From 86698c260b6badb54d49ea104faa42be406273a4 Mon Sep 17 00:00:00 2001
From: Gregor Reitzenstein <me@dequbed.space>
Date: Thu, 23 Apr 2020 14:32:57 +0200
Subject: [PATCH] Results from a call with JoKlLa

---
 api.capnp        | 117 ++++++++++++++++++-----------------------------
 connection.capnp |   2 +
 2 files changed, 47 insertions(+), 72 deletions(-)

diff --git a/api.capnp b/api.capnp
index d771276..eab2649 100644
--- a/api.capnp
+++ b/api.capnp
@@ -29,14 +29,10 @@ interface Diflouroborane {
     # `initializeAuthentication` on it in one roundtrip, provided one gets granted access to the
     # Authentication subsystem (which in all fairness is a reasonable assumption)
 
-    authentication @0 () -> ( auth :Authentication );
-    # Then authentication subsystem handles authentication of clients and servers. Multiple
-    # authentication is possible, see the `Authentication` interface for details.
-
-    permissions @1 () -> ( perm :Permissions );
+    permissions @0 () -> ( perm :Permissions );
     # Permission subsystem to manage permissions and systems underlying the authorization process
 
-    machines @2 () -> ( mach :Machines );
+    machines @1 () -> ( mach :Machines );
     # Diflouroborane stores machine¹ information in an opaque internal database. This interface is
     # the only stable process of modifying that information
 
@@ -59,79 +55,56 @@ struct UUID {
     uuid1 @1 :UInt64;
 }
 
-interface Machines {
-    interface Manage {
-        setBlocked @0 ( blocked :Bool ) -> ();
-        # Block or Unblock the machine. A blocked machine can not be used.
-
-        forceReturn @1 () -> ();
-        # Forcefully marking a machine as `returned` — i.e. not used.
+struct Maybe(T) {
+    union {
+        none @0 :Void;
+        some @1 :T;
     }
+}
+
+enum State {
+    free @0;
+    inUse @1;
+    toCheck @2;
+    blocked @3;
+    disabled @4;
+    reserved @5;
+}
+
+interface Machine {
+    struct MInfo {
+        state @0 :State;
+        name @1 :Text;
+        description @2 :Text;
+
+        responsible @3 :Text;
+        # TODO: Make that an user, issue #XXX
+    }
+
+    info @0 () -> ( minfo :MInfo );
+    # Check the state of a machine.
 
     interface GiveBack {
-        # The only way of getting a `return` interface is by successfully calling `use`. This means
-        # only the user that marked a machine as `used` can return it again. (Baring force override)
-        giveback @0 () -> ();
+        ret @0 () -> ();
     }
 
-    manage @0 ( uuid :UUID ) -> ( manage :Manage );
+    use @1 () -> ( ret :Maybe(GiveBack) );
+    # Try to use a machine. Fails if the user doesn't have enough permissions
 
-    use @1 ( uuid :UUID ) -> ( giveback :GiveBack );
-    # Use a machine, identified by its UUID. If the caller is allowed to and the machine is
-    # available to being used a `return` Capability will be returned — the person using a machine is
-    # after all the only person that can return the machine after use.
+    interface Check {
+        ok @0 () -> ();
+        not_ok @1 () -> ();
+    }
+
+    check @2 () -> ( chk :Maybe(Check) );
+
+    reserve @3 () -> ( rsrv :Maybe(AnyPointer) );
+}
+
+interface Machines {
+    lookup @0 ( uuid :UUID ) -> ( machine :Maybe(Machine) );
+    # Get a machine interface. Returns `none` if there is no Machine with the given uuid.
 }
 
 interface Permissions {
-    # The permission system of FabAccess is a role-based access control (RBAC).
-    # This means that a principal is assigned to 0…N roles, and each role has 1…M permissions
-    # attached. A role can inherit from up to one other role meaning that roles are a set of
-    # cycle-free hierarchies.
-    getAllSubjects @0 () -> ( subjects :List(Text) );
-    getAllObjects @1 () -> ( objects :List(Text) );
-    getAllAction @2 () -> ( actions :List(Text) );
-    getAllRoles @3 () -> ( roles :List(Text) );
-
-    removePolicy @4 ( p :List(Text) ) -> ();
-    addPolicy @5 ( p :List(Text) ) -> ();
-}
-
-interface Authentication {
-    # List all SASL mechs the server is willing to use
-    availableMechanisms @0 () -> ( mechanisms :List(Text) );
-
-    # Start authentication using the given mechanism and optional initial data
-    initializeAuthentication @1 ( mechanism :Text, initialData :MaybeData )
-        -> (response :StepResult );
-
-    getAuthzid @2 () -> ( authzid :Text );
-
-    struct StepResult {
-        union {
-            challenge @0 :Challenge;
-            outcome @1 :Outcome;
-        }
-    }
-
-    struct MaybeData {
-        union {
-            some @0 :Data;
-            none @1 :Void;
-        }
-    }
-
-    interface Challenge {
-        # Access the challenge data
-        read @0 () -> ( data :MaybeData );
-
-        respond @1 ( data :MaybeData ) 
-            -> ( response :StepResult );
-    }
-
-    interface Outcome {
-        # Outcomes may contain additional data
-        read @0 () -> ( data :MaybeData );
-        # The actual outcome.
-        value @1 () -> ( granted :Bool );
-    }
 }
diff --git a/connection.capnp b/connection.capnp
index 8767836..9f79a76 100644
--- a/connection.capnp
+++ b/connection.capnp
@@ -23,6 +23,7 @@
 @0x9e1c146a27dcc635;
 
 using Auth = import "auth.capnp";
+using Api = import "api.capnp"
 
 struct Message {
     union {
@@ -30,6 +31,7 @@ struct Message {
         bye @1 :Bye;
         starttls @2 :Void;
         auth @3 :Auth.Message;
+        bootstrap @4 :Api.Diflouroborane
     }
 }