[#46] apemanager: Introduce proto-s for apemanager service

* Introduce proto-s for `APEManagerService` and related types. * Introduce a new status section related to `APEManagerService`. * Generate proto-docs. Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-04-23 22:18:22 +03:00 · 2024-04-23 22:18:22 +03:00 · c94b8ab6ae
commit c94b8ab6ae
parent 9802fd23ae
5 changed files with 554 additions and 0 deletions
--- a/apemanager/service.proto
+++ b/apemanager/service.proto
@ -0,0 +1,171 @@
+syntax = "proto3";
+
+package frostfs.v2.apemanager;
+
+import "apemanager/types.proto";
+import "session/types.proto";
+
+option go_package = "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/apemanager/grpc;apemanager";
+
+// `APEManagerService` provides API to manage rule chains within sidechain's
+// `Policy` smart contract.
+service APEManagerService {
+  // Add a rule chain for a specific target to `Policy` smart contract.
+  //
+  // Statuses:
+  // - **OK** (0, SECTION_SUCCESS): \
+  //   the chain has been successfully added;
+  // - Common failures (SECTION_FAILURE_COMMON);
+  // - **CONTAINER_NOT_FOUND** (3072, SECTION_CONTAINER): \
+  //   container (as target) not found;
+  // - **APE_MANAGER_ACCESS_DENIED** (5120, SECTION_APE_MANAGER): \
+  //   the operation is denied by the service.
+  rpc AddChain(AddChainRequest) returns (AddChainResponse);
+
+  // Remove a rule chain for a specific target from `Policy` smart contract.
+  // RemoveChain is an idempotent operation: removal of non-existing rule chain
+  // also means success.
+  //
+  // Statuses:
+  // - **OK** (0, SECTION_SUCCESS): \
+  //   the chain has been successfully removed;
+  // - Common failures (SECTION_FAILURE_COMMON);
+  // - **CONTAINER_NOT_FOUND** (3072, SECTION_CONTAINER): \
+  //   container (as target) not found;
+  // - **APE_MANAGER_ACCESS_DENIED** (5120, SECTION_APE_MANAGER): \
+  //   the operation is denied by the service.
+  rpc RemoveChain(RemoveChainRequest) returns (RemoveChainResponse);
+
+  // List chains defined for a specific target from `Policy` smart contract.
+  //
+  // Statuses:
+  // - **OK** (0, SECTION_SUCCESS): \
+  //   chains have been successfully listed;
+  // - Common failures (SECTION_FAILURE_COMMON);
+  // - **CONTAINER_NOT_FOUND** (3072, SECTION_CONTAINER): \
+  //   container (as target) not found;
+  // - **APE_MANAGER_ACCESS_DENIED** (5120, SECTION_APE_MANAGER): \
+  //   the operation is denied by the service.
+  rpc ListChains(ListChainsRequest) returns (ListChainsResponse);
+}
+
+message AddChainRequest {
+  message Body {
+    // A target for which a rule chain is added.
+    ChainTarget target = 1;
+
+    // The chain to set for the target.
+    Chain chain = 2;
+  }
+
+  // The request's body.
+  Body body = 1;
+
+  // Carries request meta information. Header data is used only to regulate
+  // message transport and does not affect request execution.
+  neo.fs.v2.session.RequestMetaHeader meta_header = 2;
+
+  // Carries request verification information. This header is used to
+  // authenticate the nodes of the message route and check the correctness of
+  // transmission.
+  neo.fs.v2.session.RequestVerificationHeader verify_header = 3;
+}
+
+message AddChainResponse {
+  message Body {
+    // Chain ID assigned for the added rule chain.
+    // If chain ID is left empty in the request, then
+    // it will be generated.
+    bytes chain_id = 1;
+  }
+
+  // The response's body.
+  Body body = 1;
+
+  // Carries response meta information. Header data is used only to regulate
+  // message transport and does not affect request execution.
+  neo.fs.v2.session.ResponseMetaHeader meta_header = 2;
+
+  // Carries response verification information. This header is used to
+  // authenticate the nodes of the message route and check the correctness of
+  // transmission.
+  neo.fs.v2.session.ResponseVerificationHeader verify_header = 3;
+}
+
+message RemoveChainRequest {
+  message Body {
+    // Target for which a rule chain is removed.
+    ChainTarget target = 1;
+
+    // Chain ID assigned for the rule chain.
+    bytes chain_id = 2;
+  }
+
+  // The request's body.
+  Body body = 1;
+
+  // Carries request meta information. Header data is used only to regulate
+  // message transport and does not affect request execution.
+  neo.fs.v2.session.RequestMetaHeader meta_header = 2;
+
+  // Carries request verification information. This header is used to
+  // authenticate the nodes of the message route and check the correctness of
+  // transmission.
+  neo.fs.v2.session.RequestVerificationHeader verify_header = 3;
+}
+
+message RemoveChainResponse {
+  // Since RemoveChain is an idempotent operation, then the only indicator that
+  // operation could not be performed is an error returning to a client.
+  message Body {}
+
+  // The response's body.
+  Body body = 1;
+
+  // Carries response meta information. Header data is used only to regulate
+  // message transport and does not affect request execution.
+  neo.fs.v2.session.ResponseMetaHeader meta_header = 2;
+
+  // Carries response verification information. This header is used to
+  // authenticate the nodes of the message route and check the correctness of
+  // transmission.
+  neo.fs.v2.session.ResponseVerificationHeader verify_header = 3;
+}
+
+message ListChainsRequest {
+  message Body {
+    // Target for which rule chains are listed.
+    ChainTarget target = 1;
+  }
+
+  // The request's body.
+  Body body = 1;
+
+  // Carries request meta information. Header data is used only to regulate
+  // message transport and does not affect request execution.
+  neo.fs.v2.session.RequestMetaHeader meta_header = 2;
+
+  // Carries request verification information. This header is used to
+  // authenticate the nodes of the message route and check the correctness of
+  // transmission.
+  neo.fs.v2.session.RequestVerificationHeader verify_header = 3;
+}
+
+message ListChainsResponse {
+  message Body {
+    // The list of chains defined for the reqeusted target.
+    repeated Chain chains = 1;
+  }
+
+  // The response's body.
+  Body body = 1;
+
+  // Carries response meta information. Header data is used only to regulate
+  // message transport and does not affect request execution.
+  neo.fs.v2.session.ResponseMetaHeader meta_header = 2;
+
+  // Carries response verification information. This header is used to
+  // authenticate the nodes of the message route and check the correctness of
+  // transmission.
+  neo.fs.v2.session.ResponseVerificationHeader verify_header = 3;
+}
--- a/apemanager/types.proto
+++ b/apemanager/types.proto
@ -0,0 +1,33 @@
+syntax = "proto3";
+
+package frostfs.v2.apemanager;
+
+option go_package = "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/apemanager/grpc;apemanager";
+
+// TargetType is a type target to which a rule chain is defined.
+enum TargetType {
+  UNDEFINED = 0;
+
+  NAMESPACE = 1;
+
+  CONTAINER = 2;
+
+  USER = 3;
+
+  GROUP = 4;
+}
+
+// ChainTarget is an object to which a rule chain is defined.
+message ChainTarget {
+  TargetType type = 1;
+
+  string name = 2;
+}
+
+// Chain is a chain of rules defined for a specific target.
+message Chain {
+  oneof kind {
+    // Raw representation of a serizalized rule chain.
+    bytes raw = 1;
+  }
+}