diff --git a/cs3/gateway/v1beta1/gateway_api.proto b/cs3/gateway/v1beta1/gateway_api.proto index 9123ac62..6fa0e63d 100644 --- a/cs3/gateway/v1beta1/gateway_api.proto +++ b/cs3/gateway/v1beta1/gateway_api.proto @@ -39,6 +39,7 @@ import "cs3/identity/user/v1beta1/user_api.proto"; import "cs3/ocm/core/v1beta1/ocm_core_api.proto"; import "cs3/ocm/invite/v1beta1/invite_api.proto"; import "cs3/ocm/provider/v1beta1/provider_api.proto"; +import "cs3/permissions/v1beta1/permissions_api.proto"; import "cs3/preferences/v1beta1/preferences_api.proto"; import "cs3/rpc/v1beta1/status.proto"; import "cs3/sharing/collaboration/v1beta1/collaboration_api.proto"; @@ -382,6 +383,12 @@ service GatewayAPI { rpc GetTransferStatus(cs3.tx.v1beta1.GetTransferStatusRequest) returns (cs3.tx.v1beta1.GetTransferStatusResponse); // Requests to cancel a transfer. rpc CancelTransfer(cs3.tx.v1beta1.CancelTransferRequest) returns (cs3.tx.v1beta1.CancelTransferResponse); + // *****************************************************************/ + // ************************** FILE TRANSFER ************************/ + // *****************************************************************/ + + // CheckPermission checks if a user or group has a certain permission. + rpc CheckPermission(cs3.permissions.v1beta1.CheckPermissionRequest) returns (cs3.permissions.v1beta1.CheckPermissionResponse); } // CAUTION: diff --git a/cs3/permissions/v1beta1/permissions_api.proto b/cs3/permissions/v1beta1/permissions_api.proto new file mode 100644 index 00000000..3ad83c8d --- /dev/null +++ b/cs3/permissions/v1beta1/permissions_api.proto @@ -0,0 +1,59 @@ +// Copyright 2018-2021 CERN +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// In applying this license, CERN does not waive the privileges and immunities +// granted to it by virtue of its status as an Intergovernmental Organization +// or submit itself to any jurisdiction. + +syntax = "proto3"; + +package cs3.permissions.v1beta1; + +option csharp_namespace = "Cs3.Permissions.V1Beta1"; +option go_package = "permissionsv1beta1"; +option java_multiple_files = true; +option java_outer_classname = "PermissionsApiProto"; +option java_package = "com.cs3.permissions.v1beta1"; +option objc_class_prefix = "CPX"; +option php_namespace = "Cs3\\Permissions\\V1Beta1"; + +import "cs3/permissions/v1beta1/resources.proto"; +import "cs3/rpc/v1beta1/status.proto"; +import "cs3/storage/provider/v1beta1/resources.proto"; + +// PermissionsAPI defines a service for permissions. +service PermissionsAPI { + // CheckPermission defines a method to check permission/role. + rpc CheckPermission(CheckPermissionRequest) returns (CheckPermissionResponse); +} + +// CheckPermissionsRequest is used to check if a user has a certain permission. +message CheckPermissionRequest { + //REQUIRED. + // The permission to check. + string permission = 1; + // REQUIRED. + // The subject holding the permission. + cs3.permissions.v1beta1.SubjectReference subject_ref = 2; + // OPTIONAL. + // The target resource of the permission. + cs3.storage.provider.v1beta1.Reference ref = 3; +} + +// CheckPermissionsResponse ... +message CheckPermissionResponse { + // REQUIRED. + // The response status. + cs3.rpc.v1beta1.Status status = 1; +} diff --git a/cs3/permissions/v1beta1/resources.proto b/cs3/permissions/v1beta1/resources.proto new file mode 100644 index 00000000..752d28ce --- /dev/null +++ b/cs3/permissions/v1beta1/resources.proto @@ -0,0 +1,40 @@ +// Copyright 2018-2021 CERN +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// In applying this license, CERN does not waive the privileges and immunities +// granted to it by virtue of its status as an Intergovernmental Organization +// or submit itself to any jurisdiction. + +syntax = "proto3"; + +package cs3.permissions.v1beta1; + +option csharp_namespace = "Cs3.Permissions.V1Beta1"; +option go_package = "permissionsv1beta1"; +option java_multiple_files = true; +option java_outer_classname = "ResourcesProto"; +option java_package = "com.cs3.permissions.v1beta1"; +option objc_class_prefix = "CPX"; +option php_namespace = "Cs3\\Permissions\\V1Beta1"; + +import "cs3/identity/group/v1beta1/resources.proto"; +import "cs3/identity/user/v1beta1/resources.proto"; + +// SubjectReference references either a user or a group by id. +message SubjectReference { + oneof spec { + cs3.identity.user.v1beta1.UserId user_id = 1; + cs3.identity.group.v1beta1.GroupId group_id = 2; + } +} diff --git a/docs/index.html b/docs/index.html index d7d7e5db..9984db0b 100644 --- a/docs/index.html +++ b/docs/index.html @@ -244,6 +244,44 @@
Requests to cancel a transfer.
Requests to cancel a transfer. + +*****************************************************************/ +************************** FILE TRANSFER ************************/ +*****************************************************************/
CheckPermission checks if a user or group has a certain permission.
CheckPermissionsRequest is used to check if a user has a certain permission.
+ + +Field | Type | Label | Description |
permission | +string | ++ | REQUIRED. +The permission to check. |
+
subject_ref | +SubjectReference | ++ | REQUIRED. +The subject holding the permission. |
+
ref | +cs3.storage.provider.v1beta1.Reference | ++ | OPTIONAL. +The target resource of the permission. |
+
CheckPermissionsResponse ...
+ + +Field | Type | Label | Description |
status | +cs3.rpc.v1beta1.Status | ++ | REQUIRED. +The response status. |
+
PermissionsAPI defines a service for permissions.
+Method Name | Request Type | Response Type | Description |
CheckPermission | +CheckPermissionRequest | +CheckPermissionResponse | +CheckPermission defines a method to check permission/role. |
+
SubjectReference references either a user or a group by id.
+ + +Field | Type | Label | Description |
user_id | +cs3.identity.user.v1beta1.UserId | ++ |
|
+
group_id | +cs3.identity.group.v1beta1.GroupId | ++ |
|
+
OPTIONAL. Whether the mime type is eligible for file creation in the web UI. Defaults to false, i.e. files with this mime type can be opened -but not directly allow_creationd from the web UI.