rbacv1

package
v0.38.0-rc4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 31, 2024 License: Apache-2.0 Imports: 5 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	PermissionType_name = map[int32]string{
		0:     "PERMISSION_TYPE_UNSPECIFIED",
		91001: "PERMISSION_TYPE_ADMINISTRATE_USER",
		91002: "PERMISSION_TYPE_ADMINISTRATE_OAUTH",
		2001:  "PERMISSION_TYPE_CREATE_EXPERIMENT",
		2002:  "PERMISSION_TYPE_VIEW_EXPERIMENT_ARTIFACTS",
		2003:  "PERMISSION_TYPE_VIEW_EXPERIMENT_METADATA",
		2004:  "PERMISSION_TYPE_UPDATE_EXPERIMENT",
		2005:  "PERMISSION_TYPE_UPDATE_EXPERIMENT_METADATA",
		2006:  "PERMISSION_TYPE_DELETE_EXPERIMENT",
		3001:  "PERMISSION_TYPE_CREATE_NSC",
		3002:  "PERMISSION_TYPE_VIEW_NSC",
		3003:  "PERMISSION_TYPE_UPDATE_NSC",
		93001: "PERMISSION_TYPE_UPDATE_GROUP",
		94001: "PERMISSION_TYPE_CREATE_WORKSPACE",
		4002:  "PERMISSION_TYPE_VIEW_WORKSPACE",
		4003:  "PERMISSION_TYPE_UPDATE_WORKSPACE",
		4004:  "PERMISSION_TYPE_DELETE_WORKSPACE",
		4005:  "PERMISSION_TYPE_SET_WORKSPACE_AGENT_USER_GROUP",
		4006:  "PERMISSION_TYPE_SET_WORKSPACE_CHECKPOINT_STORAGE_CONFIG",
		4007:  "PERMISSION_TYPE_SET_WORKSPACE_DEFAULT_RESOURCE_POOL",
		5001:  "PERMISSION_TYPE_CREATE_PROJECT",
		5002:  "PERMISSION_TYPE_VIEW_PROJECT",
		5003:  "PERMISSION_TYPE_UPDATE_PROJECT",
		5004:  "PERMISSION_TYPE_DELETE_PROJECT",
		6002:  "PERMISSION_TYPE_ASSIGN_ROLES",
		7001:  "PERMISSION_TYPE_VIEW_MODEL_REGISTRY",
		7002:  "PERMISSION_TYPE_EDIT_MODEL_REGISTRY",
		7003:  "PERMISSION_TYPE_CREATE_MODEL_REGISTRY",
		7004:  "PERMISSION_TYPE_DELETE_MODEL_REGISTRY",
		7005:  "PERMISSION_TYPE_DELETE_MODEL_VERSION",
		7006:  "PERMISSION_TYPE_DELETE_OTHER_USER_MODEL_REGISTRY",
		7007:  "PERMISSION_TYPE_DELETE_OTHER_USER_MODEL_VERSION",
		8001:  "PERMISSION_TYPE_VIEW_MASTER_LOGS",
		8002:  "PERMISSION_TYPE_VIEW_CLUSTER_USAGE",
		8003:  "PERMISSION_TYPE_UPDATE_AGENTS",
		8004:  "PERMISSION_TYPE_VIEW_SENSITIVE_AGENT_INFO",
		8005:  "PERMISSION_TYPE_VIEW_MASTER_CONFIG",
		8006:  "PERMISSION_TYPE_UPDATE_MASTER_CONFIG",
		8007:  "PERMISSION_TYPE_VIEW_EXTERNAL_JOBS",
		8101:  "PERMISSION_TYPE_CONTROL_STRICT_JOB_QUEUE",
		9001:  "PERMISSION_TYPE_VIEW_TEMPLATES",
		9002:  "PERMISSION_TYPE_UPDATE_TEMPLATES",
		9003:  "PERMISSION_TYPE_CREATE_TEMPLATES",
		9004:  "PERMISSION_TYPE_DELETE_TEMPLATES",
		96001: "PERMISSION_TYPE_UPDATE_ROLES",
		97001: "PERMISSION_TYPE_EDIT_WEBHOOKS",
		97002: "PERMISSION_TYPE_VIEW_WEBHOOKS",
		10001: "PERMISSION_TYPE_MODIFY_RP_WORKSPACE_BINDINGS",
		11001: "PERMISSION_TYPE_SET_WORKSPACE_NAMESPACE_BINDINGS",
		11002: "PERMISSION_TYPE_SET_RESOURCE_QUOTAS",
		11003: "PERMISSION_TYPE_VIEW_RESOURCE_QUOTAS",
		11004: "PERMISSION_TYPE_MODIFY_GLOBAL_CONFIG_POLICIES",
		11005: "PERMISSION_TYPE_MODIFY_WORKSPACE_CONFIG_POLICIES",
		11006: "PERMISSION_TYPE_VIEW_GLOBAL_CONFIG_POLICIES",
		11007: "PERMISSION_TYPE_VIEW_WORKSPACE_CONFIG_POLICIES",
		12001: "PERMISSION_TYPE_ADMINISTRATE_TOKEN",
		12002: "PERMISSION_TYPE_UPDATE_TOKEN",
		12003: "PERMISSION_TYPE_CREATE_TOKEN",
		12004: "PERMISSION_TYPE_CREATE_OTHER_TOKEN",
		12005: "PERMISSION_TYPE_VIEW_OTHER_TOKEN",
		12006: "PERMISSION_TYPE_VIEW_TOKEN",
	}
	PermissionType_value = map[string]int32{
		"PERMISSION_TYPE_UNSPECIFIED":                             0,
		"PERMISSION_TYPE_ADMINISTRATE_USER":                       91001,
		"PERMISSION_TYPE_ADMINISTRATE_OAUTH":                      91002,
		"PERMISSION_TYPE_CREATE_EXPERIMENT":                       2001,
		"PERMISSION_TYPE_VIEW_EXPERIMENT_ARTIFACTS":               2002,
		"PERMISSION_TYPE_VIEW_EXPERIMENT_METADATA":                2003,
		"PERMISSION_TYPE_UPDATE_EXPERIMENT":                       2004,
		"PERMISSION_TYPE_UPDATE_EXPERIMENT_METADATA":              2005,
		"PERMISSION_TYPE_DELETE_EXPERIMENT":                       2006,
		"PERMISSION_TYPE_CREATE_NSC":                              3001,
		"PERMISSION_TYPE_VIEW_NSC":                                3002,
		"PERMISSION_TYPE_UPDATE_NSC":                              3003,
		"PERMISSION_TYPE_UPDATE_GROUP":                            93001,
		"PERMISSION_TYPE_CREATE_WORKSPACE":                        94001,
		"PERMISSION_TYPE_VIEW_WORKSPACE":                          4002,
		"PERMISSION_TYPE_UPDATE_WORKSPACE":                        4003,
		"PERMISSION_TYPE_DELETE_WORKSPACE":                        4004,
		"PERMISSION_TYPE_SET_WORKSPACE_AGENT_USER_GROUP":          4005,
		"PERMISSION_TYPE_SET_WORKSPACE_CHECKPOINT_STORAGE_CONFIG": 4006,
		"PERMISSION_TYPE_SET_WORKSPACE_DEFAULT_RESOURCE_POOL":     4007,
		"PERMISSION_TYPE_CREATE_PROJECT":                          5001,
		"PERMISSION_TYPE_VIEW_PROJECT":                            5002,
		"PERMISSION_TYPE_UPDATE_PROJECT":                          5003,
		"PERMISSION_TYPE_DELETE_PROJECT":                          5004,
		"PERMISSION_TYPE_ASSIGN_ROLES":                            6002,
		"PERMISSION_TYPE_VIEW_MODEL_REGISTRY":                     7001,
		"PERMISSION_TYPE_EDIT_MODEL_REGISTRY":                     7002,
		"PERMISSION_TYPE_CREATE_MODEL_REGISTRY":                   7003,
		"PERMISSION_TYPE_DELETE_MODEL_REGISTRY":                   7004,
		"PERMISSION_TYPE_DELETE_MODEL_VERSION":                    7005,
		"PERMISSION_TYPE_DELETE_OTHER_USER_MODEL_REGISTRY":        7006,
		"PERMISSION_TYPE_DELETE_OTHER_USER_MODEL_VERSION":         7007,
		"PERMISSION_TYPE_VIEW_MASTER_LOGS":                        8001,
		"PERMISSION_TYPE_VIEW_CLUSTER_USAGE":                      8002,
		"PERMISSION_TYPE_UPDATE_AGENTS":                           8003,
		"PERMISSION_TYPE_VIEW_SENSITIVE_AGENT_INFO":               8004,
		"PERMISSION_TYPE_VIEW_MASTER_CONFIG":                      8005,
		"PERMISSION_TYPE_UPDATE_MASTER_CONFIG":                    8006,
		"PERMISSION_TYPE_VIEW_EXTERNAL_JOBS":                      8007,
		"PERMISSION_TYPE_CONTROL_STRICT_JOB_QUEUE":                8101,
		"PERMISSION_TYPE_VIEW_TEMPLATES":                          9001,
		"PERMISSION_TYPE_UPDATE_TEMPLATES":                        9002,
		"PERMISSION_TYPE_CREATE_TEMPLATES":                        9003,
		"PERMISSION_TYPE_DELETE_TEMPLATES":                        9004,
		"PERMISSION_TYPE_UPDATE_ROLES":                            96001,
		"PERMISSION_TYPE_EDIT_WEBHOOKS":                           97001,
		"PERMISSION_TYPE_VIEW_WEBHOOKS":                           97002,
		"PERMISSION_TYPE_MODIFY_RP_WORKSPACE_BINDINGS":            10001,
		"PERMISSION_TYPE_SET_WORKSPACE_NAMESPACE_BINDINGS":        11001,
		"PERMISSION_TYPE_SET_RESOURCE_QUOTAS":                     11002,
		"PERMISSION_TYPE_VIEW_RESOURCE_QUOTAS":                    11003,
		"PERMISSION_TYPE_MODIFY_GLOBAL_CONFIG_POLICIES":           11004,
		"PERMISSION_TYPE_MODIFY_WORKSPACE_CONFIG_POLICIES":        11005,
		"PERMISSION_TYPE_VIEW_GLOBAL_CONFIG_POLICIES":             11006,
		"PERMISSION_TYPE_VIEW_WORKSPACE_CONFIG_POLICIES":          11007,
		"PERMISSION_TYPE_ADMINISTRATE_TOKEN":                      12001,
		"PERMISSION_TYPE_UPDATE_TOKEN":                            12002,
		"PERMISSION_TYPE_CREATE_TOKEN":                            12003,
		"PERMISSION_TYPE_CREATE_OTHER_TOKEN":                      12004,
		"PERMISSION_TYPE_VIEW_OTHER_TOKEN":                        12005,
		"PERMISSION_TYPE_VIEW_TOKEN":                              12006,
	}
)

Enum value maps for PermissionType.

View Source
var File_determined_rbac_v1_rbac_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type GroupRoleAssignment

type GroupRoleAssignment struct {

	// The group id of the role assignment
	GroupId int32 `protobuf:"varint,1,opt,name=group_id,json=groupId,proto3" json:"group_id,omitempty"`
	// The role and scope of the assignment.
	RoleAssignment *RoleAssignment `protobuf:"bytes,2,opt,name=role_assignment,json=roleAssignment,proto3" json:"role_assignment,omitempty"`
	// contains filtered or unexported fields
}

GroupRoleAssignment contains information about the groups belonging to a role.

func (*GroupRoleAssignment) Descriptor deprecated

func (*GroupRoleAssignment) Descriptor() ([]byte, []int)

Deprecated: Use GroupRoleAssignment.ProtoReflect.Descriptor instead.

func (*GroupRoleAssignment) GetGroupId

func (x *GroupRoleAssignment) GetGroupId() int32

func (*GroupRoleAssignment) GetRoleAssignment

func (x *GroupRoleAssignment) GetRoleAssignment() *RoleAssignment

func (*GroupRoleAssignment) ProtoMessage

func (*GroupRoleAssignment) ProtoMessage()

func (*GroupRoleAssignment) ProtoReflect

func (x *GroupRoleAssignment) ProtoReflect() protoreflect.Message

func (*GroupRoleAssignment) Reset

func (x *GroupRoleAssignment) Reset()

func (*GroupRoleAssignment) String

func (x *GroupRoleAssignment) String() string

type Permission

type Permission struct {

	// The id of the permission
	Id PermissionType `protobuf:"varint,1,opt,name=id,proto3,enum=determined.rbac.v1.PermissionType" json:"id,omitempty"`
	// The name of the permission
	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	// Allowed scope types.
	ScopeTypeMask *ScopeTypeMask `protobuf:"bytes,4,opt,name=scope_type_mask,json=scopeTypeMask,proto3" json:"scope_type_mask,omitempty"`
	// contains filtered or unexported fields
}

Permission represents an action a user can take in the system

func (*Permission) Descriptor deprecated

func (*Permission) Descriptor() ([]byte, []int)

Deprecated: Use Permission.ProtoReflect.Descriptor instead.

func (*Permission) GetId

func (x *Permission) GetId() PermissionType

func (*Permission) GetName

func (x *Permission) GetName() string

func (*Permission) GetScopeTypeMask

func (x *Permission) GetScopeTypeMask() *ScopeTypeMask

func (*Permission) ProtoMessage

func (*Permission) ProtoMessage()

func (*Permission) ProtoReflect

func (x *Permission) ProtoReflect() protoreflect.Message

func (*Permission) Reset

func (x *Permission) Reset()

func (*Permission) String

func (x *Permission) String() string

type PermissionType

type PermissionType int32

List of permissions types. Value of the enum has 9xxxx for global only permissions. Permissions on the same object share the thousands place value like 2001 and 2002.

const (
	// The permission type is unknown.
	PermissionType_PERMISSION_TYPE_UNSPECIFIED PermissionType = 0
	// Can create and update other users.
	// Allows updating other users passwords making this
	// permission give all other permissions effectively.
	PermissionType_PERMISSION_TYPE_ADMINISTRATE_USER PermissionType = 91001
	// Ability to manage OAuth clients and settings.
	PermissionType_PERMISSION_TYPE_ADMINISTRATE_OAUTH PermissionType = 91002
	// Ability to create experiments.
	PermissionType_PERMISSION_TYPE_CREATE_EXPERIMENT PermissionType = 2001
	// Ability to view experiment's model code, checkpoints, trials.
	PermissionType_PERMISSION_TYPE_VIEW_EXPERIMENT_ARTIFACTS PermissionType = 2002
	// Ability to view experiment's metadata such as experiment config, progress.
	PermissionType_PERMISSION_TYPE_VIEW_EXPERIMENT_METADATA PermissionType = 2003
	// Ability to update experiment and experiment's lifecycle.
	PermissionType_PERMISSION_TYPE_UPDATE_EXPERIMENT PermissionType = 2004
	// Ability to update experiment's metadata.
	PermissionType_PERMISSION_TYPE_UPDATE_EXPERIMENT_METADATA PermissionType = 2005
	// Ability to delete experiment.
	PermissionType_PERMISSION_TYPE_DELETE_EXPERIMENT PermissionType = 2006
	// Ability to create Notebooks, Shells, and Commands.
	PermissionType_PERMISSION_TYPE_CREATE_NSC PermissionType = 3001
	// Ability to view Notebooks, Shells, and Commands.
	PermissionType_PERMISSION_TYPE_VIEW_NSC PermissionType = 3002
	// Ability to terminate Notebooks, Shells, and Commands.
	PermissionType_PERMISSION_TYPE_UPDATE_NSC PermissionType = 3003
	// Ability to create, update, and add / remove users from groups.
	PermissionType_PERMISSION_TYPE_UPDATE_GROUP PermissionType = 93001
	// Ability to create workspaces.
	PermissionType_PERMISSION_TYPE_CREATE_WORKSPACE PermissionType = 94001
	// Ability to view workspace.
	PermissionType_PERMISSION_TYPE_VIEW_WORKSPACE PermissionType = 4002
	// Ability to update workspace.
	PermissionType_PERMISSION_TYPE_UPDATE_WORKSPACE PermissionType = 4003
	// Ability to delete workspace.
	PermissionType_PERMISSION_TYPE_DELETE_WORKSPACE PermissionType = 4004
	// Ability to set workspace agent user group config.
	PermissionType_PERMISSION_TYPE_SET_WORKSPACE_AGENT_USER_GROUP PermissionType = 4005
	// Ability to set workspace checkpoint storage config.
	PermissionType_PERMISSION_TYPE_SET_WORKSPACE_CHECKPOINT_STORAGE_CONFIG PermissionType = 4006
	// Ability to set workspace default resource pool.
	PermissionType_PERMISSION_TYPE_SET_WORKSPACE_DEFAULT_RESOURCE_POOL PermissionType = 4007
	// Ability to create projects.
	PermissionType_PERMISSION_TYPE_CREATE_PROJECT PermissionType = 5001
	// Ability to view projects.
	PermissionType_PERMISSION_TYPE_VIEW_PROJECT PermissionType = 5002
	// Ability to update projects.
	PermissionType_PERMISSION_TYPE_UPDATE_PROJECT PermissionType = 5003
	// Ability to delete projects.
	PermissionType_PERMISSION_TYPE_DELETE_PROJECT PermissionType = 5004
	// Ability to assign roles to groups / users.
	// If assigned at a workspace scope, can only assign roles to that workspace
	// scope.
	PermissionType_PERMISSION_TYPE_ASSIGN_ROLES PermissionType = 6002
	// Ability to view model registry.
	PermissionType_PERMISSION_TYPE_VIEW_MODEL_REGISTRY PermissionType = 7001
	// Ability to edit model registry.
	PermissionType_PERMISSION_TYPE_EDIT_MODEL_REGISTRY PermissionType = 7002
	// Ability to create model registry.
	PermissionType_PERMISSION_TYPE_CREATE_MODEL_REGISTRY PermissionType = 7003
	// Ability to delete model registry.
	PermissionType_PERMISSION_TYPE_DELETE_MODEL_REGISTRY PermissionType = 7004
	// Ability to delete model version.
	PermissionType_PERMISSION_TYPE_DELETE_MODEL_VERSION PermissionType = 7005
	// Ability to delete another user's model registry.
	PermissionType_PERMISSION_TYPE_DELETE_OTHER_USER_MODEL_REGISTRY PermissionType = 7006
	// Ability to delete another user's model version.
	PermissionType_PERMISSION_TYPE_DELETE_OTHER_USER_MODEL_VERSION PermissionType = 7007
	// Ability to view master logs.
	PermissionType_PERMISSION_TYPE_VIEW_MASTER_LOGS PermissionType = 8001
	// Ability to view detailed cluster usage info.
	PermissionType_PERMISSION_TYPE_VIEW_CLUSTER_USAGE PermissionType = 8002
	// Ability to update agents.
	PermissionType_PERMISSION_TYPE_UPDATE_AGENTS PermissionType = 8003
	// Ability to view sensitive subset of agent info.
	PermissionType_PERMISSION_TYPE_VIEW_SENSITIVE_AGENT_INFO PermissionType = 8004
	// Ability to view master configs.
	PermissionType_PERMISSION_TYPE_VIEW_MASTER_CONFIG PermissionType = 8005
	// Ability to update master configs.
	PermissionType_PERMISSION_TYPE_UPDATE_MASTER_CONFIG PermissionType = 8006
	// Ability to view external jobs.
	PermissionType_PERMISSION_TYPE_VIEW_EXTERNAL_JOBS PermissionType = 8007
	// Ability to control strict job queue.
	PermissionType_PERMISSION_TYPE_CONTROL_STRICT_JOB_QUEUE PermissionType = 8101
	// Ability to view templates.
	PermissionType_PERMISSION_TYPE_VIEW_TEMPLATES PermissionType = 9001
	// Ability to update templates.
	PermissionType_PERMISSION_TYPE_UPDATE_TEMPLATES PermissionType = 9002
	// Ability to create templates.
	PermissionType_PERMISSION_TYPE_CREATE_TEMPLATES PermissionType = 9003
	// Ability to delete templates.
	PermissionType_PERMISSION_TYPE_DELETE_TEMPLATES PermissionType = 9004
	// Ability to create and update role definitions.
	PermissionType_PERMISSION_TYPE_UPDATE_ROLES PermissionType = 96001
	// Ability to create and delete webhooks.
	PermissionType_PERMISSION_TYPE_EDIT_WEBHOOKS PermissionType = 97001
	// Ability to view webhooks.
	PermissionType_PERMISSION_TYPE_VIEW_WEBHOOKS PermissionType = 97002
	// Ability to bind, unbind or overwrite resource pool workspace bindings.
	PermissionType_PERMISSION_TYPE_MODIFY_RP_WORKSPACE_BINDINGS PermissionType = 10001
	// Ability to bind, unbind, or overwrite namespace workspace bindings.
	PermissionType_PERMISSION_TYPE_SET_WORKSPACE_NAMESPACE_BINDINGS PermissionType = 11001
	// Ability to set resource quotas on workspaces.
	PermissionType_PERMISSION_TYPE_SET_RESOURCE_QUOTAS PermissionType = 11002
	// Ability to view resource quotas on workspaces.
	PermissionType_PERMISSION_TYPE_VIEW_RESOURCE_QUOTAS PermissionType = 11003
	// Ability to modify global config policies.
	PermissionType_PERMISSION_TYPE_MODIFY_GLOBAL_CONFIG_POLICIES PermissionType = 11004
	// Ability to modify workspace config policies.
	PermissionType_PERMISSION_TYPE_MODIFY_WORKSPACE_CONFIG_POLICIES PermissionType = 11005
	// Ability to view global config policies.
	PermissionType_PERMISSION_TYPE_VIEW_GLOBAL_CONFIG_POLICIES PermissionType = 11006
	// Ability to view workspace config policies.
	PermissionType_PERMISSION_TYPE_VIEW_WORKSPACE_CONFIG_POLICIES PermissionType = 11007
	// Ability to administrate other users' tokens.
	PermissionType_PERMISSION_TYPE_ADMINISTRATE_TOKEN PermissionType = 12001
	// Ability to update one's own token.
	PermissionType_PERMISSION_TYPE_UPDATE_TOKEN PermissionType = 12002
	// Ability to create one's own token
	PermissionType_PERMISSION_TYPE_CREATE_TOKEN PermissionType = 12003
	// Ability to create another user's token
	PermissionType_PERMISSION_TYPE_CREATE_OTHER_TOKEN PermissionType = 12004
	// Ability to view another user's token
	PermissionType_PERMISSION_TYPE_VIEW_OTHER_TOKEN PermissionType = 12005
	// Ability to view one's own token
	PermissionType_PERMISSION_TYPE_VIEW_TOKEN PermissionType = 12006
)

func (PermissionType) Descriptor

func (PermissionType) Enum

func (x PermissionType) Enum() *PermissionType

func (PermissionType) EnumDescriptor deprecated

func (PermissionType) EnumDescriptor() ([]byte, []int)

Deprecated: Use PermissionType.Descriptor instead.

func (PermissionType) Number

func (PermissionType) String

func (x PermissionType) String() string

func (PermissionType) Type

type Role

type Role struct {

	// The id of the role being detailed
	RoleId int32 `protobuf:"varint,1,opt,name=role_id,json=roleId,proto3" json:"role_id,omitempty"`
	// The string of the role being detailed
	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	// The permissions granted to the role
	Permissions []*Permission `protobuf:"bytes,3,rep,name=permissions,proto3" json:"permissions,omitempty"`
	// Allowed scope types.
	ScopeTypeMask *ScopeTypeMask `protobuf:"bytes,4,opt,name=scope_type_mask,json=scopeTypeMask,proto3" json:"scope_type_mask,omitempty"`
	// contains filtered or unexported fields
}

Role contains information about a specific Role

func (*Role) Descriptor deprecated

func (*Role) Descriptor() ([]byte, []int)

Deprecated: Use Role.ProtoReflect.Descriptor instead.

func (*Role) GetName

func (x *Role) GetName() string

func (*Role) GetPermissions

func (x *Role) GetPermissions() []*Permission

func (*Role) GetRoleId

func (x *Role) GetRoleId() int32

func (*Role) GetScopeTypeMask

func (x *Role) GetScopeTypeMask() *ScopeTypeMask

func (*Role) ProtoMessage

func (*Role) ProtoMessage()

func (*Role) ProtoReflect

func (x *Role) ProtoReflect() protoreflect.Message

func (*Role) Reset

func (x *Role) Reset()

func (*Role) String

func (x *Role) String() string

type RoleAssignment

type RoleAssignment struct {

	// The role of the assignment.
	Role *Role `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"`
	// The id of the workspace the role belongs to. Empty for cluster-wide scope.
	ScopeWorkspaceId *int32 `protobuf:"varint,2,opt,name=scope_workspace_id,json=scopeWorkspaceId,proto3,oneof" json:"scope_workspace_id,omitempty"`
	// Whether the role is assigned cluster-wide.
	ScopeCluster bool `protobuf:"varint,3,opt,name=scope_cluster,json=scopeCluster,proto3" json:"scope_cluster,omitempty"`
	// contains filtered or unexported fields
}

RoleAssignment contains information about the scope of the role.

func (*RoleAssignment) Descriptor deprecated

func (*RoleAssignment) Descriptor() ([]byte, []int)

Deprecated: Use RoleAssignment.ProtoReflect.Descriptor instead.

func (*RoleAssignment) GetRole

func (x *RoleAssignment) GetRole() *Role

func (*RoleAssignment) GetScopeCluster

func (x *RoleAssignment) GetScopeCluster() bool

func (*RoleAssignment) GetScopeWorkspaceId

func (x *RoleAssignment) GetScopeWorkspaceId() int32

func (*RoleAssignment) ProtoMessage

func (*RoleAssignment) ProtoMessage()

func (*RoleAssignment) ProtoReflect

func (x *RoleAssignment) ProtoReflect() protoreflect.Message

func (*RoleAssignment) Reset

func (x *RoleAssignment) Reset()

func (*RoleAssignment) String

func (x *RoleAssignment) String() string

type RoleAssignmentSummary

type RoleAssignmentSummary struct {

	// The id of the role being detailed
	RoleId int32 `protobuf:"varint,1,opt,name=role_id,json=roleId,proto3" json:"role_id,omitempty"`
	// List of workspace IDs to apply the role.
	ScopeWorkspaceIds []int32 `protobuf:"varint,2,rep,packed,name=scope_workspace_ids,json=scopeWorkspaceIds,proto3" json:"scope_workspace_ids,omitempty"`
	// Whether the role is assigned cluster-wide.
	ScopeCluster bool `protobuf:"varint,3,opt,name=scope_cluster,json=scopeCluster,proto3" json:"scope_cluster,omitempty"`
	// contains filtered or unexported fields
}

RoleAssignmentSummary is used to describe permissions a user has.

func (*RoleAssignmentSummary) Descriptor deprecated

func (*RoleAssignmentSummary) Descriptor() ([]byte, []int)

Deprecated: Use RoleAssignmentSummary.ProtoReflect.Descriptor instead.

func (*RoleAssignmentSummary) GetRoleId

func (x *RoleAssignmentSummary) GetRoleId() int32

func (*RoleAssignmentSummary) GetScopeCluster

func (x *RoleAssignmentSummary) GetScopeCluster() bool

func (*RoleAssignmentSummary) GetScopeWorkspaceIds

func (x *RoleAssignmentSummary) GetScopeWorkspaceIds() []int32

func (*RoleAssignmentSummary) ProtoMessage

func (*RoleAssignmentSummary) ProtoMessage()

func (*RoleAssignmentSummary) ProtoReflect

func (x *RoleAssignmentSummary) ProtoReflect() protoreflect.Message

func (*RoleAssignmentSummary) Reset

func (x *RoleAssignmentSummary) Reset()

func (*RoleAssignmentSummary) String

func (x *RoleAssignmentSummary) String() string

type RoleWithAssignments

type RoleWithAssignments struct {

	// The embedded Role.
	Role *Role `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"`
	// The embedded GroupRoleAssignment.
	GroupRoleAssignments []*GroupRoleAssignment `protobuf:"bytes,2,rep,name=group_role_assignments,json=groupRoleAssignments,proto3" json:"group_role_assignments,omitempty"`
	// The embedded UserRoleAssignment.
	UserRoleAssignments []*UserRoleAssignment `protobuf:"bytes,3,rep,name=user_role_assignments,json=userRoleAssignments,proto3" json:"user_role_assignments,omitempty"`
	// contains filtered or unexported fields
}

RoleWithAssignments contains a detailed description of a role and the groups and users belonging to it.

func (*RoleWithAssignments) Descriptor deprecated

func (*RoleWithAssignments) Descriptor() ([]byte, []int)

Deprecated: Use RoleWithAssignments.ProtoReflect.Descriptor instead.

func (*RoleWithAssignments) GetGroupRoleAssignments

func (x *RoleWithAssignments) GetGroupRoleAssignments() []*GroupRoleAssignment

func (*RoleWithAssignments) GetRole

func (x *RoleWithAssignments) GetRole() *Role

func (*RoleWithAssignments) GetUserRoleAssignments

func (x *RoleWithAssignments) GetUserRoleAssignments() []*UserRoleAssignment

func (*RoleWithAssignments) ProtoMessage

func (*RoleWithAssignments) ProtoMessage()

func (*RoleWithAssignments) ProtoReflect

func (x *RoleWithAssignments) ProtoReflect() protoreflect.Message

func (*RoleWithAssignments) Reset

func (x *RoleWithAssignments) Reset()

func (*RoleWithAssignments) String

func (x *RoleWithAssignments) String() string

type ScopeTypeMask

type ScopeTypeMask struct {

	// Whether this permission or role can be assigned globally, i.e.
	// cluster-wide. Currently, all permissions can be assigned globally, so this
	// is always true.
	Cluster bool `protobuf:"varint,1,opt,name=cluster,proto3" json:"cluster,omitempty"`
	// Whether this permission or role can be assigned on a particular workspace.
	// For example, `ADMINISTRATE_USER` permission will have this field set to
	// false, since user creation can only be done at a cluster level, and it
	// doesn't make sense for a single workspace.
	Workspace bool `protobuf:"varint,2,opt,name=workspace,proto3" json:"workspace,omitempty"`
	// contains filtered or unexported fields
}

ScopeTypeMask lists which scope types are allowed for the given Permission or Role. Scope type mask is a different way to represent `is_global` flag. Value mapping: is_global: true => {cluster: true, workspace: false} is_global: false => {cluster: true, workspace: true}

func (*ScopeTypeMask) Descriptor deprecated

func (*ScopeTypeMask) Descriptor() ([]byte, []int)

Deprecated: Use ScopeTypeMask.ProtoReflect.Descriptor instead.

func (*ScopeTypeMask) GetCluster

func (x *ScopeTypeMask) GetCluster() bool

func (*ScopeTypeMask) GetWorkspace

func (x *ScopeTypeMask) GetWorkspace() bool

func (*ScopeTypeMask) ProtoMessage

func (*ScopeTypeMask) ProtoMessage()

func (*ScopeTypeMask) ProtoReflect

func (x *ScopeTypeMask) ProtoReflect() protoreflect.Message

func (*ScopeTypeMask) Reset

func (x *ScopeTypeMask) Reset()

func (*ScopeTypeMask) String

func (x *ScopeTypeMask) String() string

type UserRoleAssignment

type UserRoleAssignment struct {

	// the user id of the role assignment
	UserId int32 `protobuf:"varint,1,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"`
	// the role and scope of the assignment
	RoleAssignment *RoleAssignment `protobuf:"bytes,2,opt,name=role_assignment,json=roleAssignment,proto3" json:"role_assignment,omitempty"`
	// contains filtered or unexported fields
}

UserRoleAssignment contains information about the users belonging to a role.

func (*UserRoleAssignment) Descriptor deprecated

func (*UserRoleAssignment) Descriptor() ([]byte, []int)

Deprecated: Use UserRoleAssignment.ProtoReflect.Descriptor instead.

func (*UserRoleAssignment) GetRoleAssignment

func (x *UserRoleAssignment) GetRoleAssignment() *RoleAssignment

func (*UserRoleAssignment) GetUserId

func (x *UserRoleAssignment) GetUserId() int32

func (*UserRoleAssignment) ProtoMessage

func (*UserRoleAssignment) ProtoMessage()

func (*UserRoleAssignment) ProtoReflect

func (x *UserRoleAssignment) ProtoReflect() protoreflect.Message

func (*UserRoleAssignment) Reset

func (x *UserRoleAssignment) Reset()

func (*UserRoleAssignment) String

func (x *UserRoleAssignment) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL