2466ce876e
Change proto package path. Signed-off-by: Ori Bruk <o.bruk@yadro.com>
169 lines
5.7 KiB
Protocol Buffer
169 lines
5.7 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package frost.fs.apemanager;
|
|
|
|
import "ape/types.proto";
|
|
import "session/types.proto";
|
|
|
|
// `APEManagerService` provides API to manage rule chains within sidechain's
|
|
// `Policy` smart contract.
|
|
service APEManagerService {
|
|
// Add a rule chain for a specific target to `Policy` smart contract.
|
|
//
|
|
// Statuses:
|
|
// - **OK** (0, SECTION_SUCCESS): \
|
|
// the chain has been successfully added;
|
|
// - Common failures (SECTION_FAILURE_COMMON);
|
|
// - **CONTAINER_NOT_FOUND** (3072, SECTION_CONTAINER): \
|
|
// container (as target) not found;
|
|
// - **APE_MANAGER_ACCESS_DENIED** (5120, SECTION_APE_MANAGER): \
|
|
// the operation is denied by the service.
|
|
rpc AddChain(AddChainRequest) returns (AddChainResponse);
|
|
|
|
// Remove a rule chain for a specific target from `Policy` smart contract.
|
|
// RemoveChain is an idempotent operation: removal of non-existing rule chain
|
|
// also means success.
|
|
//
|
|
// Statuses:
|
|
// - **OK** (0, SECTION_SUCCESS): \
|
|
// the chain has been successfully removed;
|
|
// - Common failures (SECTION_FAILURE_COMMON);
|
|
// - **CONTAINER_NOT_FOUND** (3072, SECTION_CONTAINER): \
|
|
// container (as target) not found;
|
|
// - **APE_MANAGER_ACCESS_DENIED** (5120, SECTION_APE_MANAGER): \
|
|
// the operation is denied by the service.
|
|
rpc RemoveChain(RemoveChainRequest) returns (RemoveChainResponse);
|
|
|
|
// List chains defined for a specific target from `Policy` smart contract.
|
|
//
|
|
// Statuses:
|
|
// - **OK** (0, SECTION_SUCCESS): \
|
|
// chains have been successfully listed;
|
|
// - Common failures (SECTION_FAILURE_COMMON);
|
|
// - **CONTAINER_NOT_FOUND** (3072, SECTION_CONTAINER): \
|
|
// container (as target) not found;
|
|
// - **APE_MANAGER_ACCESS_DENIED** (5120, SECTION_APE_MANAGER): \
|
|
// the operation is denied by the service.
|
|
rpc ListChains(ListChainsRequest) returns (ListChainsResponse);
|
|
}
|
|
|
|
message AddChainRequest {
|
|
message Body {
|
|
// A target for which a rule chain is added.
|
|
frost.fs.ape.ChainTarget target = 1;
|
|
|
|
// The chain to set for the target.
|
|
frost.fs.ape.Chain chain = 2;
|
|
}
|
|
|
|
// The request's body.
|
|
Body body = 1;
|
|
|
|
// Carries request meta information. Header data is used only to regulate
|
|
// message transport and does not affect request execution.
|
|
frost.fs.session.RequestMetaHeader meta_header = 2;
|
|
|
|
// Carries request verification information. This header is used to
|
|
// authenticate the nodes of the message route and check the correctness of
|
|
// transmission.
|
|
frost.fs.session.RequestVerificationHeader verify_header = 3;
|
|
}
|
|
|
|
message AddChainResponse {
|
|
message Body {
|
|
// Chain ID assigned for the added rule chain.
|
|
// If chain ID is left empty in the request, then
|
|
// it will be generated.
|
|
bytes chain_id = 1;
|
|
}
|
|
|
|
// The response's body.
|
|
Body body = 1;
|
|
|
|
// Carries response meta information. Header data is used only to regulate
|
|
// message transport and does not affect request execution.
|
|
frost.fs.session.ResponseMetaHeader meta_header = 2;
|
|
|
|
// Carries response verification information. This header is used to
|
|
// authenticate the nodes of the message route and check the correctness of
|
|
// transmission.
|
|
frost.fs.session.ResponseVerificationHeader verify_header = 3;
|
|
}
|
|
|
|
message RemoveChainRequest {
|
|
message Body {
|
|
// Target for which a rule chain is removed.
|
|
frost.fs.ape.ChainTarget target = 1;
|
|
|
|
// Chain ID assigned for the rule chain.
|
|
bytes chain_id = 2;
|
|
}
|
|
|
|
// The request's body.
|
|
Body body = 1;
|
|
|
|
// Carries request meta information. Header data is used only to regulate
|
|
// message transport and does not affect request execution.
|
|
frost.fs.session.RequestMetaHeader meta_header = 2;
|
|
|
|
// Carries request verification information. This header is used to
|
|
// authenticate the nodes of the message route and check the correctness of
|
|
// transmission.
|
|
frost.fs.session.RequestVerificationHeader verify_header = 3;
|
|
}
|
|
|
|
message RemoveChainResponse {
|
|
// Since RemoveChain is an idempotent operation, then the only indicator that
|
|
// operation could not be performed is an error returning to a client.
|
|
message Body {}
|
|
|
|
// The response's body.
|
|
Body body = 1;
|
|
|
|
// Carries response meta information. Header data is used only to regulate
|
|
// message transport and does not affect request execution.
|
|
frost.fs.session.ResponseMetaHeader meta_header = 2;
|
|
|
|
// Carries response verification information. This header is used to
|
|
// authenticate the nodes of the message route and check the correctness of
|
|
// transmission.
|
|
frost.fs.session.ResponseVerificationHeader verify_header = 3;
|
|
}
|
|
|
|
message ListChainsRequest {
|
|
message Body {
|
|
// Target for which rule chains are listed.
|
|
frost.fs.ape.ChainTarget target = 1;
|
|
}
|
|
|
|
// The request's body.
|
|
Body body = 1;
|
|
|
|
// Carries request meta information. Header data is used only to regulate
|
|
// message transport and does not affect request execution.
|
|
frost.fs.session.RequestMetaHeader meta_header = 2;
|
|
|
|
// Carries request verification information. This header is used to
|
|
// authenticate the nodes of the message route and check the correctness of
|
|
// transmission.
|
|
frost.fs.session.RequestVerificationHeader verify_header = 3;
|
|
}
|
|
|
|
message ListChainsResponse {
|
|
message Body {
|
|
// The list of chains defined for the reqeusted target.
|
|
repeated frost.fs.ape.Chain chains = 1;
|
|
}
|
|
|
|
// The response's body.
|
|
Body body = 1;
|
|
|
|
// Carries response meta information. Header data is used only to regulate
|
|
// message transport and does not affect request execution.
|
|
frost.fs.session.ResponseMetaHeader meta_header = 2;
|
|
|
|
// Carries response verification information. This header is used to
|
|
// authenticate the nodes of the message route and check the correctness of
|
|
// transmission.
|
|
frost.fs.session.ResponseVerificationHeader verify_header = 3;
|
|
}
|