@0xbf017710be5a54ff;

using Rust = import "programming_language/rust.capnp";
$Rust.parentModule("schema");

using CSharp = import "programming_language/csharp.capnp";
$CSharp.namespace("FabAccessAPI.Schema");

using Authentication = import "auth.capnp".Authentication;
using Resources = import "resources.capnp".Resources;
using Users = import "users.capnp".Users;

interface Bootstrap
{
    mechanisms @0 () -> ( mechs: List(Text) );
    # Get a list of Mechanisms this server allows in this context.

    createSession @1 ( mechanism :Text, initialData :Data ) -> ( authentication :Authentication );
    # Create a new session with the server that you wish to authenticate using `mechanism`.
    # If the mechanism is a client-first mechanism you MAY set `initialData` to contain the data you
    # want to send. If the mechanism is server-first or you do not wish to send initial data, make
    # initialData a NULL-pointer.
}

struct Session {
    # An API session with the server. The below capabilities are set to NULL if the authenticated
    # user doesn't have permission to access the system in question.

    resources @0 : Resources;
    # Access to the resources configured. 

    users @1 : Users;
    # User administration. This includes both modifying other users and self-modification, so this
    # is allowed for most sessions
}