Stuff!

audit.capnp

@@ -0,0 +1,7 @@
+@0x8a90be7e2023f16a;
+
+using import "user.capnp".User;
+
+interface Auditable {
+    lastUser @0 () -> ( user :User );
+}

auth.capnp

@@ -9,6 +9,7 @@ using import "main.capnp".Session;
 struct Mechanism {
     name @0 :Text;
     additionalInfo @1 :AnyPointer;
+    # Additional Info for OpenID / OAUTH2
 }
 
 struct Response {
@@ -94,6 +95,7 @@ struct Response {
             # non-NULL list ptr of zero bytes which clients MUST pass to their SASL implementation
             # as "no additional data" and "some additional data of zero length" respectively.
         }
+        # TODO: Continue for successful step but additional mech needed
     }
 }
 
@@ -110,4 +112,7 @@ interface Authentication {
     # "aborted" Error to the next `step` call. A server SHOULD directly terminate the underlying stream
     # after sending this response. The server MAY after a short grace period terminate the stream
     # without sending a response if no call to `step` was received by the client.
+
+    nextAuthenticate @2 ( mechanism :Text, initialData :Data ) -> Response;
+    # Call this after a continue was returned
 }

claim.capnp

@@ -12,14 +12,17 @@ using import "notify.capnp".Notifiable;
 using import "utils.capnp".Fallible;
 using import "utils.capnp".OID;
 using import "utils.capnp".Map;
+using import "projects.capnp".Project;
 
 interface Claimable {
-    claim @0 () -> Fallible(Claim, ClaimError);
+    claim @0 ( project :Project ) -> Fallible(Claim, ClaimError);
     # Returns NULL if the resource is *currently* not claimable.
     # Disown the returned claim capability to unclaim it.
 
-    interface ClaimError {
-
+    struct ClaimError {
+        union {
+            locked @0 :Text;
+        }
     }
 }
 
@@ -29,7 +32,7 @@ interface Lockable {
     # restore @0 ( sturdy :SturdyRef ) -> ( lock :Lock );
     # Restore a previously saved SturdyRef pointing to a Lock
 
-    lock @1 () -> ( lock :Lock );
+    lock @1 ( message :Text ) -> ( lock :Lock );
     # Take exclusive access to a resource, disowning all other claims on this
     # resource.
     #
@@ -49,8 +52,12 @@ interface Claim extends (Notifiable) {
 
     traits @1 () -> Map(OID, AnyPointer);
 
-    disown @2 ();
-    # Disown this claim
+    disown @2 () -> Fallible(Void, Error(Void));
+    # Disown this claim TODO define ConstraintViolation type -> Dependencies!
+
+    makeTransferable @3 () -> Fallible(SturdyRef, Error(Void));
+    makeLendable @4 () -> Fallible(( token :Sturdyref, returnToken :Interest ), Error(Void));
+    # TODO: should returnToken be an Interest instead?
 }
 
 interface Lock extends (Claim) {

interest.capnp

@@ -4,5 +4,15 @@ using CSharp = import "programming_language/csharp.capnp";
 $CSharp.namespace("FabAccessAPI.Schema");
 
 interface Interestable {
-
+    queue @0 () -> Fallible(Interest, Error(Void));
+    reserve @1 ( when :When ) -> Fallible(Interest, Error(Void));
+    getInterests @2 () -> ( interests :List(Interest) );
+    # WARNING: Impersonates users
+}
+
+interface Interest {
+    resource @0 () -> ( resource :Resource );
+    describe @1 () -> Description;
+    drop @2 ();
+    upgrade @3 () -> ( claim :Claim );
 }

main.capnp

@@ -31,8 +31,10 @@ interface Bootstrap
     getServerInfo @2 () -> ( spacename :Text, instanceurl :Text );
     # Returns information about the server, which can be used to resolve MDNS to DNS and display the server name to the user.
 
-    mechanisms @3 () -> ( mechs :List(Mechanism) );
+    mechanisms @3 () -> ( mechs :List(Mechanism), cbtypes :List(Text) );
     # Get a list of Mechanisms this server allows in this context.
+    # TODO: Channel Bindings
+    # TODO: List of groups of mechs
 
     createSession @4 ( mechanism :Text ) -> ( authentication :Authentication );
     # Create a new session with the server that you wish to authenticate using `mechanism`.  If the

notify.capnp

@@ -15,6 +15,10 @@ interface Notifiable {
     subscribe @1 ( subscriber :Subscriber(Update) ) -> ( subscription :Subscription );
     # Subscribe to state updates. The passed in `subscriber` is an interface implemented on the
     # client side that a server calls to send update notifications.
+
+    measurements @2 () -> ( measurements :Map(Oid, AnyPointer) );
+
+    subscribeMeasurements @3 ( subscriber :Subscriber(Measurement) ) -> ( subscription: Subscription );
 }
 
 interface Subscriber(Update) {
@@ -27,6 +31,8 @@ interface Subscriber(Update) {
     # resource.
 }
 
+
+
 struct UpdateResult { } # Empty struct to make `update` apply backpressure.
 
 interface Subscription { 

projects.capnp

@@ -0,0 +1,4 @@
+
+interface Project {
+
+}

resource.capnp

@@ -10,6 +10,7 @@ using import "notify.capnp".Notifiable;
 using import "interest.capnp".Interestable;
 using import "claim.capnp".Claimable;
 using import "claim.capnp".Lockable;
+using import "audit.capnp".Auditable;
 
 using import "utils.capnp".OID;
 using import "utils.capnp".L10NString;
@@ -17,36 +18,45 @@ using import "utils.capnp".Map;
 
 using import "cache.capnp".Cache;
 
+struct RestoredResource {
+    resource @0 :Resource;
+    interest @1 :List(Interest);
+    claim @2 :Claim;
+    lock @3 :Lock;
+}
+
 struct Resource {
     # BFFH's smallest unit of a physical or abstract "thing".  A resource can be as simple and
     # physical as a table, as complex as a PCB production line or as abstract as "people with
     # specific know-how are present".
 
-    description @0 :Cache(Description);
-    # Return information about this resource.  This information is usually
-    # static and thus put behind a Cache.
-
-    notify @1 :Notifiable;
-    # NULL if the user does not have permission to read this resource, or if this resource is not
-    # notifiable
-
-    interest @2 :Interestable;
-    # NULL if this resource is not interestable or the user does not have permission to set
-    # interests for this resource.
-
-    claim @3 :Claimable;
-    # NULL if the user does not have permission to write to this resource, or if this resource type
-    # does not support claiming.
-
-    lock @4 :Lockable;
-    # NULL if the user does not have permission to manage this resource, or if this resource type
-    # does not support claiming or locking.
-}
-
-struct Description {
     identifier @0 :Text;
     # The unique identifier for this resource
 
+    description @1 :Cache(Description);
+    # Return information about this resource.  This information is usually
+    # static and thus put behind a Cache.
+
+    notify @2 :Notifiable;
+    # NULL if the user does not have permission to read this resource, or if this resource is not
+    # notifiable
+
+    interest @3 :Interestable;
+    # NULL if this resource is not interestable or the user does not have permission to set
+    # interests for this resource.
+
+    claim @4 :Claimable;
+    # NULL if the user does not have permission to write to this resource, or if this resource type
+    # does not support claiming.
+
+    lock @5 :Lockable;
+    # NULL if the user does not have permission to manage this resource, or if this resource type
+    # does not support claiming or locking.
+
+    audit @6 :Auditable;
+}
+
+struct Description {
     name @1 :L10NString;
     # A human-facing name for this resource.  A name should be short and recognizable, and is meant
     # as the primary identifier for users to find a resource.

resources.capnp

@@ -4,10 +4,11 @@ using CSharp = import "programming_language/csharp.capnp";
 $CSharp.namespace("FabAccessAPI.Schema");
 
 using import "resource.capnp".Resource;
+using import "resource.capnp".RestoredResource;
 using import "claim.capnp".Claim;
 
 interface Resources {
-    claimed @0 () -> ( claimed :List(Claim) );
+    restore @0 () -> ( resources :List(RestoredResource) );
     # Returns the list of valid claims the session owner of this `Resources` currently has.
 
     list @1 () -> ( resources :List(Resource) );
@@ -21,4 +22,6 @@ interface Resources {
    
     getByUrl @4 ( url :Text ) -> ( resource :Resource );
     # Returns a NULL capability if the resource doesn't exist or a user doesn't have read permission for that resource.
+
+    acceptToken @5 ( token :SturdyRef ) -> Fallible(Claim, Error(Void));
 }

traits/cnc.capnp

@@ -0,0 +1,12 @@
+4.4.4.4
+
+interface CncTrait {
+    turnOn @0 () -> Fallible;
+    turnOff @1 () -> Fallible;
+    giveBack @2 () -> Fallible;
+    accept @3 () -> Fallible(ConstraintError);
+}
+
+struct ConstraintError {
+
+}

traits/powerable.capnp

@@ -0,0 +1,14 @@
+
+struct BadState { }
+
+interface TraitPowerable {
+    turnOn @0 () -> Fallible(StatePowerable, Error(BadState));
+    turnOff @1 () -> Fallible(StatePowerable, Error(BadState));
+}
+
+struct StatePowerable {
+    union {
+        Off @0 :Void;
+        On @1 :Void;
+    }
+}

traits/rgblamp.capnp

@@ -0,0 +1,12 @@
+
+1.1.1.1
+
+interface RgbLamp {
+    setRgb @0 ( r :u8, g :u8, b :u8 );
+    setHsv @1 ( h :u8, s :u8, v :u8 );
+}
+
+struct RgbLampState {
+    rgb @0 ( r :u8, g :u8, b :u8 );
+    hsv @1 ( h :u8, s :u8, v :u8 );
+}

traits_error.capnp

@@ -0,0 +1,8 @@
+
+
+struct Error(ConstraintError) {
+    union {
+        permissionFailed @0 :Void;
+        constraintViolation @1 ( error :ConstraintError);
+    }
+}

user.capnp

@@ -18,20 +18,26 @@ interface User {
     # lists explicit roles for this user. A session may have a number of additional, implicit,
     # roles set by their choice of authentication or other context.
 
+    projects @3 () -> ( projects :List(Project) );
+
     selfservice @3 () -> ( selfservice :SelfService );
     interface SelfService {
-        changepw @0 ( old :Text, new :Text );
+        changepw @0 ( old :Text, new :Text ) -> Fallible(Void, Void);
+        changePin @1 ( currentPassword :Text, newPin :List(u64) ) -> Fallible(Void, Void)
     }
 
     manage @4 () -> ( manage :Manage );
     interface Manage $CSharp.name("ManageInterface") {
         addRole @0 ( role :Role );
         removeRole @1 ( role :Role );
+
+        addProject @2 ( project :Project );
+        removeProject @3 ( project :Project );
     }
 
     admin @5 () -> ( admin :Admin );
     interface Admin $CSharp.name("AdminInterface") {
-        setpw @0 ( new :Text );
+        getNewPassword @0 () -> ( new :Text );
     }
 
     cardDESFireEV2 @6 () -> ( carddesfireev2 :CardDESFireEV2 );

users.capnp

@@ -8,12 +8,12 @@ using import "user.capnp".User;
 interface Users {
     list @0 () -> ( users :List(User) );
 
-    addUser @1 ( username :Text, password :Text ) -> ( user :User, error :Error );
+    addUser @1 ( username :Text ) -> ( user :User, initialPassword :Text, error :Error );
     # Add a new user.  If adding the user succeeds then the newly created user is returned and
     # `error` is NULL / set to Error::ok.  If adding the user fails `user` is NULL and `error`
     # contains the reason for the failure.
 
-    removeUser @2 ( user :User );
+    removeUser @2 ( user :User ) -> Fallible(Void, Void);
 }
 
 struct Error {