diff --git a/cs3/gateway/v1beta1/gateway_api.proto b/cs3/gateway/v1beta1/gateway_api.proto index e7ecba18..913c23ff 100644 --- a/cs3/gateway/v1beta1/gateway_api.proto +++ b/cs3/gateway/v1beta1/gateway_api.proto @@ -34,6 +34,7 @@ import "cs3/auth/registry/v1beta1/registry_api.proto"; import "cs3/gateway/v1beta1/resources.proto"; import "cs3/identity/user/v1beta1/resources.proto"; import "cs3/identity/user/v1beta1/user_api.proto"; +import "cs3/identity/group/v1beta1/group_api.proto"; import "cs3/ocm/core/v1beta1/ocm_core_api.proto"; import "cs3/ocm/invite/v1beta1/invite_api.proto"; import "cs3/ocm/provider/v1beta1/provider_api.proto"; @@ -279,8 +280,21 @@ service GatewayAPI { // Finds users by any attribute of the user. // TODO(labkode): to define the filters that make more sense. rpc FindUsers(cs3.identity.user.v1beta1.FindUsersRequest) returns (cs3.identity.user.v1beta1.FindUsersResponse); + // *****************************************************************/ + // ************************ GROUP PROVIDER **************************/ + // *****************************************************************/ + + // Gets the information about a group by the group id. + rpc GetGroup(cs3.identity.group.v1beta1.GetGroupRequest) returns (cs3.identity.group.v1beta1.GetGroupResponse); + // Gets the information about a group based on a specified claim. + rpc GetGroupByClaim(cs3.identity.group.v1beta1.GetGroupByClaimRequest) returns (cs3.identity.group.v1beta1.GetGroupByClaimResponse); + // Gets the groups of a group. + rpc GetMembers(cs3.identity.group.v1beta1.GetMembersRequest) returns (cs3.identity.group.v1beta1.GetMembersResponse); + // Tells if the group has a certain member. + rpc HasMember(cs3.identity.group.v1beta1.HasMemberRequest) returns (cs3.identity.group.v1beta1.HasMemberResponse); + // TODO(labkode): to define the filters that make more sense. // Finds groups whose names match the specified filter. - rpc FindGroups(cs3.identity.user.v1beta1.FindGroupsRequest) returns (cs3.identity.user.v1beta1.FindGroupsResponse); + rpc FindGroups(cs3.identity.group.v1beta1.FindGroupsRequest) returns (cs3.identity.group.v1beta1.FindGroupsResponse); // *****************************************************************/ // ************************ AUTH REGISTRY **************************/ // *****************************************************************/ diff --git a/cs3/identity/group/v1beta1/group_api.proto b/cs3/identity/group/v1beta1/group_api.proto new file mode 100644 index 00000000..f9e07718 --- /dev/null +++ b/cs3/identity/group/v1beta1/group_api.proto @@ -0,0 +1,176 @@ +// Copyright 2018-2019 CERN +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// In applying this license, CERN does not waive the privileges and immunities +// granted to it by virtue of its status as an Intergovernmental Organization +// or submit itself to any jurisdiction. + +syntax = "proto3"; + +package cs3.identity.group.v1beta1; + +option csharp_namespace = "Cs3.Identity.Group.V1Beta1"; +option go_package = "groupv1beta1"; +option java_multiple_files = true; +option java_outer_classname = "GroupApiProto"; +option java_package = "com.cs3.identity.group.v1beta1"; +option objc_class_prefix = "CIG"; +option php_namespace = "Cs3\\Identity\\Group\\V1Beta1"; + +import "cs3/identity/user/v1beta1/resources.proto"; +import "cs3/identity/group/v1beta1/resources.proto"; +import "cs3/rpc/v1beta1/status.proto"; +import "cs3/types/v1beta1/types.proto"; + +// UserProvider API. +// +// The UserProvider API is responsible for creating +// a key-value map according to group groupprovider. +// +// The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL +// NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and +// "OPTIONAL" in this document are to be interpreted as described in +// RFC 2119. +// +// The following are global requirements that apply to all methods: +// Any method MUST return CODE_OK on a succesful operation. +// Any method MAY return NOT_IMPLEMENTED. +// Any method MAY return INTERNAL. +// Any method MAY return UNKNOWN. +// Any method MAY return UNAUTHENTICATED. + +// Provides an API for managing groups. +service GroupAPI { + // Gets the information about a group by the group id. + rpc GetGroup(GetGroupRequest) returns (GetGroupResponse); + // Gets the information about a group based on a specified claim. + rpc GetGroupByClaim(GetGroupByClaimRequest) returns (GetGroupByClaimResponse); + // Gets the members of a group. + rpc GetMembers(GetMembersRequest) returns (GetMembersResponse); + // Tells if the group has certain member. + rpc HasMember(HasMemberRequest) returns (HasMemberResponse); + // Finds groups whose names match the specified filter. + rpc FindGroups(FindGroupsRequest) returns (FindGroupsResponse); +} + +message GetGroupRequest { + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 1; + // REQUIRED. + // The id of the group. + cs3.identity.group.v1beta1.GroupId group_id = 2; +} + +message GetGroupResponse { + // REQUIRED. + // The response status. + cs3.rpc.v1beta1.Status status = 1; + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 2; + // REQUIRED. + // The group information. + Group group = 3; +} + +message GetGroupByClaimRequest { + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 1; + // REQUIRED. + // The claim on the basis of which groups will be filtered. + string claim = 2; + // REQUIRED. + // The value of the claim to find the specific group. + string value = 3; +} + +message GetGroupByClaimResponse { + // REQUIRED. + // The response status. + cs3.rpc.v1beta1.Status status = 1; + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 2; + // REQUIRED. + // The group information. + Group group = 3; +} + +message GetMembersRequest { + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 1; + // REQUIRED. + // The id of the group. + cs3.identity.group.v1beta1.GroupId group_id = 2; +} + +message GetMembersResponse { + // REQUIRED. + // The response status. + cs3.rpc.v1beta1.Status status = 1; + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 2; + // REQUIRED. + // The members of the group. + repeated cs3.identity.user.v1beta1.UserId members = 3; +} + +message HasMemberRequest { + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 1; + // REQUIRED. + // The id of the group. + cs3.identity.group.v1beta1.GroupId group_id = 2; + // REQUIRED. + // The id of the user to check. + cs3.identity.user.v1beta1.UserId user_id = 3; +} + +message HasMemberResponse { + // REQUIRED. + // The response status. + cs3.rpc.v1beta1.Status status = 1; + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 2; + // REQUIRED. + // Tells if the user belongs to the group. + bool ok = 3; +} + +message FindGroupsRequest { + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 1; + // REQUIRED. + // The filter to apply. + string filter = 2; +} + +message FindGroupsResponse { + // REQUIRED. + // The response status. + cs3.rpc.v1beta1.Status status = 1; + // OPTIONAL. + // Opaque information. + cs3.types.v1beta1.Opaque opaque = 2; + // REQUIRED. + // The groups matching the specified filter. + repeated Group groups = 3; +} diff --git a/cs3/identity/group/v1beta1/resources.proto b/cs3/identity/group/v1beta1/resources.proto new file mode 100644 index 00000000..3533748c --- /dev/null +++ b/cs3/identity/group/v1beta1/resources.proto @@ -0,0 +1,55 @@ +// Copyright 2018-2019 CERN +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// In applying this license, CERN does not waive the privileges and immunities +// granted to it by virtue of its status as an Intergovernmental Organization +// or submit itself to any jurisdiction. + +syntax = "proto3"; + +package cs3.identity.group.v1beta1; + +option csharp_namespace = "Cs3.Identity.Group.V1Beta1"; +option go_package = "groupv1beta1"; +option java_multiple_files = true; +option java_outer_classname = "ResourcesProto"; +option java_package = "com.cs3.identity.group.v1beta1"; +option objc_class_prefix = "CIU"; +option php_namespace = "Cs3\\Identity\\Group\\V1Beta1"; + +import "cs3/identity/user/v1beta1/resources.proto"; +import "cs3/types/v1beta1/types.proto"; + +// A GroupId represents a group. +message GroupId { + // REQUIRED. + // The identity provider for the group. + string idp = 1; + // REQUIRED. + // the unique identifier for the group in the scope of + // the identity provider. + string opaque_id = 2; +} + +// Represents a group of the system. +message Group { + GroupId id = 1; + string groupname = 2; + int64 gid_number = 3; + string mail = 4; + bool mail_verified = 5; + string display_name = 6; + repeated cs3.identity.user.v1beta1.UserId members = 7; + cs3.types.v1beta1.Opaque opaque = 8; +} diff --git a/cs3/identity/user/v1beta1/resources.proto b/cs3/identity/user/v1beta1/resources.proto index 0e2385a2..e085057a 100644 --- a/cs3/identity/user/v1beta1/resources.proto +++ b/cs3/identity/user/v1beta1/resources.proto @@ -45,9 +45,11 @@ message UserId { message User { UserId id = 1; string username = 2; - string mail = 3; - bool mail_verified = 4; - string display_name = 5; - repeated string groups = 6; - cs3.types.v1beta1.Opaque opaque = 7; + int64 uid_number = 3; + int64 gid_number = 4; + string mail = 5; + bool mail_verified = 6; + string display_name = 7; + repeated string groups = 8; + cs3.types.v1beta1.Opaque opaque = 9; } diff --git a/cs3/identity/user/v1beta1/user_api.proto b/cs3/identity/user/v1beta1/user_api.proto index bfe4f4c9..e6dafbf1 100644 --- a/cs3/identity/user/v1beta1/user_api.proto +++ b/cs3/identity/user/v1beta1/user_api.proto @@ -29,6 +29,7 @@ option objc_class_prefix = "CIU"; option php_namespace = "Cs3\\Identity\\User\\V1Beta1"; import "cs3/identity/user/v1beta1/resources.proto"; +import "cs3/identity/group/v1beta1/resources.proto"; import "cs3/rpc/v1beta1/status.proto"; import "cs3/types/v1beta1/types.proto"; @@ -62,8 +63,6 @@ service UserAPI { // Finds users by any attribute of the user. // TODO(labkode): to define the filters that make more sense. rpc FindUsers(FindUsersRequest) returns (FindUsersResponse); - // Finds groups whose names match the specified filter. - rpc FindGroups(FindGroupsRequest) returns (FindGroupsResponse); } message GetUserRequest { @@ -140,8 +139,8 @@ message IsInGroupRequest { // The id of the user. cs3.identity.user.v1beta1.UserId user_id = 2; // REQUIRED. - // The group to check. - string group = 3; + // The id of the group to check. + cs3.identity.group.v1beta1.GroupId group_id = 3; } message IsInGroupResponse { @@ -177,23 +176,3 @@ message FindUsersResponse { repeated User users = 3; } -message FindGroupsRequest { - // OPTIONAL. - // Opaque information. - cs3.types.v1beta1.Opaque opaque = 1; - // REQUIRED. - // The filter to apply. - string filter = 2; -} - -message FindGroupsResponse { - // REQUIRED. - // The response status. - cs3.rpc.v1beta1.Status status = 1; - // OPTIONAL. - // Opaque information. - cs3.types.v1beta1.Opaque opaque = 2; - // REQUIRED. - // The groups matching the specified filter. - repeated string groups = 3; -}