forked from TrueCloudLab/frostfs-api
fccd753a5d
Change the type of all fields for the container identifier to refs.ContainerID. This will allow to follow a single format and not duplicate its description. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
109 lines
3.3 KiB
Protocol Buffer
109 lines
3.3 KiB
Protocol Buffer
syntax = "proto3";
|
|
package acl;
|
|
option go_package = "github.com/nspcc-dev/neofs-api-go/acl";
|
|
option csharp_namespace = "NeoFS.API.Acl";
|
|
|
|
import "refs/types.proto";
|
|
import "github.com/gogo/protobuf/gogoproto/gogo.proto";
|
|
option (gogoproto.stable_marshaler_all) = true;
|
|
|
|
// Target of the access control rule in access control list.
|
|
enum Target {
|
|
// Unknown target, default value.
|
|
Unknown = 0;
|
|
|
|
// User target rule is applied if sender is the owner of the container.
|
|
User = 1;
|
|
|
|
// System target rule is applied if sender is the storage node within the
|
|
// container or inner ring node.
|
|
System = 2;
|
|
|
|
// Others target rule is applied if sender is not user or system target.
|
|
Others = 3;
|
|
|
|
// PubKey target rule is applied if sender has public key provided in
|
|
// extended ACL.
|
|
PubKey = 4;
|
|
}
|
|
|
|
// EACLRecord groups information about extended ACL rule.
|
|
message EACLRecord {
|
|
// Operation is an enumeration of operation types.
|
|
enum Operation {
|
|
OPERATION_UNKNOWN = 0;
|
|
GET = 1;
|
|
HEAD = 2;
|
|
PUT = 3;
|
|
DELETE = 4;
|
|
SEARCH = 5;
|
|
GETRANGE = 6;
|
|
GETRANGEHASH = 7;
|
|
}
|
|
|
|
// Operation carries type of operation.
|
|
Operation operation = 1 [(gogoproto.customname) = "Operation", json_name="Operation"];
|
|
|
|
// Action is an enumeration of EACL actions.
|
|
enum Action {
|
|
ActionUnknown = 0;
|
|
Allow = 1;
|
|
Deny = 2;
|
|
}
|
|
|
|
// Action carries ACL target action.
|
|
Action action = 2 [(gogoproto.customname) = "Action", json_name="Action"];
|
|
|
|
// FilterInfo groups information about filter.
|
|
message FilterInfo {
|
|
// Header is an enumeration of filtering header types.
|
|
enum Header {
|
|
HeaderUnknown = 0;
|
|
Request = 1;
|
|
ObjectSystem = 2;
|
|
ObjectUser = 3;
|
|
}
|
|
|
|
// Header carries type of header.
|
|
Header header = 1 [(gogoproto.customname) = "Header", json_name="HeaderType"];
|
|
|
|
// MatchType is an enumeration of match types.
|
|
enum MatchType {
|
|
MatchUnknown = 0;
|
|
StringEqual = 1;
|
|
StringNotEqual = 2;
|
|
}
|
|
|
|
// MatchType carries type of match.
|
|
MatchType matchType = 2 [(gogoproto.customname) = "MatchType", json_name="MatchType"];
|
|
|
|
// HeaderName carries name of filtering header.
|
|
string HeaderName = 3 [json_name="Name"];
|
|
|
|
// HeaderVal carries value of filtering header.
|
|
string HeaderVal = 4 [json_name="Value"];
|
|
}
|
|
|
|
// Filters carries set of filters.
|
|
repeated FilterInfo Filters = 3 [json_name="Filters"];
|
|
|
|
// TargetInfo groups information about extended ACL target.
|
|
message TargetInfo {
|
|
// Target carries target of ACL rule.
|
|
acl.Target Target = 1 [json_name="Role"];
|
|
|
|
// KeyList carries public keys of ACL target.
|
|
repeated bytes KeyList = 2 [json_name="Keys"];
|
|
}
|
|
|
|
// Targets carries information about extended ACL target list.
|
|
repeated TargetInfo Targets = 4 [json_name="Targets"];
|
|
}
|
|
|
|
// EACLRecord carries the information about extended ACL rules.
|
|
message EACLTable {
|
|
// Carries identifier of the container that should use given access control rules.
|
|
refs.ContainerID ContainerID = 1 [json_name="ContainerID"];
|
|
// Records carries list of extended ACL rule records.
|
|
repeated EACLRecord Records = 2 [json_name="Records"];
|
|
}
|