From ef3db21789550ce0d9e3c59cf7ed369d6574ff23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nadja=20von=20Reitzenstein=20=C4=8Cerpnjak?= Date: Mon, 15 Apr 2024 16:28:23 +0200 Subject: [PATCH] Stuff! --- audit.capnp | 7 ++++++ auth.capnp | 5 ++++ claim.capnp | 19 ++++++++++----- interest.capnp | 12 +++++++++- main.capnp | 4 +++- notify.capnp | 6 +++++ projects.capnp | 4 ++++ resource.capnp | 54 +++++++++++++++++++++++++----------------- resources.capnp | 5 +++- traits.capnp | 2 +- traits/cnc.capnp | 12 ++++++++++ traits/powerable.capnp | 14 +++++++++++ traits/rgblamp.capnp | 12 ++++++++++ traits_error.capnp | 8 +++++++ user.capnp | 10 ++++++-- users.capnp | 4 ++-- 16 files changed, 142 insertions(+), 36 deletions(-) create mode 100644 audit.capnp create mode 100644 projects.capnp create mode 100644 traits/cnc.capnp create mode 100644 traits/powerable.capnp create mode 100644 traits/rgblamp.capnp create mode 100644 traits_error.capnp diff --git a/audit.capnp b/audit.capnp new file mode 100644 index 0000000..44aaa58 --- /dev/null +++ b/audit.capnp @@ -0,0 +1,7 @@ +@0x8a90be7e2023f16a; + +using import "user.capnp".User; + +interface Auditable { + lastUser @0 () -> ( user :User ); +} diff --git a/auth.capnp b/auth.capnp index 42e593f..5c366ea 100644 --- a/auth.capnp +++ b/auth.capnp @@ -9,6 +9,7 @@ using import "main.capnp".Session; struct Mechanism { name @0 :Text; additionalInfo @1 :AnyPointer; + # Additional Info for OpenID / OAUTH2 } struct Response { @@ -94,6 +95,7 @@ struct Response { # non-NULL list ptr of zero bytes which clients MUST pass to their SASL implementation # as "no additional data" and "some additional data of zero length" respectively. } + # TODO: Continue for successful step but additional mech needed } } @@ -110,4 +112,7 @@ interface Authentication { # "aborted" Error to the next `step` call. A server SHOULD directly terminate the underlying stream # after sending this response. The server MAY after a short grace period terminate the stream # without sending a response if no call to `step` was received by the client. + + nextAuthenticate @2 ( mechanism :Text, initialData :Data ) -> Response; + # Call this after a continue was returned } diff --git a/claim.capnp b/claim.capnp index d6d649e..00b2924 100644 --- a/claim.capnp +++ b/claim.capnp @@ -12,14 +12,17 @@ using import "notify.capnp".Notifiable; using import "utils.capnp".Fallible; using import "utils.capnp".OID; using import "utils.capnp".Map; +using import "projects.capnp".Project; interface Claimable { - claim @0 () -> Fallible(Claim, ClaimError); + claim @0 ( project :Project ) -> Fallible(Claim, ClaimError); # Returns NULL if the resource is *currently* not claimable. # Disown the returned claim capability to unclaim it. - interface ClaimError { - + struct ClaimError { + union { + locked @0 :Text; + } } } @@ -29,7 +32,7 @@ interface Lockable { # restore @0 ( sturdy :SturdyRef ) -> ( lock :Lock ); # Restore a previously saved SturdyRef pointing to a Lock - lock @1 () -> ( lock :Lock ); + lock @1 ( message :Text ) -> ( lock :Lock ); # Take exclusive access to a resource, disowning all other claims on this # resource. # @@ -49,8 +52,12 @@ interface Claim extends (Notifiable) { traits @1 () -> Map(OID, AnyPointer); - disown @2 (); - # Disown this claim + disown @2 () -> Fallible(Void, Error(Void)); + # Disown this claim TODO define ConstraintViolation type -> Dependencies! + + makeTransferable @3 () -> Fallible(SturdyRef, Error(Void)); + makeLendable @4 () -> Fallible(( token :Sturdyref, returnToken :Interest ), Error(Void)); + # TODO: should returnToken be an Interest instead? } interface Lock extends (Claim) { diff --git a/interest.capnp b/interest.capnp index 54ba6ba..37cdef9 100644 --- a/interest.capnp +++ b/interest.capnp @@ -4,5 +4,15 @@ using CSharp = import "programming_language/csharp.capnp"; $CSharp.namespace("FabAccessAPI.Schema"); interface Interestable { - + queue @0 () -> Fallible(Interest, Error(Void)); + reserve @1 ( when :When ) -> Fallible(Interest, Error(Void)); + getInterests @2 () -> ( interests :List(Interest) ); + # WARNING: Impersonates users +} + +interface Interest { + resource @0 () -> ( resource :Resource ); + describe @1 () -> Description; + drop @2 (); + upgrade @3 () -> ( claim :Claim ); } diff --git a/main.capnp b/main.capnp index 5463539..062b395 100644 --- a/main.capnp +++ b/main.capnp @@ -31,8 +31,10 @@ interface Bootstrap getServerInfo @2 () -> ( spacename :Text, instanceurl :Text ); # Returns information about the server, which can be used to resolve MDNS to DNS and display the server name to the user. - mechanisms @3 () -> ( mechs :List(Mechanism) ); + mechanisms @3 () -> ( mechs :List(Mechanism), cbtypes :List(Text) ); # Get a list of Mechanisms this server allows in this context. + # TODO: Channel Bindings + # TODO: List of groups of mechs createSession @4 ( mechanism :Text ) -> ( authentication :Authentication ); # Create a new session with the server that you wish to authenticate using `mechanism`. If the diff --git a/notify.capnp b/notify.capnp index 34a114f..62bbf52 100644 --- a/notify.capnp +++ b/notify.capnp @@ -15,6 +15,10 @@ interface Notifiable { subscribe @1 ( subscriber :Subscriber(Update) ) -> ( subscription :Subscription ); # Subscribe to state updates. The passed in `subscriber` is an interface implemented on the # client side that a server calls to send update notifications. + + measurements @2 () -> ( measurements :Map(Oid, AnyPointer) ); + + subscribeMeasurements @3 ( subscriber :Subscriber(Measurement) ) -> ( subscription: Subscription ); } interface Subscriber(Update) { @@ -27,6 +31,8 @@ interface Subscriber(Update) { # resource. } + + struct UpdateResult { } # Empty struct to make `update` apply backpressure. interface Subscription { diff --git a/projects.capnp b/projects.capnp new file mode 100644 index 0000000..7906f16 --- /dev/null +++ b/projects.capnp @@ -0,0 +1,4 @@ + +interface Project { + +} diff --git a/resource.capnp b/resource.capnp index 9529eef..3947f8d 100644 --- a/resource.capnp +++ b/resource.capnp @@ -10,6 +10,7 @@ using import "notify.capnp".Notifiable; using import "interest.capnp".Interestable; using import "claim.capnp".Claimable; using import "claim.capnp".Lockable; +using import "audit.capnp".Auditable; using import "utils.capnp".OID; using import "utils.capnp".L10NString; @@ -17,36 +18,45 @@ using import "utils.capnp".Map; using import "cache.capnp".Cache; +struct RestoredResource { + resource @0 :Resource; + interest @1 :List(Interest); + claim @2 :Claim; + lock @3 :Lock; +} + struct Resource { # BFFH's smallest unit of a physical or abstract "thing". A resource can be as simple and # physical as a table, as complex as a PCB production line or as abstract as "people with # specific know-how are present". - description @0 :Cache(Description); - # Return information about this resource. This information is usually - # static and thus put behind a Cache. - - notify @1 :Notifiable; - # NULL if the user does not have permission to read this resource, or if this resource is not - # notifiable - - interest @2 :Interestable; - # NULL if this resource is not interestable or the user does not have permission to set - # interests for this resource. - - claim @3 :Claimable; - # NULL if the user does not have permission to write to this resource, or if this resource type - # does not support claiming. - - lock @4 :Lockable; - # NULL if the user does not have permission to manage this resource, or if this resource type - # does not support claiming or locking. -} - -struct Description { identifier @0 :Text; # The unique identifier for this resource + description @1 :Cache(Description); + # Return information about this resource. This information is usually + # static and thus put behind a Cache. + + notify @2 :Notifiable; + # NULL if the user does not have permission to read this resource, or if this resource is not + # notifiable + + interest @3 :Interestable; + # NULL if this resource is not interestable or the user does not have permission to set + # interests for this resource. + + claim @4 :Claimable; + # NULL if the user does not have permission to write to this resource, or if this resource type + # does not support claiming. + + lock @5 :Lockable; + # NULL if the user does not have permission to manage this resource, or if this resource type + # does not support claiming or locking. + + audit @6 :Auditable; +} + +struct Description { name @1 :L10NString; # A human-facing name for this resource. A name should be short and recognizable, and is meant # as the primary identifier for users to find a resource. diff --git a/resources.capnp b/resources.capnp index 22cffe6..861745e 100644 --- a/resources.capnp +++ b/resources.capnp @@ -4,10 +4,11 @@ using CSharp = import "programming_language/csharp.capnp"; $CSharp.namespace("FabAccessAPI.Schema"); using import "resource.capnp".Resource; +using import "resource.capnp".RestoredResource; using import "claim.capnp".Claim; interface Resources { - claimed @0 () -> ( claimed :List(Claim) ); + restore @0 () -> ( resources :List(RestoredResource) ); # Returns the list of valid claims the session owner of this `Resources` currently has. list @1 () -> ( resources :List(Resource) ); @@ -21,4 +22,6 @@ interface Resources { getByUrl @4 ( url :Text ) -> ( resource :Resource ); # Returns a NULL capability if the resource doesn't exist or a user doesn't have read permission for that resource. + + acceptToken @5 ( token :SturdyRef ) -> Fallible(Claim, Error(Void)); } diff --git a/traits.capnp b/traits.capnp index 0bdc133..e0ef605 100644 --- a/traits.capnp +++ b/traits.capnp @@ -80,4 +80,4 @@ const power_m_consumption : Measurement ( id = 0x"000", name = "Power Consumptio const power_t_turnon : Trait ( id = 0x"000", name = "turnon", description = "Turn Power to on", currentstate = 0x"000", nextstate = 0x"001" ); const power_t_turnoff : Trait ( id = 0x"001", name = "turnoff", description = "Turn Power to off", currentstate = 0x"001", nextstate = 0x"000" ); -const power_fsm :FSM = ( oid = 0x"TODO", name = "power1", description = "TODO" ); \ No newline at end of file +const power_fsm :FSM = ( oid = 0x"TODO", name = "power1", description = "TODO" ); diff --git a/traits/cnc.capnp b/traits/cnc.capnp new file mode 100644 index 0000000..2dc0371 --- /dev/null +++ b/traits/cnc.capnp @@ -0,0 +1,12 @@ +4.4.4.4 + +interface CncTrait { + turnOn @0 () -> Fallible; + turnOff @1 () -> Fallible; + giveBack @2 () -> Fallible; + accept @3 () -> Fallible(ConstraintError); +} + +struct ConstraintError { + +} diff --git a/traits/powerable.capnp b/traits/powerable.capnp new file mode 100644 index 0000000..52a6a1b --- /dev/null +++ b/traits/powerable.capnp @@ -0,0 +1,14 @@ + +struct BadState { } + +interface TraitPowerable { + turnOn @0 () -> Fallible(StatePowerable, Error(BadState)); + turnOff @1 () -> Fallible(StatePowerable, Error(BadState)); +} + +struct StatePowerable { + union { + Off @0 :Void; + On @1 :Void; + } +} diff --git a/traits/rgblamp.capnp b/traits/rgblamp.capnp new file mode 100644 index 0000000..fd2f222 --- /dev/null +++ b/traits/rgblamp.capnp @@ -0,0 +1,12 @@ + +1.1.1.1 + +interface RgbLamp { + setRgb @0 ( r :u8, g :u8, b :u8 ); + setHsv @1 ( h :u8, s :u8, v :u8 ); +} + +struct RgbLampState { + rgb @0 ( r :u8, g :u8, b :u8 ); + hsv @1 ( h :u8, s :u8, v :u8 ); +} diff --git a/traits_error.capnp b/traits_error.capnp new file mode 100644 index 0000000..af91251 --- /dev/null +++ b/traits_error.capnp @@ -0,0 +1,8 @@ + + +struct Error(ConstraintError) { + union { + permissionFailed @0 :Void; + constraintViolation @1 ( error :ConstraintError); + } +} diff --git a/user.capnp b/user.capnp index 07b4e88..0fc650f 100644 --- a/user.capnp +++ b/user.capnp @@ -18,20 +18,26 @@ interface User { # lists explicit roles for this user. A session may have a number of additional, implicit, # roles set by their choice of authentication or other context. + projects @3 () -> ( projects :List(Project) ); + selfservice @3 () -> ( selfservice :SelfService ); interface SelfService { - changepw @0 ( old :Text, new :Text ); + changepw @0 ( old :Text, new :Text ) -> Fallible(Void, Void); + changePin @1 ( currentPassword :Text, newPin :List(u64) ) -> Fallible(Void, Void) } manage @4 () -> ( manage :Manage ); interface Manage $CSharp.name("ManageInterface") { addRole @0 ( role :Role ); removeRole @1 ( role :Role ); + + addProject @2 ( project :Project ); + removeProject @3 ( project :Project ); } admin @5 () -> ( admin :Admin ); interface Admin $CSharp.name("AdminInterface") { - setpw @0 ( new :Text ); + getNewPassword @0 () -> ( new :Text ); } cardDESFireEV2 @6 () -> ( carddesfireev2 :CardDESFireEV2 ); diff --git a/users.capnp b/users.capnp index 5256344..506a2a0 100644 --- a/users.capnp +++ b/users.capnp @@ -8,12 +8,12 @@ using import "user.capnp".User; interface Users { list @0 () -> ( users :List(User) ); - addUser @1 ( username :Text, password :Text ) -> ( user :User, error :Error ); + addUser @1 ( username :Text ) -> ( user :User, initialPassword :Text, error :Error ); # Add a new user. If adding the user succeeds then the newly created user is returned and # `error` is NULL / set to Error::ok. If adding the user fails `user` is NULL and `error` # contains the reason for the failure. - removeUser @2 ( user :User ); + removeUser @2 ( user :User ) -> Fallible(Void, Void); } struct Error {