetsRequest;
internalBinaryWrite(message: LookupPermissionSetsRequest, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.LookupPermissionSetsRequest
*/
export declare const LookupPermissionSetsRequest: LookupPermissionSetsRequest$Type;
declare class LookupPermissionSetsResponse$Type extends MessageType<LookupPermissionSetsResponse> {
constructor();
create(value?: PartialMessage<LookupPermissionSetsResponse>): LookupPermissionSetsResponse;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LookupPermissionSetsResponse): LookupPermissionSetsResponse;
internalBinaryWrite(message: LookupPermissionSetsResponse, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.LookupPermissionSetsResponse
*/
export declare const LookupPermissionSetsResponse: LookupPermissionSetsResponse$Type;
declare class PermissionSetChange$Type extends MessageType<PermissionSetChange> {
constructor();
create(value?: PartialMessage<PermissionSetChange>): PermissionSetChange;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: PermissionSetChange): PermissionSetChange;
internalBinaryWrite(message: PermissionSetChange, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.PermissionSetChange
*/
export declare const PermissionSetChange: PermissionSetChange$Type;
declare class SetReference$Type extends MessageType<SetReference> {
constructor();
create(value?: PartialMessage<SetReference>): SetReference;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: SetReference): SetReference;
internalBinaryWrite(message: SetReference, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.SetReference
*/
export declare const SetReference: SetReference$Type;
declare class MemberReference$Type extends MessageType<MemberReference> {
constructor();
create(value?: PartialMessage<MemberReference>): MemberReference;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: MemberReference): MemberReference;
internalBinaryWrite(message: MemberReference, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.MemberReference
*/
export declare const MemberReference: MemberReference$Type;
declare class LookupPermissionSetsRequired$Type extends MessageType<LookupPermissionSetsRequired> {
constructor();
create(value?: PartialMessage<LookupPermissionSetsRequired>): LookupPermissionSetsRequired;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: LookupPermissionSetsRequired): LookupPermissionSetsRequired;
internalBinaryWrite(message: LookupPermissionSetsRequired, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.LookupPermissionSetsRequired
*/
export declare const LookupPermissionSetsRequired: LookupPermissionSetsRequired$Type;
declare class BreakingSchemaChange$Type extends MessageType<BreakingSchemaChange> {
constructor();
create(value?: PartialMessage<BreakingSchemaChange>): BreakingSchemaChange;
internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: BreakingSchemaChange): BreakingSchemaChange;
internalBinaryWrite(message: BreakingSchemaChange, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter;
}
/**
* @generated MessageType for protobuf message authzed.api.materialize.v0.BreakingSchemaChange
*/
export declare const BreakingSchemaChange: BreakingSchemaChange$Type;
/**
* @generated ServiceType for protobuf service authzed.api.materialize.v0.WatchPermissionSetsService
*/
export declare const WatchPermissionSetsService: ServiceType;
export {};