diff --git a/docs/acl.md b/docs/acl.md new file mode 100644 index 00000000..38f328be --- /dev/null +++ b/docs/acl.md @@ -0,0 +1,62 @@ +# Protocol Documentation + + +## Table of Contents + +- [acl/types.proto](#acl/types.proto) + + + +- [Scalar Value Types](#scalar-value-types) + + + + +

Top

+ +## acl/types.proto + + + + + + + + + +### Target +Target of the access control rule in access control list. + +| Name | Number | Description | +| ---- | ------ | ----------- | +| Unknown | 0 | Unknown target, default value. | +| User | 1 | User target rule is applied if sender is the owner of the container. | +| System | 2 | System target rule is applied if sender is the storage node within the container or inner ring node. | +| Others | 3 | Others target rule is applied if sender is not user or system target. | +| PubKey | 4 | PubKey target rule is applied if sender has public key provided in extended ACL. | + + + + + + +## Scalar Value Types + +| .proto Type | Notes | C++ Type | Java Type | Python Type | +| ----------- | ----- | -------- | --------- | ----------- | +| double | | double | double | float | +| float | | float | float | float | +| int32 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead. | int32 | int | int | +| int64 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead. | int64 | long | int/long | +| uint32 | Uses variable-length encoding. | uint32 | int | int/long | +| uint64 | Uses variable-length encoding. | uint64 | long | int/long | +| sint32 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s. | int32 | int | int | +| sint64 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s. | int64 | long | int/long | +| fixed32 | Always four bytes. More efficient than uint32 if values are often greater than 2^28. | uint32 | int | int | +| fixed64 | Always eight bytes. More efficient than uint64 if values are often greater than 2^56. | uint64 | long | int/long | +| sfixed32 | Always four bytes. | int32 | int | int | +| sfixed64 | Always eight bytes. | int64 | long | int/long | +| bool | | bool | boolean | boolean | +| string | A string must always contain UTF-8 encoded or 7-bit ASCII text. | string | String | str/unicode | +| bytes | May contain any arbitrary sequence of bytes. | string | ByteString | str | + diff --git a/docs/container.md b/docs/container.md index 6693980d..f0188ca7 100644 --- a/docs/container.md +++ b/docs/container.md @@ -21,8 +21,6 @@ - [container/types.proto](#container/types.proto) - Messages - - [AccessControlList](#container.AccessControlList) - - [AccessGroup](#container.AccessGroup) - [Container](#container.Container) @@ -166,7 +164,7 @@ via consensus in inner ring nodes | Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). | | OwnerID | [bytes](#bytes) | | OwnerID is a wallet address | | rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. | -| Group | [AccessGroup](#container.AccessGroup) | | Container ACL. | +| BasicACL | [uint32](#uint32) | | BasicACL of the container. | | Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) | | Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) | @@ -196,29 +194,6 @@ via consensus in inner ring nodes - - -### Message AccessControlList - - - -| Field | Type | Label | Description | -| ----- | ---- | ----- | ----------- | -| List | [AccessGroup](#container.AccessGroup) | repeated | List of access groups. | - - - - -### Message AccessGroup - - - -| Field | Type | Label | Description | -| ----- | ---- | ----- | ----------- | -| AccessMode | [uint32](#uint32) | | Group access mode. | -| UserGroup | [bytes](#bytes) | repeated | Group members. | - - ### Message Container @@ -231,7 +206,7 @@ The Container service definition. | Salt | [bytes](#bytes) | | Salt is a nonce for unique container id calculation. | | Capacity | [uint64](#uint64) | | Capacity defines amount of data that can be stored in the container (doesn't used for now). | | Rules | [netmap.PlacementRule](#netmap.PlacementRule) | | Rules define storage policy for the object inside the container. | -| List | [AccessControlList](#container.AccessControlList) | | Container ACL. | +| BasicACL | [uint32](#uint32) | | BasicACL with access control rules for owner, system, others and permission bits for bearer token and extended ACL. |