FabInfra-Mirror/api.fabaccess-api
1
0
Fork 0
mirror of https://gitlab.com/fabinfra/fabaccess/fabaccess-api.git synced 2025-03-12 14:51:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Revamp permissions a bit

Browse Source
This commit is contained in:
Nadja Reitzenstein 2022-11-04 15:23:25 +01:00
parent 2d8c5fb2e8
commit b48ec883eb
4 changed files with 39 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
main.capnp
View File

@ -6,6 +6,8 @@ $CSharp.namespace("FabAccessAPI.Schema");
using import "auth.capnp".Authentication;
using import "resources.capnp".Resources;
using import "users.capnp".Users;
using import "user.capnp".User;
using import "permissions.capnp".Permissions;
struct Version
{
@ -37,11 +39,13 @@ struct Session {
# An API session with the server. The below capabilities are set to NULL if the authenticated
# user doesn't have permission to access the system in question, or if the server does not
# implement it.
whoami @0 :User;
resources @0 :Resources;
resources @1 :Resources;
# Access to the resources configured.
users @1 :Users;
# User administration. This includes both modifying other users and self-modification, so this
# is allowed for most sessions
users @2 :Users;
# User administration.
permissions @3 :Permissions;
}

11
permissions.capnp Normal file
View File

@ -0,0 +1,11 @@
@0xaf38846f2a5370ab;
using CSharp = import "programming_language/csharp.capnp";
$CSharp.namespace("FabAccessAPI.Schema");
using import "role.capnp".Role;
interface Permissions {
listRoles @0 () -> ( roles :List(Role) );
getById @1 ( id :Data ) -> ( role :Role );
}

18
role.capnp
View File

@ -3,6 +3,22 @@
using CSharp = import "programming_language/csharp.capnp";
$CSharp.namespace("FabAccessAPI.Schema");
using import "utils.capnp".L10NString;
using import "user.capnp".User;
interface Role {
name @0 () -> ( name :Text );
# A role in the FA authorization context
id @0 () -> ( id :Data );
name @1 () -> ( name :L10NString );
# The localized name of a role
admin @2 () -> ( admin :Admin );
}
interface Admin $CSharp.name("AdminInterface") {
members @1 () -> ( members :List(User) );
addUser @0 ( user :User ) -> ();
removeUser @1 ( user :User ) -> ();
}

11
users.capnp
View File

@ -6,14 +6,9 @@ $CSharp.namespace("FabAccessAPI.Schema");
using import "user.capnp".User;
interface Users {
whoami @0 () -> ( user :User );
list @0 () -> ( users :List(User) );
manage @1 () -> ( manage :Manage );
interface Manage $CSharp.name("ManageInterface") {
list @0 () -> ( users :List(User) );
addUser @1 ( username :Text, password :Text ) -> ( user :User );
addUser @1 ( username :Text, password :Text ) -> ( user :User );
removeUser @2 ( user :User );
}
removeUser @2 ( user :User );
}