From 2b6425d4cb52058dbcde25d14e3f9fc8fb07c61d Mon Sep 17 00:00:00 2001 From: b-long Date: Thu, 30 Apr 2026 23:56:06 +0000 Subject: [PATCH] feat: update proto GIT_TAG to service/v0.8.0 - Bump default GIT_TAG from service/v0.7.2 to service/v0.8.0 - Remove unnecessary lambda from re.sub in run_buf_generate() - Restore buf.gen.yaml to its original content after buf generate runs (was leaking absolute plugin path into tracked file) - Add sys.path fix in __init__.py for connect-python v0.6+ absolute import style - Regenerate all proto files from service/v0.8.0 (new: obligations, updated kasregistry/objects/unsafe/authorization) - Update test assertion to match new default tag --- .../authorization/v2/authorization.proto | 27 +- .../key_access_server_registry.proto | 40 +- .../proto-files/policy/objects.proto | 46 +- .../policy/obligations/obligations.proto | 260 +++++ .../proto-files/policy/unsafe/unsafe.proto | 9 +- .../scripts/generate_connect_proto.py | 37 +- .../src/otdf_python_proto/__init__.py | 8 + .../authorization/authorization_connect.py | 2 +- .../authorization/v2/__init__.py | 0 .../authorization/v2/authorization_pb2.py | 76 +- .../entity_resolution_connect.py | 2 +- .../entityresolution/v2/__init__.py | 0 .../src/otdf_python_proto/kas/kas_connect.py | 2 +- .../legacy_grpc/authorization/__init__.py | 0 .../legacy_grpc/authorization/v2/__init__.py | 0 .../legacy_grpc/common/__init__.py | 0 .../legacy_grpc/entity/__init__.py | 0 .../legacy_grpc/entityresolution/__init__.py | 0 .../entityresolution/v2/__init__.py | 0 .../legacy_grpc/kas/__init__.py | 0 .../legacy_grpc/logger/__init__.py | 0 .../legacy_grpc/logger/audit/__init__.py | 0 .../legacy_grpc/policy/__init__.py | 0 .../legacy_grpc/policy/actions/__init__.py | 0 .../legacy_grpc/policy/attributes/__init__.py | 0 .../policy/kasregistry/__init__.py | 0 .../key_access_server_registry_pb2_grpc.py | 44 + .../policy/keymanagement/__init__.py | 0 .../legacy_grpc/policy/namespaces/__init__.py | 0 .../policy/obligations/__init__.py | 0 .../obligations/obligations_pb2_grpc.py | 680 +++++++++++++ .../policy/registeredresources/__init__.py | 0 .../policy/resourcemapping/__init__.py | 0 .../policy/subjectmapping/__init__.py | 0 .../legacy_grpc/policy/unsafe/__init__.py | 0 .../wellknownconfiguration/__init__.py | 0 .../logger/audit/__init__.py | 0 .../key_access_server_registry_connect.py | 65 ++ .../key_access_server_registry_pb2.py | 94 +- .../key_access_server_registry_pb2.pyi | 40 + .../otdf_python_proto/policy/objects_pb2.py | 60 +- .../otdf_python_proto/policy/objects_pb2.pyi | 40 + .../policy/obligations/__init__.py | 0 .../policy/obligations/obligations_connect.py | 920 ++++++++++++++++++ .../policy/obligations/obligations_pb2.py | 110 +++ .../policy/obligations/obligations_pb2.pyi | 224 +++++ .../policy/unsafe/unsafe_pb2.py | 16 +- .../policy/unsafe/unsafe_pb2.pyi | 12 +- .../wellknown_configuration_connect.py | 2 +- .../tests/test_generate_connect_proto.py | 2 +- 50 files changed, 2667 insertions(+), 151 deletions(-) create mode 100644 otdf-python-proto/proto-files/policy/obligations/obligations.proto create mode 100644 otdf-python-proto/src/otdf_python_proto/authorization/v2/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/entityresolution/v2/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/authorization/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/authorization/v2/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/common/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/entity/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/entityresolution/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/entityresolution/v2/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/kas/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/logger/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/logger/audit/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/actions/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/attributes/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/kasregistry/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/keymanagement/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/namespaces/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/obligations/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/obligations/obligations_pb2_grpc.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/registeredresources/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/resourcemapping/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/subjectmapping/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/unsafe/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/legacy_grpc/wellknownconfiguration/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/logger/audit/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/policy/obligations/__init__.py create mode 100644 otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_connect.py create mode 100644 otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_pb2.py create mode 100644 otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_pb2.pyi diff --git a/otdf-python-proto/proto-files/authorization/v2/authorization.proto b/otdf-python-proto/proto-files/authorization/v2/authorization.proto index 7345334..457aee4 100644 --- a/otdf-python-proto/proto-files/authorization/v2/authorization.proto +++ b/otdf-python-proto/proto-files/authorization/v2/authorization.proto @@ -21,11 +21,11 @@ message EntityIdentifier { oneof identifier { option (buf.validate.oneof).required = true; - // chain of one or more entities + // chain of one or more entities and at most 10 entity.EntityChain entity_chain = 1 [(buf.validate.field).cel = { id: "entity_chain_required" - message: "entities must be provided" - expression: "has(this.entities) && this.entities.size() > 0" + message: "entities must be provided and between 1 and 10 in count" + expression: "has(this.entities) && this.entities.size() > 0 && this.entities.size() <= 10" }]; // fully qualified name of the registered resource value stored in platform policy, where in @@ -65,11 +65,13 @@ message Resource { } oneof resource { + // a set of attribute value FQNs, such as those on a TDF, between 1 and 20 in count AttributeValues attribute_values = 2 [(buf.validate.field).cel = { id: "attribute_values_required" - message: "if provided, resource.attribute_values must not be empty" - expression: "this.fqns.size() > 0 && this.fqns.all(item, item.isUri())" + message: "if provided, resource.attribute_values must be between 1 and 20 in count with all valid FQNs" + expression: "this.fqns.size() > 0 && this.fqns.size() <= 20 && this.fqns.all(item, item.isUri())" }]; + // fully qualified name of the registered resource value stored in platform policy string registered_resource_value_fqn = 3 [(buf.validate.field).string = { min_len: 1 uri: true @@ -112,15 +114,17 @@ message GetDecisionResponse { // 1. one entity reference (actor) // 2. one action // 3. multiple resources -// Note: this is a more performant bulk request for multiple resource decisions +// Note: this is a more performant bulk request for multiple resource decisions, up to 1000 per request message GetDecisionMultiResourceRequest { // an entity must be identified for authorization decisioning EntityIdentifier entity_identifier = 1 [(buf.validate.field).required = true]; // name on action is required policy.Action action = 2 [(buf.validate.field).required = true]; repeated Resource resources = 3 [ - (buf.validate.field).required = true, - (buf.validate.field).repeated = {min_items: 1} + (buf.validate.field).repeated = { + min_items: 1 + max_items: 1000 + } ]; option (buf.validate.message).cel = { @@ -141,7 +145,12 @@ message GetDecisionMultiResourceResponse { // This is a more performant bulk request for complex decisioning (i.e. multiple entity chains or actions on // multiple resources) message GetDecisionBulkRequest { - repeated GetDecisionMultiResourceRequest decision_requests = 1; + repeated GetDecisionMultiResourceRequest decision_requests = 1 [ + (buf.validate.field).repeated = { + min_items: 1 + max_items: 200 + } + ]; } message GetDecisionBulkResponse { repeated GetDecisionMultiResourceResponse decision_responses = 1; diff --git a/otdf-python-proto/proto-files/policy/kasregistry/key_access_server_registry.proto b/otdf-python-proto/proto-files/policy/kasregistry/key_access_server_registry.proto index badee52..01c92af 100644 --- a/otdf-python-proto/proto-files/policy/kasregistry/key_access_server_registry.proto +++ b/otdf-python-proto/proto-files/policy/kasregistry/key_access_server_registry.proto @@ -403,7 +403,7 @@ message CreateKeyRequest { Algorithm key_algorithm = 3 [(buf.validate.field).cel = { id: "key_algorithm_defined" message: "The key_algorithm must be one of the defined values." - expression: "this in [1, 2, 3, 4]" // Allow ALGORITHM_EC_P256, ALGORITHM_RSA_2048, ALGORITHM_X25519, ALGORITHM_AES_256_GCM + expression: "this in [1, 2, 3, 4, 5]" // Allow ALGORITHM_RSA_2048, ALGORITHM_RSA_4096, ALGORITHM_EC_P256, ALGORITHM_EC_P384, ALGORITHM_EC_P521 }]; // The algorithm to be used for the key // Required KeyMode key_mode = 4 [(buf.validate.field).cel = { @@ -445,7 +445,7 @@ message ListKeysRequest { Algorithm key_algorithm = 1 [(buf.validate.field).cel = { id: "key_algorithm_defined" message: "The key_algorithm must be one of the defined values." - expression: "this in [0, 1, 2, 3, 4]" // Allow ALGORITHM_EC_P256, ALGORITHM_RSA_2048, ALGORITHM_X25519, ALGORITHM_AES_256_GCM + expression: "this in [0, 1, 2, 3, 4, 5]" // Allow unspecified and object.Algorithm values for currently supported RSA bit sizes and EC curve types }]; // Filter keys by algorithm oneof kas_filter { @@ -545,7 +545,7 @@ message RotateKeyRequest { Algorithm algorithm = 2 [(buf.validate.field).cel = { id: "key_algorithm_defined" message: "The key_algorithm must be one of the defined values." - expression: "this in [1, 2, 3, 4]" // Allow ALGORITHM_EC_P256, ALGORITHM_RSA_2048, ALGORITHM_X25519, ALGORITHM_AES_256_GCM + expression: "this in [1, 2, 3, 4, 5]" // Allow ALGORITHM_RSA_2048, ALGORITHM_RSA_4096, ALGORITHM_EC_P256, ALGORITHM_EC_P384, ALGORITHM_EC_P521 }]; // Required KeyMode key_mode = 3 [ @@ -553,7 +553,7 @@ message RotateKeyRequest { (buf.validate.field).cel = { id: "new_key_mode_defined" message: "The new key_mode must be one of the defined values (1-4)." - expression: "this in [1, 2, 3, 4]" // Allow all defined modes + expression: "this in [1, 2, 3, 4]" // Allow modes CONFIG_ROOT_KEY, PROVIDER_ROOT_KEY, REMOTE, PUBLIC_KEY_ONLY } ]; // Required @@ -617,6 +617,35 @@ message SetBaseKeyResponse { SimpleKasKey previous_base_key = 2; // The previous base key, if any } +message MappedPolicyObject { + string id = 1; // The unique identifier of the policy object + string fqn = 2; // The fully qualified name of the policy object +} + +message KeyMapping { + string kid = 1; + string kas_uri = 2; + repeated MappedPolicyObject namespace_mappings = 3; // List of namespaces mapped to the key + repeated MappedPolicyObject attribute_mappings = 4; // List of attribute definitions mapped to the key + repeated MappedPolicyObject value_mappings = 5; // List of attribute values mapped to the key +} + +message ListKeyMappingsRequest { + oneof identifier { + option (buf.validate.oneof).required = false; + string id = 2 [(buf.validate.field).string.uuid = true]; // The unique identifier of the key to retrieve + KasKeyIdentifier key = 3; + } + + policy.PageRequest pagination = 10; // Pagination request for the list of keys +} + +message ListKeyMappingsResponse { + repeated KeyMapping key_mappings = 1; // The list of key mappings + + policy.PageResponse pagination = 10; // Pagination response for the list of keys +} + service KeyAccessServerRegistryService { rpc ListKeyAccessServers(ListKeyAccessServersRequest) returns (ListKeyAccessServersResponse) { option (google.api.http) = {get: "/key-access-servers"}; @@ -660,4 +689,7 @@ service KeyAccessServerRegistryService { // Get Default kas keys rpc GetBaseKey(GetBaseKeyRequest) returns (GetBaseKeyResponse) {} + + // Request to list key mappings in the Key Access Service. + rpc ListKeyMappings(ListKeyMappingsRequest) returns (ListKeyMappingsResponse) {} } diff --git a/otdf-python-proto/proto-files/policy/objects.proto b/otdf-python-proto/proto-files/policy/objects.proto index cb7ba7a..9c7e854 100644 --- a/otdf-python-proto/proto-files/policy/objects.proto +++ b/otdf-python-proto/proto-files/policy/objects.proto @@ -5,6 +5,7 @@ package policy; import "buf/validate/validate.proto"; import "common/common.proto"; import "google/protobuf/wrappers.proto"; +// import "google/protobuf/struct.proto"; message SimpleKasPublicKey { Algorithm algorithm = 1; @@ -447,7 +448,6 @@ message RegisteredResourceValue { // Common metadata common.Metadata metadata = 100; } - string id = 1; string value = 2; @@ -460,6 +460,50 @@ message RegisteredResourceValue { common.Metadata metadata = 100; } +message Obligation { + string id = 1; + + Namespace namespace = 2; + + string name = 3; + + repeated ObligationValue values = 4; + + common.Metadata metadata = 100; +} + +message ObligationValue { + string id = 1; + + Obligation obligation = 2; + + string value = 3; + + common.Metadata metadata = 100; +} + +message ObligationTrigger { + string id = 1; + + ObligationValue obligation_value = 2; + + Action action = 3; + + Value attribute_value = 4; + + common.Metadata metadata = 100; +} + +// message ObligationFulfiller { +// string id = 1; + +// ObligationValue obligation_value = 2; + +// google.protobuf.Struct conditionals = 3; + +// common.Metadata metadata = 100; +// } + // Supported key algorithms. enum Algorithm { ALGORITHM_UNSPECIFIED = 0; diff --git a/otdf-python-proto/proto-files/policy/obligations/obligations.proto b/otdf-python-proto/proto-files/policy/obligations/obligations.proto new file mode 100644 index 0000000..2a61050 --- /dev/null +++ b/otdf-python-proto/proto-files/policy/obligations/obligations.proto @@ -0,0 +1,260 @@ +syntax = "proto3"; + +package policy.obligations; + +import "common/common.proto"; +import "policy/objects.proto"; +import "policy/selectors.proto"; +// import "google/protobuf/struct.proto"; + +/// +/// Obligation +/// + +// Definitions +message GetObligationRequest { + oneof identifier { + string id = 1; + string fqn = 2; + } +} + +message GetObligationResponse { + policy.Obligation obligation = 1; +} + +message GetObligationsByFQNsRequest { + repeated string fqns = 1; +} + +message GetObligationsByFQNsResponse { + map fqn_obligation_map = 1; +} + +message CreateObligationRequest { + // Required + oneof namespace_identifier { + string id = 1; + string fqn = 2; + } + string name = 3; + // Optional + // Common metadata + common.MetadataMutable metadata = 100; +} + +message CreateObligationResponse { + policy.Obligation obligation = 1; +} + +message UpdateObligationRequest { + // Required + string id = 1; + + // Optional + string name = 2; + common.MetadataMutable metadata = 100; + common.MetadataUpdateEnum metadata_update_behavior = 101; +} + +message UpdateObligationResponse { + policy.Obligation obligation = 1; +} + +message DeleteObligationRequest { + oneof identifier { + string id = 1; + string fqn = 2; + } +} + +message DeleteObligationResponse { + policy.Obligation obligation = 1; +} + +message ListObligationsRequest { + // Optional + // Namespace ID or FQN + oneof namespace_identifier { + string id = 1; + string fqn = 2; + } + + // Optional + policy.PageRequest pagination = 10; +} + +message ListObligationsResponse { + repeated policy.Obligation obligations = 1; + + policy.PageResponse pagination = 10; +} + +// Values +message GetObligationValueRequest { + oneof identifier { + string id = 1; + string fqn = 2; + } +} + +message GetObligationValueResponse { + policy.ObligationValue value = 1; +} + +message GetObligationValuesByFQNsRequest { + repeated string fqns = 1; +} + +message GetObligationValuesByFQNsResponse { + map fqn_value_map = 1; +} + +message CreateObligationValueRequest { + // Required + oneof obligation_identifier { + string id = 1; + string fqn = 2; + } + string value = 3; + + // Optional + // Common metadata + common.MetadataMutable metadata = 100; +} + +message CreateObligationValueResponse { + policy.ObligationValue value = 1; +} + +message UpdateObligationValueRequest { + // Required + string id = 1; + + // Optional + string value = 2; + common.MetadataMutable metadata = 100; + common.MetadataUpdateEnum metadata_update_behavior = 101; +} + +message UpdateObligationValueResponse { + policy.ObligationValue value = 1; +} + +message DeleteObligationValueRequest { + oneof identifier { + string id = 1; + string fqn = 2; + } +} + +message DeleteObligationValueResponse { + policy.ObligationValue value = 1; +} + +// Triggers +message AddObligationTriggerRequest { + // Required + string obligation_value_id = 1; + string action_id = 2; + string attribute_value_id = 3; + // Optional + // Common metadata + common.MetadataMutable metadata = 100; +} + +message AddObligationTriggerResponse { + policy.ObligationTrigger trigger = 1; +} + +message RemoveObligationTriggerRequest { + string id = 1; +} + +message RemoveObligationTriggerResponse { + policy.ObligationTrigger trigger = 1; +} + +// Fulfillers +// message AddObligationFulfillerRequest { +// // Required +// string obligation_value_id = 1; +// google.protobuf.Struct conditionals = 2; +// // Optional +// // Common metadata +// common.MetadataMutable metadata = 100; +// } + +// message AddObligationFulfillerResponse { +// policy.ObligationFulfiller fulfiller = 1; +// } + +// message RemoveObligationFulfillerRequest { +// string id = 1; +// } + +// message RemoveObligationFulfillerResponse { +// policy.ObligationFulfiller fulfiller = 1; +// } + +/// +/// Obligation Service +/// +service Service { + + /*--------------------------------------* + * Obligation RPCs + *--------------------------------------*/ + + rpc ListObligations(ListObligationsRequest) returns (ListObligationsResponse) { + option idempotency_level = NO_SIDE_EFFECTS; + } + + rpc GetObligation(GetObligationRequest) returns (GetObligationResponse) { + option idempotency_level = NO_SIDE_EFFECTS; + } + + rpc GetObligationsByFQNs(GetObligationsByFQNsRequest) returns (GetObligationsByFQNsResponse) { + option idempotency_level = NO_SIDE_EFFECTS; + } + + rpc CreateObligation(CreateObligationRequest) returns (CreateObligationResponse) {} + + rpc UpdateObligation(UpdateObligationRequest) returns (UpdateObligationResponse) {} + + rpc DeleteObligation(DeleteObligationRequest) returns (DeleteObligationResponse) {} + + /*--------------------------------------* + * Value RPCs + *--------------------------------------*/ + + rpc GetObligationValue(GetObligationValueRequest) returns (GetObligationValueResponse) { + option idempotency_level = NO_SIDE_EFFECTS; + } + + rpc GetObligationValuesByFQNs(GetObligationValuesByFQNsRequest) returns (GetObligationValuesByFQNsResponse) { + option idempotency_level = NO_SIDE_EFFECTS; + } + + rpc CreateObligationValue(CreateObligationValueRequest) returns (CreateObligationValueResponse) {} + + rpc UpdateObligationValue(UpdateObligationValueRequest) returns (UpdateObligationValueResponse) {} + + rpc DeleteObligationValue(DeleteObligationValueRequest) returns (DeleteObligationValueResponse) {} + + /*--------------------------------------* + * Trigger RPCs + *--------------------------------------*/ + + rpc AddObligationTrigger(AddObligationTriggerRequest) returns (AddObligationTriggerResponse) {} + + rpc RemoveObligationTrigger(RemoveObligationTriggerRequest) returns (RemoveObligationTriggerResponse) {} + + /*--------------------------------------* + * Fulfiller RPCs + *--------------------------------------*/ + + // rpc AddObligationFulfiller(AddObligationFulfillerRequest) returns (AddObligationFulfillerResponse) {} + + // rpc RemoveObligationFulfiller(RemoveObligationFulfillerRequest) returns (RemoveObligationFulfillerResponse) {} +} \ No newline at end of file diff --git a/otdf-python-proto/proto-files/policy/unsafe/unsafe.proto b/otdf-python-proto/proto-files/policy/unsafe/unsafe.proto index c11bfb9..5f9f906 100644 --- a/otdf-python-proto/proto-files/policy/unsafe/unsafe.proto +++ b/otdf-python-proto/proto-files/policy/unsafe/unsafe.proto @@ -167,14 +167,21 @@ message UnsafeDeleteAttributeValueResponse { } // WARNING!! +// Deleting a key will make it so that ANY TDF that was encrypted with this key cannot be decrypted by the platform. message UnsafeDeleteKasKeyRequest { // Required // UUID of the Key string id = 1 [(buf.validate.field).string.uuid = true]; + // Required + // The key id assigned to this key (Ex: "key-1") + string kid = 2 [(buf.validate.field).required = true]; + // Required + // The kas uri for which this key belongs (Ex: "https://kas.example.com:8080") + string kas_uri = 3 [(buf.validate.field).required = true]; } message UnsafeDeleteKasKeyResponse { - policy.Key key = 1; + policy.KasKey key = 1; } /// diff --git a/otdf-python-proto/scripts/generate_connect_proto.py b/otdf-python-proto/scripts/generate_connect_proto.py index e711bce..39e2b7c 100644 --- a/otdf-python-proto/scripts/generate_connect_proto.py +++ b/otdf-python-proto/scripts/generate_connect_proto.py @@ -48,7 +48,7 @@ def check_dependencies() -> bool: def copy_opentdf_proto_files(proto_gen_dir: Path, git_tag: str | None = None) -> bool: """Clone OpenTDF platform repository and copy all proto files.""" - GIT_TAG = git_tag or "service/v0.7.2" + GIT_TAG = git_tag or "service/v0.8.0" REPO_URL = "https://github.com/opentdf/platform.git" temp_repo_dir = proto_gen_dir / "temp_platform_repo" @@ -153,28 +153,33 @@ def run_buf_generate(proto_gen_dir: Path) -> bool: connect_plugin_path = result.stdout.strip() print(f"Using Connect plugin at: {connect_plugin_path}") - # Update buf.gen.yaml with the correct absolute path for the local plugin + # Update buf.gen.yaml with the correct absolute path for the local plugin, + # then restore the original content after buf generate runs. buf_gen_path = proto_gen_dir / "buf.gen.yaml" with buf_gen_path.open() as f: - content = f.read() + original_content = f.read() updated_content = re.sub( r"- local:\s+\S*protoc-gen-connect[_-]python\S*", - lambda _: f"- local: {connect_plugin_path}", - content, + f"- local: {connect_plugin_path}", + original_content, ) - with buf_gen_path.open("w") as f: - f.write(updated_content) - - # Run buf generate - subprocess.run( - ["buf", "generate"], - cwd=proto_gen_dir, - capture_output=True, - text=True, - check=True, - ) + try: + with buf_gen_path.open("w") as f: + f.write(updated_content) + + # Run buf generate + subprocess.run( + ["buf", "generate"], + cwd=proto_gen_dir, + capture_output=True, + text=True, + check=True, + ) + finally: + with buf_gen_path.open("w") as f: + f.write(original_content) print("✓ Successfully generated protobuf and Connect RPC files") return True diff --git a/otdf-python-proto/src/otdf_python_proto/__init__.py b/otdf-python-proto/src/otdf_python_proto/__init__.py index cd84219..b11d276 100644 --- a/otdf-python-proto/src/otdf_python_proto/__init__.py +++ b/otdf-python-proto/src/otdf_python_proto/__init__.py @@ -4,8 +4,16 @@ It includes modules for authorization, common types, entities, policy management, and other OpenTDF services. """ +import sys +from pathlib import Path from importlib import metadata +# connect-python v0.6+ generates absolute sub-package imports (e.g. `import kas.kas_pb2`) +# rather than relative ones. Add this package's directory to sys.path so those imports resolve. +_pkg_dir = str(Path(__file__).parent) +if _pkg_dir not in sys.path: + sys.path.insert(0, _pkg_dir) + try: __version__ = metadata.version("otdf-python-proto") except metadata.PackageNotFoundError: diff --git a/otdf-python-proto/src/otdf_python_proto/authorization/authorization_connect.py b/otdf-python-proto/src/otdf_python_proto/authorization/authorization_connect.py index 41c7cae..d537845 100644 --- a/otdf-python-proto/src/otdf_python_proto/authorization/authorization_connect.py +++ b/otdf-python-proto/src/otdf_python_proto/authorization/authorization_connect.py @@ -12,7 +12,7 @@ from connectrpc.method import IdempotencyLevel, MethodInfo from connectrpc.request import Headers, RequestContext from connectrpc.server import ConnectASGIApplication, ConnectWSGIApplication, Endpoint, EndpointSync -from . import authorization_pb2 as authorization_dot_authorization__pb2 +import authorization.authorization_pb2 as authorization_dot_authorization__pb2 class AuthorizationService(Protocol): diff --git a/otdf-python-proto/src/otdf_python_proto/authorization/v2/__init__.py b/otdf-python-proto/src/otdf_python_proto/authorization/v2/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/authorization/v2/authorization_pb2.py b/otdf-python-proto/src/otdf_python_proto/authorization/v2/authorization_pb2.py index 184bb3e..3c90f70 100644 --- a/otdf-python-proto/src/otdf_python_proto/authorization/v2/authorization_pb2.py +++ b/otdf-python-proto/src/otdf_python_proto/authorization/v2/authorization_pb2.py @@ -28,7 +28,7 @@ from policy import objects_pb2 as policy_dot_objects__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n$authorization/v2/authorization.proto\x12\x10\x61uthorization.v2\x1a\x1b\x62uf/validate/validate.proto\x1a\x13\x65ntity/entity.proto\x1a\x1egoogle/protobuf/wrappers.proto\x1a\x14policy/objects.proto\"\x9a\x03\n\x10\x45ntityIdentifier\x12\xa2\x01\n\x0c\x65ntity_chain\x18\x01 \x01(\x0b\x32\x13.entity.EntityChainBh\xbaHe\xba\x01\x62\n\x15\x65ntity_chain_required\x12\x19\x65ntities must be provided\x1a.has(this.entities) && this.entities.size() > 0H\x00R\x0b\x65ntityChain\x12O\n\x1dregistered_resource_value_fqn\x18\x02 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x1aregisteredResourceValueFqn\x12{\n\x05token\x18\x03 \x01(\x0b\x32\r.entity.TokenBT\xbaHQ\xba\x01N\n\x0etoken_required\x12\x16token must be provided\x1a$has(this.jwt) && this.jwt.size() > 0H\x00R\x05tokenB\x13\n\nidentifier\x12\x05\xbaH\x02\x08\x01\"\x81\x03\n\x12\x45ntityEntitlements\x12!\n\x0c\x65phemeral_id\x18\x01 \x01(\tR\x0b\x65phemeralId\x12\x8b\x01\n\x1f\x61\x63tions_per_attribute_value_fqn\x18\x02 \x03(\x0b\x32\x45.authorization.v2.EntityEntitlements.ActionsPerAttributeValueFqnEntryR\x1b\x61\x63tionsPerAttributeValueFqn\x1a\x37\n\x0b\x41\x63tionsList\x12(\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32\x0e.policy.ActionR\x07\x61\x63tions\x1a\x80\x01\n ActionsPerAttributeValueFqnEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\x46\n\x05value\x18\x02 \x01(\x0b\x32\x30.authorization.v2.EntityEntitlements.ActionsListR\x05value:\x02\x38\x01\"\xa6\x03\n\x08Resource\x12!\n\x0c\x65phemeral_id\x18\x01 \x01(\tR\x0b\x65phemeralId\x12\xf2\x01\n\x10\x61ttribute_values\x18\x02 \x01(\x0b\x32*.authorization.v2.Resource.AttributeValuesB\x98\x01\xbaH\x94\x01\xba\x01\x90\x01\n\x19\x61ttribute_values_required\x12\x38if provided, resource.attribute_values must not be empty\x1a\x39this.fqns.size() > 0 && this.fqns.all(item, item.isUri())H\x00R\x0f\x61ttributeValues\x12O\n\x1dregistered_resource_value_fqn\x18\x03 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x1aregisteredResourceValueFqn\x1a%\n\x0f\x41ttributeValues\x12\x12\n\x04\x66qns\x18\x01 \x03(\tR\x04\x66qnsB\n\n\x08resource\"~\n\x10ResourceDecision\x12\x32\n\x15\x65phemeral_resource_id\x18\x01 \x01(\tR\x13\x65phemeralResourceId\x12\x36\n\x08\x64\x65\x63ision\x18\x02 \x01(\x0e\x32\x1a.authorization.v2.DecisionR\x08\x64\x65\x63ision\"\xc4\x02\n\x12GetDecisionRequest\x12W\n\x11\x65ntity_identifier\x18\x01 \x01(\x0b\x32\".authorization.v2.EntityIdentifierB\x06\xbaH\x03\xc8\x01\x01R\x10\x65ntityIdentifier\x12.\n\x06\x61\x63tion\x18\x02 \x01(\x0b\x32\x0e.policy.ActionB\x06\xbaH\x03\xc8\x01\x01R\x06\x61\x63tion\x12>\n\x08resource\x18\x03 \x01(\x0b\x32\x1a.authorization.v2.ResourceB\x06\xbaH\x03\xc8\x01\x01R\x08resource:e\xbaHb\x1a`\n)get_decision_request.action_name_required\x12\x1c\x61\x63tion.name must be provided\x1a\x15has(this.action.name)\"U\n\x13GetDecisionResponse\x12>\n\x08\x64\x65\x63ision\x18\x01 \x01(\x0b\x32\".authorization.v2.ResourceDecisionR\x08\x64\x65\x63ision\"\xde\x02\n\x1fGetDecisionMultiResourceRequest\x12W\n\x11\x65ntity_identifier\x18\x01 \x01(\x0b\x32\".authorization.v2.EntityIdentifierB\x06\xbaH\x03\xc8\x01\x01R\x10\x65ntityIdentifier\x12.\n\x06\x61\x63tion\x18\x02 \x01(\x0b\x32\x0e.policy.ActionB\x06\xbaH\x03\xc8\x01\x01R\x06\x61\x63tion\x12\x45\n\tresources\x18\x03 \x03(\x0b\x32\x1a.authorization.v2.ResourceB\x0b\xbaH\x08\x92\x01\x02\x08\x01\xc8\x01\x01R\tresources:k\xbaHh\x1a\x66\n/get_decision_multi_request.action_name_required\x12\x1c\x61\x63tion.name must be provided\x1a\x15has(this.action.name)\"\xb6\x01\n GetDecisionMultiResourceResponse\x12?\n\rall_permitted\x18\x01 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x0c\x61llPermitted\x12Q\n\x12resource_decisions\x18\x02 \x03(\x0b\x32\".authorization.v2.ResourceDecisionR\x11resourceDecisions\"x\n\x16GetDecisionBulkRequest\x12^\n\x11\x64\x65\x63ision_requests\x18\x01 \x03(\x0b\x32\x31.authorization.v2.GetDecisionMultiResourceRequestR\x10\x64\x65\x63isionRequests\"|\n\x17GetDecisionBulkResponse\x12\x61\n\x12\x64\x65\x63ision_responses\x18\x01 \x03(\x0b\x32\x32.authorization.v2.GetDecisionMultiResourceResponseR\x11\x64\x65\x63isionResponses\"\xd9\x01\n\x16GetEntitlementsRequest\x12W\n\x11\x65ntity_identifier\x18\x01 \x01(\x0b\x32\".authorization.v2.EntityIdentifierB\x06\xbaH\x03\xc8\x01\x01R\x10\x65ntityIdentifier\x12\x45\n\x1cwith_comprehensive_hierarchy\x18\x02 \x01(\x08H\x00R\x1awithComprehensiveHierarchy\x88\x01\x01\x42\x1f\n\x1d_with_comprehensive_hierarchy\"c\n\x17GetEntitlementsResponse\x12H\n\x0c\x65ntitlements\x18\x01 \x03(\x0b\x32$.authorization.v2.EntityEntitlementsR\x0c\x65ntitlements*L\n\x08\x44\x65\x63ision\x12\x18\n\x14\x44\x45\x43ISION_UNSPECIFIED\x10\x00\x12\x11\n\rDECISION_DENY\x10\x01\x12\x13\n\x0f\x44\x45\x43ISION_PERMIT\x10\x02\x32\xce\x03\n\x14\x41uthorizationService\x12\\\n\x0bGetDecision\x12$.authorization.v2.GetDecisionRequest\x1a%.authorization.v2.GetDecisionResponse\"\x00\x12\x83\x01\n\x18GetDecisionMultiResource\x12\x31.authorization.v2.GetDecisionMultiResourceRequest\x1a\x32.authorization.v2.GetDecisionMultiResourceResponse\"\x00\x12h\n\x0fGetDecisionBulk\x12(.authorization.v2.GetDecisionBulkRequest\x1a).authorization.v2.GetDecisionBulkResponse\"\x00\x12h\n\x0fGetEntitlements\x12(.authorization.v2.GetEntitlementsRequest\x1a).authorization.v2.GetEntitlementsResponse\"\x00\x42\x8b\x01\n\x14\x63om.authorization.v2B\x12\x41uthorizationProtoP\x01\xa2\x02\x03\x41XX\xaa\x02\x10\x41uthorization.V2\xca\x02\x10\x41uthorization\\V2\xe2\x02\x1c\x41uthorization\\V2\\GPBMetadata\xea\x02\x11\x41uthorization::V2b\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n$authorization/v2/authorization.proto\x12\x10\x61uthorization.v2\x1a\x1b\x62uf/validate/validate.proto\x1a\x13\x65ntity/entity.proto\x1a\x1egoogle/protobuf/wrappers.proto\x1a\x14policy/objects.proto\"\xd9\x03\n\x10\x45ntityIdentifier\x12\xe1\x01\n\x0c\x65ntity_chain\x18\x01 \x01(\x0b\x32\x13.entity.EntityChainB\xa6\x01\xbaH\xa2\x01\xba\x01\x9e\x01\n\x15\x65ntity_chain_required\x12\x37\x65ntities must be provided and between 1 and 10 in count\x1aLhas(this.entities) && this.entities.size() > 0 && this.entities.size() <= 10H\x00R\x0b\x65ntityChain\x12O\n\x1dregistered_resource_value_fqn\x18\x02 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x1aregisteredResourceValueFqn\x12{\n\x05token\x18\x03 \x01(\x0b\x32\r.entity.TokenBT\xbaHQ\xba\x01N\n\x0etoken_required\x12\x16token must be provided\x1a$has(this.jwt) && this.jwt.size() > 0H\x00R\x05tokenB\x13\n\nidentifier\x12\x05\xbaH\x02\x08\x01\"\x81\x03\n\x12\x45ntityEntitlements\x12!\n\x0c\x65phemeral_id\x18\x01 \x01(\tR\x0b\x65phemeralId\x12\x8b\x01\n\x1f\x61\x63tions_per_attribute_value_fqn\x18\x02 \x03(\x0b\x32\x45.authorization.v2.EntityEntitlements.ActionsPerAttributeValueFqnEntryR\x1b\x61\x63tionsPerAttributeValueFqn\x1a\x37\n\x0b\x41\x63tionsList\x12(\n\x07\x61\x63tions\x18\x01 \x03(\x0b\x32\x0e.policy.ActionR\x07\x61\x63tions\x1a\x80\x01\n ActionsPerAttributeValueFqnEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12\x46\n\x05value\x18\x02 \x01(\x0b\x32\x30.authorization.v2.EntityEntitlements.ActionsListR\x05value:\x02\x38\x01\"\xe4\x03\n\x08Resource\x12!\n\x0c\x65phemeral_id\x18\x01 \x01(\tR\x0b\x65phemeralId\x12\xb0\x02\n\x10\x61ttribute_values\x18\x02 \x01(\x0b\x32*.authorization.v2.Resource.AttributeValuesB\xd6\x01\xbaH\xd2\x01\xba\x01\xce\x01\n\x19\x61ttribute_values_required\x12\\if provided, resource.attribute_values must be between 1 and 20 in count with all valid FQNs\x1aSthis.fqns.size() > 0 && this.fqns.size() <= 20 && this.fqns.all(item, item.isUri())H\x00R\x0f\x61ttributeValues\x12O\n\x1dregistered_resource_value_fqn\x18\x03 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x1aregisteredResourceValueFqn\x1a%\n\x0f\x41ttributeValues\x12\x12\n\x04\x66qns\x18\x01 \x03(\tR\x04\x66qnsB\n\n\x08resource\"~\n\x10ResourceDecision\x12\x32\n\x15\x65phemeral_resource_id\x18\x01 \x01(\tR\x13\x65phemeralResourceId\x12\x36\n\x08\x64\x65\x63ision\x18\x02 \x01(\x0e\x32\x1a.authorization.v2.DecisionR\x08\x64\x65\x63ision\"\xc4\x02\n\x12GetDecisionRequest\x12W\n\x11\x65ntity_identifier\x18\x01 \x01(\x0b\x32\".authorization.v2.EntityIdentifierB\x06\xbaH\x03\xc8\x01\x01R\x10\x65ntityIdentifier\x12.\n\x06\x61\x63tion\x18\x02 \x01(\x0b\x32\x0e.policy.ActionB\x06\xbaH\x03\xc8\x01\x01R\x06\x61\x63tion\x12>\n\x08resource\x18\x03 \x01(\x0b\x32\x1a.authorization.v2.ResourceB\x06\xbaH\x03\xc8\x01\x01R\x08resource:e\xbaHb\x1a`\n)get_decision_request.action_name_required\x12\x1c\x61\x63tion.name must be provided\x1a\x15has(this.action.name)\"U\n\x13GetDecisionResponse\x12>\n\x08\x64\x65\x63ision\x18\x01 \x01(\x0b\x32\".authorization.v2.ResourceDecisionR\x08\x64\x65\x63ision\"\xde\x02\n\x1fGetDecisionMultiResourceRequest\x12W\n\x11\x65ntity_identifier\x18\x01 \x01(\x0b\x32\".authorization.v2.EntityIdentifierB\x06\xbaH\x03\xc8\x01\x01R\x10\x65ntityIdentifier\x12.\n\x06\x61\x63tion\x18\x02 \x01(\x0b\x32\x0e.policy.ActionB\x06\xbaH\x03\xc8\x01\x01R\x06\x61\x63tion\x12\x45\n\tresources\x18\x03 \x03(\x0b\x32\x1a.authorization.v2.ResourceB\x0b\xbaH\x08\x92\x01\x05\x08\x01\x10\xe8\x07R\tresources:k\xbaHh\x1a\x66\n/get_decision_multi_request.action_name_required\x12\x1c\x61\x63tion.name must be provided\x1a\x15has(this.action.name)\"\xb6\x01\n GetDecisionMultiResourceResponse\x12?\n\rall_permitted\x18\x01 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x0c\x61llPermitted\x12Q\n\x12resource_decisions\x18\x02 \x03(\x0b\x32\".authorization.v2.ResourceDecisionR\x11resourceDecisions\"\x85\x01\n\x16GetDecisionBulkRequest\x12k\n\x11\x64\x65\x63ision_requests\x18\x01 \x03(\x0b\x32\x31.authorization.v2.GetDecisionMultiResourceRequestB\x0b\xbaH\x08\x92\x01\x05\x08\x01\x10\xc8\x01R\x10\x64\x65\x63isionRequests\"|\n\x17GetDecisionBulkResponse\x12\x61\n\x12\x64\x65\x63ision_responses\x18\x01 \x03(\x0b\x32\x32.authorization.v2.GetDecisionMultiResourceResponseR\x11\x64\x65\x63isionResponses\"\xd9\x01\n\x16GetEntitlementsRequest\x12W\n\x11\x65ntity_identifier\x18\x01 \x01(\x0b\x32\".authorization.v2.EntityIdentifierB\x06\xbaH\x03\xc8\x01\x01R\x10\x65ntityIdentifier\x12\x45\n\x1cwith_comprehensive_hierarchy\x18\x02 \x01(\x08H\x00R\x1awithComprehensiveHierarchy\x88\x01\x01\x42\x1f\n\x1d_with_comprehensive_hierarchy\"c\n\x17GetEntitlementsResponse\x12H\n\x0c\x65ntitlements\x18\x01 \x03(\x0b\x32$.authorization.v2.EntityEntitlementsR\x0c\x65ntitlements*L\n\x08\x44\x65\x63ision\x12\x18\n\x14\x44\x45\x43ISION_UNSPECIFIED\x10\x00\x12\x11\n\rDECISION_DENY\x10\x01\x12\x13\n\x0f\x44\x45\x43ISION_PERMIT\x10\x02\x32\xce\x03\n\x14\x41uthorizationService\x12\\\n\x0bGetDecision\x12$.authorization.v2.GetDecisionRequest\x1a%.authorization.v2.GetDecisionResponse\"\x00\x12\x83\x01\n\x18GetDecisionMultiResource\x12\x31.authorization.v2.GetDecisionMultiResourceRequest\x1a\x32.authorization.v2.GetDecisionMultiResourceResponse\"\x00\x12h\n\x0fGetDecisionBulk\x12(.authorization.v2.GetDecisionBulkRequest\x1a).authorization.v2.GetDecisionBulkResponse\"\x00\x12h\n\x0fGetEntitlements\x12(.authorization.v2.GetEntitlementsRequest\x1a).authorization.v2.GetEntitlementsResponse\"\x00\x42\x8b\x01\n\x14\x63om.authorization.v2B\x12\x41uthorizationProtoP\x01\xa2\x02\x03\x41XX\xaa\x02\x10\x41uthorization.V2\xca\x02\x10\x41uthorization\\V2\xe2\x02\x1c\x41uthorization\\V2\\GPBMetadata\xea\x02\x11\x41uthorization::V2b\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -39,7 +39,7 @@ _globals['_ENTITYIDENTIFIER'].oneofs_by_name['identifier']._loaded_options = None _globals['_ENTITYIDENTIFIER'].oneofs_by_name['identifier']._serialized_options = b'\272H\002\010\001' _globals['_ENTITYIDENTIFIER'].fields_by_name['entity_chain']._loaded_options = None - _globals['_ENTITYIDENTIFIER'].fields_by_name['entity_chain']._serialized_options = b'\272He\272\001b\n\025entity_chain_required\022\031entities must be provided\032.has(this.entities) && this.entities.size() > 0' + _globals['_ENTITYIDENTIFIER'].fields_by_name['entity_chain']._serialized_options = b'\272H\242\001\272\001\236\001\n\025entity_chain_required\0227entities must be provided and between 1 and 10 in count\032Lhas(this.entities) && this.entities.size() > 0 && this.entities.size() <= 10' _globals['_ENTITYIDENTIFIER'].fields_by_name['registered_resource_value_fqn']._loaded_options = None _globals['_ENTITYIDENTIFIER'].fields_by_name['registered_resource_value_fqn']._serialized_options = b'\272H\007r\005\020\001\210\001\001' _globals['_ENTITYIDENTIFIER'].fields_by_name['token']._loaded_options = None @@ -47,7 +47,7 @@ _globals['_ENTITYENTITLEMENTS_ACTIONSPERATTRIBUTEVALUEFQNENTRY']._loaded_options = None _globals['_ENTITYENTITLEMENTS_ACTIONSPERATTRIBUTEVALUEFQNENTRY']._serialized_options = b'8\001' _globals['_RESOURCE'].fields_by_name['attribute_values']._loaded_options = None - _globals['_RESOURCE'].fields_by_name['attribute_values']._serialized_options = b'\272H\224\001\272\001\220\001\n\031attribute_values_required\0228if provided, resource.attribute_values must not be empty\0329this.fqns.size() > 0 && this.fqns.all(item, item.isUri())' + _globals['_RESOURCE'].fields_by_name['attribute_values']._serialized_options = b'\272H\322\001\272\001\316\001\n\031attribute_values_required\022\\if provided, resource.attribute_values must be between 1 and 20 in count with all valid FQNs\032Sthis.fqns.size() > 0 && this.fqns.size() <= 20 && this.fqns.all(item, item.isUri())' _globals['_RESOURCE'].fields_by_name['registered_resource_value_fqn']._loaded_options = None _globals['_RESOURCE'].fields_by_name['registered_resource_value_fqn']._serialized_options = b'\272H\007r\005\020\001\210\001\001' _globals['_GETDECISIONREQUEST'].fields_by_name['entity_identifier']._loaded_options = None @@ -63,43 +63,45 @@ _globals['_GETDECISIONMULTIRESOURCEREQUEST'].fields_by_name['action']._loaded_options = None _globals['_GETDECISIONMULTIRESOURCEREQUEST'].fields_by_name['action']._serialized_options = b'\272H\003\310\001\001' _globals['_GETDECISIONMULTIRESOURCEREQUEST'].fields_by_name['resources']._loaded_options = None - _globals['_GETDECISIONMULTIRESOURCEREQUEST'].fields_by_name['resources']._serialized_options = b'\272H\010\222\001\002\010\001\310\001\001' + _globals['_GETDECISIONMULTIRESOURCEREQUEST'].fields_by_name['resources']._serialized_options = b'\272H\010\222\001\005\010\001\020\350\007' _globals['_GETDECISIONMULTIRESOURCEREQUEST']._loaded_options = None _globals['_GETDECISIONMULTIRESOURCEREQUEST']._serialized_options = b'\272Hh\032f\n/get_decision_multi_request.action_name_required\022\034action.name must be provided\032\025has(this.action.name)' + _globals['_GETDECISIONBULKREQUEST'].fields_by_name['decision_requests']._loaded_options = None + _globals['_GETDECISIONBULKREQUEST'].fields_by_name['decision_requests']._serialized_options = b'\272H\010\222\001\005\010\001\020\310\001' _globals['_GETENTITLEMENTSREQUEST'].fields_by_name['entity_identifier']._loaded_options = None _globals['_GETENTITLEMENTSREQUEST'].fields_by_name['entity_identifier']._serialized_options = b'\272H\003\310\001\001' - _globals['_DECISION']._serialized_start=3037 - _globals['_DECISION']._serialized_end=3113 + _globals['_DECISION']._serialized_start=3176 + _globals['_DECISION']._serialized_end=3252 _globals['_ENTITYIDENTIFIER']._serialized_start=163 - _globals['_ENTITYIDENTIFIER']._serialized_end=573 - _globals['_ENTITYENTITLEMENTS']._serialized_start=576 - _globals['_ENTITYENTITLEMENTS']._serialized_end=961 - _globals['_ENTITYENTITLEMENTS_ACTIONSLIST']._serialized_start=775 - _globals['_ENTITYENTITLEMENTS_ACTIONSLIST']._serialized_end=830 - _globals['_ENTITYENTITLEMENTS_ACTIONSPERATTRIBUTEVALUEFQNENTRY']._serialized_start=833 - _globals['_ENTITYENTITLEMENTS_ACTIONSPERATTRIBUTEVALUEFQNENTRY']._serialized_end=961 - _globals['_RESOURCE']._serialized_start=964 - _globals['_RESOURCE']._serialized_end=1386 - _globals['_RESOURCE_ATTRIBUTEVALUES']._serialized_start=1337 - _globals['_RESOURCE_ATTRIBUTEVALUES']._serialized_end=1374 - _globals['_RESOURCEDECISION']._serialized_start=1388 - _globals['_RESOURCEDECISION']._serialized_end=1514 - _globals['_GETDECISIONREQUEST']._serialized_start=1517 - _globals['_GETDECISIONREQUEST']._serialized_end=1841 - _globals['_GETDECISIONRESPONSE']._serialized_start=1843 - _globals['_GETDECISIONRESPONSE']._serialized_end=1928 - _globals['_GETDECISIONMULTIRESOURCEREQUEST']._serialized_start=1931 - _globals['_GETDECISIONMULTIRESOURCEREQUEST']._serialized_end=2281 - _globals['_GETDECISIONMULTIRESOURCERESPONSE']._serialized_start=2284 - _globals['_GETDECISIONMULTIRESOURCERESPONSE']._serialized_end=2466 - _globals['_GETDECISIONBULKREQUEST']._serialized_start=2468 - _globals['_GETDECISIONBULKREQUEST']._serialized_end=2588 - _globals['_GETDECISIONBULKRESPONSE']._serialized_start=2590 - _globals['_GETDECISIONBULKRESPONSE']._serialized_end=2714 - _globals['_GETENTITLEMENTSREQUEST']._serialized_start=2717 - _globals['_GETENTITLEMENTSREQUEST']._serialized_end=2934 - _globals['_GETENTITLEMENTSRESPONSE']._serialized_start=2936 - _globals['_GETENTITLEMENTSRESPONSE']._serialized_end=3035 - _globals['_AUTHORIZATIONSERVICE']._serialized_start=3116 - _globals['_AUTHORIZATIONSERVICE']._serialized_end=3578 + _globals['_ENTITYIDENTIFIER']._serialized_end=636 + _globals['_ENTITYENTITLEMENTS']._serialized_start=639 + _globals['_ENTITYENTITLEMENTS']._serialized_end=1024 + _globals['_ENTITYENTITLEMENTS_ACTIONSLIST']._serialized_start=838 + _globals['_ENTITYENTITLEMENTS_ACTIONSLIST']._serialized_end=893 + _globals['_ENTITYENTITLEMENTS_ACTIONSPERATTRIBUTEVALUEFQNENTRY']._serialized_start=896 + _globals['_ENTITYENTITLEMENTS_ACTIONSPERATTRIBUTEVALUEFQNENTRY']._serialized_end=1024 + _globals['_RESOURCE']._serialized_start=1027 + _globals['_RESOURCE']._serialized_end=1511 + _globals['_RESOURCE_ATTRIBUTEVALUES']._serialized_start=1462 + _globals['_RESOURCE_ATTRIBUTEVALUES']._serialized_end=1499 + _globals['_RESOURCEDECISION']._serialized_start=1513 + _globals['_RESOURCEDECISION']._serialized_end=1639 + _globals['_GETDECISIONREQUEST']._serialized_start=1642 + _globals['_GETDECISIONREQUEST']._serialized_end=1966 + _globals['_GETDECISIONRESPONSE']._serialized_start=1968 + _globals['_GETDECISIONRESPONSE']._serialized_end=2053 + _globals['_GETDECISIONMULTIRESOURCEREQUEST']._serialized_start=2056 + _globals['_GETDECISIONMULTIRESOURCEREQUEST']._serialized_end=2406 + _globals['_GETDECISIONMULTIRESOURCERESPONSE']._serialized_start=2409 + _globals['_GETDECISIONMULTIRESOURCERESPONSE']._serialized_end=2591 + _globals['_GETDECISIONBULKREQUEST']._serialized_start=2594 + _globals['_GETDECISIONBULKREQUEST']._serialized_end=2727 + _globals['_GETDECISIONBULKRESPONSE']._serialized_start=2729 + _globals['_GETDECISIONBULKRESPONSE']._serialized_end=2853 + _globals['_GETENTITLEMENTSREQUEST']._serialized_start=2856 + _globals['_GETENTITLEMENTSREQUEST']._serialized_end=3073 + _globals['_GETENTITLEMENTSRESPONSE']._serialized_start=3075 + _globals['_GETENTITLEMENTSRESPONSE']._serialized_end=3174 + _globals['_AUTHORIZATIONSERVICE']._serialized_start=3255 + _globals['_AUTHORIZATIONSERVICE']._serialized_end=3717 # @@protoc_insertion_point(module_scope) diff --git a/otdf-python-proto/src/otdf_python_proto/entityresolution/entity_resolution_connect.py b/otdf-python-proto/src/otdf_python_proto/entityresolution/entity_resolution_connect.py index 2d09bae..3c910d1 100644 --- a/otdf-python-proto/src/otdf_python_proto/entityresolution/entity_resolution_connect.py +++ b/otdf-python-proto/src/otdf_python_proto/entityresolution/entity_resolution_connect.py @@ -12,7 +12,7 @@ from connectrpc.method import IdempotencyLevel, MethodInfo from connectrpc.request import Headers, RequestContext from connectrpc.server import ConnectASGIApplication, ConnectWSGIApplication, Endpoint, EndpointSync -from . import entity_resolution_pb2 as entityresolution_dot_entity__resolution__pb2 +import entityresolution.entity_resolution_pb2 as entityresolution_dot_entity__resolution__pb2 class EntityResolutionService(Protocol): diff --git a/otdf-python-proto/src/otdf_python_proto/entityresolution/v2/__init__.py b/otdf-python-proto/src/otdf_python_proto/entityresolution/v2/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/kas/kas_connect.py b/otdf-python-proto/src/otdf_python_proto/kas/kas_connect.py index 7a71a26..a45ba4d 100644 --- a/otdf-python-proto/src/otdf_python_proto/kas/kas_connect.py +++ b/otdf-python-proto/src/otdf_python_proto/kas/kas_connect.py @@ -13,7 +13,7 @@ from connectrpc.request import Headers, RequestContext from connectrpc.server import ConnectASGIApplication, ConnectWSGIApplication, Endpoint, EndpointSync import google.protobuf.wrappers_pb2 as google_dot_protobuf_dot_wrappers__pb2 -from . import kas_pb2 as kas_dot_kas__pb2 +import kas.kas_pb2 as kas_dot_kas__pb2 class AccessService(Protocol): diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/authorization/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/authorization/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/authorization/v2/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/authorization/v2/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/common/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/common/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/entity/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/entity/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/entityresolution/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/entityresolution/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/entityresolution/v2/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/entityresolution/v2/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/kas/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/kas/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/logger/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/logger/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/logger/audit/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/logger/audit/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/actions/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/actions/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/attributes/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/attributes/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/kasregistry/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/kasregistry/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/kasregistry/key_access_server_registry_pb2_grpc.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/kasregistry/key_access_server_registry_pb2_grpc.py index 686c567..f2a2c1e 100644 --- a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/kasregistry/key_access_server_registry_pb2_grpc.py +++ b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/kasregistry/key_access_server_registry_pb2_grpc.py @@ -79,6 +79,11 @@ def __init__(self, channel): request_serializer=policy_dot_kasregistry_dot_key__access__server__registry__pb2.GetBaseKeyRequest.SerializeToString, response_deserializer=policy_dot_kasregistry_dot_key__access__server__registry__pb2.GetBaseKeyResponse.FromString, _registered_method=True) + self.ListKeyMappings = channel.unary_unary( + '/policy.kasregistry.KeyAccessServerRegistryService/ListKeyMappings', + request_serializer=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest.SerializeToString, + response_deserializer=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse.FromString, + _registered_method=True) class KeyAccessServerRegistryServiceServicer(object): @@ -171,6 +176,13 @@ def GetBaseKey(self, request, context): context.set_details('Method not implemented!') raise NotImplementedError('Method not implemented!') + def ListKeyMappings(self, request, context): + """Request to list key mappings in the Key Access Service. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + def add_KeyAccessServerRegistryServiceServicer_to_server(servicer, server): rpc_method_handlers = { @@ -239,6 +251,11 @@ def add_KeyAccessServerRegistryServiceServicer_to_server(servicer, server): request_deserializer=policy_dot_kasregistry_dot_key__access__server__registry__pb2.GetBaseKeyRequest.FromString, response_serializer=policy_dot_kasregistry_dot_key__access__server__registry__pb2.GetBaseKeyResponse.SerializeToString, ), + 'ListKeyMappings': grpc.unary_unary_rpc_method_handler( + servicer.ListKeyMappings, + request_deserializer=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest.FromString, + response_serializer=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse.SerializeToString, + ), } generic_handler = grpc.method_handlers_generic_handler( 'policy.kasregistry.KeyAccessServerRegistryService', rpc_method_handlers) @@ -600,3 +617,30 @@ def GetBaseKey(request, timeout, metadata, _registered_method=True) + + @staticmethod + def ListKeyMappings(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.kasregistry.KeyAccessServerRegistryService/ListKeyMappings', + policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest.SerializeToString, + policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/keymanagement/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/keymanagement/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/namespaces/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/namespaces/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/obligations/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/obligations/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/obligations/obligations_pb2_grpc.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/obligations/obligations_pb2_grpc.py new file mode 100644 index 0000000..a168e34 --- /dev/null +++ b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/obligations/obligations_pb2_grpc.py @@ -0,0 +1,680 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +"""Client and server classes corresponding to protobuf-defined services.""" +import grpc + +from policy.obligations import obligations_pb2 as policy_dot_obligations_dot_obligations__pb2 + + +class ServiceStub(object): + """Fulfillers + message AddObligationFulfillerRequest { + // Required + string obligation_value_id = 1; + google.protobuf.Struct conditionals = 2; + // Optional + // Common metadata + common.MetadataMutable metadata = 100; + } + + message AddObligationFulfillerResponse { + policy.ObligationFulfiller fulfiller = 1; + } + + message RemoveObligationFulfillerRequest { + string id = 1; + } + + message RemoveObligationFulfillerResponse { + policy.ObligationFulfiller fulfiller = 1; + } + + / + / Obligation Service + / + """ + + def __init__(self, channel): + """Constructor. + + Args: + channel: A grpc.Channel. + """ + self.ListObligations = channel.unary_unary( + '/policy.obligations.Service/ListObligations', + request_serializer=policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse.FromString, + _registered_method=True) + self.GetObligation = channel.unary_unary( + '/policy.obligations.Service/GetObligation', + request_serializer=policy_dot_obligations_dot_obligations__pb2.GetObligationRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.GetObligationResponse.FromString, + _registered_method=True) + self.GetObligationsByFQNs = channel.unary_unary( + '/policy.obligations.Service/GetObligationsByFQNs', + request_serializer=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse.FromString, + _registered_method=True) + self.CreateObligation = channel.unary_unary( + '/policy.obligations.Service/CreateObligation', + request_serializer=policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse.FromString, + _registered_method=True) + self.UpdateObligation = channel.unary_unary( + '/policy.obligations.Service/UpdateObligation', + request_serializer=policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse.FromString, + _registered_method=True) + self.DeleteObligation = channel.unary_unary( + '/policy.obligations.Service/DeleteObligation', + request_serializer=policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse.FromString, + _registered_method=True) + self.GetObligationValue = channel.unary_unary( + '/policy.obligations.Service/GetObligationValue', + request_serializer=policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse.FromString, + _registered_method=True) + self.GetObligationValuesByFQNs = channel.unary_unary( + '/policy.obligations.Service/GetObligationValuesByFQNs', + request_serializer=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse.FromString, + _registered_method=True) + self.CreateObligationValue = channel.unary_unary( + '/policy.obligations.Service/CreateObligationValue', + request_serializer=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse.FromString, + _registered_method=True) + self.UpdateObligationValue = channel.unary_unary( + '/policy.obligations.Service/UpdateObligationValue', + request_serializer=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse.FromString, + _registered_method=True) + self.DeleteObligationValue = channel.unary_unary( + '/policy.obligations.Service/DeleteObligationValue', + request_serializer=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse.FromString, + _registered_method=True) + self.AddObligationTrigger = channel.unary_unary( + '/policy.obligations.Service/AddObligationTrigger', + request_serializer=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse.FromString, + _registered_method=True) + self.RemoveObligationTrigger = channel.unary_unary( + '/policy.obligations.Service/RemoveObligationTrigger', + request_serializer=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest.SerializeToString, + response_deserializer=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse.FromString, + _registered_method=True) + + +class ServiceServicer(object): + """Fulfillers + message AddObligationFulfillerRequest { + // Required + string obligation_value_id = 1; + google.protobuf.Struct conditionals = 2; + // Optional + // Common metadata + common.MetadataMutable metadata = 100; + } + + message AddObligationFulfillerResponse { + policy.ObligationFulfiller fulfiller = 1; + } + + message RemoveObligationFulfillerRequest { + string id = 1; + } + + message RemoveObligationFulfillerResponse { + policy.ObligationFulfiller fulfiller = 1; + } + + / + / Obligation Service + / + """ + + def ListObligations(self, request, context): + """--------------------------------------* + Obligation RPCs + -------------------------------------- + + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetObligation(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetObligationsByFQNs(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def CreateObligation(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateObligation(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def DeleteObligation(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetObligationValue(self, request, context): + """--------------------------------------* + Value RPCs + -------------------------------------- + + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def GetObligationValuesByFQNs(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def CreateObligationValue(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def UpdateObligationValue(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def DeleteObligationValue(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def AddObligationTrigger(self, request, context): + """--------------------------------------* + Trigger RPCs + -------------------------------------- + + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + def RemoveObligationTrigger(self, request, context): + """Missing associated documentation comment in .proto file.""" + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details('Method not implemented!') + raise NotImplementedError('Method not implemented!') + + +def add_ServiceServicer_to_server(servicer, server): + rpc_method_handlers = { + 'ListObligations': grpc.unary_unary_rpc_method_handler( + servicer.ListObligations, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse.SerializeToString, + ), + 'GetObligation': grpc.unary_unary_rpc_method_handler( + servicer.GetObligation, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.GetObligationRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.GetObligationResponse.SerializeToString, + ), + 'GetObligationsByFQNs': grpc.unary_unary_rpc_method_handler( + servicer.GetObligationsByFQNs, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse.SerializeToString, + ), + 'CreateObligation': grpc.unary_unary_rpc_method_handler( + servicer.CreateObligation, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse.SerializeToString, + ), + 'UpdateObligation': grpc.unary_unary_rpc_method_handler( + servicer.UpdateObligation, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse.SerializeToString, + ), + 'DeleteObligation': grpc.unary_unary_rpc_method_handler( + servicer.DeleteObligation, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse.SerializeToString, + ), + 'GetObligationValue': grpc.unary_unary_rpc_method_handler( + servicer.GetObligationValue, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse.SerializeToString, + ), + 'GetObligationValuesByFQNs': grpc.unary_unary_rpc_method_handler( + servicer.GetObligationValuesByFQNs, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse.SerializeToString, + ), + 'CreateObligationValue': grpc.unary_unary_rpc_method_handler( + servicer.CreateObligationValue, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse.SerializeToString, + ), + 'UpdateObligationValue': grpc.unary_unary_rpc_method_handler( + servicer.UpdateObligationValue, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse.SerializeToString, + ), + 'DeleteObligationValue': grpc.unary_unary_rpc_method_handler( + servicer.DeleteObligationValue, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse.SerializeToString, + ), + 'AddObligationTrigger': grpc.unary_unary_rpc_method_handler( + servicer.AddObligationTrigger, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse.SerializeToString, + ), + 'RemoveObligationTrigger': grpc.unary_unary_rpc_method_handler( + servicer.RemoveObligationTrigger, + request_deserializer=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest.FromString, + response_serializer=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse.SerializeToString, + ), + } + generic_handler = grpc.method_handlers_generic_handler( + 'policy.obligations.Service', rpc_method_handlers) + server.add_generic_rpc_handlers((generic_handler,)) + server.add_registered_method_handlers('policy.obligations.Service', rpc_method_handlers) + + + # This class is part of an EXPERIMENTAL API. +class Service(object): + """Fulfillers + message AddObligationFulfillerRequest { + // Required + string obligation_value_id = 1; + google.protobuf.Struct conditionals = 2; + // Optional + // Common metadata + common.MetadataMutable metadata = 100; + } + + message AddObligationFulfillerResponse { + policy.ObligationFulfiller fulfiller = 1; + } + + message RemoveObligationFulfillerRequest { + string id = 1; + } + + message RemoveObligationFulfillerResponse { + policy.ObligationFulfiller fulfiller = 1; + } + + / + / Obligation Service + / + """ + + @staticmethod + def ListObligations(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/ListObligations', + policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def GetObligation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/GetObligation', + policy_dot_obligations_dot_obligations__pb2.GetObligationRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.GetObligationResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def GetObligationsByFQNs(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/GetObligationsByFQNs', + policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def CreateObligation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/CreateObligation', + policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def UpdateObligation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/UpdateObligation', + policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def DeleteObligation(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/DeleteObligation', + policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def GetObligationValue(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/GetObligationValue', + policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def GetObligationValuesByFQNs(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/GetObligationValuesByFQNs', + policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def CreateObligationValue(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/CreateObligationValue', + policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def UpdateObligationValue(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/UpdateObligationValue', + policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def DeleteObligationValue(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/DeleteObligationValue', + policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def AddObligationTrigger(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/AddObligationTrigger', + policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) + + @staticmethod + def RemoveObligationTrigger(request, + target, + options=(), + channel_credentials=None, + call_credentials=None, + insecure=False, + compression=None, + wait_for_ready=None, + timeout=None, + metadata=None): + return grpc.experimental.unary_unary( + request, + target, + '/policy.obligations.Service/RemoveObligationTrigger', + policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest.SerializeToString, + policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse.FromString, + options, + channel_credentials, + insecure, + call_credentials, + compression, + wait_for_ready, + timeout, + metadata, + _registered_method=True) diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/registeredresources/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/registeredresources/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/resourcemapping/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/resourcemapping/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/subjectmapping/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/subjectmapping/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/unsafe/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/policy/unsafe/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/legacy_grpc/wellknownconfiguration/__init__.py b/otdf-python-proto/src/otdf_python_proto/legacy_grpc/wellknownconfiguration/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/logger/audit/__init__.py b/otdf-python-proto/src/otdf_python_proto/logger/audit/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_connect.py b/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_connect.py index c5296ee..17eca57 100644 --- a/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_connect.py +++ b/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_connect.py @@ -55,6 +55,9 @@ async def set_base_key(self, request: policy_dot_kasregistry_dot_key__access__se async def get_base_key(self, request: policy_dot_kasregistry_dot_key__access__server__registry__pb2.GetBaseKeyRequest, ctx: RequestContext) -> policy_dot_kasregistry_dot_key__access__server__registry__pb2.GetBaseKeyResponse: raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + async def list_key_mappings(self, request: policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest, ctx: RequestContext) -> policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + class KeyAccessServerRegistryServiceASGIApplication(ConnectASGIApplication[KeyAccessServerRegistryService]): def __init__(self, service: KeyAccessServerRegistryService | AsyncGenerator[KeyAccessServerRegistryService], *, interceptors: Iterable[Interceptor]=(), read_max_bytes: int | None = None) -> None: @@ -191,6 +194,16 @@ def __init__(self, service: KeyAccessServerRegistryService | AsyncGenerator[KeyA ), function=svc.get_base_key, ), + "/policy.kasregistry.KeyAccessServerRegistryService/ListKeyMappings": Endpoint.unary( + method=MethodInfo( + name="ListKeyMappings", + service_name="policy.kasregistry.KeyAccessServerRegistryService", + input=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest, + output=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=svc.list_key_mappings, + ), }, interceptors=interceptors, read_max_bytes=read_max_bytes, @@ -469,6 +482,26 @@ async def get_base_key( timeout_ms=timeout_ms, ) + async def list_key_mappings( + self, + request: policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="ListKeyMappings", + service_name="policy.kasregistry.KeyAccessServerRegistryService", + input=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest, + output=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + class KeyAccessServerRegistryServiceSync(Protocol): def list_key_access_servers(self, request: policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyAccessServersRequest, ctx: RequestContext) -> policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyAccessServersResponse: @@ -497,6 +530,8 @@ def set_base_key(self, request: policy_dot_kasregistry_dot_key__access__server__ raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") def get_base_key(self, request: policy_dot_kasregistry_dot_key__access__server__registry__pb2.GetBaseKeyRequest, ctx: RequestContext) -> policy_dot_kasregistry_dot_key__access__server__registry__pb2.GetBaseKeyResponse: raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def list_key_mappings(self, request: policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest, ctx: RequestContext) -> policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") class KeyAccessServerRegistryServiceWSGIApplication(ConnectWSGIApplication): @@ -633,6 +668,16 @@ def __init__(self, service: KeyAccessServerRegistryServiceSync, interceptors: It ), function=service.get_base_key, ), + "/policy.kasregistry.KeyAccessServerRegistryService/ListKeyMappings": EndpointSync.unary( + method=MethodInfo( + name="ListKeyMappings", + service_name="policy.kasregistry.KeyAccessServerRegistryService", + input=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest, + output=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=service.list_key_mappings, + ), }, interceptors=interceptors, read_max_bytes=read_max_bytes, @@ -910,3 +955,23 @@ def get_base_key( headers=headers, timeout_ms=timeout_ms, ) + + def list_key_mappings( + self, + request: policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="ListKeyMappings", + service_name="policy.kasregistry.KeyAccessServerRegistryService", + input=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsRequest, + output=policy_dot_kasregistry_dot_key__access__server__registry__pb2.ListKeyMappingsResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) diff --git a/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_pb2.py b/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_pb2.py index 8f3a48e..b53307d 100644 --- a/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_pb2.py +++ b/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_pb2.py @@ -29,7 +29,7 @@ from policy import selectors_pb2 as policy_dot_selectors__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n3policy/kasregistry/key_access_server_registry.proto\x12\x12policy.kasregistry\x1a\x1b\x62uf/validate/validate.proto\x1a\x13\x63ommon/common.proto\x1a\x1cgoogle/api/annotations.proto\x1a\x14policy/objects.proto\x1a\x16policy/selectors.proto\"\xe4\x03\n\x19GetKeyAccessServerRequest\x12\x1d\n\x02id\x18\x01 \x01(\tB\r\x18\x01\xbaH\x08r\x03\xb0\x01\x01\xd8\x01\x01R\x02id\x12!\n\x06kas_id\x18\x02 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12\x1d\n\x04name\x18\x03 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x04name\x12\x1e\n\x03uri\x18\x04 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x03uri:\xb7\x02\xbaH\xb3\x02\x1a\xa8\x01\n\x10\x65xclusive_fields\x12JEither use deprecated \'id\' field or one of \'kas_id\' or \'uri\', but not both\x1aH!(has(this.id) && (has(this.kas_id) || has(this.uri) || has(this.name)))\x1a\x85\x01\n\x0frequired_fields\x12-Either id or one of kas_id or uri must be set\x1a\x43has(this.id) || has(this.kas_id) || has(this.uri) || has(this.name)B\x0c\n\nidentifier\"a\n\x1aGetKeyAccessServerResponse\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\"R\n\x1bListKeyAccessServersRequest\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npagination\"\x9b\x01\n\x1cListKeyAccessServersResponse\x12\x45\n\x12key_access_servers\x18\x01 \x03(\x0b\x32\x17.policy.KeyAccessServerR\x10keyAccessServers\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination\"\x95\x06\n\x1c\x43reateKeyAccessServerRequest\x12\x87\x02\n\x03uri\x18\x01 \x01(\tB\xf4\x01\xbaH\xf0\x01\xba\x01\xec\x01\n\nuri_format\x12\xcf\x01URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x0cthis.isUri()R\x03uri\x12\x30\n\npublic_key\x18\x02 \x01(\x0b\x32\x11.policy.PublicKeyR\tpublicKey\x12@\n\x0bsource_type\x18\x03 \x01(\x0e\x32\x12.policy.SourceTypeB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x00R\nsourceType\x12\xc1\x02\n\x04name\x18\x14 \x01(\tB\xac\x02\xbaH\xa8\x02r\x03\x18\xfd\x01\xba\x01\x9c\x02\n\x0fkas_name_format\x12\xb3\x01Registered KAS name must be an alphanumeric string, allowing hyphens, and underscores but not as the first or last character. The stored KAS name will be normalized to lower case.\x1aSsize(this) > 0 ? this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\') : true\xc8\x01\x00R\x04name\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\"d\n\x1d\x43reateKeyAccessServerResponse\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\"\xa5\x07\n\x1cUpdateKeyAccessServerRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\xac\x02\n\x03uri\x18\x02 \x01(\tB\x99\x02\xbaH\x95\x02\xba\x01\x91\x02\n\x13optional_uri_format\x12\xd8\x01Optional URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x1fsize(this) == 0 || this.isUri()R\x03uri\x12\x30\n\npublic_key\x18\x03 \x01(\x0b\x32\x11.policy.PublicKeyR\tpublicKey\x12@\n\x0bsource_type\x18\x04 \x01(\x0e\x32\x12.policy.SourceTypeB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x00R\nsourceType\x12\xbc\x02\n\x04name\x18\x14 \x01(\tB\xa7\x02\xbaH\xa3\x02r\x03\x18\xfd\x01\xba\x01\x97\x02\n\x0fkas_name_format\x12\xb3\x01Registered KAS name must be an alphanumeric string, allowing hyphens, and underscores but not as the first or last character. The stored KAS name will be normalized to lower case.\x1aNsize(this) == 0 || this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\')\xc8\x01\x00R\x04name\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\x12T\n\x18metadata_update_behavior\x18\x65 \x01(\x0e\x32\x1a.common.MetadataUpdateEnumR\x16metadataUpdateBehavior\"d\n\x1dUpdateKeyAccessServerResponse\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\"8\n\x1c\x44\x65leteKeyAccessServerRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"d\n\x1d\x44\x65leteKeyAccessServerResponse\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\"7\n\x13GrantedPolicyObject\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x10\n\x03\x66qn\x18\x02 \x01(\tR\x03\x66qn\"\xd0\x02\n\x15KeyAccessServerGrants\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\x12R\n\x10namespace_grants\x18\x02 \x03(\x0b\x32\'.policy.kasregistry.GrantedPolicyObjectR\x0fnamespaceGrants\x12R\n\x10\x61ttribute_grants\x18\x03 \x03(\x0b\x32\'.policy.kasregistry.GrantedPolicyObjectR\x0f\x61ttributeGrants\x12J\n\x0cvalue_grants\x18\x04 \x03(\x0b\x32\'.policy.kasregistry.GrantedPolicyObjectR\x0bvalueGrants\"\x9e\x01\n\x16\x43reatePublicKeyRequest\x12\x1f\n\x06kas_id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x05kasId\x12.\n\x03key\x18\x02 \x01(\x0b\x32\x14.policy.KasPublicKeyB\x06\xbaH\x03\xc8\x01\x01R\x03key\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\"8\n\x17\x43reatePublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"?\n\x13GetPublicKeyRequest\x12\x1a\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x02idB\x0c\n\nidentifier\"5\n\x14GetPublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"\xca\x01\n\x15ListPublicKeysRequest\x12!\n\x06kas_id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12$\n\x08kas_name\x18\x02 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x07kasName\x12%\n\x07kas_uri\x18\x03 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x06kasUri\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npaginationB\x0c\n\nkas_filter\"o\n\x16ListPublicKeysResponse\x12\x1f\n\x04keys\x18\x01 \x03(\x0b\x32\x0b.policy.KeyR\x04keys\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination\"\x81\x02\n\x1bListPublicKeyMappingRequest\x12!\n\x06kas_id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12$\n\x08kas_name\x18\x02 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x07kasName\x12%\n\x07kas_uri\x18\x03 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x06kasUri\x12/\n\rpublic_key_id\x18\x04 \x01(\tB\x0b\xbaH\x08r\x03\xb0\x01\x01\xd8\x01\x01R\x0bpublicKeyId\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npaginationB\x0c\n\nkas_filter\"\xf6\x05\n\x1cListPublicKeyMappingResponse\x12q\n\x13public_key_mappings\x18\x01 \x03(\x0b\x32\x41.policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyMappingR\x11publicKeyMappings\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination\x1a\xba\x01\n\x10PublicKeyMapping\x12\x15\n\x06kas_id\x18\x02 \x01(\tR\x05kasId\x12\x19\n\x08kas_name\x18\x03 \x01(\tR\x07kasName\x12\x17\n\x07kas_uri\x18\x04 \x01(\tR\x06kasUri\x12[\n\x0bpublic_keys\x18\x05 \x03(\x0b\x32:.policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyR\npublicKeys\x1a\xbe\x02\n\tPublicKey\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\x12T\n\x06values\x18\x06 \x03(\x0b\x32<.policy.kasregistry.ListPublicKeyMappingResponse.AssociationR\x06values\x12^\n\x0b\x64\x65\x66initions\x18\x07 \x03(\x0b\x32<.policy.kasregistry.ListPublicKeyMappingResponse.AssociationR\x0b\x64\x65\x66initions\x12\\\n\nnamespaces\x18\x08 \x03(\x0b\x32<.policy.kasregistry.ListPublicKeyMappingResponse.AssociationR\nnamespaces\x1a/\n\x0b\x41ssociation\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x10\n\x03\x66qn\x18\x02 \x01(\tR\x03\x66qn\"\xbd\x01\n\x16UpdatePublicKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\x12T\n\x18metadata_update_behavior\x18\x65 \x01(\x0e\x32\x1a.common.MetadataUpdateEnumR\x16metadataUpdateBehavior\"8\n\x17UpdatePublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"6\n\x1a\x44\x65\x61\x63tivatePublicKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"<\n\x1b\x44\x65\x61\x63tivatePublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"4\n\x18\x41\x63tivatePublicKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\":\n\x19\x41\x63tivatePublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"\xa5\x07\n ListKeyAccessServerGrantsRequest\x12\xcb\x01\n\x06kas_id\x18\x01 \x01(\tB\xb3\x01\xbaH\xaf\x01\xba\x01\xab\x01\n\x14optional_uuid_format\x12#Optional field must be a valid UUID\x1ansize(this) == 0 || this.matches(\'[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}\')R\x05kasId\x12\xb3\x02\n\x07kas_uri\x18\x02 \x01(\tB\x99\x02\xbaH\x95\x02\xba\x01\x91\x02\n\x13optional_uri_format\x12\xd8\x01Optional URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x1fsize(this) == 0 || this.isUri()R\x06kasUri\x12\xc3\x02\n\x08kas_name\x18\x03 \x01(\tB\xa7\x02\xbaH\xa3\x02r\x03\x18\xfd\x01\xba\x01\x97\x02\n\x0fkas_name_format\x12\xb3\x01Registered KAS name must be an alphanumeric string, allowing hyphens, and underscores but not as the first or last character. The stored KAS name will be normalized to lower case.\x1aNsize(this) == 0 || this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\')\xc8\x01\x00R\x07kasName\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npagination:\x02\x18\x01\"\xa4\x01\n!ListKeyAccessServerGrantsResponse\x12\x45\n\x06grants\x18\x01 \x03(\x0b\x32).policy.kasregistry.KeyAccessServerGrantsB\x02\x18\x01R\x06grants\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination:\x02\x18\x01\"\xb1\x0c\n\x10\x43reateKeyRequest\x12\x1f\n\x06kas_id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x05kasId\x12\x1e\n\x06key_id\x18\x02 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x05keyId\x12\xa1\x01\n\rkey_algorithm\x18\x03 \x01(\x0e\x32\x11.policy.AlgorithmBi\xbaHf\xba\x01\x63\n\x15key_algorithm_defined\x12\x34The key_algorithm must be one of the defined values.\x1a\x14this in [1, 2, 3, 4]R\x0ckeyAlgorithm\x12\x93\x01\n\x08key_mode\x18\x04 \x01(\x0e\x32\x0f.policy.KeyModeBg\xbaHd\xba\x01\x61\n\x10key_mode_defined\x12\x35The key_mode must be one of the defined values (1-4).\x1a\x16this >= 1 && this <= 4R\x07keyMode\x12\x42\n\x0epublic_key_ctx\x18\x05 \x01(\x0b\x32\x14.policy.PublicKeyCtxB\x06\xbaH\x03\xc8\x01\x01R\x0cpublicKeyCtx\x12=\n\x0fprivate_key_ctx\x18\x06 \x01(\x0b\x32\x15.policy.PrivateKeyCtxR\rprivateKeyCtx\x12,\n\x12provider_config_id\x18\x07 \x01(\tR\x10providerConfigId\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata:\xbb\x07\xbaH\xb7\x07\x1a\x97\x03\n#private_key_ctx_optionally_required\x12\xbc\x01The wrapped_key is required if key_mode is KEY_MODE_CONFIG_ROOT_KEY or KEY_MODE_PROVIDER_ROOT_KEY. The wrapped_key must be empty if key_mode is KEY_MODE_REMOTE or KEY_MODE_PUBLIC_KEY_ONLY.\x1a\xb0\x01((this.key_mode == 1 || this.key_mode == 2) && this.private_key_ctx.wrapped_key != \'\') || ((this.key_mode == 3 || this.key_mode == 4) && this.private_key_ctx.wrapped_key == \'\')\x1a\xf4\x02\n&provider_config_id_optionally_required\x12\xa8\x01Provider config id is required if key_mode is KEY_MODE_PROVIDER_ROOT_KEY or KEY_MODE_REMOTE. It must be empty for KEY_MODE_CONFIG_ROOT_KEY and KEY_MODE_PUBLIC_KEY_ONLY.\x1a\x9e\x01((this.key_mode == 1 || this.key_mode == 4) && this.provider_config_id == \'\') || ((this.key_mode == 2 || this.key_mode == 3) && this.provider_config_id != \'\')\x1a\xa3\x01\n#private_key_ctx_for_public_key_only\x12Hprivate_key_ctx must not be set if key_mode is KEY_MODE_PUBLIC_KEY_ONLY.\x1a\x32!(this.key_mode == 4 && has(this.private_key_ctx))\"<\n\x11\x43reateKeyResponse\x12\'\n\x07kas_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\x06kasKey\"z\n\rGetKeyRequest\x12\x1a\n\x02id\x18\x02 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x02id\x12\x38\n\x03key\x18\x03 \x01(\x0b\x32$.policy.kasregistry.KasKeyIdentifierH\x00R\x03keyB\x13\n\nidentifier\x12\x05\xbaH\x02\x08\x01\"9\n\x0eGetKeyResponse\x12\'\n\x07kas_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\x06kasKey\"\xeb\x02\n\x0fListKeysRequest\x12\xa4\x01\n\rkey_algorithm\x18\x01 \x01(\x0e\x32\x11.policy.AlgorithmBl\xbaHi\xba\x01\x66\n\x15key_algorithm_defined\x12\x34The key_algorithm must be one of the defined values.\x1a\x17this in [0, 1, 2, 3, 4]R\x0ckeyAlgorithm\x12!\n\x06kas_id\x18\x02 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12$\n\x08kas_name\x18\x03 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x07kasName\x12%\n\x07kas_uri\x18\x04 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x06kasUri\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npaginationB\x0c\n\nkas_filter\"s\n\x10ListKeysResponse\x12)\n\x08kas_keys\x18\x01 \x03(\x0b\x32\x0e.policy.KasKeyR\x07kasKeys\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination\"\x86\x03\n\x10UpdateKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\x12T\n\x18metadata_update_behavior\x18\x65 \x01(\x0e\x32\x1a.common.MetadataUpdateEnumR\x16metadataUpdateBehavior:\xcc\x01\xbaH\xc8\x01\x1a\xc5\x01\n\x18metadata_update_behavior\x12RMetadata update behavior must be either APPEND or REPLACE, when updating metadata.\x1aU((!has(this.metadata)) || (has(this.metadata) && this.metadata_update_behavior != 0))\"<\n\x11UpdateKeyResponse\x12\'\n\x07kas_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\x06kasKey\"\xa4\x01\n\x10KasKeyIdentifier\x12!\n\x06kas_id\x18\x02 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12\x1d\n\x04name\x18\x03 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x04name\x12\x1e\n\x03uri\x18\x04 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x03uri\x12\x19\n\x03kid\x18\x05 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x03kidB\x13\n\nidentifier\x12\x05\xbaH\x02\x08\x01\"\xe2\x0e\n\x10RotateKeyRequest\x12\x1a\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x02id\x12\x38\n\x03key\x18\x02 \x01(\x0b\x32$.policy.kasregistry.KasKeyIdentifierH\x00R\x03key\x12\x44\n\x07new_key\x18\x03 \x01(\x0b\x32+.policy.kasregistry.RotateKeyRequest.NewKeyR\x06newKey\x1a\xcc\x04\n\x06NewKey\x12\x1e\n\x06key_id\x18\x01 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x05keyId\x12\x9a\x01\n\talgorithm\x18\x02 \x01(\x0e\x32\x11.policy.AlgorithmBi\xbaHf\xba\x01\x63\n\x15key_algorithm_defined\x12\x34The key_algorithm must be one of the defined values.\x1a\x14this in [1, 2, 3, 4]R\talgorithm\x12\x9e\x01\n\x08key_mode\x18\x03 \x01(\x0e\x32\x0f.policy.KeyModeBr\xbaHo\x82\x01\x02\x10\x01\xba\x01g\n\x14new_key_mode_defined\x12\x39The new key_mode must be one of the defined values (1-4).\x1a\x14this in [1, 2, 3, 4]R\x07keyMode\x12\x42\n\x0epublic_key_ctx\x18\x04 \x01(\x0b\x32\x14.policy.PublicKeyCtxB\x06\xbaH\x03\xc8\x01\x01R\x0cpublicKeyCtx\x12=\n\x0fprivate_key_ctx\x18\x05 \x01(\x0b\x32\x15.policy.PrivateKeyCtxR\rprivateKeyCtx\x12,\n\x12provider_config_id\x18\x06 \x01(\tR\x10providerConfigId\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata:\xcd\x08\xbaH\xc9\x08\x1a\xd8\x03\n#private_key_ctx_optionally_required\x12\xcd\x01\x46or the new key, the wrapped_key is required if key_mode is KEY_MODE_CONFIG_ROOT_KEY or KEY_MODE_PROVIDER_ROOT_KEY. The wrapped_key must be empty if key_mode is KEY_MODE_REMOTE or KEY_MODE_PUBLIC_KEY_ONLY.\x1a\xe0\x01((this.new_key.key_mode == 1 || this.new_key.key_mode == 2) && this.new_key.private_key_ctx.wrapped_key != \'\') || ((this.new_key.key_mode == 3 || this.new_key.key_mode == 4) && this.new_key.private_key_ctx.wrapped_key == \'\')\x1a\xb5\x03\n&provider_config_id_optionally_required\x12\xb9\x01\x46or the new key, provider config id is required if key_mode is KEY_MODE_PROVIDER_ROOT_KEY or KEY_MODE_REMOTE. It must be empty for KEY_MODE_CONFIG_ROOT_KEY and KEY_MODE_PUBLIC_KEY_ONLY.\x1a\xce\x01((this.new_key.key_mode == 1 || this.new_key.key_mode == 4) && this.new_key.provider_config_id == \'\') || ((this.new_key.key_mode == 2 || this.new_key.key_mode == 3) && this.new_key.provider_config_id != \'\')\x1a\xb3\x01\n#private_key_ctx_for_public_key_only\x12Hprivate_key_ctx must not be set if key_mode is KEY_MODE_PUBLIC_KEY_ONLY.\x1a\x42!(this.new_key.key_mode == 4 && has(this.new_key.private_key_ctx))B\x13\n\nactive_key\x12\x05\xbaH\x02\x08\x01\"2\n\x0e\x43hangeMappings\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x10\n\x03\x66qn\x18\x02 \x01(\tR\x03\x66qn\"\xe3\x02\n\x10RotatedResources\x12\x36\n\x0frotated_out_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\rrotatedOutKey\x12\x66\n\x1d\x61ttribute_definition_mappings\x18\x02 \x03(\x0b\x32\".policy.kasregistry.ChangeMappingsR\x1b\x61ttributeDefinitionMappings\x12\\\n\x18\x61ttribute_value_mappings\x18\x03 \x03(\x0b\x32\".policy.kasregistry.ChangeMappingsR\x16\x61ttributeValueMappings\x12Q\n\x12namespace_mappings\x18\x04 \x03(\x0b\x32\".policy.kasregistry.ChangeMappingsR\x11namespaceMappings\"\x8f\x01\n\x11RotateKeyResponse\x12\'\n\x07kas_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\x06kasKey\x12Q\n\x11rotated_resources\x18\x02 \x01(\x0b\x32$.policy.kasregistry.RotatedResourcesR\x10rotatedResources\"~\n\x11SetBaseKeyRequest\x12\x1a\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x02id\x12\x38\n\x03key\x18\x02 \x01(\x0b\x32$.policy.kasregistry.KasKeyIdentifierH\x00R\x03keyB\x13\n\nactive_key\x12\x05\xbaH\x02\x08\x01\"\x13\n\x11GetBaseKeyRequest\"E\n\x12GetBaseKeyResponse\x12/\n\x08\x62\x61se_key\x18\x01 \x01(\x0b\x32\x14.policy.SimpleKasKeyR\x07\x62\x61seKey\"\x8e\x01\n\x12SetBaseKeyResponse\x12\x36\n\x0cnew_base_key\x18\x01 \x01(\x0b\x32\x14.policy.SimpleKasKeyR\nnewBaseKey\x12@\n\x11previous_base_key\x18\x02 \x01(\x0b\x32\x14.policy.SimpleKasKeyR\x0fpreviousBaseKey2\xc7\x0b\n\x1eKeyAccessServerRegistryService\x12\x99\x01\n\x14ListKeyAccessServers\x12/.policy.kasregistry.ListKeyAccessServersRequest\x1a\x30.policy.kasregistry.ListKeyAccessServersResponse\"\x1e\x90\x02\x01\x82\xd3\xe4\x93\x02\x15\x12\x13/key-access-servers\x12x\n\x12GetKeyAccessServer\x12-.policy.kasregistry.GetKeyAccessServerRequest\x1a..policy.kasregistry.GetKeyAccessServerResponse\"\x03\x90\x02\x01\x12~\n\x15\x43reateKeyAccessServer\x12\x30.policy.kasregistry.CreateKeyAccessServerRequest\x1a\x31.policy.kasregistry.CreateKeyAccessServerResponse\"\x00\x12~\n\x15UpdateKeyAccessServer\x12\x30.policy.kasregistry.UpdateKeyAccessServerRequest\x1a\x31.policy.kasregistry.UpdateKeyAccessServerResponse\"\x00\x12~\n\x15\x44\x65leteKeyAccessServer\x12\x30.policy.kasregistry.DeleteKeyAccessServerRequest\x1a\x31.policy.kasregistry.DeleteKeyAccessServerResponse\"\x00\x12\x90\x01\n\x19ListKeyAccessServerGrants\x12\x34.policy.kasregistry.ListKeyAccessServerGrantsRequest\x1a\x35.policy.kasregistry.ListKeyAccessServerGrantsResponse\"\x06\x88\x02\x01\x90\x02\x01\x12Z\n\tCreateKey\x12$.policy.kasregistry.CreateKeyRequest\x1a%.policy.kasregistry.CreateKeyResponse\"\x00\x12Q\n\x06GetKey\x12!.policy.kasregistry.GetKeyRequest\x1a\".policy.kasregistry.GetKeyResponse\"\x00\x12W\n\x08ListKeys\x12#.policy.kasregistry.ListKeysRequest\x1a$.policy.kasregistry.ListKeysResponse\"\x00\x12Z\n\tUpdateKey\x12$.policy.kasregistry.UpdateKeyRequest\x1a%.policy.kasregistry.UpdateKeyResponse\"\x00\x12Z\n\tRotateKey\x12$.policy.kasregistry.RotateKeyRequest\x1a%.policy.kasregistry.RotateKeyResponse\"\x00\x12]\n\nSetBaseKey\x12%.policy.kasregistry.SetBaseKeyRequest\x1a&.policy.kasregistry.SetBaseKeyResponse\"\x00\x12]\n\nGetBaseKey\x12%.policy.kasregistry.GetBaseKeyRequest\x1a&.policy.kasregistry.GetBaseKeyResponse\"\x00\x42\x9f\x01\n\x16\x63om.policy.kasregistryB\x1cKeyAccessServerRegistryProtoP\x01\xa2\x02\x03PKX\xaa\x02\x12Policy.Kasregistry\xca\x02\x12Policy\\Kasregistry\xe2\x02\x1ePolicy\\Kasregistry\\GPBMetadata\xea\x02\x13Policy::Kasregistryb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n3policy/kasregistry/key_access_server_registry.proto\x12\x12policy.kasregistry\x1a\x1b\x62uf/validate/validate.proto\x1a\x13\x63ommon/common.proto\x1a\x1cgoogle/api/annotations.proto\x1a\x14policy/objects.proto\x1a\x16policy/selectors.proto\"\xe4\x03\n\x19GetKeyAccessServerRequest\x12\x1d\n\x02id\x18\x01 \x01(\tB\r\x18\x01\xbaH\x08r\x03\xb0\x01\x01\xd8\x01\x01R\x02id\x12!\n\x06kas_id\x18\x02 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12\x1d\n\x04name\x18\x03 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x04name\x12\x1e\n\x03uri\x18\x04 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x03uri:\xb7\x02\xbaH\xb3\x02\x1a\xa8\x01\n\x10\x65xclusive_fields\x12JEither use deprecated \'id\' field or one of \'kas_id\' or \'uri\', but not both\x1aH!(has(this.id) && (has(this.kas_id) || has(this.uri) || has(this.name)))\x1a\x85\x01\n\x0frequired_fields\x12-Either id or one of kas_id or uri must be set\x1a\x43has(this.id) || has(this.kas_id) || has(this.uri) || has(this.name)B\x0c\n\nidentifier\"a\n\x1aGetKeyAccessServerResponse\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\"R\n\x1bListKeyAccessServersRequest\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npagination\"\x9b\x01\n\x1cListKeyAccessServersResponse\x12\x45\n\x12key_access_servers\x18\x01 \x03(\x0b\x32\x17.policy.KeyAccessServerR\x10keyAccessServers\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination\"\x95\x06\n\x1c\x43reateKeyAccessServerRequest\x12\x87\x02\n\x03uri\x18\x01 \x01(\tB\xf4\x01\xbaH\xf0\x01\xba\x01\xec\x01\n\nuri_format\x12\xcf\x01URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x0cthis.isUri()R\x03uri\x12\x30\n\npublic_key\x18\x02 \x01(\x0b\x32\x11.policy.PublicKeyR\tpublicKey\x12@\n\x0bsource_type\x18\x03 \x01(\x0e\x32\x12.policy.SourceTypeB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x00R\nsourceType\x12\xc1\x02\n\x04name\x18\x14 \x01(\tB\xac\x02\xbaH\xa8\x02r\x03\x18\xfd\x01\xba\x01\x9c\x02\n\x0fkas_name_format\x12\xb3\x01Registered KAS name must be an alphanumeric string, allowing hyphens, and underscores but not as the first or last character. The stored KAS name will be normalized to lower case.\x1aSsize(this) > 0 ? this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\') : true\xc8\x01\x00R\x04name\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\"d\n\x1d\x43reateKeyAccessServerResponse\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\"\xa5\x07\n\x1cUpdateKeyAccessServerRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\xac\x02\n\x03uri\x18\x02 \x01(\tB\x99\x02\xbaH\x95\x02\xba\x01\x91\x02\n\x13optional_uri_format\x12\xd8\x01Optional URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x1fsize(this) == 0 || this.isUri()R\x03uri\x12\x30\n\npublic_key\x18\x03 \x01(\x0b\x32\x11.policy.PublicKeyR\tpublicKey\x12@\n\x0bsource_type\x18\x04 \x01(\x0e\x32\x12.policy.SourceTypeB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x00R\nsourceType\x12\xbc\x02\n\x04name\x18\x14 \x01(\tB\xa7\x02\xbaH\xa3\x02r\x03\x18\xfd\x01\xba\x01\x97\x02\n\x0fkas_name_format\x12\xb3\x01Registered KAS name must be an alphanumeric string, allowing hyphens, and underscores but not as the first or last character. The stored KAS name will be normalized to lower case.\x1aNsize(this) == 0 || this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\')\xc8\x01\x00R\x04name\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\x12T\n\x18metadata_update_behavior\x18\x65 \x01(\x0e\x32\x1a.common.MetadataUpdateEnumR\x16metadataUpdateBehavior\"d\n\x1dUpdateKeyAccessServerResponse\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\"8\n\x1c\x44\x65leteKeyAccessServerRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"d\n\x1d\x44\x65leteKeyAccessServerResponse\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\"7\n\x13GrantedPolicyObject\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x10\n\x03\x66qn\x18\x02 \x01(\tR\x03\x66qn\"\xd0\x02\n\x15KeyAccessServerGrants\x12\x43\n\x11key_access_server\x18\x01 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x0fkeyAccessServer\x12R\n\x10namespace_grants\x18\x02 \x03(\x0b\x32\'.policy.kasregistry.GrantedPolicyObjectR\x0fnamespaceGrants\x12R\n\x10\x61ttribute_grants\x18\x03 \x03(\x0b\x32\'.policy.kasregistry.GrantedPolicyObjectR\x0f\x61ttributeGrants\x12J\n\x0cvalue_grants\x18\x04 \x03(\x0b\x32\'.policy.kasregistry.GrantedPolicyObjectR\x0bvalueGrants\"\x9e\x01\n\x16\x43reatePublicKeyRequest\x12\x1f\n\x06kas_id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x05kasId\x12.\n\x03key\x18\x02 \x01(\x0b\x32\x14.policy.KasPublicKeyB\x06\xbaH\x03\xc8\x01\x01R\x03key\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\"8\n\x17\x43reatePublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"?\n\x13GetPublicKeyRequest\x12\x1a\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x02idB\x0c\n\nidentifier\"5\n\x14GetPublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"\xca\x01\n\x15ListPublicKeysRequest\x12!\n\x06kas_id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12$\n\x08kas_name\x18\x02 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x07kasName\x12%\n\x07kas_uri\x18\x03 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x06kasUri\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npaginationB\x0c\n\nkas_filter\"o\n\x16ListPublicKeysResponse\x12\x1f\n\x04keys\x18\x01 \x03(\x0b\x32\x0b.policy.KeyR\x04keys\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination\"\x81\x02\n\x1bListPublicKeyMappingRequest\x12!\n\x06kas_id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12$\n\x08kas_name\x18\x02 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x07kasName\x12%\n\x07kas_uri\x18\x03 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x06kasUri\x12/\n\rpublic_key_id\x18\x04 \x01(\tB\x0b\xbaH\x08r\x03\xb0\x01\x01\xd8\x01\x01R\x0bpublicKeyId\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npaginationB\x0c\n\nkas_filter\"\xf6\x05\n\x1cListPublicKeyMappingResponse\x12q\n\x13public_key_mappings\x18\x01 \x03(\x0b\x32\x41.policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyMappingR\x11publicKeyMappings\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination\x1a\xba\x01\n\x10PublicKeyMapping\x12\x15\n\x06kas_id\x18\x02 \x01(\tR\x05kasId\x12\x19\n\x08kas_name\x18\x03 \x01(\tR\x07kasName\x12\x17\n\x07kas_uri\x18\x04 \x01(\tR\x06kasUri\x12[\n\x0bpublic_keys\x18\x05 \x03(\x0b\x32:.policy.kasregistry.ListPublicKeyMappingResponse.PublicKeyR\npublicKeys\x1a\xbe\x02\n\tPublicKey\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\x12T\n\x06values\x18\x06 \x03(\x0b\x32<.policy.kasregistry.ListPublicKeyMappingResponse.AssociationR\x06values\x12^\n\x0b\x64\x65\x66initions\x18\x07 \x03(\x0b\x32<.policy.kasregistry.ListPublicKeyMappingResponse.AssociationR\x0b\x64\x65\x66initions\x12\\\n\nnamespaces\x18\x08 \x03(\x0b\x32<.policy.kasregistry.ListPublicKeyMappingResponse.AssociationR\nnamespaces\x1a/\n\x0b\x41ssociation\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x10\n\x03\x66qn\x18\x02 \x01(\tR\x03\x66qn\"\xbd\x01\n\x16UpdatePublicKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\x12T\n\x18metadata_update_behavior\x18\x65 \x01(\x0e\x32\x1a.common.MetadataUpdateEnumR\x16metadataUpdateBehavior\"8\n\x17UpdatePublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"6\n\x1a\x44\x65\x61\x63tivatePublicKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"<\n\x1b\x44\x65\x61\x63tivatePublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"4\n\x18\x41\x63tivatePublicKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\":\n\x19\x41\x63tivatePublicKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key\"\xa5\x07\n ListKeyAccessServerGrantsRequest\x12\xcb\x01\n\x06kas_id\x18\x01 \x01(\tB\xb3\x01\xbaH\xaf\x01\xba\x01\xab\x01\n\x14optional_uuid_format\x12#Optional field must be a valid UUID\x1ansize(this) == 0 || this.matches(\'[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}\')R\x05kasId\x12\xb3\x02\n\x07kas_uri\x18\x02 \x01(\tB\x99\x02\xbaH\x95\x02\xba\x01\x91\x02\n\x13optional_uri_format\x12\xd8\x01Optional URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x1fsize(this) == 0 || this.isUri()R\x06kasUri\x12\xc3\x02\n\x08kas_name\x18\x03 \x01(\tB\xa7\x02\xbaH\xa3\x02r\x03\x18\xfd\x01\xba\x01\x97\x02\n\x0fkas_name_format\x12\xb3\x01Registered KAS name must be an alphanumeric string, allowing hyphens, and underscores but not as the first or last character. The stored KAS name will be normalized to lower case.\x1aNsize(this) == 0 || this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\')\xc8\x01\x00R\x07kasName\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npagination:\x02\x18\x01\"\xa4\x01\n!ListKeyAccessServerGrantsResponse\x12\x45\n\x06grants\x18\x01 \x03(\x0b\x32).policy.kasregistry.KeyAccessServerGrantsB\x02\x18\x01R\x06grants\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination:\x02\x18\x01\"\xb4\x0c\n\x10\x43reateKeyRequest\x12\x1f\n\x06kas_id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x05kasId\x12\x1e\n\x06key_id\x18\x02 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x05keyId\x12\xa4\x01\n\rkey_algorithm\x18\x03 \x01(\x0e\x32\x11.policy.AlgorithmBl\xbaHi\xba\x01\x66\n\x15key_algorithm_defined\x12\x34The key_algorithm must be one of the defined values.\x1a\x17this in [1, 2, 3, 4, 5]R\x0ckeyAlgorithm\x12\x93\x01\n\x08key_mode\x18\x04 \x01(\x0e\x32\x0f.policy.KeyModeBg\xbaHd\xba\x01\x61\n\x10key_mode_defined\x12\x35The key_mode must be one of the defined values (1-4).\x1a\x16this >= 1 && this <= 4R\x07keyMode\x12\x42\n\x0epublic_key_ctx\x18\x05 \x01(\x0b\x32\x14.policy.PublicKeyCtxB\x06\xbaH\x03\xc8\x01\x01R\x0cpublicKeyCtx\x12=\n\x0fprivate_key_ctx\x18\x06 \x01(\x0b\x32\x15.policy.PrivateKeyCtxR\rprivateKeyCtx\x12,\n\x12provider_config_id\x18\x07 \x01(\tR\x10providerConfigId\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata:\xbb\x07\xbaH\xb7\x07\x1a\x97\x03\n#private_key_ctx_optionally_required\x12\xbc\x01The wrapped_key is required if key_mode is KEY_MODE_CONFIG_ROOT_KEY or KEY_MODE_PROVIDER_ROOT_KEY. The wrapped_key must be empty if key_mode is KEY_MODE_REMOTE or KEY_MODE_PUBLIC_KEY_ONLY.\x1a\xb0\x01((this.key_mode == 1 || this.key_mode == 2) && this.private_key_ctx.wrapped_key != \'\') || ((this.key_mode == 3 || this.key_mode == 4) && this.private_key_ctx.wrapped_key == \'\')\x1a\xf4\x02\n&provider_config_id_optionally_required\x12\xa8\x01Provider config id is required if key_mode is KEY_MODE_PROVIDER_ROOT_KEY or KEY_MODE_REMOTE. It must be empty for KEY_MODE_CONFIG_ROOT_KEY and KEY_MODE_PUBLIC_KEY_ONLY.\x1a\x9e\x01((this.key_mode == 1 || this.key_mode == 4) && this.provider_config_id == \'\') || ((this.key_mode == 2 || this.key_mode == 3) && this.provider_config_id != \'\')\x1a\xa3\x01\n#private_key_ctx_for_public_key_only\x12Hprivate_key_ctx must not be set if key_mode is KEY_MODE_PUBLIC_KEY_ONLY.\x1a\x32!(this.key_mode == 4 && has(this.private_key_ctx))\"<\n\x11\x43reateKeyResponse\x12\'\n\x07kas_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\x06kasKey\"z\n\rGetKeyRequest\x12\x1a\n\x02id\x18\x02 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x02id\x12\x38\n\x03key\x18\x03 \x01(\x0b\x32$.policy.kasregistry.KasKeyIdentifierH\x00R\x03keyB\x13\n\nidentifier\x12\x05\xbaH\x02\x08\x01\"9\n\x0eGetKeyResponse\x12\'\n\x07kas_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\x06kasKey\"\xee\x02\n\x0fListKeysRequest\x12\xa7\x01\n\rkey_algorithm\x18\x01 \x01(\x0e\x32\x11.policy.AlgorithmBo\xbaHl\xba\x01i\n\x15key_algorithm_defined\x12\x34The key_algorithm must be one of the defined values.\x1a\x1athis in [0, 1, 2, 3, 4, 5]R\x0ckeyAlgorithm\x12!\n\x06kas_id\x18\x02 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12$\n\x08kas_name\x18\x03 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x07kasName\x12%\n\x07kas_uri\x18\x04 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x06kasUri\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npaginationB\x0c\n\nkas_filter\"s\n\x10ListKeysResponse\x12)\n\x08kas_keys\x18\x01 \x03(\x0b\x32\x0e.policy.KasKeyR\x07kasKeys\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination\"\x86\x03\n\x10UpdateKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\x12T\n\x18metadata_update_behavior\x18\x65 \x01(\x0e\x32\x1a.common.MetadataUpdateEnumR\x16metadataUpdateBehavior:\xcc\x01\xbaH\xc8\x01\x1a\xc5\x01\n\x18metadata_update_behavior\x12RMetadata update behavior must be either APPEND or REPLACE, when updating metadata.\x1aU((!has(this.metadata)) || (has(this.metadata) && this.metadata_update_behavior != 0))\"<\n\x11UpdateKeyResponse\x12\'\n\x07kas_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\x06kasKey\"\xa4\x01\n\x10KasKeyIdentifier\x12!\n\x06kas_id\x18\x02 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x05kasId\x12\x1d\n\x04name\x18\x03 \x01(\tB\x07\xbaH\x04r\x02\x10\x01H\x00R\x04name\x12\x1e\n\x03uri\x18\x04 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x88\x01\x01H\x00R\x03uri\x12\x19\n\x03kid\x18\x05 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x03kidB\x13\n\nidentifier\x12\x05\xbaH\x02\x08\x01\"\xe5\x0e\n\x10RotateKeyRequest\x12\x1a\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x02id\x12\x38\n\x03key\x18\x02 \x01(\x0b\x32$.policy.kasregistry.KasKeyIdentifierH\x00R\x03key\x12\x44\n\x07new_key\x18\x03 \x01(\x0b\x32+.policy.kasregistry.RotateKeyRequest.NewKeyR\x06newKey\x1a\xcf\x04\n\x06NewKey\x12\x1e\n\x06key_id\x18\x01 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x05keyId\x12\x9d\x01\n\talgorithm\x18\x02 \x01(\x0e\x32\x11.policy.AlgorithmBl\xbaHi\xba\x01\x66\n\x15key_algorithm_defined\x12\x34The key_algorithm must be one of the defined values.\x1a\x17this in [1, 2, 3, 4, 5]R\talgorithm\x12\x9e\x01\n\x08key_mode\x18\x03 \x01(\x0e\x32\x0f.policy.KeyModeBr\xbaHo\x82\x01\x02\x10\x01\xba\x01g\n\x14new_key_mode_defined\x12\x39The new key_mode must be one of the defined values (1-4).\x1a\x14this in [1, 2, 3, 4]R\x07keyMode\x12\x42\n\x0epublic_key_ctx\x18\x04 \x01(\x0b\x32\x14.policy.PublicKeyCtxB\x06\xbaH\x03\xc8\x01\x01R\x0cpublicKeyCtx\x12=\n\x0fprivate_key_ctx\x18\x05 \x01(\x0b\x32\x15.policy.PrivateKeyCtxR\rprivateKeyCtx\x12,\n\x12provider_config_id\x18\x06 \x01(\tR\x10providerConfigId\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata:\xcd\x08\xbaH\xc9\x08\x1a\xd8\x03\n#private_key_ctx_optionally_required\x12\xcd\x01\x46or the new key, the wrapped_key is required if key_mode is KEY_MODE_CONFIG_ROOT_KEY or KEY_MODE_PROVIDER_ROOT_KEY. The wrapped_key must be empty if key_mode is KEY_MODE_REMOTE or KEY_MODE_PUBLIC_KEY_ONLY.\x1a\xe0\x01((this.new_key.key_mode == 1 || this.new_key.key_mode == 2) && this.new_key.private_key_ctx.wrapped_key != \'\') || ((this.new_key.key_mode == 3 || this.new_key.key_mode == 4) && this.new_key.private_key_ctx.wrapped_key == \'\')\x1a\xb5\x03\n&provider_config_id_optionally_required\x12\xb9\x01\x46or the new key, provider config id is required if key_mode is KEY_MODE_PROVIDER_ROOT_KEY or KEY_MODE_REMOTE. It must be empty for KEY_MODE_CONFIG_ROOT_KEY and KEY_MODE_PUBLIC_KEY_ONLY.\x1a\xce\x01((this.new_key.key_mode == 1 || this.new_key.key_mode == 4) && this.new_key.provider_config_id == \'\') || ((this.new_key.key_mode == 2 || this.new_key.key_mode == 3) && this.new_key.provider_config_id != \'\')\x1a\xb3\x01\n#private_key_ctx_for_public_key_only\x12Hprivate_key_ctx must not be set if key_mode is KEY_MODE_PUBLIC_KEY_ONLY.\x1a\x42!(this.new_key.key_mode == 4 && has(this.new_key.private_key_ctx))B\x13\n\nactive_key\x12\x05\xbaH\x02\x08\x01\"2\n\x0e\x43hangeMappings\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x10\n\x03\x66qn\x18\x02 \x01(\tR\x03\x66qn\"\xe3\x02\n\x10RotatedResources\x12\x36\n\x0frotated_out_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\rrotatedOutKey\x12\x66\n\x1d\x61ttribute_definition_mappings\x18\x02 \x03(\x0b\x32\".policy.kasregistry.ChangeMappingsR\x1b\x61ttributeDefinitionMappings\x12\\\n\x18\x61ttribute_value_mappings\x18\x03 \x03(\x0b\x32\".policy.kasregistry.ChangeMappingsR\x16\x61ttributeValueMappings\x12Q\n\x12namespace_mappings\x18\x04 \x03(\x0b\x32\".policy.kasregistry.ChangeMappingsR\x11namespaceMappings\"\x8f\x01\n\x11RotateKeyResponse\x12\'\n\x07kas_key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\x06kasKey\x12Q\n\x11rotated_resources\x18\x02 \x01(\x0b\x32$.policy.kasregistry.RotatedResourcesR\x10rotatedResources\"~\n\x11SetBaseKeyRequest\x12\x1a\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x02id\x12\x38\n\x03key\x18\x02 \x01(\x0b\x32$.policy.kasregistry.KasKeyIdentifierH\x00R\x03keyB\x13\n\nactive_key\x12\x05\xbaH\x02\x08\x01\"\x13\n\x11GetBaseKeyRequest\"E\n\x12GetBaseKeyResponse\x12/\n\x08\x62\x61se_key\x18\x01 \x01(\x0b\x32\x14.policy.SimpleKasKeyR\x07\x62\x61seKey\"\x8e\x01\n\x12SetBaseKeyResponse\x12\x36\n\x0cnew_base_key\x18\x01 \x01(\x0b\x32\x14.policy.SimpleKasKeyR\nnewBaseKey\x12@\n\x11previous_base_key\x18\x02 \x01(\x0b\x32\x14.policy.SimpleKasKeyR\x0fpreviousBaseKey\"6\n\x12MappedPolicyObject\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x10\n\x03\x66qn\x18\x02 \x01(\tR\x03\x66qn\"\xb4\x02\n\nKeyMapping\x12\x10\n\x03kid\x18\x01 \x01(\tR\x03kid\x12\x17\n\x07kas_uri\x18\x02 \x01(\tR\x06kasUri\x12U\n\x12namespace_mappings\x18\x03 \x03(\x0b\x32&.policy.kasregistry.MappedPolicyObjectR\x11namespaceMappings\x12U\n\x12\x61ttribute_mappings\x18\x04 \x03(\x0b\x32&.policy.kasregistry.MappedPolicyObjectR\x11\x61ttributeMappings\x12M\n\x0evalue_mappings\x18\x05 \x03(\x0b\x32&.policy.kasregistry.MappedPolicyObjectR\rvalueMappings\"\xb8\x01\n\x16ListKeyMappingsRequest\x12\x1a\n\x02id\x18\x02 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01H\x00R\x02id\x12\x38\n\x03key\x18\x03 \x01(\x0b\x32$.policy.kasregistry.KasKeyIdentifierH\x00R\x03key\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npaginationB\x13\n\nidentifier\x12\x05\xbaH\x02\x08\x00\"\x92\x01\n\x17ListKeyMappingsResponse\x12\x41\n\x0ckey_mappings\x18\x01 \x03(\x0b\x32\x1e.policy.kasregistry.KeyMappingR\x0bkeyMappings\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination2\xb5\x0c\n\x1eKeyAccessServerRegistryService\x12\x99\x01\n\x14ListKeyAccessServers\x12/.policy.kasregistry.ListKeyAccessServersRequest\x1a\x30.policy.kasregistry.ListKeyAccessServersResponse\"\x1e\x90\x02\x01\x82\xd3\xe4\x93\x02\x15\x12\x13/key-access-servers\x12x\n\x12GetKeyAccessServer\x12-.policy.kasregistry.GetKeyAccessServerRequest\x1a..policy.kasregistry.GetKeyAccessServerResponse\"\x03\x90\x02\x01\x12~\n\x15\x43reateKeyAccessServer\x12\x30.policy.kasregistry.CreateKeyAccessServerRequest\x1a\x31.policy.kasregistry.CreateKeyAccessServerResponse\"\x00\x12~\n\x15UpdateKeyAccessServer\x12\x30.policy.kasregistry.UpdateKeyAccessServerRequest\x1a\x31.policy.kasregistry.UpdateKeyAccessServerResponse\"\x00\x12~\n\x15\x44\x65leteKeyAccessServer\x12\x30.policy.kasregistry.DeleteKeyAccessServerRequest\x1a\x31.policy.kasregistry.DeleteKeyAccessServerResponse\"\x00\x12\x90\x01\n\x19ListKeyAccessServerGrants\x12\x34.policy.kasregistry.ListKeyAccessServerGrantsRequest\x1a\x35.policy.kasregistry.ListKeyAccessServerGrantsResponse\"\x06\x88\x02\x01\x90\x02\x01\x12Z\n\tCreateKey\x12$.policy.kasregistry.CreateKeyRequest\x1a%.policy.kasregistry.CreateKeyResponse\"\x00\x12Q\n\x06GetKey\x12!.policy.kasregistry.GetKeyRequest\x1a\".policy.kasregistry.GetKeyResponse\"\x00\x12W\n\x08ListKeys\x12#.policy.kasregistry.ListKeysRequest\x1a$.policy.kasregistry.ListKeysResponse\"\x00\x12Z\n\tUpdateKey\x12$.policy.kasregistry.UpdateKeyRequest\x1a%.policy.kasregistry.UpdateKeyResponse\"\x00\x12Z\n\tRotateKey\x12$.policy.kasregistry.RotateKeyRequest\x1a%.policy.kasregistry.RotateKeyResponse\"\x00\x12]\n\nSetBaseKey\x12%.policy.kasregistry.SetBaseKeyRequest\x1a&.policy.kasregistry.SetBaseKeyResponse\"\x00\x12]\n\nGetBaseKey\x12%.policy.kasregistry.GetBaseKeyRequest\x1a&.policy.kasregistry.GetBaseKeyResponse\"\x00\x12l\n\x0fListKeyMappings\x12*.policy.kasregistry.ListKeyMappingsRequest\x1a+.policy.kasregistry.ListKeyMappingsResponse\"\x00\x42\x9f\x01\n\x16\x63om.policy.kasregistryB\x1cKeyAccessServerRegistryProtoP\x01\xa2\x02\x03PKX\xaa\x02\x12Policy.Kasregistry\xca\x02\x12Policy\\Kasregistry\xe2\x02\x1ePolicy\\Kasregistry\\GPBMetadata\xea\x02\x13Policy::Kasregistryb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -106,7 +106,7 @@ _globals['_CREATEKEYREQUEST'].fields_by_name['key_id']._loaded_options = None _globals['_CREATEKEYREQUEST'].fields_by_name['key_id']._serialized_options = b'\272H\004r\002\020\001' _globals['_CREATEKEYREQUEST'].fields_by_name['key_algorithm']._loaded_options = None - _globals['_CREATEKEYREQUEST'].fields_by_name['key_algorithm']._serialized_options = b'\272Hf\272\001c\n\025key_algorithm_defined\0224The key_algorithm must be one of the defined values.\032\024this in [1, 2, 3, 4]' + _globals['_CREATEKEYREQUEST'].fields_by_name['key_algorithm']._serialized_options = b'\272Hi\272\001f\n\025key_algorithm_defined\0224The key_algorithm must be one of the defined values.\032\027this in [1, 2, 3, 4, 5]' _globals['_CREATEKEYREQUEST'].fields_by_name['key_mode']._loaded_options = None _globals['_CREATEKEYREQUEST'].fields_by_name['key_mode']._serialized_options = b'\272Hd\272\001a\n\020key_mode_defined\0225The key_mode must be one of the defined values (1-4).\032\026this >= 1 && this <= 4' _globals['_CREATEKEYREQUEST'].fields_by_name['public_key_ctx']._loaded_options = None @@ -118,7 +118,7 @@ _globals['_GETKEYREQUEST'].fields_by_name['id']._loaded_options = None _globals['_GETKEYREQUEST'].fields_by_name['id']._serialized_options = b'\272H\005r\003\260\001\001' _globals['_LISTKEYSREQUEST'].fields_by_name['key_algorithm']._loaded_options = None - _globals['_LISTKEYSREQUEST'].fields_by_name['key_algorithm']._serialized_options = b'\272Hi\272\001f\n\025key_algorithm_defined\0224The key_algorithm must be one of the defined values.\032\027this in [0, 1, 2, 3, 4]' + _globals['_LISTKEYSREQUEST'].fields_by_name['key_algorithm']._serialized_options = b'\272Hl\272\001i\n\025key_algorithm_defined\0224The key_algorithm must be one of the defined values.\032\032this in [0, 1, 2, 3, 4, 5]' _globals['_LISTKEYSREQUEST'].fields_by_name['kas_id']._loaded_options = None _globals['_LISTKEYSREQUEST'].fields_by_name['kas_id']._serialized_options = b'\272H\005r\003\260\001\001' _globals['_LISTKEYSREQUEST'].fields_by_name['kas_name']._loaded_options = None @@ -142,7 +142,7 @@ _globals['_ROTATEKEYREQUEST_NEWKEY'].fields_by_name['key_id']._loaded_options = None _globals['_ROTATEKEYREQUEST_NEWKEY'].fields_by_name['key_id']._serialized_options = b'\272H\004r\002\020\001' _globals['_ROTATEKEYREQUEST_NEWKEY'].fields_by_name['algorithm']._loaded_options = None - _globals['_ROTATEKEYREQUEST_NEWKEY'].fields_by_name['algorithm']._serialized_options = b'\272Hf\272\001c\n\025key_algorithm_defined\0224The key_algorithm must be one of the defined values.\032\024this in [1, 2, 3, 4]' + _globals['_ROTATEKEYREQUEST_NEWKEY'].fields_by_name['algorithm']._serialized_options = b'\272Hi\272\001f\n\025key_algorithm_defined\0224The key_algorithm must be one of the defined values.\032\027this in [1, 2, 3, 4, 5]' _globals['_ROTATEKEYREQUEST_NEWKEY'].fields_by_name['key_mode']._loaded_options = None _globals['_ROTATEKEYREQUEST_NEWKEY'].fields_by_name['key_mode']._serialized_options = b'\272Ho\202\001\002\020\001\272\001g\n\024new_key_mode_defined\0229The new key_mode must be one of the defined values (1-4).\032\024this in [1, 2, 3, 4]' _globals['_ROTATEKEYREQUEST_NEWKEY'].fields_by_name['public_key_ctx']._loaded_options = None @@ -157,6 +157,10 @@ _globals['_SETBASEKEYREQUEST'].oneofs_by_name['active_key']._serialized_options = b'\272H\002\010\001' _globals['_SETBASEKEYREQUEST'].fields_by_name['id']._loaded_options = None _globals['_SETBASEKEYREQUEST'].fields_by_name['id']._serialized_options = b'\272H\005r\003\260\001\001' + _globals['_LISTKEYMAPPINGSREQUEST'].oneofs_by_name['identifier']._loaded_options = None + _globals['_LISTKEYMAPPINGSREQUEST'].oneofs_by_name['identifier']._serialized_options = b'\272H\002\010\000' + _globals['_LISTKEYMAPPINGSREQUEST'].fields_by_name['id']._loaded_options = None + _globals['_LISTKEYMAPPINGSREQUEST'].fields_by_name['id']._serialized_options = b'\272H\005r\003\260\001\001' _globals['_KEYACCESSSERVERREGISTRYSERVICE'].methods_by_name['ListKeyAccessServers']._loaded_options = None _globals['_KEYACCESSSERVERREGISTRYSERVICE'].methods_by_name['ListKeyAccessServers']._serialized_options = b'\220\002\001\202\323\344\223\002\025\022\023/key-access-servers' _globals['_KEYACCESSSERVERREGISTRYSERVICE'].methods_by_name['GetKeyAccessServer']._loaded_options = None @@ -226,41 +230,49 @@ _globals['_LISTKEYACCESSSERVERGRANTSRESPONSE']._serialized_start=6614 _globals['_LISTKEYACCESSSERVERGRANTSRESPONSE']._serialized_end=6778 _globals['_CREATEKEYREQUEST']._serialized_start=6781 - _globals['_CREATEKEYREQUEST']._serialized_end=8366 - _globals['_CREATEKEYRESPONSE']._serialized_start=8368 - _globals['_CREATEKEYRESPONSE']._serialized_end=8428 - _globals['_GETKEYREQUEST']._serialized_start=8430 - _globals['_GETKEYREQUEST']._serialized_end=8552 - _globals['_GETKEYRESPONSE']._serialized_start=8554 - _globals['_GETKEYRESPONSE']._serialized_end=8611 - _globals['_LISTKEYSREQUEST']._serialized_start=8614 - _globals['_LISTKEYSREQUEST']._serialized_end=8977 - _globals['_LISTKEYSRESPONSE']._serialized_start=8979 - _globals['_LISTKEYSRESPONSE']._serialized_end=9094 - _globals['_UPDATEKEYREQUEST']._serialized_start=9097 - _globals['_UPDATEKEYREQUEST']._serialized_end=9487 - _globals['_UPDATEKEYRESPONSE']._serialized_start=9489 - _globals['_UPDATEKEYRESPONSE']._serialized_end=9549 - _globals['_KASKEYIDENTIFIER']._serialized_start=9552 - _globals['_KASKEYIDENTIFIER']._serialized_end=9716 - _globals['_ROTATEKEYREQUEST']._serialized_start=9719 - _globals['_ROTATEKEYREQUEST']._serialized_end=11609 - _globals['_ROTATEKEYREQUEST_NEWKEY']._serialized_start=9896 - _globals['_ROTATEKEYREQUEST_NEWKEY']._serialized_end=10484 - _globals['_CHANGEMAPPINGS']._serialized_start=11611 - _globals['_CHANGEMAPPINGS']._serialized_end=11661 - _globals['_ROTATEDRESOURCES']._serialized_start=11664 - _globals['_ROTATEDRESOURCES']._serialized_end=12019 - _globals['_ROTATEKEYRESPONSE']._serialized_start=12022 - _globals['_ROTATEKEYRESPONSE']._serialized_end=12165 - _globals['_SETBASEKEYREQUEST']._serialized_start=12167 - _globals['_SETBASEKEYREQUEST']._serialized_end=12293 - _globals['_GETBASEKEYREQUEST']._serialized_start=12295 - _globals['_GETBASEKEYREQUEST']._serialized_end=12314 - _globals['_GETBASEKEYRESPONSE']._serialized_start=12316 - _globals['_GETBASEKEYRESPONSE']._serialized_end=12385 - _globals['_SETBASEKEYRESPONSE']._serialized_start=12388 - _globals['_SETBASEKEYRESPONSE']._serialized_end=12530 - _globals['_KEYACCESSSERVERREGISTRYSERVICE']._serialized_start=12533 - _globals['_KEYACCESSSERVERREGISTRYSERVICE']._serialized_end=14012 + _globals['_CREATEKEYREQUEST']._serialized_end=8369 + _globals['_CREATEKEYRESPONSE']._serialized_start=8371 + _globals['_CREATEKEYRESPONSE']._serialized_end=8431 + _globals['_GETKEYREQUEST']._serialized_start=8433 + _globals['_GETKEYREQUEST']._serialized_end=8555 + _globals['_GETKEYRESPONSE']._serialized_start=8557 + _globals['_GETKEYRESPONSE']._serialized_end=8614 + _globals['_LISTKEYSREQUEST']._serialized_start=8617 + _globals['_LISTKEYSREQUEST']._serialized_end=8983 + _globals['_LISTKEYSRESPONSE']._serialized_start=8985 + _globals['_LISTKEYSRESPONSE']._serialized_end=9100 + _globals['_UPDATEKEYREQUEST']._serialized_start=9103 + _globals['_UPDATEKEYREQUEST']._serialized_end=9493 + _globals['_UPDATEKEYRESPONSE']._serialized_start=9495 + _globals['_UPDATEKEYRESPONSE']._serialized_end=9555 + _globals['_KASKEYIDENTIFIER']._serialized_start=9558 + _globals['_KASKEYIDENTIFIER']._serialized_end=9722 + _globals['_ROTATEKEYREQUEST']._serialized_start=9725 + _globals['_ROTATEKEYREQUEST']._serialized_end=11618 + _globals['_ROTATEKEYREQUEST_NEWKEY']._serialized_start=9902 + _globals['_ROTATEKEYREQUEST_NEWKEY']._serialized_end=10493 + _globals['_CHANGEMAPPINGS']._serialized_start=11620 + _globals['_CHANGEMAPPINGS']._serialized_end=11670 + _globals['_ROTATEDRESOURCES']._serialized_start=11673 + _globals['_ROTATEDRESOURCES']._serialized_end=12028 + _globals['_ROTATEKEYRESPONSE']._serialized_start=12031 + _globals['_ROTATEKEYRESPONSE']._serialized_end=12174 + _globals['_SETBASEKEYREQUEST']._serialized_start=12176 + _globals['_SETBASEKEYREQUEST']._serialized_end=12302 + _globals['_GETBASEKEYREQUEST']._serialized_start=12304 + _globals['_GETBASEKEYREQUEST']._serialized_end=12323 + _globals['_GETBASEKEYRESPONSE']._serialized_start=12325 + _globals['_GETBASEKEYRESPONSE']._serialized_end=12394 + _globals['_SETBASEKEYRESPONSE']._serialized_start=12397 + _globals['_SETBASEKEYRESPONSE']._serialized_end=12539 + _globals['_MAPPEDPOLICYOBJECT']._serialized_start=12541 + _globals['_MAPPEDPOLICYOBJECT']._serialized_end=12595 + _globals['_KEYMAPPING']._serialized_start=12598 + _globals['_KEYMAPPING']._serialized_end=12906 + _globals['_LISTKEYMAPPINGSREQUEST']._serialized_start=12909 + _globals['_LISTKEYMAPPINGSREQUEST']._serialized_end=13093 + _globals['_LISTKEYMAPPINGSRESPONSE']._serialized_start=13096 + _globals['_LISTKEYMAPPINGSRESPONSE']._serialized_end=13242 + _globals['_KEYACCESSSERVERREGISTRYSERVICE']._serialized_start=13245 + _globals['_KEYACCESSSERVERREGISTRYSERVICE']._serialized_end=14834 # @@protoc_insertion_point(module_scope) diff --git a/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_pb2.pyi b/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_pb2.pyi index 734a4cb..31d6f3b 100644 --- a/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_pb2.pyi +++ b/otdf-python-proto/src/otdf_python_proto/policy/kasregistry/key_access_server_registry_pb2.pyi @@ -448,3 +448,43 @@ class SetBaseKeyResponse(_message.Message): new_base_key: _objects_pb2.SimpleKasKey previous_base_key: _objects_pb2.SimpleKasKey def __init__(self, new_base_key: _Optional[_Union[_objects_pb2.SimpleKasKey, _Mapping]] = ..., previous_base_key: _Optional[_Union[_objects_pb2.SimpleKasKey, _Mapping]] = ...) -> None: ... + +class MappedPolicyObject(_message.Message): + __slots__ = ("id", "fqn") + ID_FIELD_NUMBER: _ClassVar[int] + FQN_FIELD_NUMBER: _ClassVar[int] + id: str + fqn: str + def __init__(self, id: _Optional[str] = ..., fqn: _Optional[str] = ...) -> None: ... + +class KeyMapping(_message.Message): + __slots__ = ("kid", "kas_uri", "namespace_mappings", "attribute_mappings", "value_mappings") + KID_FIELD_NUMBER: _ClassVar[int] + KAS_URI_FIELD_NUMBER: _ClassVar[int] + NAMESPACE_MAPPINGS_FIELD_NUMBER: _ClassVar[int] + ATTRIBUTE_MAPPINGS_FIELD_NUMBER: _ClassVar[int] + VALUE_MAPPINGS_FIELD_NUMBER: _ClassVar[int] + kid: str + kas_uri: str + namespace_mappings: _containers.RepeatedCompositeFieldContainer[MappedPolicyObject] + attribute_mappings: _containers.RepeatedCompositeFieldContainer[MappedPolicyObject] + value_mappings: _containers.RepeatedCompositeFieldContainer[MappedPolicyObject] + def __init__(self, kid: _Optional[str] = ..., kas_uri: _Optional[str] = ..., namespace_mappings: _Optional[_Iterable[_Union[MappedPolicyObject, _Mapping]]] = ..., attribute_mappings: _Optional[_Iterable[_Union[MappedPolicyObject, _Mapping]]] = ..., value_mappings: _Optional[_Iterable[_Union[MappedPolicyObject, _Mapping]]] = ...) -> None: ... + +class ListKeyMappingsRequest(_message.Message): + __slots__ = ("id", "key", "pagination") + ID_FIELD_NUMBER: _ClassVar[int] + KEY_FIELD_NUMBER: _ClassVar[int] + PAGINATION_FIELD_NUMBER: _ClassVar[int] + id: str + key: KasKeyIdentifier + pagination: _selectors_pb2.PageRequest + def __init__(self, id: _Optional[str] = ..., key: _Optional[_Union[KasKeyIdentifier, _Mapping]] = ..., pagination: _Optional[_Union[_selectors_pb2.PageRequest, _Mapping]] = ...) -> None: ... + +class ListKeyMappingsResponse(_message.Message): + __slots__ = ("key_mappings", "pagination") + KEY_MAPPINGS_FIELD_NUMBER: _ClassVar[int] + PAGINATION_FIELD_NUMBER: _ClassVar[int] + key_mappings: _containers.RepeatedCompositeFieldContainer[KeyMapping] + pagination: _selectors_pb2.PageResponse + def __init__(self, key_mappings: _Optional[_Iterable[_Union[KeyMapping, _Mapping]]] = ..., pagination: _Optional[_Union[_selectors_pb2.PageResponse, _Mapping]] = ...) -> None: ... diff --git a/otdf-python-proto/src/otdf_python_proto/policy/objects_pb2.py b/otdf-python-proto/src/otdf_python_proto/policy/objects_pb2.py index c760902..bbac4bb 100644 --- a/otdf-python-proto/src/otdf_python_proto/policy/objects_pb2.py +++ b/otdf-python-proto/src/otdf_python_proto/policy/objects_pb2.py @@ -27,7 +27,7 @@ from google.protobuf import wrappers_pb2 as google_dot_protobuf_dot_wrappers__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x14policy/objects.proto\x12\x06policy\x1a\x1b\x62uf/validate/validate.proto\x1a\x13\x63ommon/common.proto\x1a\x1egoogle/protobuf/wrappers.proto\"i\n\x12SimpleKasPublicKey\x12/\n\talgorithm\x18\x01 \x01(\x0e\x32\x11.policy.AlgorithmR\talgorithm\x12\x10\n\x03kid\x18\x02 \x01(\tR\x03kid\x12\x10\n\x03pem\x18\x03 \x01(\tR\x03pem\"y\n\x0cSimpleKasKey\x12\x17\n\x07kas_uri\x18\x01 \x01(\tR\x06kasUri\x12\x39\n\npublic_key\x18\x02 \x01(\x0b\x32\x1a.policy.SimpleKasPublicKeyR\tpublicKey\x12\x15\n\x06kas_id\x18\x03 \x01(\tR\x05kasId\"\x86\x01\n\x11KeyProviderConfig\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n\x04name\x18\x02 \x01(\tR\x04name\x12\x1f\n\x0b\x63onfig_json\x18\x03 \x01(\x0cR\nconfigJson\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\x85\x02\n\tNamespace\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n\x04name\x18\x02 \x01(\tR\x04name\x12\x10\n\x03\x66qn\x18\x03 \x01(\tR\x03\x66qn\x12\x32\n\x06\x61\x63tive\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x06\x61\x63tive\x12,\n\x08metadata\x18\x05 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\x12/\n\x06grants\x18\x06 \x03(\x0b\x32\x17.policy.KeyAccessServerR\x06grants\x12/\n\x08kas_keys\x18\x07 \x03(\x0b\x32\x14.policy.SimpleKasKeyR\x07kasKeys\"\x9d\x03\n\tAttribute\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12/\n\tnamespace\x18\x02 \x01(\x0b\x32\x11.policy.NamespaceR\tnamespace\x12\x12\n\x04name\x18\x03 \x01(\tR\x04name\x12>\n\x04rule\x18\x04 \x01(\x0e\x32\x1d.policy.AttributeRuleTypeEnumB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x01R\x04rule\x12%\n\x06values\x18\x05 \x03(\x0b\x32\r.policy.ValueR\x06values\x12/\n\x06grants\x18\x06 \x03(\x0b\x32\x17.policy.KeyAccessServerR\x06grants\x12\x10\n\x03\x66qn\x18\x07 \x01(\tR\x03\x66qn\x12\x32\n\x06\x61\x63tive\x18\x08 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x06\x61\x63tive\x12/\n\x08kas_keys\x18\t \x03(\x0b\x32\x14.policy.SimpleKasKeyR\x07kasKeys\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xcc\x03\n\x05Value\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12/\n\tattribute\x18\x02 \x01(\x0b\x32\x11.policy.AttributeR\tattribute\x12\x14\n\x05value\x18\x03 \x01(\tR\x05value\x12/\n\x06grants\x18\x05 \x03(\x0b\x32\x17.policy.KeyAccessServerR\x06grants\x12\x10\n\x03\x66qn\x18\x06 \x01(\tR\x03\x66qn\x12\x32\n\x06\x61\x63tive\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x06\x61\x63tive\x12\x41\n\x10subject_mappings\x18\x08 \x03(\x0b\x32\x16.policy.SubjectMappingR\x0fsubjectMappings\x12/\n\x08kas_keys\x18\t \x03(\x0b\x32\x14.policy.SimpleKasKeyR\x07kasKeys\x12\x44\n\x11resource_mappings\x18\n \x03(\x0b\x32\x17.policy.ResourceMappingR\x10resourceMappings\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadataJ\x04\x08\x04\x10\x05R\x07members\"\xa8\x02\n\x06\x41\x63tion\x12\x0e\n\x02id\x18\x03 \x01(\tR\x02id\x12;\n\x08standard\x18\x01 \x01(\x0e\x32\x1d.policy.Action.StandardActionH\x00R\x08standard\x12\x18\n\x06\x63ustom\x18\x02 \x01(\tH\x00R\x06\x63ustom\x12\x12\n\x04name\x18\x04 \x01(\tR\x04name\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"l\n\x0eStandardAction\x12\x1f\n\x1bSTANDARD_ACTION_UNSPECIFIED\x10\x00\x12\x1b\n\x17STANDARD_ACTION_DECRYPT\x10\x01\x12\x1c\n\x18STANDARD_ACTION_TRANSMIT\x10\x02\x42\x07\n\x05value\"\x81\x02\n\x0eSubjectMapping\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x36\n\x0f\x61ttribute_value\x18\x02 \x01(\x0b\x32\r.policy.ValueR\x0e\x61ttributeValue\x12O\n\x15subject_condition_set\x18\x03 \x01(\x0b\x32\x1b.policy.SubjectConditionSetR\x13subjectConditionSet\x12(\n\x07\x61\x63tions\x18\x04 \x03(\x0b\x32\x0e.policy.ActionR\x07\x61\x63tions\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xe9\x01\n\tCondition\x12M\n\x1fsubject_external_selector_value\x18\x01 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x1csubjectExternalSelectorValue\x12K\n\x08operator\x18\x02 \x01(\x0e\x32\".policy.SubjectMappingOperatorEnumB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x01R\x08operator\x12@\n\x17subject_external_values\x18\x03 \x03(\tB\x08\xbaH\x05\x92\x01\x02\x08\x01R\x15subjectExternalValues\"\xa7\x01\n\x0e\x43onditionGroup\x12;\n\nconditions\x18\x01 \x03(\x0b\x32\x11.policy.ConditionB\x08\xbaH\x05\x92\x01\x02\x08\x01R\nconditions\x12X\n\x10\x62oolean_operator\x18\x02 \x01(\x0e\x32 .policy.ConditionBooleanTypeEnumB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x01R\x0f\x62ooleanOperator\"Y\n\nSubjectSet\x12K\n\x10\x63ondition_groups\x18\x01 \x03(\x0b\x32\x16.policy.ConditionGroupB\x08\xbaH\x05\x92\x01\x02\x08\x01R\x0f\x63onditionGroups\"\x94\x01\n\x13SubjectConditionSet\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12?\n\x0csubject_sets\x18\x03 \x03(\x0b\x32\x12.policy.SubjectSetB\x08\xbaH\x05\x92\x01\x02\x08\x01R\x0bsubjectSets\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"|\n\x0fSubjectProperty\x12\x42\n\x17\x65xternal_selector_value\x18\x01 \x01(\tB\n\xbaH\x07r\x02\x10\x01\xc8\x01\x01R\x15\x65xternalSelectorValue\x12%\n\x0e\x65xternal_value\x18\x02 \x01(\tR\rexternalValue\"\x9b\x01\n\x14ResourceMappingGroup\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12)\n\x0cnamespace_id\x18\x02 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x0bnamespaceId\x12\x1a\n\x04name\x18\x03 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x04name\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xd9\x01\n\x0fResourceMapping\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12,\n\x08metadata\x18\x02 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\x12>\n\x0f\x61ttribute_value\x18\x03 \x01(\x0b\x32\r.policy.ValueB\x06\xbaH\x03\xc8\x01\x01R\x0e\x61ttributeValue\x12\x14\n\x05terms\x18\x04 \x03(\tR\x05terms\x12\x32\n\x05group\x18\x05 \x01(\x0b\x32\x1c.policy.ResourceMappingGroupR\x05group\"\x85\x05\n\x0fKeyAccessServer\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x87\x03\n\x03uri\x18\x02 \x01(\tB\xf4\x02\xbaH\xf0\x02\xba\x01\xec\x02\n\nuri_format\x12\xcf\x01URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x8b\x01this.matches(\'^https?://[a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?(\\\\.[a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?)*(:[0-9]+)?(/.*)?$\')R\x03uri\x12\x30\n\npublic_key\x18\x03 \x01(\x0b\x32\x11.policy.PublicKeyR\tpublicKey\x12\x33\n\x0bsource_type\x18\x04 \x01(\x0e\x32\x12.policy.SourceTypeR\nsourceType\x12/\n\x08kas_keys\x18\x05 \x03(\x0b\x32\x14.policy.SimpleKasKeyR\x07kasKeys\x12\x12\n\x04name\x18\x14 \x01(\tR\x04name\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\x97\x02\n\x03Key\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x37\n\tis_active\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x08isActive\x12\x39\n\nwas_mapped\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\twasMapped\x12\x33\n\npublic_key\x18\x04 \x01(\x0b\x32\x14.policy.KasPublicKeyR\tpublicKey\x12)\n\x03kas\x18\x05 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x03kas\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\x84\x01\n\x0cKasPublicKey\x12\x1c\n\x03pem\x18\x01 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x18\x80@R\x03pem\x12\x1b\n\x03kid\x18\x02 \x01(\tB\t\xbaH\x06r\x04\x10\x01\x18 R\x03kid\x12\x39\n\x03\x61lg\x18\x03 \x01(\x0e\x32\x1b.policy.KasPublicKeyAlgEnumB\n\xbaH\x07\x82\x01\x04\x10\x01 \x00R\x03\x61lg\";\n\x0fKasPublicKeySet\x12(\n\x04keys\x18\x01 \x03(\x0b\x32\x14.policy.KasPublicKeyR\x04keys\"\xe0\x03\n\tPublicKey\x12\x84\x03\n\x06remote\x18\x01 \x01(\tB\xe9\x02\xbaH\xe5\x02\xba\x01\xe1\x02\n\nuri_format\x12\xcf\x01URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x80\x01this.matches(\'^https://[a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?(\\\\.[a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?)*(/.*)?$\')H\x00R\x06remote\x12\x31\n\x06\x63\x61\x63hed\x18\x03 \x01(\x0b\x32\x17.policy.KasPublicKeySetH\x00R\x06\x63\x61\x63hedB\x0c\n\npublic_keyJ\x04\x08\x02\x10\x03R\x05local\"\x9f\x01\n\x12RegisteredResource\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n\x04name\x18\x02 \x01(\tR\x04name\x12\x37\n\x06values\x18\x03 \x03(\x0b\x32\x1f.policy.RegisteredResourceValueR\x06values\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xca\x03\n\x17RegisteredResourceValue\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x14\n\x05value\x18\x02 \x01(\tR\x05value\x12\x36\n\x08resource\x18\x03 \x01(\x0b\x32\x1a.policy.RegisteredResourceR\x08resource\x12l\n\x17\x61\x63tion_attribute_values\x18\x04 \x03(\x0b\x32\x34.policy.RegisteredResourceValue.ActionAttributeValueR\x15\x61\x63tionAttributeValues\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\x1a\xb4\x01\n\x14\x41\x63tionAttributeValue\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12&\n\x06\x61\x63tion\x18\x02 \x01(\x0b\x32\x0e.policy.ActionR\x06\x61\x63tion\x12\x36\n\x0f\x61ttribute_value\x18\x03 \x01(\x0b\x32\r.policy.ValueR\x0e\x61ttributeValue\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"a\n\x06KasKey\x12\x15\n\x06kas_id\x18\x01 \x01(\tR\x05kasId\x12\'\n\x03key\x18\x02 \x01(\x0b\x32\x15.policy.AsymmetricKeyR\x03key\x12\x17\n\x07kas_uri\x18\x03 \x01(\tR\x06kasUri\")\n\x0cPublicKeyCtx\x12\x19\n\x03pem\x18\x01 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x03pem\"P\n\rPrivateKeyCtx\x12\x1e\n\x06key_id\x18\x01 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x05keyId\x12\x1f\n\x0bwrapped_key\x18\x02 \x01(\tR\nwrappedKey\"\xb9\x03\n\rAsymmetricKey\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x15\n\x06key_id\x18\x02 \x01(\tR\x05keyId\x12\x36\n\rkey_algorithm\x18\x03 \x01(\x0e\x32\x11.policy.AlgorithmR\x0ckeyAlgorithm\x12\x30\n\nkey_status\x18\x04 \x01(\x0e\x32\x11.policy.KeyStatusR\tkeyStatus\x12*\n\x08key_mode\x18\x05 \x01(\x0e\x32\x0f.policy.KeyModeR\x07keyMode\x12:\n\x0epublic_key_ctx\x18\x06 \x01(\x0b\x32\x14.policy.PublicKeyCtxR\x0cpublicKeyCtx\x12=\n\x0fprivate_key_ctx\x18\x07 \x01(\x0b\x32\x15.policy.PrivateKeyCtxR\rprivateKeyCtx\x12\x42\n\x0fprovider_config\x18\x08 \x01(\x0b\x32\x19.policy.KeyProviderConfigR\x0eproviderConfig\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\x9e\x02\n\x0cSymmetricKey\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x15\n\x06key_id\x18\x02 \x01(\tR\x05keyId\x12\x30\n\nkey_status\x18\x03 \x01(\x0e\x32\x11.policy.KeyStatusR\tkeyStatus\x12*\n\x08key_mode\x18\x04 \x01(\x0e\x32\x0f.policy.KeyModeR\x07keyMode\x12\x17\n\x07key_ctx\x18\x05 \x01(\x0cR\x06keyCtx\x12\x42\n\x0fprovider_config\x18\x06 \x01(\x0b\x32\x19.policy.KeyProviderConfigR\x0eproviderConfig\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata*\xb3\x01\n\x15\x41ttributeRuleTypeEnum\x12(\n$ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED\x10\x00\x12#\n\x1f\x41TTRIBUTE_RULE_TYPE_ENUM_ALL_OF\x10\x01\x12#\n\x1f\x41TTRIBUTE_RULE_TYPE_ENUM_ANY_OF\x10\x02\x12&\n\"ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY\x10\x03*\xca\x01\n\x1aSubjectMappingOperatorEnum\x12-\n)SUBJECT_MAPPING_OPERATOR_ENUM_UNSPECIFIED\x10\x00\x12$\n SUBJECT_MAPPING_OPERATOR_ENUM_IN\x10\x01\x12(\n$SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN\x10\x02\x12-\n)SUBJECT_MAPPING_OPERATOR_ENUM_IN_CONTAINS\x10\x03*\x90\x01\n\x18\x43onditionBooleanTypeEnum\x12+\n\'CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED\x10\x00\x12#\n\x1f\x43ONDITION_BOOLEAN_TYPE_ENUM_AND\x10\x01\x12\"\n\x1e\x43ONDITION_BOOLEAN_TYPE_ENUM_OR\x10\x02*]\n\nSourceType\x12\x1b\n\x17SOURCE_TYPE_UNSPECIFIED\x10\x00\x12\x18\n\x14SOURCE_TYPE_INTERNAL\x10\x01\x12\x18\n\x14SOURCE_TYPE_EXTERNAL\x10\x02*\x88\x02\n\x13KasPublicKeyAlgEnum\x12\'\n#KAS_PUBLIC_KEY_ALG_ENUM_UNSPECIFIED\x10\x00\x12$\n KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048\x10\x01\x12$\n KAS_PUBLIC_KEY_ALG_ENUM_RSA_4096\x10\x02\x12(\n$KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1\x10\x05\x12(\n$KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1\x10\x06\x12(\n$KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1\x10\x07*\x9b\x01\n\tAlgorithm\x12\x19\n\x15\x41LGORITHM_UNSPECIFIED\x10\x00\x12\x16\n\x12\x41LGORITHM_RSA_2048\x10\x01\x12\x16\n\x12\x41LGORITHM_RSA_4096\x10\x02\x12\x15\n\x11\x41LGORITHM_EC_P256\x10\x03\x12\x15\n\x11\x41LGORITHM_EC_P384\x10\x04\x12\x15\n\x11\x41LGORITHM_EC_P521\x10\x05*V\n\tKeyStatus\x12\x1a\n\x16KEY_STATUS_UNSPECIFIED\x10\x00\x12\x15\n\x11KEY_STATUS_ACTIVE\x10\x01\x12\x16\n\x12KEY_STATUS_ROTATED\x10\x02*\x94\x01\n\x07KeyMode\x12\x18\n\x14KEY_MODE_UNSPECIFIED\x10\x00\x12\x1c\n\x18KEY_MODE_CONFIG_ROOT_KEY\x10\x01\x12\x1e\n\x1aKEY_MODE_PROVIDER_ROOT_KEY\x10\x02\x12\x13\n\x0fKEY_MODE_REMOTE\x10\x03\x12\x1c\n\x18KEY_MODE_PUBLIC_KEY_ONLY\x10\x04\x42R\n\ncom.policyB\x0cObjectsProtoP\x01\xa2\x02\x03PXX\xaa\x02\x06Policy\xca\x02\x06Policy\xe2\x02\x12Policy\\GPBMetadata\xea\x02\x06Policyb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x14policy/objects.proto\x12\x06policy\x1a\x1b\x62uf/validate/validate.proto\x1a\x13\x63ommon/common.proto\x1a\x1egoogle/protobuf/wrappers.proto\"i\n\x12SimpleKasPublicKey\x12/\n\talgorithm\x18\x01 \x01(\x0e\x32\x11.policy.AlgorithmR\talgorithm\x12\x10\n\x03kid\x18\x02 \x01(\tR\x03kid\x12\x10\n\x03pem\x18\x03 \x01(\tR\x03pem\"y\n\x0cSimpleKasKey\x12\x17\n\x07kas_uri\x18\x01 \x01(\tR\x06kasUri\x12\x39\n\npublic_key\x18\x02 \x01(\x0b\x32\x1a.policy.SimpleKasPublicKeyR\tpublicKey\x12\x15\n\x06kas_id\x18\x03 \x01(\tR\x05kasId\"\x86\x01\n\x11KeyProviderConfig\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n\x04name\x18\x02 \x01(\tR\x04name\x12\x1f\n\x0b\x63onfig_json\x18\x03 \x01(\x0cR\nconfigJson\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\x85\x02\n\tNamespace\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n\x04name\x18\x02 \x01(\tR\x04name\x12\x10\n\x03\x66qn\x18\x03 \x01(\tR\x03\x66qn\x12\x32\n\x06\x61\x63tive\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x06\x61\x63tive\x12,\n\x08metadata\x18\x05 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\x12/\n\x06grants\x18\x06 \x03(\x0b\x32\x17.policy.KeyAccessServerR\x06grants\x12/\n\x08kas_keys\x18\x07 \x03(\x0b\x32\x14.policy.SimpleKasKeyR\x07kasKeys\"\x9d\x03\n\tAttribute\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12/\n\tnamespace\x18\x02 \x01(\x0b\x32\x11.policy.NamespaceR\tnamespace\x12\x12\n\x04name\x18\x03 \x01(\tR\x04name\x12>\n\x04rule\x18\x04 \x01(\x0e\x32\x1d.policy.AttributeRuleTypeEnumB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x01R\x04rule\x12%\n\x06values\x18\x05 \x03(\x0b\x32\r.policy.ValueR\x06values\x12/\n\x06grants\x18\x06 \x03(\x0b\x32\x17.policy.KeyAccessServerR\x06grants\x12\x10\n\x03\x66qn\x18\x07 \x01(\tR\x03\x66qn\x12\x32\n\x06\x61\x63tive\x18\x08 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x06\x61\x63tive\x12/\n\x08kas_keys\x18\t \x03(\x0b\x32\x14.policy.SimpleKasKeyR\x07kasKeys\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xcc\x03\n\x05Value\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12/\n\tattribute\x18\x02 \x01(\x0b\x32\x11.policy.AttributeR\tattribute\x12\x14\n\x05value\x18\x03 \x01(\tR\x05value\x12/\n\x06grants\x18\x05 \x03(\x0b\x32\x17.policy.KeyAccessServerR\x06grants\x12\x10\n\x03\x66qn\x18\x06 \x01(\tR\x03\x66qn\x12\x32\n\x06\x61\x63tive\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x06\x61\x63tive\x12\x41\n\x10subject_mappings\x18\x08 \x03(\x0b\x32\x16.policy.SubjectMappingR\x0fsubjectMappings\x12/\n\x08kas_keys\x18\t \x03(\x0b\x32\x14.policy.SimpleKasKeyR\x07kasKeys\x12\x44\n\x11resource_mappings\x18\n \x03(\x0b\x32\x17.policy.ResourceMappingR\x10resourceMappings\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadataJ\x04\x08\x04\x10\x05R\x07members\"\xa8\x02\n\x06\x41\x63tion\x12\x0e\n\x02id\x18\x03 \x01(\tR\x02id\x12;\n\x08standard\x18\x01 \x01(\x0e\x32\x1d.policy.Action.StandardActionH\x00R\x08standard\x12\x18\n\x06\x63ustom\x18\x02 \x01(\tH\x00R\x06\x63ustom\x12\x12\n\x04name\x18\x04 \x01(\tR\x04name\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"l\n\x0eStandardAction\x12\x1f\n\x1bSTANDARD_ACTION_UNSPECIFIED\x10\x00\x12\x1b\n\x17STANDARD_ACTION_DECRYPT\x10\x01\x12\x1c\n\x18STANDARD_ACTION_TRANSMIT\x10\x02\x42\x07\n\x05value\"\x81\x02\n\x0eSubjectMapping\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x36\n\x0f\x61ttribute_value\x18\x02 \x01(\x0b\x32\r.policy.ValueR\x0e\x61ttributeValue\x12O\n\x15subject_condition_set\x18\x03 \x01(\x0b\x32\x1b.policy.SubjectConditionSetR\x13subjectConditionSet\x12(\n\x07\x61\x63tions\x18\x04 \x03(\x0b\x32\x0e.policy.ActionR\x07\x61\x63tions\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xe9\x01\n\tCondition\x12M\n\x1fsubject_external_selector_value\x18\x01 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x1csubjectExternalSelectorValue\x12K\n\x08operator\x18\x02 \x01(\x0e\x32\".policy.SubjectMappingOperatorEnumB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x01R\x08operator\x12@\n\x17subject_external_values\x18\x03 \x03(\tB\x08\xbaH\x05\x92\x01\x02\x08\x01R\x15subjectExternalValues\"\xa7\x01\n\x0e\x43onditionGroup\x12;\n\nconditions\x18\x01 \x03(\x0b\x32\x11.policy.ConditionB\x08\xbaH\x05\x92\x01\x02\x08\x01R\nconditions\x12X\n\x10\x62oolean_operator\x18\x02 \x01(\x0e\x32 .policy.ConditionBooleanTypeEnumB\x0b\xbaH\x08\x82\x01\x02\x10\x01\xc8\x01\x01R\x0f\x62ooleanOperator\"Y\n\nSubjectSet\x12K\n\x10\x63ondition_groups\x18\x01 \x03(\x0b\x32\x16.policy.ConditionGroupB\x08\xbaH\x05\x92\x01\x02\x08\x01R\x0f\x63onditionGroups\"\x94\x01\n\x13SubjectConditionSet\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12?\n\x0csubject_sets\x18\x03 \x03(\x0b\x32\x12.policy.SubjectSetB\x08\xbaH\x05\x92\x01\x02\x08\x01R\x0bsubjectSets\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"|\n\x0fSubjectProperty\x12\x42\n\x17\x65xternal_selector_value\x18\x01 \x01(\tB\n\xbaH\x07r\x02\x10\x01\xc8\x01\x01R\x15\x65xternalSelectorValue\x12%\n\x0e\x65xternal_value\x18\x02 \x01(\tR\rexternalValue\"\x9b\x01\n\x14ResourceMappingGroup\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12)\n\x0cnamespace_id\x18\x02 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x0bnamespaceId\x12\x1a\n\x04name\x18\x03 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x04name\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xd9\x01\n\x0fResourceMapping\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12,\n\x08metadata\x18\x02 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\x12>\n\x0f\x61ttribute_value\x18\x03 \x01(\x0b\x32\r.policy.ValueB\x06\xbaH\x03\xc8\x01\x01R\x0e\x61ttributeValue\x12\x14\n\x05terms\x18\x04 \x03(\tR\x05terms\x12\x32\n\x05group\x18\x05 \x01(\x0b\x32\x1c.policy.ResourceMappingGroupR\x05group\"\x85\x05\n\x0fKeyAccessServer\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x87\x03\n\x03uri\x18\x02 \x01(\tB\xf4\x02\xbaH\xf0\x02\xba\x01\xec\x02\n\nuri_format\x12\xcf\x01URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x8b\x01this.matches(\'^https?://[a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?(\\\\.[a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?)*(:[0-9]+)?(/.*)?$\')R\x03uri\x12\x30\n\npublic_key\x18\x03 \x01(\x0b\x32\x11.policy.PublicKeyR\tpublicKey\x12\x33\n\x0bsource_type\x18\x04 \x01(\x0e\x32\x12.policy.SourceTypeR\nsourceType\x12/\n\x08kas_keys\x18\x05 \x03(\x0b\x32\x14.policy.SimpleKasKeyR\x07kasKeys\x12\x12\n\x04name\x18\x14 \x01(\tR\x04name\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\x97\x02\n\x03Key\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x37\n\tis_active\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\x08isActive\x12\x39\n\nwas_mapped\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.BoolValueR\twasMapped\x12\x33\n\npublic_key\x18\x04 \x01(\x0b\x32\x14.policy.KasPublicKeyR\tpublicKey\x12)\n\x03kas\x18\x05 \x01(\x0b\x32\x17.policy.KeyAccessServerR\x03kas\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\x84\x01\n\x0cKasPublicKey\x12\x1c\n\x03pem\x18\x01 \x01(\tB\n\xbaH\x07r\x05\x10\x01\x18\x80@R\x03pem\x12\x1b\n\x03kid\x18\x02 \x01(\tB\t\xbaH\x06r\x04\x10\x01\x18 R\x03kid\x12\x39\n\x03\x61lg\x18\x03 \x01(\x0e\x32\x1b.policy.KasPublicKeyAlgEnumB\n\xbaH\x07\x82\x01\x04\x10\x01 \x00R\x03\x61lg\";\n\x0fKasPublicKeySet\x12(\n\x04keys\x18\x01 \x03(\x0b\x32\x14.policy.KasPublicKeyR\x04keys\"\xe0\x03\n\tPublicKey\x12\x84\x03\n\x06remote\x18\x01 \x01(\tB\xe9\x02\xbaH\xe5\x02\xba\x01\xe1\x02\n\nuri_format\x12\xcf\x01URI must be a valid URL (e.g., \'https://demo.com/\') followed by additional segments. Each segment must start and end with an alphanumeric character, can contain hyphens, alphanumeric characters, and slashes.\x1a\x80\x01this.matches(\'^https://[a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?(\\\\.[a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?)*(/.*)?$\')H\x00R\x06remote\x12\x31\n\x06\x63\x61\x63hed\x18\x03 \x01(\x0b\x32\x17.policy.KasPublicKeySetH\x00R\x06\x63\x61\x63hedB\x0c\n\npublic_keyJ\x04\x08\x02\x10\x03R\x05local\"\x9f\x01\n\x12RegisteredResource\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n\x04name\x18\x02 \x01(\tR\x04name\x12\x37\n\x06values\x18\x03 \x03(\x0b\x32\x1f.policy.RegisteredResourceValueR\x06values\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xca\x03\n\x17RegisteredResourceValue\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x14\n\x05value\x18\x02 \x01(\tR\x05value\x12\x36\n\x08resource\x18\x03 \x01(\x0b\x32\x1a.policy.RegisteredResourceR\x08resource\x12l\n\x17\x61\x63tion_attribute_values\x18\x04 \x03(\x0b\x32\x34.policy.RegisteredResourceValue.ActionAttributeValueR\x15\x61\x63tionAttributeValues\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\x1a\xb4\x01\n\x14\x41\x63tionAttributeValue\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12&\n\x06\x61\x63tion\x18\x02 \x01(\x0b\x32\x0e.policy.ActionR\x06\x61\x63tion\x12\x36\n\x0f\x61ttribute_value\x18\x03 \x01(\x0b\x32\r.policy.ValueR\x0e\x61ttributeValue\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xc0\x01\n\nObligation\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12/\n\tnamespace\x18\x02 \x01(\x0b\x32\x11.policy.NamespaceR\tnamespace\x12\x12\n\x04name\x18\x03 \x01(\tR\x04name\x12/\n\x06values\x18\x04 \x03(\x0b\x32\x17.policy.ObligationValueR\x06values\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\x99\x01\n\x0fObligationValue\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x32\n\nobligation\x18\x02 \x01(\x0b\x32\x12.policy.ObligationR\nobligation\x12\x14\n\x05value\x18\x03 \x01(\tR\x05value\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\xf5\x01\n\x11ObligationTrigger\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x42\n\x10obligation_value\x18\x02 \x01(\x0b\x32\x17.policy.ObligationValueR\x0fobligationValue\x12&\n\x06\x61\x63tion\x18\x03 \x01(\x0b\x32\x0e.policy.ActionR\x06\x61\x63tion\x12\x36\n\x0f\x61ttribute_value\x18\x04 \x01(\x0b\x32\r.policy.ValueR\x0e\x61ttributeValue\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"a\n\x06KasKey\x12\x15\n\x06kas_id\x18\x01 \x01(\tR\x05kasId\x12\'\n\x03key\x18\x02 \x01(\x0b\x32\x15.policy.AsymmetricKeyR\x03key\x12\x17\n\x07kas_uri\x18\x03 \x01(\tR\x06kasUri\")\n\x0cPublicKeyCtx\x12\x19\n\x03pem\x18\x01 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x03pem\"P\n\rPrivateKeyCtx\x12\x1e\n\x06key_id\x18\x01 \x01(\tB\x07\xbaH\x04r\x02\x10\x01R\x05keyId\x12\x1f\n\x0bwrapped_key\x18\x02 \x01(\tR\nwrappedKey\"\xb9\x03\n\rAsymmetricKey\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x15\n\x06key_id\x18\x02 \x01(\tR\x05keyId\x12\x36\n\rkey_algorithm\x18\x03 \x01(\x0e\x32\x11.policy.AlgorithmR\x0ckeyAlgorithm\x12\x30\n\nkey_status\x18\x04 \x01(\x0e\x32\x11.policy.KeyStatusR\tkeyStatus\x12*\n\x08key_mode\x18\x05 \x01(\x0e\x32\x0f.policy.KeyModeR\x07keyMode\x12:\n\x0epublic_key_ctx\x18\x06 \x01(\x0b\x32\x14.policy.PublicKeyCtxR\x0cpublicKeyCtx\x12=\n\x0fprivate_key_ctx\x18\x07 \x01(\x0b\x32\x15.policy.PrivateKeyCtxR\rprivateKeyCtx\x12\x42\n\x0fprovider_config\x18\x08 \x01(\x0b\x32\x19.policy.KeyProviderConfigR\x0eproviderConfig\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata\"\x9e\x02\n\x0cSymmetricKey\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x15\n\x06key_id\x18\x02 \x01(\tR\x05keyId\x12\x30\n\nkey_status\x18\x03 \x01(\x0e\x32\x11.policy.KeyStatusR\tkeyStatus\x12*\n\x08key_mode\x18\x04 \x01(\x0e\x32\x0f.policy.KeyModeR\x07keyMode\x12\x17\n\x07key_ctx\x18\x05 \x01(\x0cR\x06keyCtx\x12\x42\n\x0fprovider_config\x18\x06 \x01(\x0b\x32\x19.policy.KeyProviderConfigR\x0eproviderConfig\x12,\n\x08metadata\x18\x64 \x01(\x0b\x32\x10.common.MetadataR\x08metadata*\xb3\x01\n\x15\x41ttributeRuleTypeEnum\x12(\n$ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED\x10\x00\x12#\n\x1f\x41TTRIBUTE_RULE_TYPE_ENUM_ALL_OF\x10\x01\x12#\n\x1f\x41TTRIBUTE_RULE_TYPE_ENUM_ANY_OF\x10\x02\x12&\n\"ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY\x10\x03*\xca\x01\n\x1aSubjectMappingOperatorEnum\x12-\n)SUBJECT_MAPPING_OPERATOR_ENUM_UNSPECIFIED\x10\x00\x12$\n SUBJECT_MAPPING_OPERATOR_ENUM_IN\x10\x01\x12(\n$SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN\x10\x02\x12-\n)SUBJECT_MAPPING_OPERATOR_ENUM_IN_CONTAINS\x10\x03*\x90\x01\n\x18\x43onditionBooleanTypeEnum\x12+\n\'CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED\x10\x00\x12#\n\x1f\x43ONDITION_BOOLEAN_TYPE_ENUM_AND\x10\x01\x12\"\n\x1e\x43ONDITION_BOOLEAN_TYPE_ENUM_OR\x10\x02*]\n\nSourceType\x12\x1b\n\x17SOURCE_TYPE_UNSPECIFIED\x10\x00\x12\x18\n\x14SOURCE_TYPE_INTERNAL\x10\x01\x12\x18\n\x14SOURCE_TYPE_EXTERNAL\x10\x02*\x88\x02\n\x13KasPublicKeyAlgEnum\x12\'\n#KAS_PUBLIC_KEY_ALG_ENUM_UNSPECIFIED\x10\x00\x12$\n KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048\x10\x01\x12$\n KAS_PUBLIC_KEY_ALG_ENUM_RSA_4096\x10\x02\x12(\n$KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1\x10\x05\x12(\n$KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1\x10\x06\x12(\n$KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1\x10\x07*\x9b\x01\n\tAlgorithm\x12\x19\n\x15\x41LGORITHM_UNSPECIFIED\x10\x00\x12\x16\n\x12\x41LGORITHM_RSA_2048\x10\x01\x12\x16\n\x12\x41LGORITHM_RSA_4096\x10\x02\x12\x15\n\x11\x41LGORITHM_EC_P256\x10\x03\x12\x15\n\x11\x41LGORITHM_EC_P384\x10\x04\x12\x15\n\x11\x41LGORITHM_EC_P521\x10\x05*V\n\tKeyStatus\x12\x1a\n\x16KEY_STATUS_UNSPECIFIED\x10\x00\x12\x15\n\x11KEY_STATUS_ACTIVE\x10\x01\x12\x16\n\x12KEY_STATUS_ROTATED\x10\x02*\x94\x01\n\x07KeyMode\x12\x18\n\x14KEY_MODE_UNSPECIFIED\x10\x00\x12\x1c\n\x18KEY_MODE_CONFIG_ROOT_KEY\x10\x01\x12\x1e\n\x1aKEY_MODE_PROVIDER_ROOT_KEY\x10\x02\x12\x13\n\x0fKEY_MODE_REMOTE\x10\x03\x12\x1c\n\x18KEY_MODE_PUBLIC_KEY_ONLY\x10\x04\x42R\n\ncom.policyB\x0cObjectsProtoP\x01\xa2\x02\x03PXX\xaa\x02\x06Policy\xca\x02\x06Policy\xe2\x02\x12Policy\\GPBMetadata\xea\x02\x06Policyb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -73,22 +73,22 @@ _globals['_PUBLICKEYCTX'].fields_by_name['pem']._serialized_options = b'\272H\004r\002\020\001' _globals['_PRIVATEKEYCTX'].fields_by_name['key_id']._loaded_options = None _globals['_PRIVATEKEYCTX'].fields_by_name['key_id']._serialized_options = b'\272H\004r\002\020\001' - _globals['_ATTRIBUTERULETYPEENUM']._serialized_start=6525 - _globals['_ATTRIBUTERULETYPEENUM']._serialized_end=6704 - _globals['_SUBJECTMAPPINGOPERATORENUM']._serialized_start=6707 - _globals['_SUBJECTMAPPINGOPERATORENUM']._serialized_end=6909 - _globals['_CONDITIONBOOLEANTYPEENUM']._serialized_start=6912 - _globals['_CONDITIONBOOLEANTYPEENUM']._serialized_end=7056 - _globals['_SOURCETYPE']._serialized_start=7058 - _globals['_SOURCETYPE']._serialized_end=7151 - _globals['_KASPUBLICKEYALGENUM']._serialized_start=7154 - _globals['_KASPUBLICKEYALGENUM']._serialized_end=7418 - _globals['_ALGORITHM']._serialized_start=7421 - _globals['_ALGORITHM']._serialized_end=7576 - _globals['_KEYSTATUS']._serialized_start=7578 - _globals['_KEYSTATUS']._serialized_end=7664 - _globals['_KEYMODE']._serialized_start=7667 - _globals['_KEYMODE']._serialized_end=7815 + _globals['_ATTRIBUTERULETYPEENUM']._serialized_start=7124 + _globals['_ATTRIBUTERULETYPEENUM']._serialized_end=7303 + _globals['_SUBJECTMAPPINGOPERATORENUM']._serialized_start=7306 + _globals['_SUBJECTMAPPINGOPERATORENUM']._serialized_end=7508 + _globals['_CONDITIONBOOLEANTYPEENUM']._serialized_start=7511 + _globals['_CONDITIONBOOLEANTYPEENUM']._serialized_end=7655 + _globals['_SOURCETYPE']._serialized_start=7657 + _globals['_SOURCETYPE']._serialized_end=7750 + _globals['_KASPUBLICKEYALGENUM']._serialized_start=7753 + _globals['_KASPUBLICKEYALGENUM']._serialized_end=8017 + _globals['_ALGORITHM']._serialized_start=8020 + _globals['_ALGORITHM']._serialized_end=8175 + _globals['_KEYSTATUS']._serialized_start=8177 + _globals['_KEYSTATUS']._serialized_end=8263 + _globals['_KEYMODE']._serialized_start=8266 + _globals['_KEYMODE']._serialized_end=8414 _globals['_SIMPLEKASPUBLICKEY']._serialized_start=114 _globals['_SIMPLEKASPUBLICKEY']._serialized_end=219 _globals['_SIMPLEKASKEY']._serialized_start=221 @@ -137,14 +137,20 @@ _globals['_REGISTEREDRESOURCEVALUE']._serialized_end=5565 _globals['_REGISTEREDRESOURCEVALUE_ACTIONATTRIBUTEVALUE']._serialized_start=5385 _globals['_REGISTEREDRESOURCEVALUE_ACTIONATTRIBUTEVALUE']._serialized_end=5565 - _globals['_KASKEY']._serialized_start=5567 - _globals['_KASKEY']._serialized_end=5664 - _globals['_PUBLICKEYCTX']._serialized_start=5666 - _globals['_PUBLICKEYCTX']._serialized_end=5707 - _globals['_PRIVATEKEYCTX']._serialized_start=5709 - _globals['_PRIVATEKEYCTX']._serialized_end=5789 - _globals['_ASYMMETRICKEY']._serialized_start=5792 - _globals['_ASYMMETRICKEY']._serialized_end=6233 - _globals['_SYMMETRICKEY']._serialized_start=6236 - _globals['_SYMMETRICKEY']._serialized_end=6522 + _globals['_OBLIGATION']._serialized_start=5568 + _globals['_OBLIGATION']._serialized_end=5760 + _globals['_OBLIGATIONVALUE']._serialized_start=5763 + _globals['_OBLIGATIONVALUE']._serialized_end=5916 + _globals['_OBLIGATIONTRIGGER']._serialized_start=5919 + _globals['_OBLIGATIONTRIGGER']._serialized_end=6164 + _globals['_KASKEY']._serialized_start=6166 + _globals['_KASKEY']._serialized_end=6263 + _globals['_PUBLICKEYCTX']._serialized_start=6265 + _globals['_PUBLICKEYCTX']._serialized_end=6306 + _globals['_PRIVATEKEYCTX']._serialized_start=6308 + _globals['_PRIVATEKEYCTX']._serialized_end=6388 + _globals['_ASYMMETRICKEY']._serialized_start=6391 + _globals['_ASYMMETRICKEY']._serialized_end=6832 + _globals['_SYMMETRICKEY']._serialized_start=6835 + _globals['_SYMMETRICKEY']._serialized_end=7121 # @@protoc_insertion_point(module_scope) diff --git a/otdf-python-proto/src/otdf_python_proto/policy/objects_pb2.pyi b/otdf-python-proto/src/otdf_python_proto/policy/objects_pb2.pyi index 532000f..d34158a 100644 --- a/otdf-python-proto/src/otdf_python_proto/policy/objects_pb2.pyi +++ b/otdf-python-proto/src/otdf_python_proto/policy/objects_pb2.pyi @@ -399,6 +399,46 @@ class RegisteredResourceValue(_message.Message): metadata: _common_pb2.Metadata def __init__(self, id: _Optional[str] = ..., value: _Optional[str] = ..., resource: _Optional[_Union[RegisteredResource, _Mapping]] = ..., action_attribute_values: _Optional[_Iterable[_Union[RegisteredResourceValue.ActionAttributeValue, _Mapping]]] = ..., metadata: _Optional[_Union[_common_pb2.Metadata, _Mapping]] = ...) -> None: ... +class Obligation(_message.Message): + __slots__ = ("id", "namespace", "name", "values", "metadata") + ID_FIELD_NUMBER: _ClassVar[int] + NAMESPACE_FIELD_NUMBER: _ClassVar[int] + NAME_FIELD_NUMBER: _ClassVar[int] + VALUES_FIELD_NUMBER: _ClassVar[int] + METADATA_FIELD_NUMBER: _ClassVar[int] + id: str + namespace: Namespace + name: str + values: _containers.RepeatedCompositeFieldContainer[ObligationValue] + metadata: _common_pb2.Metadata + def __init__(self, id: _Optional[str] = ..., namespace: _Optional[_Union[Namespace, _Mapping]] = ..., name: _Optional[str] = ..., values: _Optional[_Iterable[_Union[ObligationValue, _Mapping]]] = ..., metadata: _Optional[_Union[_common_pb2.Metadata, _Mapping]] = ...) -> None: ... + +class ObligationValue(_message.Message): + __slots__ = ("id", "obligation", "value", "metadata") + ID_FIELD_NUMBER: _ClassVar[int] + OBLIGATION_FIELD_NUMBER: _ClassVar[int] + VALUE_FIELD_NUMBER: _ClassVar[int] + METADATA_FIELD_NUMBER: _ClassVar[int] + id: str + obligation: Obligation + value: str + metadata: _common_pb2.Metadata + def __init__(self, id: _Optional[str] = ..., obligation: _Optional[_Union[Obligation, _Mapping]] = ..., value: _Optional[str] = ..., metadata: _Optional[_Union[_common_pb2.Metadata, _Mapping]] = ...) -> None: ... + +class ObligationTrigger(_message.Message): + __slots__ = ("id", "obligation_value", "action", "attribute_value", "metadata") + ID_FIELD_NUMBER: _ClassVar[int] + OBLIGATION_VALUE_FIELD_NUMBER: _ClassVar[int] + ACTION_FIELD_NUMBER: _ClassVar[int] + ATTRIBUTE_VALUE_FIELD_NUMBER: _ClassVar[int] + METADATA_FIELD_NUMBER: _ClassVar[int] + id: str + obligation_value: ObligationValue + action: Action + attribute_value: Value + metadata: _common_pb2.Metadata + def __init__(self, id: _Optional[str] = ..., obligation_value: _Optional[_Union[ObligationValue, _Mapping]] = ..., action: _Optional[_Union[Action, _Mapping]] = ..., attribute_value: _Optional[_Union[Value, _Mapping]] = ..., metadata: _Optional[_Union[_common_pb2.Metadata, _Mapping]] = ...) -> None: ... + class KasKey(_message.Message): __slots__ = ("kas_id", "key", "kas_uri") KAS_ID_FIELD_NUMBER: _ClassVar[int] diff --git a/otdf-python-proto/src/otdf_python_proto/policy/obligations/__init__.py b/otdf-python-proto/src/otdf_python_proto/policy/obligations/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_connect.py b/otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_connect.py new file mode 100644 index 0000000..0c2b088 --- /dev/null +++ b/otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_connect.py @@ -0,0 +1,920 @@ +# -*- coding: utf-8 -*- +# Generated by https://github.com/connectrpc/connect-python. DO NOT EDIT! +# source: policy/obligations/obligations.proto + +from collections.abc import AsyncGenerator, AsyncIterator, Iterable, Iterator, Mapping +from typing import Protocol + +from connectrpc.client import ConnectClient, ConnectClientSync +from connectrpc.code import Code +from connectrpc.errors import ConnectError +from connectrpc.interceptor import Interceptor, InterceptorSync +from connectrpc.method import IdempotencyLevel, MethodInfo +from connectrpc.request import Headers, RequestContext +from connectrpc.server import ConnectASGIApplication, ConnectWSGIApplication, Endpoint, EndpointSync +import policy.obligations.obligations_pb2 as policy_dot_obligations_dot_obligations__pb2 + + +class Service(Protocol): + async def list_obligations(self, request: policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def get_obligation(self, request: policy_dot_obligations_dot_obligations__pb2.GetObligationRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.GetObligationResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def get_obligations_by_f_q_ns(self, request: policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def create_obligation(self, request: policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def update_obligation(self, request: policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def delete_obligation(self, request: policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def get_obligation_value(self, request: policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def get_obligation_values_by_f_q_ns(self, request: policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def create_obligation_value(self, request: policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def update_obligation_value(self, request: policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def delete_obligation_value(self, request: policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def add_obligation_trigger(self, request: policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + async def remove_obligation_trigger(self, request: policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + +class ServiceASGIApplication(ConnectASGIApplication[Service]): + def __init__(self, service: Service | AsyncGenerator[Service], *, interceptors: Iterable[Interceptor]=(), read_max_bytes: int | None = None) -> None: + super().__init__( + service=service, + endpoints=lambda svc: { + "/policy.obligations.Service/ListObligations": Endpoint.unary( + method=MethodInfo( + name="ListObligations", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest, + output=policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=svc.list_obligations, + ), + "/policy.obligations.Service/GetObligation": Endpoint.unary( + method=MethodInfo( + name="GetObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=svc.get_obligation, + ), + "/policy.obligations.Service/GetObligationsByFQNs": Endpoint.unary( + method=MethodInfo( + name="GetObligationsByFQNs", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=svc.get_obligations_by_f_q_ns, + ), + "/policy.obligations.Service/CreateObligation": Endpoint.unary( + method=MethodInfo( + name="CreateObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=svc.create_obligation, + ), + "/policy.obligations.Service/UpdateObligation": Endpoint.unary( + method=MethodInfo( + name="UpdateObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=svc.update_obligation, + ), + "/policy.obligations.Service/DeleteObligation": Endpoint.unary( + method=MethodInfo( + name="DeleteObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=svc.delete_obligation, + ), + "/policy.obligations.Service/GetObligationValue": Endpoint.unary( + method=MethodInfo( + name="GetObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=svc.get_obligation_value, + ), + "/policy.obligations.Service/GetObligationValuesByFQNs": Endpoint.unary( + method=MethodInfo( + name="GetObligationValuesByFQNs", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=svc.get_obligation_values_by_f_q_ns, + ), + "/policy.obligations.Service/CreateObligationValue": Endpoint.unary( + method=MethodInfo( + name="CreateObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=svc.create_obligation_value, + ), + "/policy.obligations.Service/UpdateObligationValue": Endpoint.unary( + method=MethodInfo( + name="UpdateObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=svc.update_obligation_value, + ), + "/policy.obligations.Service/DeleteObligationValue": Endpoint.unary( + method=MethodInfo( + name="DeleteObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=svc.delete_obligation_value, + ), + "/policy.obligations.Service/AddObligationTrigger": Endpoint.unary( + method=MethodInfo( + name="AddObligationTrigger", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest, + output=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=svc.add_obligation_trigger, + ), + "/policy.obligations.Service/RemoveObligationTrigger": Endpoint.unary( + method=MethodInfo( + name="RemoveObligationTrigger", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest, + output=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=svc.remove_obligation_trigger, + ), + }, + interceptors=interceptors, + read_max_bytes=read_max_bytes, + ) + + @property + def path(self) -> str: + """Returns the URL path to mount the application to when serving multiple applications.""" + return "/policy.obligations.Service" + + +class ServiceClient(ConnectClient): + async def list_obligations( + self, + request: policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="ListObligations", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest, + output=policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + async def get_obligation( + self, + request: policy_dot_obligations_dot_obligations__pb2.GetObligationRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.GetObligationResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="GetObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + async def get_obligations_by_f_q_ns( + self, + request: policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="GetObligationsByFQNs", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + async def create_obligation( + self, + request: policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="CreateObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + async def update_obligation( + self, + request: policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="UpdateObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + async def delete_obligation( + self, + request: policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="DeleteObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + async def get_obligation_value( + self, + request: policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="GetObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + async def get_obligation_values_by_f_q_ns( + self, + request: policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="GetObligationValuesByFQNs", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + async def create_obligation_value( + self, + request: policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="CreateObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + async def update_obligation_value( + self, + request: policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="UpdateObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + async def delete_obligation_value( + self, + request: policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="DeleteObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + async def add_obligation_trigger( + self, + request: policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="AddObligationTrigger", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest, + output=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + async def remove_obligation_trigger( + self, + request: policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse: + return await self.execute_unary( + request=request, + method=MethodInfo( + name="RemoveObligationTrigger", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest, + output=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + +class ServiceSync(Protocol): + def list_obligations(self, request: policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def get_obligation(self, request: policy_dot_obligations_dot_obligations__pb2.GetObligationRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.GetObligationResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def get_obligations_by_f_q_ns(self, request: policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def create_obligation(self, request: policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def update_obligation(self, request: policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def delete_obligation(self, request: policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def get_obligation_value(self, request: policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def get_obligation_values_by_f_q_ns(self, request: policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def create_obligation_value(self, request: policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def update_obligation_value(self, request: policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def delete_obligation_value(self, request: policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def add_obligation_trigger(self, request: policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + def remove_obligation_trigger(self, request: policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest, ctx: RequestContext) -> policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse: + raise ConnectError(Code.UNIMPLEMENTED, "Not implemented") + + +class ServiceWSGIApplication(ConnectWSGIApplication): + def __init__(self, service: ServiceSync, interceptors: Iterable[InterceptorSync]=(), read_max_bytes: int | None = None) -> None: + super().__init__( + endpoints={ + "/policy.obligations.Service/ListObligations": EndpointSync.unary( + method=MethodInfo( + name="ListObligations", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest, + output=policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=service.list_obligations, + ), + "/policy.obligations.Service/GetObligation": EndpointSync.unary( + method=MethodInfo( + name="GetObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=service.get_obligation, + ), + "/policy.obligations.Service/GetObligationsByFQNs": EndpointSync.unary( + method=MethodInfo( + name="GetObligationsByFQNs", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=service.get_obligations_by_f_q_ns, + ), + "/policy.obligations.Service/CreateObligation": EndpointSync.unary( + method=MethodInfo( + name="CreateObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=service.create_obligation, + ), + "/policy.obligations.Service/UpdateObligation": EndpointSync.unary( + method=MethodInfo( + name="UpdateObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=service.update_obligation, + ), + "/policy.obligations.Service/DeleteObligation": EndpointSync.unary( + method=MethodInfo( + name="DeleteObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=service.delete_obligation, + ), + "/policy.obligations.Service/GetObligationValue": EndpointSync.unary( + method=MethodInfo( + name="GetObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=service.get_obligation_value, + ), + "/policy.obligations.Service/GetObligationValuesByFQNs": EndpointSync.unary( + method=MethodInfo( + name="GetObligationValuesByFQNs", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + function=service.get_obligation_values_by_f_q_ns, + ), + "/policy.obligations.Service/CreateObligationValue": EndpointSync.unary( + method=MethodInfo( + name="CreateObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=service.create_obligation_value, + ), + "/policy.obligations.Service/UpdateObligationValue": EndpointSync.unary( + method=MethodInfo( + name="UpdateObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=service.update_obligation_value, + ), + "/policy.obligations.Service/DeleteObligationValue": EndpointSync.unary( + method=MethodInfo( + name="DeleteObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=service.delete_obligation_value, + ), + "/policy.obligations.Service/AddObligationTrigger": EndpointSync.unary( + method=MethodInfo( + name="AddObligationTrigger", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest, + output=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=service.add_obligation_trigger, + ), + "/policy.obligations.Service/RemoveObligationTrigger": EndpointSync.unary( + method=MethodInfo( + name="RemoveObligationTrigger", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest, + output=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + function=service.remove_obligation_trigger, + ), + }, + interceptors=interceptors, + read_max_bytes=read_max_bytes, + ) + + @property + def path(self) -> str: + """Returns the URL path to mount the application to when serving multiple applications.""" + return "/policy.obligations.Service" + + +class ServiceClientSync(ConnectClientSync): + def list_obligations( + self, + request: policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="ListObligations", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.ListObligationsRequest, + output=policy_dot_obligations_dot_obligations__pb2.ListObligationsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + def get_obligation( + self, + request: policy_dot_obligations_dot_obligations__pb2.GetObligationRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.GetObligationResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="GetObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + def get_obligations_by_f_q_ns( + self, + request: policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="GetObligationsByFQNs", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationsByFQNsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + def create_obligation( + self, + request: policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="CreateObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.CreateObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.CreateObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + def update_obligation( + self, + request: policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="UpdateObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.UpdateObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.UpdateObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + def delete_obligation( + self, + request: policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="DeleteObligation", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.DeleteObligationRequest, + output=policy_dot_obligations_dot_obligations__pb2.DeleteObligationResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + def get_obligation_value( + self, + request: policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="GetObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationValueResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + def get_obligation_values_by_f_q_ns( + self, + request: policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + use_get: bool = False, + ) -> policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="GetObligationValuesByFQNs", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsRequest, + output=policy_dot_obligations_dot_obligations__pb2.GetObligationValuesByFQNsResponse, + idempotency_level=IdempotencyLevel.NO_SIDE_EFFECTS, + ), + headers=headers, + timeout_ms=timeout_ms, + use_get=use_get, + ) + + def create_obligation_value( + self, + request: policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="CreateObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.CreateObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + def update_obligation_value( + self, + request: policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="UpdateObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.UpdateObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + def delete_obligation_value( + self, + request: policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="DeleteObligationValue", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueRequest, + output=policy_dot_obligations_dot_obligations__pb2.DeleteObligationValueResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + def add_obligation_trigger( + self, + request: policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="AddObligationTrigger", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerRequest, + output=policy_dot_obligations_dot_obligations__pb2.AddObligationTriggerResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) + + def remove_obligation_trigger( + self, + request: policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest, + *, + headers: Headers | Mapping[str, str] | None = None, + timeout_ms: int | None = None, + ) -> policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse: + return self.execute_unary( + request=request, + method=MethodInfo( + name="RemoveObligationTrigger", + service_name="policy.obligations.Service", + input=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerRequest, + output=policy_dot_obligations_dot_obligations__pb2.RemoveObligationTriggerResponse, + idempotency_level=IdempotencyLevel.UNKNOWN, + ), + headers=headers, + timeout_ms=timeout_ms, + ) diff --git a/otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_pb2.py b/otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_pb2.py new file mode 100644 index 0000000..9a723c2 --- /dev/null +++ b/otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_pb2.py @@ -0,0 +1,110 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# NO CHECKED-IN PROTOBUF GENCODE +# source: policy/obligations/obligations.proto +# Protobuf Python Version: 6.31.1 +"""Generated protocol buffer code.""" +from google.protobuf import descriptor as _descriptor +from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version +from google.protobuf import symbol_database as _symbol_database +from google.protobuf.internal import builder as _builder +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 6, + 31, + 1, + '', + 'policy/obligations/obligations.proto' +) +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from common import common_pb2 as common_dot_common__pb2 +from policy import objects_pb2 as policy_dot_objects__pb2 +from policy import selectors_pb2 as policy_dot_selectors__pb2 + + +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n$policy/obligations/obligations.proto\x12\x12policy.obligations\x1a\x13\x63ommon/common.proto\x1a\x14policy/objects.proto\x1a\x16policy/selectors.proto\"J\n\x14GetObligationRequest\x12\x10\n\x02id\x18\x01 \x01(\tH\x00R\x02id\x12\x12\n\x03\x66qn\x18\x02 \x01(\tH\x00R\x03\x66qnB\x0c\n\nidentifier\"K\n\x15GetObligationResponse\x12\x32\n\nobligation\x18\x01 \x01(\x0b\x32\x12.policy.ObligationR\nobligation\"1\n\x1bGetObligationsByFQNsRequest\x12\x12\n\x04\x66qns\x18\x01 \x03(\tR\x04\x66qns\"\xed\x01\n\x1cGetObligationsByFQNsResponse\x12t\n\x12\x66qn_obligation_map\x18\x01 \x03(\x0b\x32\x46.policy.obligations.GetObligationsByFQNsResponse.FqnObligationMapEntryR\x10\x66qnObligationMap\x1aW\n\x15\x46qnObligationMapEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12(\n\x05value\x18\x02 \x01(\x0b\x32\x12.policy.ObligationR\x05value:\x02\x38\x01\"\xa0\x01\n\x17\x43reateObligationRequest\x12\x10\n\x02id\x18\x01 \x01(\tH\x00R\x02id\x12\x12\n\x03\x66qn\x18\x02 \x01(\tH\x00R\x03\x66qn\x12\x12\n\x04name\x18\x03 \x01(\tR\x04name\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadataB\x16\n\x14namespace_identifier\"N\n\x18\x43reateObligationResponse\x12\x32\n\nobligation\x18\x01 \x01(\x0b\x32\x12.policy.ObligationR\nobligation\"\xc8\x01\n\x17UpdateObligationRequest\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n\x04name\x18\x02 \x01(\tR\x04name\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\x12T\n\x18metadata_update_behavior\x18\x65 \x01(\x0e\x32\x1a.common.MetadataUpdateEnumR\x16metadataUpdateBehavior\"N\n\x18UpdateObligationResponse\x12\x32\n\nobligation\x18\x01 \x01(\x0b\x32\x12.policy.ObligationR\nobligation\"M\n\x17\x44\x65leteObligationRequest\x12\x10\n\x02id\x18\x01 \x01(\tH\x00R\x02id\x12\x12\n\x03\x66qn\x18\x02 \x01(\tH\x00R\x03\x66qnB\x0c\n\nidentifier\"N\n\x18\x44\x65leteObligationResponse\x12\x32\n\nobligation\x18\x01 \x01(\x0b\x32\x12.policy.ObligationR\nobligation\"\x8b\x01\n\x16ListObligationsRequest\x12\x10\n\x02id\x18\x01 \x01(\tH\x00R\x02id\x12\x12\n\x03\x66qn\x18\x02 \x01(\tH\x00R\x03\x66qn\x12\x33\n\npagination\x18\n \x01(\x0b\x32\x13.policy.PageRequestR\npaginationB\x16\n\x14namespace_identifier\"\x85\x01\n\x17ListObligationsResponse\x12\x34\n\x0bobligations\x18\x01 \x03(\x0b\x32\x12.policy.ObligationR\x0bobligations\x12\x34\n\npagination\x18\n \x01(\x0b\x32\x14.policy.PageResponseR\npagination\"O\n\x19GetObligationValueRequest\x12\x10\n\x02id\x18\x01 \x01(\tH\x00R\x02id\x12\x12\n\x03\x66qn\x18\x02 \x01(\tH\x00R\x03\x66qnB\x0c\n\nidentifier\"K\n\x1aGetObligationValueResponse\x12-\n\x05value\x18\x01 \x01(\x0b\x32\x17.policy.ObligationValueR\x05value\"6\n GetObligationValuesByFQNsRequest\x12\x12\n\x04\x66qns\x18\x01 \x03(\tR\x04\x66qns\"\xe8\x01\n!GetObligationValuesByFQNsResponse\x12j\n\rfqn_value_map\x18\x01 \x03(\x0b\x32\x46.policy.obligations.GetObligationValuesByFQNsResponse.FqnValueMapEntryR\x0b\x66qnValueMap\x1aW\n\x10\x46qnValueMapEntry\x12\x10\n\x03key\x18\x01 \x01(\tR\x03key\x12-\n\x05value\x18\x02 \x01(\x0b\x32\x17.policy.ObligationValueR\x05value:\x02\x38\x01\"\xa8\x01\n\x1c\x43reateObligationValueRequest\x12\x10\n\x02id\x18\x01 \x01(\tH\x00R\x02id\x12\x12\n\x03\x66qn\x18\x02 \x01(\tH\x00R\x03\x66qn\x12\x14\n\x05value\x18\x03 \x01(\tR\x05value\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadataB\x17\n\x15obligation_identifier\"N\n\x1d\x43reateObligationValueResponse\x12-\n\x05value\x18\x01 \x01(\x0b\x32\x17.policy.ObligationValueR\x05value\"\xcf\x01\n\x1cUpdateObligationValueRequest\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\x12\x14\n\x05value\x18\x02 \x01(\tR\x05value\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\x12T\n\x18metadata_update_behavior\x18\x65 \x01(\x0e\x32\x1a.common.MetadataUpdateEnumR\x16metadataUpdateBehavior\"N\n\x1dUpdateObligationValueResponse\x12-\n\x05value\x18\x01 \x01(\x0b\x32\x17.policy.ObligationValueR\x05value\"R\n\x1c\x44\x65leteObligationValueRequest\x12\x10\n\x02id\x18\x01 \x01(\tH\x00R\x02id\x12\x12\n\x03\x66qn\x18\x02 \x01(\tH\x00R\x03\x66qnB\x0c\n\nidentifier\"N\n\x1d\x44\x65leteObligationValueResponse\x12-\n\x05value\x18\x01 \x01(\x0b\x32\x17.policy.ObligationValueR\x05value\"\xcd\x01\n\x1b\x41\x64\x64ObligationTriggerRequest\x12.\n\x13obligation_value_id\x18\x01 \x01(\tR\x11obligationValueId\x12\x1b\n\taction_id\x18\x02 \x01(\tR\x08\x61\x63tionId\x12,\n\x12\x61ttribute_value_id\x18\x03 \x01(\tR\x10\x61ttributeValueId\x12\x33\n\x08metadata\x18\x64 \x01(\x0b\x32\x17.common.MetadataMutableR\x08metadata\"S\n\x1c\x41\x64\x64ObligationTriggerResponse\x12\x33\n\x07trigger\x18\x01 \x01(\x0b\x32\x19.policy.ObligationTriggerR\x07trigger\"0\n\x1eRemoveObligationTriggerRequest\x12\x0e\n\x02id\x18\x01 \x01(\tR\x02id\"V\n\x1fRemoveObligationTriggerResponse\x12\x33\n\x07trigger\x18\x01 \x01(\x0b\x32\x19.policy.ObligationTriggerR\x07trigger2\xc6\x0c\n\x07Service\x12o\n\x0fListObligations\x12*.policy.obligations.ListObligationsRequest\x1a+.policy.obligations.ListObligationsResponse\"\x03\x90\x02\x01\x12i\n\rGetObligation\x12(.policy.obligations.GetObligationRequest\x1a).policy.obligations.GetObligationResponse\"\x03\x90\x02\x01\x12~\n\x14GetObligationsByFQNs\x12/.policy.obligations.GetObligationsByFQNsRequest\x1a\x30.policy.obligations.GetObligationsByFQNsResponse\"\x03\x90\x02\x01\x12o\n\x10\x43reateObligation\x12+.policy.obligations.CreateObligationRequest\x1a,.policy.obligations.CreateObligationResponse\"\x00\x12o\n\x10UpdateObligation\x12+.policy.obligations.UpdateObligationRequest\x1a,.policy.obligations.UpdateObligationResponse\"\x00\x12o\n\x10\x44\x65leteObligation\x12+.policy.obligations.DeleteObligationRequest\x1a,.policy.obligations.DeleteObligationResponse\"\x00\x12x\n\x12GetObligationValue\x12-.policy.obligations.GetObligationValueRequest\x1a..policy.obligations.GetObligationValueResponse\"\x03\x90\x02\x01\x12\x8d\x01\n\x19GetObligationValuesByFQNs\x12\x34.policy.obligations.GetObligationValuesByFQNsRequest\x1a\x35.policy.obligations.GetObligationValuesByFQNsResponse\"\x03\x90\x02\x01\x12~\n\x15\x43reateObligationValue\x12\x30.policy.obligations.CreateObligationValueRequest\x1a\x31.policy.obligations.CreateObligationValueResponse\"\x00\x12~\n\x15UpdateObligationValue\x12\x30.policy.obligations.UpdateObligationValueRequest\x1a\x31.policy.obligations.UpdateObligationValueResponse\"\x00\x12~\n\x15\x44\x65leteObligationValue\x12\x30.policy.obligations.DeleteObligationValueRequest\x1a\x31.policy.obligations.DeleteObligationValueResponse\"\x00\x12{\n\x14\x41\x64\x64ObligationTrigger\x12/.policy.obligations.AddObligationTriggerRequest\x1a\x30.policy.obligations.AddObligationTriggerResponse\"\x00\x12\x84\x01\n\x17RemoveObligationTrigger\x12\x32.policy.obligations.RemoveObligationTriggerRequest\x1a\x33.policy.obligations.RemoveObligationTriggerResponse\"\x00\x42\x93\x01\n\x16\x63om.policy.obligationsB\x10ObligationsProtoP\x01\xa2\x02\x03POX\xaa\x02\x12Policy.Obligations\xca\x02\x12Policy\\Obligations\xe2\x02\x1ePolicy\\Obligations\\GPBMetadata\xea\x02\x13Policy::Obligationsb\x06proto3') + +_globals = globals() +_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) +_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'policy.obligations.obligations_pb2', _globals) +if not _descriptor._USE_C_DESCRIPTORS: + _globals['DESCRIPTOR']._loaded_options = None + _globals['DESCRIPTOR']._serialized_options = b'\n\026com.policy.obligationsB\020ObligationsProtoP\001\242\002\003POX\252\002\022Policy.Obligations\312\002\022Policy\\Obligations\342\002\036Policy\\Obligations\\GPBMetadata\352\002\023Policy::Obligations' + _globals['_GETOBLIGATIONSBYFQNSRESPONSE_FQNOBLIGATIONMAPENTRY']._loaded_options = None + _globals['_GETOBLIGATIONSBYFQNSRESPONSE_FQNOBLIGATIONMAPENTRY']._serialized_options = b'8\001' + _globals['_GETOBLIGATIONVALUESBYFQNSRESPONSE_FQNVALUEMAPENTRY']._loaded_options = None + _globals['_GETOBLIGATIONVALUESBYFQNSRESPONSE_FQNVALUEMAPENTRY']._serialized_options = b'8\001' + _globals['_SERVICE'].methods_by_name['ListObligations']._loaded_options = None + _globals['_SERVICE'].methods_by_name['ListObligations']._serialized_options = b'\220\002\001' + _globals['_SERVICE'].methods_by_name['GetObligation']._loaded_options = None + _globals['_SERVICE'].methods_by_name['GetObligation']._serialized_options = b'\220\002\001' + _globals['_SERVICE'].methods_by_name['GetObligationsByFQNs']._loaded_options = None + _globals['_SERVICE'].methods_by_name['GetObligationsByFQNs']._serialized_options = b'\220\002\001' + _globals['_SERVICE'].methods_by_name['GetObligationValue']._loaded_options = None + _globals['_SERVICE'].methods_by_name['GetObligationValue']._serialized_options = b'\220\002\001' + _globals['_SERVICE'].methods_by_name['GetObligationValuesByFQNs']._loaded_options = None + _globals['_SERVICE'].methods_by_name['GetObligationValuesByFQNs']._serialized_options = b'\220\002\001' + _globals['_GETOBLIGATIONREQUEST']._serialized_start=127 + _globals['_GETOBLIGATIONREQUEST']._serialized_end=201 + _globals['_GETOBLIGATIONRESPONSE']._serialized_start=203 + _globals['_GETOBLIGATIONRESPONSE']._serialized_end=278 + _globals['_GETOBLIGATIONSBYFQNSREQUEST']._serialized_start=280 + _globals['_GETOBLIGATIONSBYFQNSREQUEST']._serialized_end=329 + _globals['_GETOBLIGATIONSBYFQNSRESPONSE']._serialized_start=332 + _globals['_GETOBLIGATIONSBYFQNSRESPONSE']._serialized_end=569 + _globals['_GETOBLIGATIONSBYFQNSRESPONSE_FQNOBLIGATIONMAPENTRY']._serialized_start=482 + _globals['_GETOBLIGATIONSBYFQNSRESPONSE_FQNOBLIGATIONMAPENTRY']._serialized_end=569 + _globals['_CREATEOBLIGATIONREQUEST']._serialized_start=572 + _globals['_CREATEOBLIGATIONREQUEST']._serialized_end=732 + _globals['_CREATEOBLIGATIONRESPONSE']._serialized_start=734 + _globals['_CREATEOBLIGATIONRESPONSE']._serialized_end=812 + _globals['_UPDATEOBLIGATIONREQUEST']._serialized_start=815 + _globals['_UPDATEOBLIGATIONREQUEST']._serialized_end=1015 + _globals['_UPDATEOBLIGATIONRESPONSE']._serialized_start=1017 + _globals['_UPDATEOBLIGATIONRESPONSE']._serialized_end=1095 + _globals['_DELETEOBLIGATIONREQUEST']._serialized_start=1097 + _globals['_DELETEOBLIGATIONREQUEST']._serialized_end=1174 + _globals['_DELETEOBLIGATIONRESPONSE']._serialized_start=1176 + _globals['_DELETEOBLIGATIONRESPONSE']._serialized_end=1254 + _globals['_LISTOBLIGATIONSREQUEST']._serialized_start=1257 + _globals['_LISTOBLIGATIONSREQUEST']._serialized_end=1396 + _globals['_LISTOBLIGATIONSRESPONSE']._serialized_start=1399 + _globals['_LISTOBLIGATIONSRESPONSE']._serialized_end=1532 + _globals['_GETOBLIGATIONVALUEREQUEST']._serialized_start=1534 + _globals['_GETOBLIGATIONVALUEREQUEST']._serialized_end=1613 + _globals['_GETOBLIGATIONVALUERESPONSE']._serialized_start=1615 + _globals['_GETOBLIGATIONVALUERESPONSE']._serialized_end=1690 + _globals['_GETOBLIGATIONVALUESBYFQNSREQUEST']._serialized_start=1692 + _globals['_GETOBLIGATIONVALUESBYFQNSREQUEST']._serialized_end=1746 + _globals['_GETOBLIGATIONVALUESBYFQNSRESPONSE']._serialized_start=1749 + _globals['_GETOBLIGATIONVALUESBYFQNSRESPONSE']._serialized_end=1981 + _globals['_GETOBLIGATIONVALUESBYFQNSRESPONSE_FQNVALUEMAPENTRY']._serialized_start=1894 + _globals['_GETOBLIGATIONVALUESBYFQNSRESPONSE_FQNVALUEMAPENTRY']._serialized_end=1981 + _globals['_CREATEOBLIGATIONVALUEREQUEST']._serialized_start=1984 + _globals['_CREATEOBLIGATIONVALUEREQUEST']._serialized_end=2152 + _globals['_CREATEOBLIGATIONVALUERESPONSE']._serialized_start=2154 + _globals['_CREATEOBLIGATIONVALUERESPONSE']._serialized_end=2232 + _globals['_UPDATEOBLIGATIONVALUEREQUEST']._serialized_start=2235 + _globals['_UPDATEOBLIGATIONVALUEREQUEST']._serialized_end=2442 + _globals['_UPDATEOBLIGATIONVALUERESPONSE']._serialized_start=2444 + _globals['_UPDATEOBLIGATIONVALUERESPONSE']._serialized_end=2522 + _globals['_DELETEOBLIGATIONVALUEREQUEST']._serialized_start=2524 + _globals['_DELETEOBLIGATIONVALUEREQUEST']._serialized_end=2606 + _globals['_DELETEOBLIGATIONVALUERESPONSE']._serialized_start=2608 + _globals['_DELETEOBLIGATIONVALUERESPONSE']._serialized_end=2686 + _globals['_ADDOBLIGATIONTRIGGERREQUEST']._serialized_start=2689 + _globals['_ADDOBLIGATIONTRIGGERREQUEST']._serialized_end=2894 + _globals['_ADDOBLIGATIONTRIGGERRESPONSE']._serialized_start=2896 + _globals['_ADDOBLIGATIONTRIGGERRESPONSE']._serialized_end=2979 + _globals['_REMOVEOBLIGATIONTRIGGERREQUEST']._serialized_start=2981 + _globals['_REMOVEOBLIGATIONTRIGGERREQUEST']._serialized_end=3029 + _globals['_REMOVEOBLIGATIONTRIGGERRESPONSE']._serialized_start=3031 + _globals['_REMOVEOBLIGATIONTRIGGERRESPONSE']._serialized_end=3117 + _globals['_SERVICE']._serialized_start=3120 + _globals['_SERVICE']._serialized_end=4726 +# @@protoc_insertion_point(module_scope) diff --git a/otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_pb2.pyi b/otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_pb2.pyi new file mode 100644 index 0000000..00ba1d7 --- /dev/null +++ b/otdf-python-proto/src/otdf_python_proto/policy/obligations/obligations_pb2.pyi @@ -0,0 +1,224 @@ +from common import common_pb2 as _common_pb2 +from policy import objects_pb2 as _objects_pb2 +from policy import selectors_pb2 as _selectors_pb2 +from google.protobuf.internal import containers as _containers +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from collections.abc import Iterable as _Iterable, Mapping as _Mapping +from typing import ClassVar as _ClassVar, Optional as _Optional, Union as _Union + +DESCRIPTOR: _descriptor.FileDescriptor + +class GetObligationRequest(_message.Message): + __slots__ = ("id", "fqn") + ID_FIELD_NUMBER: _ClassVar[int] + FQN_FIELD_NUMBER: _ClassVar[int] + id: str + fqn: str + def __init__(self, id: _Optional[str] = ..., fqn: _Optional[str] = ...) -> None: ... + +class GetObligationResponse(_message.Message): + __slots__ = ("obligation",) + OBLIGATION_FIELD_NUMBER: _ClassVar[int] + obligation: _objects_pb2.Obligation + def __init__(self, obligation: _Optional[_Union[_objects_pb2.Obligation, _Mapping]] = ...) -> None: ... + +class GetObligationsByFQNsRequest(_message.Message): + __slots__ = ("fqns",) + FQNS_FIELD_NUMBER: _ClassVar[int] + fqns: _containers.RepeatedScalarFieldContainer[str] + def __init__(self, fqns: _Optional[_Iterable[str]] = ...) -> None: ... + +class GetObligationsByFQNsResponse(_message.Message): + __slots__ = ("fqn_obligation_map",) + class FqnObligationMapEntry(_message.Message): + __slots__ = ("key", "value") + KEY_FIELD_NUMBER: _ClassVar[int] + VALUE_FIELD_NUMBER: _ClassVar[int] + key: str + value: _objects_pb2.Obligation + def __init__(self, key: _Optional[str] = ..., value: _Optional[_Union[_objects_pb2.Obligation, _Mapping]] = ...) -> None: ... + FQN_OBLIGATION_MAP_FIELD_NUMBER: _ClassVar[int] + fqn_obligation_map: _containers.MessageMap[str, _objects_pb2.Obligation] + def __init__(self, fqn_obligation_map: _Optional[_Mapping[str, _objects_pb2.Obligation]] = ...) -> None: ... + +class CreateObligationRequest(_message.Message): + __slots__ = ("id", "fqn", "name", "metadata") + ID_FIELD_NUMBER: _ClassVar[int] + FQN_FIELD_NUMBER: _ClassVar[int] + NAME_FIELD_NUMBER: _ClassVar[int] + METADATA_FIELD_NUMBER: _ClassVar[int] + id: str + fqn: str + name: str + metadata: _common_pb2.MetadataMutable + def __init__(self, id: _Optional[str] = ..., fqn: _Optional[str] = ..., name: _Optional[str] = ..., metadata: _Optional[_Union[_common_pb2.MetadataMutable, _Mapping]] = ...) -> None: ... + +class CreateObligationResponse(_message.Message): + __slots__ = ("obligation",) + OBLIGATION_FIELD_NUMBER: _ClassVar[int] + obligation: _objects_pb2.Obligation + def __init__(self, obligation: _Optional[_Union[_objects_pb2.Obligation, _Mapping]] = ...) -> None: ... + +class UpdateObligationRequest(_message.Message): + __slots__ = ("id", "name", "metadata", "metadata_update_behavior") + ID_FIELD_NUMBER: _ClassVar[int] + NAME_FIELD_NUMBER: _ClassVar[int] + METADATA_FIELD_NUMBER: _ClassVar[int] + METADATA_UPDATE_BEHAVIOR_FIELD_NUMBER: _ClassVar[int] + id: str + name: str + metadata: _common_pb2.MetadataMutable + metadata_update_behavior: _common_pb2.MetadataUpdateEnum + def __init__(self, id: _Optional[str] = ..., name: _Optional[str] = ..., metadata: _Optional[_Union[_common_pb2.MetadataMutable, _Mapping]] = ..., metadata_update_behavior: _Optional[_Union[_common_pb2.MetadataUpdateEnum, str]] = ...) -> None: ... + +class UpdateObligationResponse(_message.Message): + __slots__ = ("obligation",) + OBLIGATION_FIELD_NUMBER: _ClassVar[int] + obligation: _objects_pb2.Obligation + def __init__(self, obligation: _Optional[_Union[_objects_pb2.Obligation, _Mapping]] = ...) -> None: ... + +class DeleteObligationRequest(_message.Message): + __slots__ = ("id", "fqn") + ID_FIELD_NUMBER: _ClassVar[int] + FQN_FIELD_NUMBER: _ClassVar[int] + id: str + fqn: str + def __init__(self, id: _Optional[str] = ..., fqn: _Optional[str] = ...) -> None: ... + +class DeleteObligationResponse(_message.Message): + __slots__ = ("obligation",) + OBLIGATION_FIELD_NUMBER: _ClassVar[int] + obligation: _objects_pb2.Obligation + def __init__(self, obligation: _Optional[_Union[_objects_pb2.Obligation, _Mapping]] = ...) -> None: ... + +class ListObligationsRequest(_message.Message): + __slots__ = ("id", "fqn", "pagination") + ID_FIELD_NUMBER: _ClassVar[int] + FQN_FIELD_NUMBER: _ClassVar[int] + PAGINATION_FIELD_NUMBER: _ClassVar[int] + id: str + fqn: str + pagination: _selectors_pb2.PageRequest + def __init__(self, id: _Optional[str] = ..., fqn: _Optional[str] = ..., pagination: _Optional[_Union[_selectors_pb2.PageRequest, _Mapping]] = ...) -> None: ... + +class ListObligationsResponse(_message.Message): + __slots__ = ("obligations", "pagination") + OBLIGATIONS_FIELD_NUMBER: _ClassVar[int] + PAGINATION_FIELD_NUMBER: _ClassVar[int] + obligations: _containers.RepeatedCompositeFieldContainer[_objects_pb2.Obligation] + pagination: _selectors_pb2.PageResponse + def __init__(self, obligations: _Optional[_Iterable[_Union[_objects_pb2.Obligation, _Mapping]]] = ..., pagination: _Optional[_Union[_selectors_pb2.PageResponse, _Mapping]] = ...) -> None: ... + +class GetObligationValueRequest(_message.Message): + __slots__ = ("id", "fqn") + ID_FIELD_NUMBER: _ClassVar[int] + FQN_FIELD_NUMBER: _ClassVar[int] + id: str + fqn: str + def __init__(self, id: _Optional[str] = ..., fqn: _Optional[str] = ...) -> None: ... + +class GetObligationValueResponse(_message.Message): + __slots__ = ("value",) + VALUE_FIELD_NUMBER: _ClassVar[int] + value: _objects_pb2.ObligationValue + def __init__(self, value: _Optional[_Union[_objects_pb2.ObligationValue, _Mapping]] = ...) -> None: ... + +class GetObligationValuesByFQNsRequest(_message.Message): + __slots__ = ("fqns",) + FQNS_FIELD_NUMBER: _ClassVar[int] + fqns: _containers.RepeatedScalarFieldContainer[str] + def __init__(self, fqns: _Optional[_Iterable[str]] = ...) -> None: ... + +class GetObligationValuesByFQNsResponse(_message.Message): + __slots__ = ("fqn_value_map",) + class FqnValueMapEntry(_message.Message): + __slots__ = ("key", "value") + KEY_FIELD_NUMBER: _ClassVar[int] + VALUE_FIELD_NUMBER: _ClassVar[int] + key: str + value: _objects_pb2.ObligationValue + def __init__(self, key: _Optional[str] = ..., value: _Optional[_Union[_objects_pb2.ObligationValue, _Mapping]] = ...) -> None: ... + FQN_VALUE_MAP_FIELD_NUMBER: _ClassVar[int] + fqn_value_map: _containers.MessageMap[str, _objects_pb2.ObligationValue] + def __init__(self, fqn_value_map: _Optional[_Mapping[str, _objects_pb2.ObligationValue]] = ...) -> None: ... + +class CreateObligationValueRequest(_message.Message): + __slots__ = ("id", "fqn", "value", "metadata") + ID_FIELD_NUMBER: _ClassVar[int] + FQN_FIELD_NUMBER: _ClassVar[int] + VALUE_FIELD_NUMBER: _ClassVar[int] + METADATA_FIELD_NUMBER: _ClassVar[int] + id: str + fqn: str + value: str + metadata: _common_pb2.MetadataMutable + def __init__(self, id: _Optional[str] = ..., fqn: _Optional[str] = ..., value: _Optional[str] = ..., metadata: _Optional[_Union[_common_pb2.MetadataMutable, _Mapping]] = ...) -> None: ... + +class CreateObligationValueResponse(_message.Message): + __slots__ = ("value",) + VALUE_FIELD_NUMBER: _ClassVar[int] + value: _objects_pb2.ObligationValue + def __init__(self, value: _Optional[_Union[_objects_pb2.ObligationValue, _Mapping]] = ...) -> None: ... + +class UpdateObligationValueRequest(_message.Message): + __slots__ = ("id", "value", "metadata", "metadata_update_behavior") + ID_FIELD_NUMBER: _ClassVar[int] + VALUE_FIELD_NUMBER: _ClassVar[int] + METADATA_FIELD_NUMBER: _ClassVar[int] + METADATA_UPDATE_BEHAVIOR_FIELD_NUMBER: _ClassVar[int] + id: str + value: str + metadata: _common_pb2.MetadataMutable + metadata_update_behavior: _common_pb2.MetadataUpdateEnum + def __init__(self, id: _Optional[str] = ..., value: _Optional[str] = ..., metadata: _Optional[_Union[_common_pb2.MetadataMutable, _Mapping]] = ..., metadata_update_behavior: _Optional[_Union[_common_pb2.MetadataUpdateEnum, str]] = ...) -> None: ... + +class UpdateObligationValueResponse(_message.Message): + __slots__ = ("value",) + VALUE_FIELD_NUMBER: _ClassVar[int] + value: _objects_pb2.ObligationValue + def __init__(self, value: _Optional[_Union[_objects_pb2.ObligationValue, _Mapping]] = ...) -> None: ... + +class DeleteObligationValueRequest(_message.Message): + __slots__ = ("id", "fqn") + ID_FIELD_NUMBER: _ClassVar[int] + FQN_FIELD_NUMBER: _ClassVar[int] + id: str + fqn: str + def __init__(self, id: _Optional[str] = ..., fqn: _Optional[str] = ...) -> None: ... + +class DeleteObligationValueResponse(_message.Message): + __slots__ = ("value",) + VALUE_FIELD_NUMBER: _ClassVar[int] + value: _objects_pb2.ObligationValue + def __init__(self, value: _Optional[_Union[_objects_pb2.ObligationValue, _Mapping]] = ...) -> None: ... + +class AddObligationTriggerRequest(_message.Message): + __slots__ = ("obligation_value_id", "action_id", "attribute_value_id", "metadata") + OBLIGATION_VALUE_ID_FIELD_NUMBER: _ClassVar[int] + ACTION_ID_FIELD_NUMBER: _ClassVar[int] + ATTRIBUTE_VALUE_ID_FIELD_NUMBER: _ClassVar[int] + METADATA_FIELD_NUMBER: _ClassVar[int] + obligation_value_id: str + action_id: str + attribute_value_id: str + metadata: _common_pb2.MetadataMutable + def __init__(self, obligation_value_id: _Optional[str] = ..., action_id: _Optional[str] = ..., attribute_value_id: _Optional[str] = ..., metadata: _Optional[_Union[_common_pb2.MetadataMutable, _Mapping]] = ...) -> None: ... + +class AddObligationTriggerResponse(_message.Message): + __slots__ = ("trigger",) + TRIGGER_FIELD_NUMBER: _ClassVar[int] + trigger: _objects_pb2.ObligationTrigger + def __init__(self, trigger: _Optional[_Union[_objects_pb2.ObligationTrigger, _Mapping]] = ...) -> None: ... + +class RemoveObligationTriggerRequest(_message.Message): + __slots__ = ("id",) + ID_FIELD_NUMBER: _ClassVar[int] + id: str + def __init__(self, id: _Optional[str] = ...) -> None: ... + +class RemoveObligationTriggerResponse(_message.Message): + __slots__ = ("trigger",) + TRIGGER_FIELD_NUMBER: _ClassVar[int] + trigger: _objects_pb2.ObligationTrigger + def __init__(self, trigger: _Optional[_Union[_objects_pb2.ObligationTrigger, _Mapping]] = ...) -> None: ... diff --git a/otdf-python-proto/src/otdf_python_proto/policy/unsafe/unsafe_pb2.py b/otdf-python-proto/src/otdf_python_proto/policy/unsafe/unsafe_pb2.py index 839cea2..a105fd9 100644 --- a/otdf-python-proto/src/otdf_python_proto/policy/unsafe/unsafe_pb2.py +++ b/otdf-python-proto/src/otdf_python_proto/policy/unsafe/unsafe_pb2.py @@ -26,7 +26,7 @@ from policy import objects_pb2 as policy_dot_objects__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x1apolicy/unsafe/unsafe.proto\x12\rpolicy.unsafe\x1a\x1b\x62uf/validate/validate.proto\x1a\x14policy/objects.proto\"\xeb\x04\n\x1cUnsafeUpdateNamespaceRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\xb0\x04\n\x04name\x18\x02 \x01(\tB\x9b\x04\xbaH\x97\x04r\x03\x18\xfd\x01\xba\x01\x8e\x04\n\x15namespace_name_format\x12\xa1\x03Namespace must be a valid hostname. It should include at least one dot, with each segment (label) starting and ending with an alphanumeric character. Each label must be 1 to 63 characters long, allowing hyphens but not as the first or last character. The top-level domain (the last segment after the final dot) must consist of at least two alphabetic characters. The stored namespace will be normalized to lower case.\x1aQthis.matches(\'^([a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?\\\\.)+[a-zA-Z]{2,}$\')R\x04name\"P\n\x1dUnsafeUpdateNamespaceResponse\x12/\n\tnamespace\x18\x01 \x01(\x0b\x32\x11.policy.NamespaceR\tnamespace\"<\n UnsafeReactivateNamespaceRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"T\n!UnsafeReactivateNamespaceResponse\x12/\n\tnamespace\x18\x01 \x01(\x0b\x32\x11.policy.NamespaceR\tnamespace\"R\n\x1cUnsafeDeleteNamespaceRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x18\n\x03\x66qn\x18\x02 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x03\x66qn\"P\n\x1dUnsafeDeleteNamespaceResponse\x12/\n\tnamespace\x18\x01 \x01(\x0b\x32\x11.policy.NamespaceR\tnamespace\"\xe2\x03\n\x1cUnsafeUpdateAttributeRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\xc7\x02\n\x04name\x18\x02 \x01(\tB\xb2\x02\xbaH\xae\x02r\x03\x18\xfd\x01\xba\x01\xa2\x02\n\x15\x61ttribute_name_format\x12\xb3\x01\x41ttribute name must be an alphanumeric string, allowing hyphens and underscores but not as the first or last character. The stored attribute name will be normalized to lower case.\x1aSsize(this) > 0 ? this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\') : true\xc8\x01\x00R\x04name\x12;\n\x04rule\x18\x03 \x01(\x0e\x32\x1d.policy.AttributeRuleTypeEnumB\x08\xbaH\x05\x82\x01\x02\x10\x01R\x04rule\x12!\n\x0cvalues_order\x18\x04 \x03(\tR\x0bvaluesOrder\"P\n\x1dUnsafeUpdateAttributeResponse\x12/\n\tattribute\x18\x01 \x01(\x0b\x32\x11.policy.AttributeR\tattribute\"<\n UnsafeReactivateAttributeRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"T\n!UnsafeReactivateAttributeResponse\x12/\n\tattribute\x18\x01 \x01(\x0b\x32\x11.policy.AttributeR\tattribute\"R\n\x1cUnsafeDeleteAttributeRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x18\n\x03\x66qn\x18\x02 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x03\x66qn\"P\n\x1dUnsafeDeleteAttributeResponse\x12/\n\tattribute\x18\x01 \x01(\x0b\x32\x11.policy.AttributeR\tattribute\"\xe7\x02\n!UnsafeUpdateAttributeValueRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\xa7\x02\n\x05value\x18\x02 \x01(\tB\x90\x02\xbaH\x8c\x02r\x03\x18\xfd\x01\xba\x01\x83\x02\n\x0cvalue_format\x12\xb5\x01\x41ttribute Value must be an alphanumeric string, allowing hyphens and underscores but not as the first or last character. The stored attribute value will be normalized to lower case.\x1a;this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\')R\x05value\"I\n\"UnsafeUpdateAttributeValueResponse\x12#\n\x05value\x18\x01 \x01(\x0b\x32\r.policy.ValueR\x05value\"A\n%UnsafeReactivateAttributeValueRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"M\n&UnsafeReactivateAttributeValueResponse\x12#\n\x05value\x18\x01 \x01(\x0b\x32\r.policy.ValueR\x05value\"W\n!UnsafeDeleteAttributeValueRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x18\n\x03\x66qn\x18\x02 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x03\x66qn\"I\n\"UnsafeDeleteAttributeValueResponse\x12#\n\x05value\x18\x01 \x01(\x0b\x32\r.policy.ValueR\x05value\"5\n\x19UnsafeDeleteKasKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\";\n\x1aUnsafeDeleteKasKeyResponse\x12\x1d\n\x03key\x18\x01 \x01(\x0b\x32\x0b.policy.KeyR\x03key2\xf8\t\n\rUnsafeService\x12t\n\x15UnsafeUpdateNamespace\x12+.policy.unsafe.UnsafeUpdateNamespaceRequest\x1a,.policy.unsafe.UnsafeUpdateNamespaceResponse\"\x00\x12\x80\x01\n\x19UnsafeReactivateNamespace\x12/.policy.unsafe.UnsafeReactivateNamespaceRequest\x1a\x30.policy.unsafe.UnsafeReactivateNamespaceResponse\"\x00\x12t\n\x15UnsafeDeleteNamespace\x12+.policy.unsafe.UnsafeDeleteNamespaceRequest\x1a,.policy.unsafe.UnsafeDeleteNamespaceResponse\"\x00\x12t\n\x15UnsafeUpdateAttribute\x12+.policy.unsafe.UnsafeUpdateAttributeRequest\x1a,.policy.unsafe.UnsafeUpdateAttributeResponse\"\x00\x12\x80\x01\n\x19UnsafeReactivateAttribute\x12/.policy.unsafe.UnsafeReactivateAttributeRequest\x1a\x30.policy.unsafe.UnsafeReactivateAttributeResponse\"\x00\x12t\n\x15UnsafeDeleteAttribute\x12+.policy.unsafe.UnsafeDeleteAttributeRequest\x1a,.policy.unsafe.UnsafeDeleteAttributeResponse\"\x00\x12\x83\x01\n\x1aUnsafeUpdateAttributeValue\x12\x30.policy.unsafe.UnsafeUpdateAttributeValueRequest\x1a\x31.policy.unsafe.UnsafeUpdateAttributeValueResponse\"\x00\x12\x8f\x01\n\x1eUnsafeReactivateAttributeValue\x12\x34.policy.unsafe.UnsafeReactivateAttributeValueRequest\x1a\x35.policy.unsafe.UnsafeReactivateAttributeValueResponse\"\x00\x12\x83\x01\n\x1aUnsafeDeleteAttributeValue\x12\x30.policy.unsafe.UnsafeDeleteAttributeValueRequest\x1a\x31.policy.unsafe.UnsafeDeleteAttributeValueResponse\"\x00\x12k\n\x12UnsafeDeleteKasKey\x12(.policy.unsafe.UnsafeDeleteKasKeyRequest\x1a).policy.unsafe.UnsafeDeleteKasKeyResponse\"\x00\x42u\n\x11\x63om.policy.unsafeB\x0bUnsafeProtoP\x01\xa2\x02\x03PUX\xaa\x02\rPolicy.Unsafe\xca\x02\rPolicy\\Unsafe\xe2\x02\x19Policy\\Unsafe\\GPBMetadata\xea\x02\x0ePolicy::Unsafeb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x1apolicy/unsafe/unsafe.proto\x12\rpolicy.unsafe\x1a\x1b\x62uf/validate/validate.proto\x1a\x14policy/objects.proto\"\xeb\x04\n\x1cUnsafeUpdateNamespaceRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\xb0\x04\n\x04name\x18\x02 \x01(\tB\x9b\x04\xbaH\x97\x04r\x03\x18\xfd\x01\xba\x01\x8e\x04\n\x15namespace_name_format\x12\xa1\x03Namespace must be a valid hostname. It should include at least one dot, with each segment (label) starting and ending with an alphanumeric character. Each label must be 1 to 63 characters long, allowing hyphens but not as the first or last character. The top-level domain (the last segment after the final dot) must consist of at least two alphabetic characters. The stored namespace will be normalized to lower case.\x1aQthis.matches(\'^([a-zA-Z0-9]([a-zA-Z0-9\\\\-]{0,61}[a-zA-Z0-9])?\\\\.)+[a-zA-Z]{2,}$\')R\x04name\"P\n\x1dUnsafeUpdateNamespaceResponse\x12/\n\tnamespace\x18\x01 \x01(\x0b\x32\x11.policy.NamespaceR\tnamespace\"<\n UnsafeReactivateNamespaceRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"T\n!UnsafeReactivateNamespaceResponse\x12/\n\tnamespace\x18\x01 \x01(\x0b\x32\x11.policy.NamespaceR\tnamespace\"R\n\x1cUnsafeDeleteNamespaceRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x18\n\x03\x66qn\x18\x02 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x03\x66qn\"P\n\x1dUnsafeDeleteNamespaceResponse\x12/\n\tnamespace\x18\x01 \x01(\x0b\x32\x11.policy.NamespaceR\tnamespace\"\xe2\x03\n\x1cUnsafeUpdateAttributeRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\xc7\x02\n\x04name\x18\x02 \x01(\tB\xb2\x02\xbaH\xae\x02r\x03\x18\xfd\x01\xba\x01\xa2\x02\n\x15\x61ttribute_name_format\x12\xb3\x01\x41ttribute name must be an alphanumeric string, allowing hyphens and underscores but not as the first or last character. The stored attribute name will be normalized to lower case.\x1aSsize(this) > 0 ? this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\') : true\xc8\x01\x00R\x04name\x12;\n\x04rule\x18\x03 \x01(\x0e\x32\x1d.policy.AttributeRuleTypeEnumB\x08\xbaH\x05\x82\x01\x02\x10\x01R\x04rule\x12!\n\x0cvalues_order\x18\x04 \x03(\tR\x0bvaluesOrder\"P\n\x1dUnsafeUpdateAttributeResponse\x12/\n\tattribute\x18\x01 \x01(\x0b\x32\x11.policy.AttributeR\tattribute\"<\n UnsafeReactivateAttributeRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"T\n!UnsafeReactivateAttributeResponse\x12/\n\tattribute\x18\x01 \x01(\x0b\x32\x11.policy.AttributeR\tattribute\"R\n\x1cUnsafeDeleteAttributeRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x18\n\x03\x66qn\x18\x02 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x03\x66qn\"P\n\x1dUnsafeDeleteAttributeResponse\x12/\n\tattribute\x18\x01 \x01(\x0b\x32\x11.policy.AttributeR\tattribute\"\xe7\x02\n!UnsafeUpdateAttributeValueRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\xa7\x02\n\x05value\x18\x02 \x01(\tB\x90\x02\xbaH\x8c\x02r\x03\x18\xfd\x01\xba\x01\x83\x02\n\x0cvalue_format\x12\xb5\x01\x41ttribute Value must be an alphanumeric string, allowing hyphens and underscores but not as the first or last character. The stored attribute value will be normalized to lower case.\x1a;this.matches(\'^[a-zA-Z0-9](?:[a-zA-Z0-9_-]*[a-zA-Z0-9])?$\')R\x05value\"I\n\"UnsafeUpdateAttributeValueResponse\x12#\n\x05value\x18\x01 \x01(\x0b\x32\r.policy.ValueR\x05value\"A\n%UnsafeReactivateAttributeValueRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\"M\n&UnsafeReactivateAttributeValueResponse\x12#\n\x05value\x18\x01 \x01(\x0b\x32\r.policy.ValueR\x05value\"W\n!UnsafeDeleteAttributeValueRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x18\n\x03\x66qn\x18\x02 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x03\x66qn\"I\n\"UnsafeDeleteAttributeValueResponse\x12#\n\x05value\x18\x01 \x01(\x0b\x32\r.policy.ValueR\x05value\"p\n\x19UnsafeDeleteKasKeyRequest\x12\x18\n\x02id\x18\x01 \x01(\tB\x08\xbaH\x05r\x03\xb0\x01\x01R\x02id\x12\x18\n\x03kid\x18\x02 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x03kid\x12\x1f\n\x07kas_uri\x18\x03 \x01(\tB\x06\xbaH\x03\xc8\x01\x01R\x06kasUri\">\n\x1aUnsafeDeleteKasKeyResponse\x12 \n\x03key\x18\x01 \x01(\x0b\x32\x0e.policy.KasKeyR\x03key2\xf8\t\n\rUnsafeService\x12t\n\x15UnsafeUpdateNamespace\x12+.policy.unsafe.UnsafeUpdateNamespaceRequest\x1a,.policy.unsafe.UnsafeUpdateNamespaceResponse\"\x00\x12\x80\x01\n\x19UnsafeReactivateNamespace\x12/.policy.unsafe.UnsafeReactivateNamespaceRequest\x1a\x30.policy.unsafe.UnsafeReactivateNamespaceResponse\"\x00\x12t\n\x15UnsafeDeleteNamespace\x12+.policy.unsafe.UnsafeDeleteNamespaceRequest\x1a,.policy.unsafe.UnsafeDeleteNamespaceResponse\"\x00\x12t\n\x15UnsafeUpdateAttribute\x12+.policy.unsafe.UnsafeUpdateAttributeRequest\x1a,.policy.unsafe.UnsafeUpdateAttributeResponse\"\x00\x12\x80\x01\n\x19UnsafeReactivateAttribute\x12/.policy.unsafe.UnsafeReactivateAttributeRequest\x1a\x30.policy.unsafe.UnsafeReactivateAttributeResponse\"\x00\x12t\n\x15UnsafeDeleteAttribute\x12+.policy.unsafe.UnsafeDeleteAttributeRequest\x1a,.policy.unsafe.UnsafeDeleteAttributeResponse\"\x00\x12\x83\x01\n\x1aUnsafeUpdateAttributeValue\x12\x30.policy.unsafe.UnsafeUpdateAttributeValueRequest\x1a\x31.policy.unsafe.UnsafeUpdateAttributeValueResponse\"\x00\x12\x8f\x01\n\x1eUnsafeReactivateAttributeValue\x12\x34.policy.unsafe.UnsafeReactivateAttributeValueRequest\x1a\x35.policy.unsafe.UnsafeReactivateAttributeValueResponse\"\x00\x12\x83\x01\n\x1aUnsafeDeleteAttributeValue\x12\x30.policy.unsafe.UnsafeDeleteAttributeValueRequest\x1a\x31.policy.unsafe.UnsafeDeleteAttributeValueResponse\"\x00\x12k\n\x12UnsafeDeleteKasKey\x12(.policy.unsafe.UnsafeDeleteKasKeyRequest\x1a).policy.unsafe.UnsafeDeleteKasKeyResponse\"\x00\x42u\n\x11\x63om.policy.unsafeB\x0bUnsafeProtoP\x01\xa2\x02\x03PUX\xaa\x02\rPolicy.Unsafe\xca\x02\rPolicy\\Unsafe\xe2\x02\x19Policy\\Unsafe\\GPBMetadata\xea\x02\x0ePolicy::Unsafeb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -68,6 +68,10 @@ _globals['_UNSAFEDELETEATTRIBUTEVALUEREQUEST'].fields_by_name['fqn']._serialized_options = b'\272H\003\310\001\001' _globals['_UNSAFEDELETEKASKEYREQUEST'].fields_by_name['id']._loaded_options = None _globals['_UNSAFEDELETEKASKEYREQUEST'].fields_by_name['id']._serialized_options = b'\272H\005r\003\260\001\001' + _globals['_UNSAFEDELETEKASKEYREQUEST'].fields_by_name['kid']._loaded_options = None + _globals['_UNSAFEDELETEKASKEYREQUEST'].fields_by_name['kid']._serialized_options = b'\272H\003\310\001\001' + _globals['_UNSAFEDELETEKASKEYREQUEST'].fields_by_name['kas_uri']._loaded_options = None + _globals['_UNSAFEDELETEKASKEYREQUEST'].fields_by_name['kas_uri']._serialized_options = b'\272H\003\310\001\001' _globals['_UNSAFEUPDATENAMESPACEREQUEST']._serialized_start=97 _globals['_UNSAFEUPDATENAMESPACEREQUEST']._serialized_end=716 _globals['_UNSAFEUPDATENAMESPACERESPONSE']._serialized_start=718 @@ -105,9 +109,9 @@ _globals['_UNSAFEDELETEATTRIBUTEVALUERESPONSE']._serialized_start=2667 _globals['_UNSAFEDELETEATTRIBUTEVALUERESPONSE']._serialized_end=2740 _globals['_UNSAFEDELETEKASKEYREQUEST']._serialized_start=2742 - _globals['_UNSAFEDELETEKASKEYREQUEST']._serialized_end=2795 - _globals['_UNSAFEDELETEKASKEYRESPONSE']._serialized_start=2797 - _globals['_UNSAFEDELETEKASKEYRESPONSE']._serialized_end=2856 - _globals['_UNSAFESERVICE']._serialized_start=2859 - _globals['_UNSAFESERVICE']._serialized_end=4131 + _globals['_UNSAFEDELETEKASKEYREQUEST']._serialized_end=2854 + _globals['_UNSAFEDELETEKASKEYRESPONSE']._serialized_start=2856 + _globals['_UNSAFEDELETEKASKEYRESPONSE']._serialized_end=2918 + _globals['_UNSAFESERVICE']._serialized_start=2921 + _globals['_UNSAFESERVICE']._serialized_end=4193 # @@protoc_insertion_point(module_scope) diff --git a/otdf-python-proto/src/otdf_python_proto/policy/unsafe/unsafe_pb2.pyi b/otdf-python-proto/src/otdf_python_proto/policy/unsafe/unsafe_pb2.pyi index f16a43e..c8a11e3 100644 --- a/otdf-python-proto/src/otdf_python_proto/policy/unsafe/unsafe_pb2.pyi +++ b/otdf-python-proto/src/otdf_python_proto/policy/unsafe/unsafe_pb2.pyi @@ -133,13 +133,17 @@ class UnsafeDeleteAttributeValueResponse(_message.Message): def __init__(self, value: _Optional[_Union[_objects_pb2.Value, _Mapping]] = ...) -> None: ... class UnsafeDeleteKasKeyRequest(_message.Message): - __slots__ = ("id",) + __slots__ = ("id", "kid", "kas_uri") ID_FIELD_NUMBER: _ClassVar[int] + KID_FIELD_NUMBER: _ClassVar[int] + KAS_URI_FIELD_NUMBER: _ClassVar[int] id: str - def __init__(self, id: _Optional[str] = ...) -> None: ... + kid: str + kas_uri: str + def __init__(self, id: _Optional[str] = ..., kid: _Optional[str] = ..., kas_uri: _Optional[str] = ...) -> None: ... class UnsafeDeleteKasKeyResponse(_message.Message): __slots__ = ("key",) KEY_FIELD_NUMBER: _ClassVar[int] - key: _objects_pb2.Key - def __init__(self, key: _Optional[_Union[_objects_pb2.Key, _Mapping]] = ...) -> None: ... + key: _objects_pb2.KasKey + def __init__(self, key: _Optional[_Union[_objects_pb2.KasKey, _Mapping]] = ...) -> None: ... diff --git a/otdf-python-proto/src/otdf_python_proto/wellknownconfiguration/wellknown_configuration_connect.py b/otdf-python-proto/src/otdf_python_proto/wellknownconfiguration/wellknown_configuration_connect.py index 1082134..e077005 100644 --- a/otdf-python-proto/src/otdf_python_proto/wellknownconfiguration/wellknown_configuration_connect.py +++ b/otdf-python-proto/src/otdf_python_proto/wellknownconfiguration/wellknown_configuration_connect.py @@ -12,7 +12,7 @@ from connectrpc.method import IdempotencyLevel, MethodInfo from connectrpc.request import Headers, RequestContext from connectrpc.server import ConnectASGIApplication, ConnectWSGIApplication, Endpoint, EndpointSync -from . import wellknown_configuration_pb2 as wellknownconfiguration_dot_wellknown__configuration__pb2 +import wellknownconfiguration.wellknown_configuration_pb2 as wellknownconfiguration_dot_wellknown__configuration__pb2 class WellKnownService(Protocol): diff --git a/otdf-python-proto/tests/test_generate_connect_proto.py b/otdf-python-proto/tests/test_generate_connect_proto.py index 0979eb1..d54b66a 100644 --- a/otdf-python-proto/tests/test_generate_connect_proto.py +++ b/otdf-python-proto/tests/test_generate_connect_proto.py @@ -172,7 +172,7 @@ def fake_run(cmd, **kwargs): git_cmd = next(c for c in captured if c[0] == "git") branch_idx = git_cmd.index("--branch") default_tag = git_cmd[branch_idx + 1] - assert default_tag == "service/v0.7.2" + assert default_tag == "service/v0.8.0" class TestArgParsing: