mirror of
https://github.com/mainflux/mainflux.git
synced 2025-04-26 13:48:53 +08:00
b78928c998
* allow admin to fetch all things Signed-off-by: Burak Sekili <buraksekili@gmail.com> * enable users to fetch their own things via owner field in db Signed-off-by: Burak Sekili <buraksekili@gmail.com> * add listpolicies RPC Signed-off-by: Burak Sekili <buraksekili@gmail.com> * add listPolicies gRPC methods for client and server, and update keto initialization Signed-off-by: Burak Sekili <buraksekili@gmail.com> * update fetching things method Signed-off-by: Burak Sekili <buraksekili@gmail.com> * remove log Signed-off-by: Burak Sekili <buraksekili@gmail.com> * update retrieving policies Signed-off-by: Burak Sekili <buraksekili@gmail.com> * fix linter error Signed-off-by: Burak Sekili <buraksekili@gmail.com> * update mock Signed-off-by: Burak Sekili <buraksekili@gmail.com> * remove checking subject set while parsing subject sets Signed-off-by: Burak Sekili <buraksekili@gmail.com> * move subject declaration to constant value Signed-off-by: Burak Sekili <buraksekili@gmail.com>
130 lines
2.5 KiB
Protocol Buffer
130 lines
2.5 KiB
Protocol Buffer
// Copyright (c) Mainflux
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
syntax = "proto3";
|
|
|
|
package mainflux;
|
|
|
|
import "google/protobuf/empty.proto";
|
|
|
|
service ThingsService {
|
|
rpc CanAccessByKey(AccessByKeyReq) returns (ThingID) {}
|
|
rpc IsChannelOwner(ChannelOwnerReq) returns (google.protobuf.Empty) {}
|
|
rpc CanAccessByID(AccessByIDReq) returns (google.protobuf.Empty) {}
|
|
rpc Identify(Token) returns (ThingID) {}
|
|
}
|
|
|
|
service AuthService {
|
|
rpc Issue(IssueReq) returns (Token) {}
|
|
rpc Identify(Token) returns (UserIdentity) {}
|
|
rpc Authorize(AuthorizeReq) returns (AuthorizeRes) {}
|
|
rpc AddPolicy(AddPolicyReq) returns (AddPolicyRes) {}
|
|
rpc DeletePolicy(DeletePolicyReq) returns (DeletePolicyRes) {}
|
|
rpc ListPolicies(ListPoliciesReq) returns (ListPoliciesRes) {}
|
|
rpc Assign(Assignment) returns(google.protobuf.Empty) {}
|
|
rpc Members(MembersReq) returns (MembersRes) {}
|
|
}
|
|
|
|
message AccessByKeyReq {
|
|
string token = 1;
|
|
string chanID = 2;
|
|
}
|
|
|
|
message ChannelOwnerReq {
|
|
string owner = 1;
|
|
string chanID = 2;
|
|
}
|
|
|
|
message ThingID {
|
|
string value = 1;
|
|
}
|
|
|
|
message ChannelID {
|
|
string value = 1;
|
|
}
|
|
|
|
message AccessByIDReq {
|
|
string thingID = 1;
|
|
string chanID = 2;
|
|
}
|
|
|
|
// If a token is not carrying any information itself, the type
|
|
// field can be used to determine how to validate the token.
|
|
// Also, different tokens can be encoded in different ways.
|
|
message Token {
|
|
string value = 1;
|
|
}
|
|
|
|
message UserIdentity {
|
|
string id = 1;
|
|
string email = 2;
|
|
}
|
|
|
|
message IssueReq {
|
|
string id = 1;
|
|
string email = 2;
|
|
uint32 type = 3;
|
|
}
|
|
|
|
message AuthorizeReq {
|
|
string sub = 1;
|
|
string obj = 2;
|
|
string act = 3;
|
|
}
|
|
|
|
message AuthorizeRes {
|
|
bool authorized = 1;
|
|
}
|
|
|
|
message AddPolicyReq {
|
|
string sub = 1;
|
|
string obj = 2;
|
|
string act = 3;
|
|
}
|
|
|
|
message AddPolicyRes {
|
|
bool authorized = 1;
|
|
}
|
|
|
|
message DeletePolicyReq {
|
|
string sub = 1;
|
|
string obj = 2;
|
|
string act = 3;
|
|
}
|
|
|
|
message DeletePolicyRes {
|
|
bool deleted = 1;
|
|
}
|
|
|
|
message ListPoliciesReq {
|
|
string sub = 1;
|
|
string obj = 2;
|
|
string act = 3;
|
|
}
|
|
|
|
message ListPoliciesRes {
|
|
repeated string policies = 1;
|
|
}
|
|
|
|
message Assignment {
|
|
string token = 1;
|
|
string groupID = 2;
|
|
string memberID = 3;
|
|
}
|
|
|
|
message MembersReq {
|
|
string token = 1;
|
|
string groupID = 2;
|
|
uint64 offset = 3;
|
|
uint64 limit = 4;
|
|
string type = 5;
|
|
}
|
|
|
|
message MembersRes {
|
|
uint64 total = 1;
|
|
uint64 offset = 2;
|
|
uint64 limit = 3;
|
|
string type = 4;
|
|
repeated string members = 5;
|
|
}
|