diff --git a/proto/apidocs.swagger.json b/proto/apidocs.swagger.json index 02b0ee2..106bb70 100644 --- a/proto/apidocs.swagger.json +++ b/proto/apidocs.swagger.json @@ -14,6 +14,9 @@ } }, "tags": [ + { + "name": "BrokenPermissionsService" + }, { "name": "PermissionsService" }, @@ -1172,6 +1175,19 @@ }, "description": "BreakingSchemaChange is used to signal a breaking schema change has happened, and that the consumer should\nexpect delays in the ingestion of new changes, because the permission set snapshot needs to be rebuilt from scratch.\nOnce the snapshot is ready, the consumer will receive a LookupPermissionSetsRequired event." }, + "v0BrokenWatchedPermission": { + "type": "object", + "properties": { + "resourceType": { + "type": "string", + "description": "resource_type is the type of the resource to watch for changes." + }, + "permission": { + "type": "string", + "description": "permission is the permission to watch for changes." + } + } + }, "v0DownloadPermissionSetsResponse": { "type": "object", "properties": { @@ -1312,6 +1328,44 @@ } } }, + "v0ReadBrokenWatchedPermissionsResponse": { + "type": "object", + "properties": { + "revision": { + "$ref": "#/definitions/v1ZedToken", + "description": "revision is the ZedToken at which the request was evaluated." + }, + "watchedPermission": { + "$ref": "#/definitions/v0BrokenWatchedPermission", + "description": "The watched permission that broke." + }, + "cycle": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v0Resource" + }, + "description": "The resources involved in the cycle. The resource order does not represent the cycle traversal order." + } + } + }, + "v0Resource": { + "type": "object", + "properties": { + "objectType": { + "type": "string", + "description": "object_type is the type of the resource." + }, + "objectId": { + "type": "string", + "description": "object_id is the id of the resource." + }, + "permissionOrRelation": { + "type": "string", + "description": "permission_or_relation is the permission/relation." + } + } + }, "v0SetReference": { "type": "object", "properties": { diff --git a/proto/authzed/api/materialize/v0/brokenpermissions.pb.go b/proto/authzed/api/materialize/v0/brokenpermissions.pb.go new file mode 100644 index 0000000..9a862ee --- /dev/null +++ b/proto/authzed/api/materialize/v0/brokenpermissions.pb.go @@ -0,0 +1,332 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.36.10 +// protoc (unknown) +// source: authzed/api/materialize/v0/brokenpermissions.proto + +package v0 + +import ( + v1 "github.com/authzed/authzed-go/proto/authzed/api/v1" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" + unsafe "unsafe" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type ReadBrokenWatchedPermissionsRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + // optional_at_revision defines the specific revision at which the broken watched permissions should be evaluated. + // At this time, it is only compared against the revision of the provided backing store snapshot. + OptionalAtRevision *v1.ZedToken `protobuf:"bytes,2,opt,name=optional_at_revision,json=optionalAtRevision,proto3" json:"optional_at_revision,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *ReadBrokenWatchedPermissionsRequest) Reset() { + *x = ReadBrokenWatchedPermissionsRequest{} + mi := &file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ReadBrokenWatchedPermissionsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ReadBrokenWatchedPermissionsRequest) ProtoMessage() {} + +func (x *ReadBrokenWatchedPermissionsRequest) ProtoReflect() protoreflect.Message { + mi := &file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ReadBrokenWatchedPermissionsRequest.ProtoReflect.Descriptor instead. +func (*ReadBrokenWatchedPermissionsRequest) Descriptor() ([]byte, []int) { + return file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescGZIP(), []int{0} +} + +func (x *ReadBrokenWatchedPermissionsRequest) GetOptionalAtRevision() *v1.ZedToken { + if x != nil { + return x.OptionalAtRevision + } + return nil +} + +type ReadBrokenWatchedPermissionsResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + // revision is the ZedToken at which the request was evaluated. + Revision *v1.ZedToken `protobuf:"bytes,1,opt,name=revision,proto3" json:"revision,omitempty"` + // The watched permission that broke. + WatchedPermission *BrokenWatchedPermission `protobuf:"bytes,2,opt,name=watched_permission,json=watchedPermission,proto3" json:"watched_permission,omitempty"` + // The resources involved in the cycle. The resource order does not represent the cycle traversal order. + Cycle []*Resource `protobuf:"bytes,3,rep,name=cycle,proto3" json:"cycle,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *ReadBrokenWatchedPermissionsResponse) Reset() { + *x = ReadBrokenWatchedPermissionsResponse{} + mi := &file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ReadBrokenWatchedPermissionsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ReadBrokenWatchedPermissionsResponse) ProtoMessage() {} + +func (x *ReadBrokenWatchedPermissionsResponse) ProtoReflect() protoreflect.Message { + mi := &file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes[1] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ReadBrokenWatchedPermissionsResponse.ProtoReflect.Descriptor instead. +func (*ReadBrokenWatchedPermissionsResponse) Descriptor() ([]byte, []int) { + return file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescGZIP(), []int{1} +} + +func (x *ReadBrokenWatchedPermissionsResponse) GetRevision() *v1.ZedToken { + if x != nil { + return x.Revision + } + return nil +} + +func (x *ReadBrokenWatchedPermissionsResponse) GetWatchedPermission() *BrokenWatchedPermission { + if x != nil { + return x.WatchedPermission + } + return nil +} + +func (x *ReadBrokenWatchedPermissionsResponse) GetCycle() []*Resource { + if x != nil { + return x.Cycle + } + return nil +} + +type BrokenWatchedPermission struct { + state protoimpl.MessageState `protogen:"open.v1"` + // resource_type is the type of the resource to watch for changes. + ResourceType string `protobuf:"bytes,1,opt,name=resource_type,json=resourceType,proto3" json:"resource_type,omitempty"` + // permission is the permission to watch for changes. + Permission string `protobuf:"bytes,2,opt,name=permission,proto3" json:"permission,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *BrokenWatchedPermission) Reset() { + *x = BrokenWatchedPermission{} + mi := &file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *BrokenWatchedPermission) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*BrokenWatchedPermission) ProtoMessage() {} + +func (x *BrokenWatchedPermission) ProtoReflect() protoreflect.Message { + mi := &file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes[2] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use BrokenWatchedPermission.ProtoReflect.Descriptor instead. +func (*BrokenWatchedPermission) Descriptor() ([]byte, []int) { + return file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescGZIP(), []int{2} +} + +func (x *BrokenWatchedPermission) GetResourceType() string { + if x != nil { + return x.ResourceType + } + return "" +} + +func (x *BrokenWatchedPermission) GetPermission() string { + if x != nil { + return x.Permission + } + return "" +} + +type Resource struct { + state protoimpl.MessageState `protogen:"open.v1"` + // object_type is the type of the resource. + ObjectType string `protobuf:"bytes,1,opt,name=object_type,json=objectType,proto3" json:"object_type,omitempty"` + // object_id is the id of the resource. + ObjectId string `protobuf:"bytes,2,opt,name=object_id,json=objectId,proto3" json:"object_id,omitempty"` + // permission_or_relation is the permission/relation. + PermissionOrRelation string `protobuf:"bytes,3,opt,name=permission_or_relation,json=permissionOrRelation,proto3" json:"permission_or_relation,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *Resource) Reset() { + *x = Resource{} + mi := &file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *Resource) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Resource) ProtoMessage() {} + +func (x *Resource) ProtoReflect() protoreflect.Message { + mi := &file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes[3] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Resource.ProtoReflect.Descriptor instead. +func (*Resource) Descriptor() ([]byte, []int) { + return file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescGZIP(), []int{3} +} + +func (x *Resource) GetObjectType() string { + if x != nil { + return x.ObjectType + } + return "" +} + +func (x *Resource) GetObjectId() string { + if x != nil { + return x.ObjectId + } + return "" +} + +func (x *Resource) GetPermissionOrRelation() string { + if x != nil { + return x.PermissionOrRelation + } + return "" +} + +var File_authzed_api_materialize_v0_brokenpermissions_proto protoreflect.FileDescriptor + +const file_authzed_api_materialize_v0_brokenpermissions_proto_rawDesc = "" + + "\n" + + "2authzed/api/materialize/v0/brokenpermissions.proto\x12\x1aauthzed.api.materialize.v0\x1a\x19authzed/api/v1/core.proto\"q\n" + + "#ReadBrokenWatchedPermissionsRequest\x12J\n" + + "\x14optional_at_revision\x18\x02 \x01(\v2\x18.authzed.api.v1.ZedTokenR\x12optionalAtRevision\"\xfc\x01\n" + + "$ReadBrokenWatchedPermissionsResponse\x124\n" + + "\brevision\x18\x01 \x01(\v2\x18.authzed.api.v1.ZedTokenR\brevision\x12b\n" + + "\x12watched_permission\x18\x02 \x01(\v23.authzed.api.materialize.v0.BrokenWatchedPermissionR\x11watchedPermission\x12:\n" + + "\x05cycle\x18\x03 \x03(\v2$.authzed.api.materialize.v0.ResourceR\x05cycle\"^\n" + + "\x17BrokenWatchedPermission\x12#\n" + + "\rresource_type\x18\x01 \x01(\tR\fresourceType\x12\x1e\n" + + "\n" + + "permission\x18\x02 \x01(\tR\n" + + "permission\"~\n" + + "\bResource\x12\x1f\n" + + "\vobject_type\x18\x01 \x01(\tR\n" + + "objectType\x12\x1b\n" + + "\tobject_id\x18\x02 \x01(\tR\bobjectId\x124\n" + + "\x16permission_or_relation\x18\x03 \x01(\tR\x14permissionOrRelation2\xc2\x01\n" + + "\x18BrokenPermissionsService\x12\xa5\x01\n" + + "\x1cReadBrokenWatchedPermissions\x12?.authzed.api.materialize.v0.ReadBrokenWatchedPermissionsRequest\x1a@.authzed.api.materialize.v0.ReadBrokenWatchedPermissionsResponse\"\x000\x01Bb\n" + + "\x1ecom.authzed.api.materialize.v0P\x01Z>github.com/authzed/authzed-go/proto/authzed/api/materialize/v0b\x06proto3" + +var ( + file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescOnce sync.Once + file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescData []byte +) + +func file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescGZIP() []byte { + file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescOnce.Do(func() { + file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_authzed_api_materialize_v0_brokenpermissions_proto_rawDesc), len(file_authzed_api_materialize_v0_brokenpermissions_proto_rawDesc))) + }) + return file_authzed_api_materialize_v0_brokenpermissions_proto_rawDescData +} + +var file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes = make([]protoimpl.MessageInfo, 4) +var file_authzed_api_materialize_v0_brokenpermissions_proto_goTypes = []any{ + (*ReadBrokenWatchedPermissionsRequest)(nil), // 0: authzed.api.materialize.v0.ReadBrokenWatchedPermissionsRequest + (*ReadBrokenWatchedPermissionsResponse)(nil), // 1: authzed.api.materialize.v0.ReadBrokenWatchedPermissionsResponse + (*BrokenWatchedPermission)(nil), // 2: authzed.api.materialize.v0.BrokenWatchedPermission + (*Resource)(nil), // 3: authzed.api.materialize.v0.Resource + (*v1.ZedToken)(nil), // 4: authzed.api.v1.ZedToken +} +var file_authzed_api_materialize_v0_brokenpermissions_proto_depIdxs = []int32{ + 4, // 0: authzed.api.materialize.v0.ReadBrokenWatchedPermissionsRequest.optional_at_revision:type_name -> authzed.api.v1.ZedToken + 4, // 1: authzed.api.materialize.v0.ReadBrokenWatchedPermissionsResponse.revision:type_name -> authzed.api.v1.ZedToken + 2, // 2: authzed.api.materialize.v0.ReadBrokenWatchedPermissionsResponse.watched_permission:type_name -> authzed.api.materialize.v0.BrokenWatchedPermission + 3, // 3: authzed.api.materialize.v0.ReadBrokenWatchedPermissionsResponse.cycle:type_name -> authzed.api.materialize.v0.Resource + 0, // 4: authzed.api.materialize.v0.BrokenPermissionsService.ReadBrokenWatchedPermissions:input_type -> authzed.api.materialize.v0.ReadBrokenWatchedPermissionsRequest + 1, // 5: authzed.api.materialize.v0.BrokenPermissionsService.ReadBrokenWatchedPermissions:output_type -> authzed.api.materialize.v0.ReadBrokenWatchedPermissionsResponse + 5, // [5:6] is the sub-list for method output_type + 4, // [4:5] is the sub-list for method input_type + 4, // [4:4] is the sub-list for extension type_name + 4, // [4:4] is the sub-list for extension extendee + 0, // [0:4] is the sub-list for field type_name +} + +func init() { file_authzed_api_materialize_v0_brokenpermissions_proto_init() } +func file_authzed_api_materialize_v0_brokenpermissions_proto_init() { + if File_authzed_api_materialize_v0_brokenpermissions_proto != nil { + return + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: unsafe.Slice(unsafe.StringData(file_authzed_api_materialize_v0_brokenpermissions_proto_rawDesc), len(file_authzed_api_materialize_v0_brokenpermissions_proto_rawDesc)), + NumEnums: 0, + NumMessages: 4, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_authzed_api_materialize_v0_brokenpermissions_proto_goTypes, + DependencyIndexes: file_authzed_api_materialize_v0_brokenpermissions_proto_depIdxs, + MessageInfos: file_authzed_api_materialize_v0_brokenpermissions_proto_msgTypes, + }.Build() + File_authzed_api_materialize_v0_brokenpermissions_proto = out.File + file_authzed_api_materialize_v0_brokenpermissions_proto_goTypes = nil + file_authzed_api_materialize_v0_brokenpermissions_proto_depIdxs = nil +} diff --git a/proto/authzed/api/materialize/v0/brokenpermissions.pb.validate.go b/proto/authzed/api/materialize/v0/brokenpermissions.pb.validate.go new file mode 100644 index 0000000..6fd66af --- /dev/null +++ b/proto/authzed/api/materialize/v0/brokenpermissions.pb.validate.go @@ -0,0 +1,578 @@ +// Code generated by protoc-gen-validate. DO NOT EDIT. +// source: authzed/api/materialize/v0/brokenpermissions.proto + +package v0 + +import ( + "bytes" + "errors" + "fmt" + "net" + "net/mail" + "net/url" + "regexp" + "sort" + "strings" + "time" + "unicode/utf8" + + "google.golang.org/protobuf/types/known/anypb" +) + +// ensure the imports are used +var ( + _ = bytes.MinRead + _ = errors.New("") + _ = fmt.Print + _ = utf8.UTFMax + _ = (*regexp.Regexp)(nil) + _ = (*strings.Reader)(nil) + _ = net.IPv4len + _ = time.Duration(0) + _ = (*url.URL)(nil) + _ = (*mail.Address)(nil) + _ = anypb.Any{} + _ = sort.Sort +) + +// Validate checks the field values on ReadBrokenWatchedPermissionsRequest with +// the rules defined in the proto definition for this message. If any rules +// are violated, the first error encountered is returned, or nil if there are +// no violations. +func (m *ReadBrokenWatchedPermissionsRequest) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on ReadBrokenWatchedPermissionsRequest +// with the rules defined in the proto definition for this message. If any +// rules are violated, the result is a list of violation errors wrapped in +// ReadBrokenWatchedPermissionsRequestMultiError, or nil if none found. +func (m *ReadBrokenWatchedPermissionsRequest) ValidateAll() error { + return m.validate(true) +} + +func (m *ReadBrokenWatchedPermissionsRequest) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + if all { + switch v := interface{}(m.GetOptionalAtRevision()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ReadBrokenWatchedPermissionsRequestValidationError{ + field: "OptionalAtRevision", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ReadBrokenWatchedPermissionsRequestValidationError{ + field: "OptionalAtRevision", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetOptionalAtRevision()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ReadBrokenWatchedPermissionsRequestValidationError{ + field: "OptionalAtRevision", + reason: "embedded message failed validation", + cause: err, + } + } + } + + if len(errors) > 0 { + return ReadBrokenWatchedPermissionsRequestMultiError(errors) + } + + return nil +} + +// ReadBrokenWatchedPermissionsRequestMultiError is an error wrapping multiple +// validation errors returned by +// ReadBrokenWatchedPermissionsRequest.ValidateAll() if the designated +// constraints aren't met. +type ReadBrokenWatchedPermissionsRequestMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m ReadBrokenWatchedPermissionsRequestMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m ReadBrokenWatchedPermissionsRequestMultiError) AllErrors() []error { return m } + +// ReadBrokenWatchedPermissionsRequestValidationError is the validation error +// returned by ReadBrokenWatchedPermissionsRequest.Validate if the designated +// constraints aren't met. +type ReadBrokenWatchedPermissionsRequestValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e ReadBrokenWatchedPermissionsRequestValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e ReadBrokenWatchedPermissionsRequestValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e ReadBrokenWatchedPermissionsRequestValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e ReadBrokenWatchedPermissionsRequestValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e ReadBrokenWatchedPermissionsRequestValidationError) ErrorName() string { + return "ReadBrokenWatchedPermissionsRequestValidationError" +} + +// Error satisfies the builtin error interface +func (e ReadBrokenWatchedPermissionsRequestValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sReadBrokenWatchedPermissionsRequest.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = ReadBrokenWatchedPermissionsRequestValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = ReadBrokenWatchedPermissionsRequestValidationError{} + +// Validate checks the field values on ReadBrokenWatchedPermissionsResponse +// with the rules defined in the proto definition for this message. If any +// rules are violated, the first error encountered is returned, or nil if +// there are no violations. +func (m *ReadBrokenWatchedPermissionsResponse) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on ReadBrokenWatchedPermissionsResponse +// with the rules defined in the proto definition for this message. If any +// rules are violated, the result is a list of violation errors wrapped in +// ReadBrokenWatchedPermissionsResponseMultiError, or nil if none found. +func (m *ReadBrokenWatchedPermissionsResponse) ValidateAll() error { + return m.validate(true) +} + +func (m *ReadBrokenWatchedPermissionsResponse) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + if all { + switch v := interface{}(m.GetRevision()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ReadBrokenWatchedPermissionsResponseValidationError{ + field: "Revision", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ReadBrokenWatchedPermissionsResponseValidationError{ + field: "Revision", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetRevision()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ReadBrokenWatchedPermissionsResponseValidationError{ + field: "Revision", + reason: "embedded message failed validation", + cause: err, + } + } + } + + if all { + switch v := interface{}(m.GetWatchedPermission()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ReadBrokenWatchedPermissionsResponseValidationError{ + field: "WatchedPermission", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ReadBrokenWatchedPermissionsResponseValidationError{ + field: "WatchedPermission", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetWatchedPermission()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ReadBrokenWatchedPermissionsResponseValidationError{ + field: "WatchedPermission", + reason: "embedded message failed validation", + cause: err, + } + } + } + + for idx, item := range m.GetCycle() { + _, _ = idx, item + + if all { + switch v := interface{}(item).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ReadBrokenWatchedPermissionsResponseValidationError{ + field: fmt.Sprintf("Cycle[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ReadBrokenWatchedPermissionsResponseValidationError{ + field: fmt.Sprintf("Cycle[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(item).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ReadBrokenWatchedPermissionsResponseValidationError{ + field: fmt.Sprintf("Cycle[%v]", idx), + reason: "embedded message failed validation", + cause: err, + } + } + } + + } + + if len(errors) > 0 { + return ReadBrokenWatchedPermissionsResponseMultiError(errors) + } + + return nil +} + +// ReadBrokenWatchedPermissionsResponseMultiError is an error wrapping multiple +// validation errors returned by +// ReadBrokenWatchedPermissionsResponse.ValidateAll() if the designated +// constraints aren't met. +type ReadBrokenWatchedPermissionsResponseMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m ReadBrokenWatchedPermissionsResponseMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m ReadBrokenWatchedPermissionsResponseMultiError) AllErrors() []error { return m } + +// ReadBrokenWatchedPermissionsResponseValidationError is the validation error +// returned by ReadBrokenWatchedPermissionsResponse.Validate if the designated +// constraints aren't met. +type ReadBrokenWatchedPermissionsResponseValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e ReadBrokenWatchedPermissionsResponseValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e ReadBrokenWatchedPermissionsResponseValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e ReadBrokenWatchedPermissionsResponseValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e ReadBrokenWatchedPermissionsResponseValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e ReadBrokenWatchedPermissionsResponseValidationError) ErrorName() string { + return "ReadBrokenWatchedPermissionsResponseValidationError" +} + +// Error satisfies the builtin error interface +func (e ReadBrokenWatchedPermissionsResponseValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sReadBrokenWatchedPermissionsResponse.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = ReadBrokenWatchedPermissionsResponseValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = ReadBrokenWatchedPermissionsResponseValidationError{} + +// Validate checks the field values on BrokenWatchedPermission with the rules +// defined in the proto definition for this message. If any rules are +// violated, the first error encountered is returned, or nil if there are no violations. +func (m *BrokenWatchedPermission) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on BrokenWatchedPermission with the +// rules defined in the proto definition for this message. If any rules are +// violated, the result is a list of violation errors wrapped in +// BrokenWatchedPermissionMultiError, or nil if none found. +func (m *BrokenWatchedPermission) ValidateAll() error { + return m.validate(true) +} + +func (m *BrokenWatchedPermission) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + // no validation rules for ResourceType + + // no validation rules for Permission + + if len(errors) > 0 { + return BrokenWatchedPermissionMultiError(errors) + } + + return nil +} + +// BrokenWatchedPermissionMultiError is an error wrapping multiple validation +// errors returned by BrokenWatchedPermission.ValidateAll() if the designated +// constraints aren't met. +type BrokenWatchedPermissionMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m BrokenWatchedPermissionMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m BrokenWatchedPermissionMultiError) AllErrors() []error { return m } + +// BrokenWatchedPermissionValidationError is the validation error returned by +// BrokenWatchedPermission.Validate if the designated constraints aren't met. +type BrokenWatchedPermissionValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e BrokenWatchedPermissionValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e BrokenWatchedPermissionValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e BrokenWatchedPermissionValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e BrokenWatchedPermissionValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e BrokenWatchedPermissionValidationError) ErrorName() string { + return "BrokenWatchedPermissionValidationError" +} + +// Error satisfies the builtin error interface +func (e BrokenWatchedPermissionValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sBrokenWatchedPermission.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = BrokenWatchedPermissionValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = BrokenWatchedPermissionValidationError{} + +// Validate checks the field values on Resource with the rules defined in the +// proto definition for this message. If any rules are violated, the first +// error encountered is returned, or nil if there are no violations. +func (m *Resource) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on Resource with the rules defined in +// the proto definition for this message. If any rules are violated, the +// result is a list of violation errors wrapped in ResourceMultiError, or nil +// if none found. +func (m *Resource) ValidateAll() error { + return m.validate(true) +} + +func (m *Resource) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + // no validation rules for ObjectType + + // no validation rules for ObjectId + + // no validation rules for PermissionOrRelation + + if len(errors) > 0 { + return ResourceMultiError(errors) + } + + return nil +} + +// ResourceMultiError is an error wrapping multiple validation errors returned +// by Resource.ValidateAll() if the designated constraints aren't met. +type ResourceMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m ResourceMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m ResourceMultiError) AllErrors() []error { return m } + +// ResourceValidationError is the validation error returned by +// Resource.Validate if the designated constraints aren't met. +type ResourceValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e ResourceValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e ResourceValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e ResourceValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e ResourceValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e ResourceValidationError) ErrorName() string { return "ResourceValidationError" } + +// Error satisfies the builtin error interface +func (e ResourceValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sResource.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = ResourceValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = ResourceValidationError{} diff --git a/proto/authzed/api/materialize/v0/brokenpermissions_grpc.pb.go b/proto/authzed/api/materialize/v0/brokenpermissions_grpc.pb.go new file mode 100644 index 0000000..0ccf596 --- /dev/null +++ b/proto/authzed/api/materialize/v0/brokenpermissions_grpc.pb.go @@ -0,0 +1,135 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.5.1 +// - protoc (unknown) +// source: authzed/api/materialize/v0/brokenpermissions.proto + +package v0 + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.64.0 or later. +const _ = grpc.SupportPackageIsVersion9 + +const ( + BrokenPermissionsService_ReadBrokenWatchedPermissions_FullMethodName = "/authzed.api.materialize.v0.BrokenPermissionsService/ReadBrokenWatchedPermissions" +) + +// BrokenPermissionsServiceClient is the client API for BrokenPermissionsService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type BrokenPermissionsServiceClient interface { + // ReadBrokenWatchedPermissions returns all cycles detected during + // the hydration process. + // + // Each cycle a circular dependency in the permission graph. + // The response includes the broken permission, along with the resources involved in each cycle. + ReadBrokenWatchedPermissions(ctx context.Context, in *ReadBrokenWatchedPermissionsRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[ReadBrokenWatchedPermissionsResponse], error) +} + +type brokenPermissionsServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewBrokenPermissionsServiceClient(cc grpc.ClientConnInterface) BrokenPermissionsServiceClient { + return &brokenPermissionsServiceClient{cc} +} + +func (c *brokenPermissionsServiceClient) ReadBrokenWatchedPermissions(ctx context.Context, in *ReadBrokenWatchedPermissionsRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[ReadBrokenWatchedPermissionsResponse], error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + stream, err := c.cc.NewStream(ctx, &BrokenPermissionsService_ServiceDesc.Streams[0], BrokenPermissionsService_ReadBrokenWatchedPermissions_FullMethodName, cOpts...) + if err != nil { + return nil, err + } + x := &grpc.GenericClientStream[ReadBrokenWatchedPermissionsRequest, ReadBrokenWatchedPermissionsResponse]{ClientStream: stream} + if err := x.ClientStream.SendMsg(in); err != nil { + return nil, err + } + if err := x.ClientStream.CloseSend(); err != nil { + return nil, err + } + return x, nil +} + +// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. +type BrokenPermissionsService_ReadBrokenWatchedPermissionsClient = grpc.ServerStreamingClient[ReadBrokenWatchedPermissionsResponse] + +// BrokenPermissionsServiceServer is the server API for BrokenPermissionsService service. +// All implementations must embed UnimplementedBrokenPermissionsServiceServer +// for forward compatibility. +type BrokenPermissionsServiceServer interface { + // ReadBrokenWatchedPermissions returns all cycles detected during + // the hydration process. + // + // Each cycle a circular dependency in the permission graph. + // The response includes the broken permission, along with the resources involved in each cycle. + ReadBrokenWatchedPermissions(*ReadBrokenWatchedPermissionsRequest, grpc.ServerStreamingServer[ReadBrokenWatchedPermissionsResponse]) error + mustEmbedUnimplementedBrokenPermissionsServiceServer() +} + +// UnimplementedBrokenPermissionsServiceServer must be embedded to have +// forward compatible implementations. +// +// NOTE: this should be embedded by value instead of pointer to avoid a nil +// pointer dereference when methods are called. +type UnimplementedBrokenPermissionsServiceServer struct{} + +func (UnimplementedBrokenPermissionsServiceServer) ReadBrokenWatchedPermissions(*ReadBrokenWatchedPermissionsRequest, grpc.ServerStreamingServer[ReadBrokenWatchedPermissionsResponse]) error { + return status.Errorf(codes.Unimplemented, "method ReadBrokenWatchedPermissions not implemented") +} +func (UnimplementedBrokenPermissionsServiceServer) mustEmbedUnimplementedBrokenPermissionsServiceServer() { +} +func (UnimplementedBrokenPermissionsServiceServer) testEmbeddedByValue() {} + +// UnsafeBrokenPermissionsServiceServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to BrokenPermissionsServiceServer will +// result in compilation errors. +type UnsafeBrokenPermissionsServiceServer interface { + mustEmbedUnimplementedBrokenPermissionsServiceServer() +} + +func RegisterBrokenPermissionsServiceServer(s grpc.ServiceRegistrar, srv BrokenPermissionsServiceServer) { + // If the following call pancis, it indicates UnimplementedBrokenPermissionsServiceServer was + // embedded by pointer and is nil. This will cause panics if an + // unimplemented method is ever invoked, so we test this at initialization + // time to prevent it from happening at runtime later due to I/O. + if t, ok := srv.(interface{ testEmbeddedByValue() }); ok { + t.testEmbeddedByValue() + } + s.RegisterService(&BrokenPermissionsService_ServiceDesc, srv) +} + +func _BrokenPermissionsService_ReadBrokenWatchedPermissions_Handler(srv interface{}, stream grpc.ServerStream) error { + m := new(ReadBrokenWatchedPermissionsRequest) + if err := stream.RecvMsg(m); err != nil { + return err + } + return srv.(BrokenPermissionsServiceServer).ReadBrokenWatchedPermissions(m, &grpc.GenericServerStream[ReadBrokenWatchedPermissionsRequest, ReadBrokenWatchedPermissionsResponse]{ServerStream: stream}) +} + +// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. +type BrokenPermissionsService_ReadBrokenWatchedPermissionsServer = grpc.ServerStreamingServer[ReadBrokenWatchedPermissionsResponse] + +// BrokenPermissionsService_ServiceDesc is the grpc.ServiceDesc for BrokenPermissionsService service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var BrokenPermissionsService_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "authzed.api.materialize.v0.BrokenPermissionsService", + HandlerType: (*BrokenPermissionsServiceServer)(nil), + Methods: []grpc.MethodDesc{}, + Streams: []grpc.StreamDesc{ + { + StreamName: "ReadBrokenWatchedPermissions", + Handler: _BrokenPermissionsService_ReadBrokenWatchedPermissions_Handler, + ServerStreams: true, + }, + }, + Metadata: "authzed/api/materialize/v0/brokenpermissions.proto", +} diff --git a/proto/authzed/api/materialize/v0/brokenpermissions_vtproto.pb.go b/proto/authzed/api/materialize/v0/brokenpermissions_vtproto.pb.go new file mode 100644 index 0000000..e720a4c --- /dev/null +++ b/proto/authzed/api/materialize/v0/brokenpermissions_vtproto.pb.go @@ -0,0 +1,1071 @@ +// Code generated by protoc-gen-go-vtproto. DO NOT EDIT. +// protoc-gen-go-vtproto version: v0.6.1-0.20240319094008-0393e58bdf10 +// source: authzed/api/materialize/v0/brokenpermissions.proto + +package v0 + +import ( + fmt "fmt" + v1 "github.com/authzed/authzed-go/proto/authzed/api/v1" + protohelpers "github.com/planetscale/vtprotobuf/protohelpers" + proto "google.golang.org/protobuf/proto" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + io "io" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +func (m *ReadBrokenWatchedPermissionsRequest) CloneVT() *ReadBrokenWatchedPermissionsRequest { + if m == nil { + return (*ReadBrokenWatchedPermissionsRequest)(nil) + } + r := new(ReadBrokenWatchedPermissionsRequest) + if rhs := m.OptionalAtRevision; rhs != nil { + if vtpb, ok := interface{}(rhs).(interface{ CloneVT() *v1.ZedToken }); ok { + r.OptionalAtRevision = vtpb.CloneVT() + } else { + r.OptionalAtRevision = proto.Clone(rhs).(*v1.ZedToken) + } + } + if len(m.unknownFields) > 0 { + r.unknownFields = make([]byte, len(m.unknownFields)) + copy(r.unknownFields, m.unknownFields) + } + return r +} + +func (m *ReadBrokenWatchedPermissionsRequest) CloneMessageVT() proto.Message { + return m.CloneVT() +} + +func (m *ReadBrokenWatchedPermissionsResponse) CloneVT() *ReadBrokenWatchedPermissionsResponse { + if m == nil { + return (*ReadBrokenWatchedPermissionsResponse)(nil) + } + r := new(ReadBrokenWatchedPermissionsResponse) + r.WatchedPermission = m.WatchedPermission.CloneVT() + if rhs := m.Revision; rhs != nil { + if vtpb, ok := interface{}(rhs).(interface{ CloneVT() *v1.ZedToken }); ok { + r.Revision = vtpb.CloneVT() + } else { + r.Revision = proto.Clone(rhs).(*v1.ZedToken) + } + } + if rhs := m.Cycle; rhs != nil { + tmpContainer := make([]*Resource, len(rhs)) + for k, v := range rhs { + tmpContainer[k] = v.CloneVT() + } + r.Cycle = tmpContainer + } + if len(m.unknownFields) > 0 { + r.unknownFields = make([]byte, len(m.unknownFields)) + copy(r.unknownFields, m.unknownFields) + } + return r +} + +func (m *ReadBrokenWatchedPermissionsResponse) CloneMessageVT() proto.Message { + return m.CloneVT() +} + +func (m *BrokenWatchedPermission) CloneVT() *BrokenWatchedPermission { + if m == nil { + return (*BrokenWatchedPermission)(nil) + } + r := new(BrokenWatchedPermission) + r.ResourceType = m.ResourceType + r.Permission = m.Permission + if len(m.unknownFields) > 0 { + r.unknownFields = make([]byte, len(m.unknownFields)) + copy(r.unknownFields, m.unknownFields) + } + return r +} + +func (m *BrokenWatchedPermission) CloneMessageVT() proto.Message { + return m.CloneVT() +} + +func (m *Resource) CloneVT() *Resource { + if m == nil { + return (*Resource)(nil) + } + r := new(Resource) + r.ObjectType = m.ObjectType + r.ObjectId = m.ObjectId + r.PermissionOrRelation = m.PermissionOrRelation + if len(m.unknownFields) > 0 { + r.unknownFields = make([]byte, len(m.unknownFields)) + copy(r.unknownFields, m.unknownFields) + } + return r +} + +func (m *Resource) CloneMessageVT() proto.Message { + return m.CloneVT() +} + +func (this *ReadBrokenWatchedPermissionsRequest) EqualVT(that *ReadBrokenWatchedPermissionsRequest) bool { + if this == that { + return true + } else if this == nil || that == nil { + return false + } + if equal, ok := interface{}(this.OptionalAtRevision).(interface{ EqualVT(*v1.ZedToken) bool }); ok { + if !equal.EqualVT(that.OptionalAtRevision) { + return false + } + } else if !proto.Equal(this.OptionalAtRevision, that.OptionalAtRevision) { + return false + } + return string(this.unknownFields) == string(that.unknownFields) +} + +func (this *ReadBrokenWatchedPermissionsRequest) EqualMessageVT(thatMsg proto.Message) bool { + that, ok := thatMsg.(*ReadBrokenWatchedPermissionsRequest) + if !ok { + return false + } + return this.EqualVT(that) +} +func (this *ReadBrokenWatchedPermissionsResponse) EqualVT(that *ReadBrokenWatchedPermissionsResponse) bool { + if this == that { + return true + } else if this == nil || that == nil { + return false + } + if equal, ok := interface{}(this.Revision).(interface{ EqualVT(*v1.ZedToken) bool }); ok { + if !equal.EqualVT(that.Revision) { + return false + } + } else if !proto.Equal(this.Revision, that.Revision) { + return false + } + if !this.WatchedPermission.EqualVT(that.WatchedPermission) { + return false + } + if len(this.Cycle) != len(that.Cycle) { + return false + } + for i, vx := range this.Cycle { + vy := that.Cycle[i] + if p, q := vx, vy; p != q { + if p == nil { + p = &Resource{} + } + if q == nil { + q = &Resource{} + } + if !p.EqualVT(q) { + return false + } + } + } + return string(this.unknownFields) == string(that.unknownFields) +} + +func (this *ReadBrokenWatchedPermissionsResponse) EqualMessageVT(thatMsg proto.Message) bool { + that, ok := thatMsg.(*ReadBrokenWatchedPermissionsResponse) + if !ok { + return false + } + return this.EqualVT(that) +} +func (this *BrokenWatchedPermission) EqualVT(that *BrokenWatchedPermission) bool { + if this == that { + return true + } else if this == nil || that == nil { + return false + } + if this.ResourceType != that.ResourceType { + return false + } + if this.Permission != that.Permission { + return false + } + return string(this.unknownFields) == string(that.unknownFields) +} + +func (this *BrokenWatchedPermission) EqualMessageVT(thatMsg proto.Message) bool { + that, ok := thatMsg.(*BrokenWatchedPermission) + if !ok { + return false + } + return this.EqualVT(that) +} +func (this *Resource) EqualVT(that *Resource) bool { + if this == that { + return true + } else if this == nil || that == nil { + return false + } + if this.ObjectType != that.ObjectType { + return false + } + if this.ObjectId != that.ObjectId { + return false + } + if this.PermissionOrRelation != that.PermissionOrRelation { + return false + } + return string(this.unknownFields) == string(that.unknownFields) +} + +func (this *Resource) EqualMessageVT(thatMsg proto.Message) bool { + that, ok := thatMsg.(*Resource) + if !ok { + return false + } + return this.EqualVT(that) +} +func (m *ReadBrokenWatchedPermissionsRequest) MarshalVT() (dAtA []byte, err error) { + if m == nil { + return nil, nil + } + size := m.SizeVT() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBufferVT(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *ReadBrokenWatchedPermissionsRequest) MarshalToVT(dAtA []byte) (int, error) { + size := m.SizeVT() + return m.MarshalToSizedBufferVT(dAtA[:size]) +} + +func (m *ReadBrokenWatchedPermissionsRequest) MarshalToSizedBufferVT(dAtA []byte) (int, error) { + if m == nil { + return 0, nil + } + i := len(dAtA) + _ = i + var l int + _ = l + if m.unknownFields != nil { + i -= len(m.unknownFields) + copy(dAtA[i:], m.unknownFields) + } + if m.OptionalAtRevision != nil { + if vtmsg, ok := interface{}(m.OptionalAtRevision).(interface { + MarshalToSizedBufferVT([]byte) (int, error) + }); ok { + size, err := vtmsg.MarshalToSizedBufferVT(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = protohelpers.EncodeVarint(dAtA, i, uint64(size)) + } else { + encoded, err := proto.Marshal(m.OptionalAtRevision) + if err != nil { + return 0, err + } + i -= len(encoded) + copy(dAtA[i:], encoded) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(encoded))) + } + i-- + dAtA[i] = 0x12 + } + return len(dAtA) - i, nil +} + +func (m *ReadBrokenWatchedPermissionsResponse) MarshalVT() (dAtA []byte, err error) { + if m == nil { + return nil, nil + } + size := m.SizeVT() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBufferVT(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *ReadBrokenWatchedPermissionsResponse) MarshalToVT(dAtA []byte) (int, error) { + size := m.SizeVT() + return m.MarshalToSizedBufferVT(dAtA[:size]) +} + +func (m *ReadBrokenWatchedPermissionsResponse) MarshalToSizedBufferVT(dAtA []byte) (int, error) { + if m == nil { + return 0, nil + } + i := len(dAtA) + _ = i + var l int + _ = l + if m.unknownFields != nil { + i -= len(m.unknownFields) + copy(dAtA[i:], m.unknownFields) + } + if len(m.Cycle) > 0 { + for iNdEx := len(m.Cycle) - 1; iNdEx >= 0; iNdEx-- { + size, err := m.Cycle[iNdEx].MarshalToSizedBufferVT(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = protohelpers.EncodeVarint(dAtA, i, uint64(size)) + i-- + dAtA[i] = 0x1a + } + } + if m.WatchedPermission != nil { + size, err := m.WatchedPermission.MarshalToSizedBufferVT(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = protohelpers.EncodeVarint(dAtA, i, uint64(size)) + i-- + dAtA[i] = 0x12 + } + if m.Revision != nil { + if vtmsg, ok := interface{}(m.Revision).(interface { + MarshalToSizedBufferVT([]byte) (int, error) + }); ok { + size, err := vtmsg.MarshalToSizedBufferVT(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = protohelpers.EncodeVarint(dAtA, i, uint64(size)) + } else { + encoded, err := proto.Marshal(m.Revision) + if err != nil { + return 0, err + } + i -= len(encoded) + copy(dAtA[i:], encoded) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(encoded))) + } + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *BrokenWatchedPermission) MarshalVT() (dAtA []byte, err error) { + if m == nil { + return nil, nil + } + size := m.SizeVT() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBufferVT(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *BrokenWatchedPermission) MarshalToVT(dAtA []byte) (int, error) { + size := m.SizeVT() + return m.MarshalToSizedBufferVT(dAtA[:size]) +} + +func (m *BrokenWatchedPermission) MarshalToSizedBufferVT(dAtA []byte) (int, error) { + if m == nil { + return 0, nil + } + i := len(dAtA) + _ = i + var l int + _ = l + if m.unknownFields != nil { + i -= len(m.unknownFields) + copy(dAtA[i:], m.unknownFields) + } + if len(m.Permission) > 0 { + i -= len(m.Permission) + copy(dAtA[i:], m.Permission) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.Permission))) + i-- + dAtA[i] = 0x12 + } + if len(m.ResourceType) > 0 { + i -= len(m.ResourceType) + copy(dAtA[i:], m.ResourceType) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.ResourceType))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *Resource) MarshalVT() (dAtA []byte, err error) { + if m == nil { + return nil, nil + } + size := m.SizeVT() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBufferVT(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Resource) MarshalToVT(dAtA []byte) (int, error) { + size := m.SizeVT() + return m.MarshalToSizedBufferVT(dAtA[:size]) +} + +func (m *Resource) MarshalToSizedBufferVT(dAtA []byte) (int, error) { + if m == nil { + return 0, nil + } + i := len(dAtA) + _ = i + var l int + _ = l + if m.unknownFields != nil { + i -= len(m.unknownFields) + copy(dAtA[i:], m.unknownFields) + } + if len(m.PermissionOrRelation) > 0 { + i -= len(m.PermissionOrRelation) + copy(dAtA[i:], m.PermissionOrRelation) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.PermissionOrRelation))) + i-- + dAtA[i] = 0x1a + } + if len(m.ObjectId) > 0 { + i -= len(m.ObjectId) + copy(dAtA[i:], m.ObjectId) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.ObjectId))) + i-- + dAtA[i] = 0x12 + } + if len(m.ObjectType) > 0 { + i -= len(m.ObjectType) + copy(dAtA[i:], m.ObjectType) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.ObjectType))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *ReadBrokenWatchedPermissionsRequest) SizeVT() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.OptionalAtRevision != nil { + if size, ok := interface{}(m.OptionalAtRevision).(interface { + SizeVT() int + }); ok { + l = size.SizeVT() + } else { + l = proto.Size(m.OptionalAtRevision) + } + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + n += len(m.unknownFields) + return n +} + +func (m *ReadBrokenWatchedPermissionsResponse) SizeVT() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Revision != nil { + if size, ok := interface{}(m.Revision).(interface { + SizeVT() int + }); ok { + l = size.SizeVT() + } else { + l = proto.Size(m.Revision) + } + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + if m.WatchedPermission != nil { + l = m.WatchedPermission.SizeVT() + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + if len(m.Cycle) > 0 { + for _, e := range m.Cycle { + l = e.SizeVT() + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + } + n += len(m.unknownFields) + return n +} + +func (m *BrokenWatchedPermission) SizeVT() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.ResourceType) + if l > 0 { + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + l = len(m.Permission) + if l > 0 { + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + n += len(m.unknownFields) + return n +} + +func (m *Resource) SizeVT() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.ObjectType) + if l > 0 { + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + l = len(m.ObjectId) + if l > 0 { + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + l = len(m.PermissionOrRelation) + if l > 0 { + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + n += len(m.unknownFields) + return n +} + +func (m *ReadBrokenWatchedPermissionsRequest) UnmarshalVT(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ReadBrokenWatchedPermissionsRequest: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ReadBrokenWatchedPermissionsRequest: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field OptionalAtRevision", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.OptionalAtRevision == nil { + m.OptionalAtRevision = &v1.ZedToken{} + } + if unmarshal, ok := interface{}(m.OptionalAtRevision).(interface { + UnmarshalVT([]byte) error + }); ok { + if err := unmarshal.UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { + return err + } + } else { + if err := proto.Unmarshal(dAtA[iNdEx:postIndex], m.OptionalAtRevision); err != nil { + return err + } + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := protohelpers.Skip(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return protohelpers.ErrInvalidLength + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *ReadBrokenWatchedPermissionsResponse) UnmarshalVT(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ReadBrokenWatchedPermissionsResponse: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ReadBrokenWatchedPermissionsResponse: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Revision", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Revision == nil { + m.Revision = &v1.ZedToken{} + } + if unmarshal, ok := interface{}(m.Revision).(interface { + UnmarshalVT([]byte) error + }); ok { + if err := unmarshal.UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { + return err + } + } else { + if err := proto.Unmarshal(dAtA[iNdEx:postIndex], m.Revision); err != nil { + return err + } + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field WatchedPermission", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.WatchedPermission == nil { + m.WatchedPermission = &BrokenWatchedPermission{} + } + if err := m.WatchedPermission.UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Cycle", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Cycle = append(m.Cycle, &Resource{}) + if err := m.Cycle[len(m.Cycle)-1].UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := protohelpers.Skip(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return protohelpers.ErrInvalidLength + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *BrokenWatchedPermission) UnmarshalVT(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: BrokenWatchedPermission: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: BrokenWatchedPermission: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ResourceType", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ResourceType = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Permission", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Permission = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := protohelpers.Skip(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return protohelpers.ErrInvalidLength + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Resource) UnmarshalVT(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Resource: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Resource: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectType", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ObjectType = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectId", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ObjectId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field PermissionOrRelation", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.PermissionOrRelation = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := protohelpers.Skip(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return protohelpers.ErrInvalidLength + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +}