caosdb.acm.v1alpha1¶

caosdb/acm/v1alpha1/main.proto¶

This is the main file of the caosdb.acm.v1alpha1 package.

CreateSingleRoleRequest¶

Request message for the CreateSingleRole RPC

CreateSingleRoleRequest type fields¶
Field	Type	Label	Description
role	Role		The new role.

CreateSingleRoleResponse¶

Response message for the CreateSingleRole RPC

CreateSingleUserRequest¶

Request message for the CreateSingleUser RPC

CreateSingleUserRequest type fields¶
Field	Type	Label	Description
user	User		The new user.
password_setting	PasswordSetting		The new password.

CreateSingleUserResponse¶

Response message for the CreateSingleUser RPC

DeleteSingleRoleRequest¶

Request message for the DeleteSingleRole RPC

DeleteSingleRoleRequest type fields¶
Field	Type	Label	Description
name	string		the name of the role.

DeleteSingleRoleResponse¶

Response message for the DeleteSingleRole RPC

DeleteSingleUserRequest¶

Request message for the DeleteSingleUser RPC

DeleteSingleUserRequest type fields¶
Field	Type	Label	Description
realm	string		The user’s realm
name	string		The user’s name

DeleteSingleUserResponse¶

Response message for the DeleteSingleUser RPC

EmailSetting¶

EmailSetting - it is handy to have this as a separate message b/c otherwise we could not distinguish between empty string and an unspecified email.

EmailSetting type fields¶
Field	Type	Label	Description
email	string		The email adress

EntitySetting¶

EntitySetting - it is handy to have this as a separate message b/c otherwise we could not distinguish between empty string and an unspecified entity.

EntitySetting type fields¶
Field	Type	Label	Description
entity_id	string		The entity which represents this user (e.g. a Person or Device Record).

ListKnownPermissionsRequest¶

Request to list all known permissions (excluding entity permissions).

ListKnownPermissionsResponse¶

Response with all known permissions. Clients may choose to create drop-down menues from this list.

ListKnownPermissionsResponse type fields¶
Field	Type	Label	Description
permissions	PermissionDescription	repeated	known permissions

ListRoleItem¶

Combines role, the role’s capabilities and the current users permissions.

ListRoleItem type fields¶
Field	Type	Label	Description
role	Role		Role
permissions	RolePermissions	repeated	The permissions of the user of the current session w.r.t. this role.
capabilities	RoleCapabilities	repeated	What can be done with this role.

ListRolesRequest¶

Request message for the ListRoles RPC

ListRolesRequest type fields¶
Field	Type	Label	Description
paging	PagingRequest		Desired paging settings for the response.

ListRolesResponse¶

Response message for the ListRoles RPC

ListRolesResponse type fields¶
Field	Type	Label	Description
paging	PagingResponse		Actual paging setting of the response.
roles	ListRoleItem	repeated	A subset (when paging is used) or the complete set (otherwise) of roles.

ListUsersRequest¶

Request message for the ListUsers RPC.

ListUsersRequest type fields¶
Field	Type	Label	Description
paging	PagingRequest		Desired paging settings for the response.

ListUsersResponse¶

Response message for the ListUsers RPC.

ListUsersResponse type fields¶
Field	Type	Label	Description
paging	PagingResponse		Actual paging setting of the response.
users	User	repeated	A subset (when paging is used) or the complete set (otherwise) of known users.

PagingRequest¶

Client preferences for the paging. The server MUST respect the index property or send the complete result set. The server MAY choose to send a different page length in the response

PagingRequest type fields¶
Field	Type	Label	Description
index	int32		Desired index of the first element in the response. The index depends on the order of the elements in the result set.
page_length	int32		Desired length of the page in the server response.

PagingResponse¶

The actual paging of the response.

PagingResponse type fields¶
Field	Type	Label	Description
total_number	int32		Total numbers of results.
current_index	int32		Index of the first item in the page.

PasswordSetting¶

PasswordSetting - it is handy to have this as a separate message b/c otherwise we could not distinguish between empty string and an unspecified password.

PasswordSetting type fields¶
Field	Type	Label	Description
password	string		The password

PermissionDescription¶

Description of a permission.

PermissionDescription type fields¶
Field	Type	Label	Description
permission	string		The permission
description	string		The description

PermissionRule¶

PermissionRule. These belong to Roles.

PermissionRule type fields¶
Field	Type	Description
permission	string	The permission which is being granted oder denied.
priority	bool	Priority permission rules (TRUE) overrule non-priority (FALSE) permission rules.
grant	bool	True means that the permission is being granted by this rule, false means the permission is being DENIED!

RetrieveSingleRoleRequest¶

Request message for the RetrieveSingleRole RPC

RetrieveSingleRoleRequest type fields¶
Field	Type	Label	Description
name	string		the name of the role.

RetrieveSingleRoleResponse¶

Response message for the RetrieveSingleRole RPC

RetrieveSingleRoleResponse type fields¶
Field	Type	Label	Description
role	Role		The role.
users	User	repeated	Known users with this role
permissions	RolePermissions	repeated	The permissions of the user of the current session w.r.t. this role.
capabilities	RoleCapabilities	repeated	What can be do with this role.

RetrieveSingleUserRequest¶

Request message for the RetrieveSingleUser RPC

RetrieveSingleUserRequest type fields¶
Field	Type	Label	Description
realm	string		The user’s realm
name	string		The user’s name

RetrieveSingleUserResponse¶

Response message for the RetrieveSingleUser RPC

RetrieveSingleUserResponse type fields¶
Field	Type	Label	Description
user	User		The user
permissions	UserPermissions	repeated	The permissions of the user of the current session.
capabilities	UserCapabilities	repeated	What can be done with this user

Role¶

Role

Role type fields¶
Field	Type	Label	Description
name	string		Unique name of this role.
description	string		Description of the purpose of this role or which group of users this role represents.
permission_rules	PermissionRule	repeated	List of permission rules for this role.

UpdateSingleRoleRequest¶

Request message for the UpdateSingleRole RPC

UpdateSingleRoleRequest type fields¶
Field	Type	Label	Description
role	Role		The role

UpdateSingleRoleResponse¶

Response message for the UpdateSingleRole RPC

UpdateSingleUserRequest¶

Request message for the UpdateSingleUser RPC

UpdateSingleUserRequest type fields¶
Field	Type	Label	Description
user	User		The new user.
password_setting	PasswordSetting		The new password. Password will not be updated when this is unset.

UpdateSingleUserResponse¶

Response message for the UpdateSingleUser RPC

User¶

User

User type fields¶
Field	Type	Label	Description
status	UserStatus		Indicates whether the user is active. Only active users can sign in and interact with the CaosDB Server.
realm	string		Realm of this user. The realm is the authority which can authenticate this user, e.g. ‘PAM’ when the user is a (POSIX) user from the server’s host, or ‘CaosDB’ when CaosDB server itself can authenticate the user.
name	string		Name of this user.
email_setting	EmailSetting		Email setting of this user.
entity_setting	EntitySetting		Entity setting of this user.
roles	string	repeated	List of roles of this user.

RoleCapabilities¶

Role Capabilities

Enum RoleCapabilities values¶
Name	Number	Description
ROLE_CAPABILITIES_UNSPECIFIED	0	Unspecified capability
ROLE_CAPABILITIES_DELETE	1	This role is deletable
ROLE_CAPABILITIES_UPDATE_PERMISSION_RULES	2	This role’s permissions can be changed
ROLE_CAPABILITIES_ASSIGN	3	This role can be assigned to a user

RolePermissions¶

Role Permissions

Enum RolePermissions values¶
Name	Number	Description
ROLE_PERMISSIONS_UNSPECIFIED	0	Unspecified permission
ROLE_PERMISSIONS_DELETE	1	Role can be deleted
ROLE_PERMISSIONS_UPDATE_DESCRIPTION	2	Description can be updated
ROLE_PERMISSIONS_UPDATE_PERMISSION_RULES	3	Permission rules of this role can be updated
ROLE_PERMISSIONS_ASSIGN	4	This role can be assigned

UserCapabilities¶

What can be done with a user (generally speaking, if permissions suffice).

Enum UserCapabilities values¶
Name	Number	Description
USER_CAPABILITIES_UNSPECIFIED	0	Unspecified capability
USER_CAPABILITIES_DELETE	1	User can be deleted.
USER_CAPABILITIES_UPDATE_PASSWORD	2	The user’s password can be updated.

UserPermissions¶

Permissions for updating and deleting a user.

Enum UserPermissions values¶
Name	Number	Description
USER_PERMISSIONS_UNSPECIFIED	0	Unspecified permission
USER_PERMISSIONS_DELETE	1	The user can be deleted.
USER_PERMISSIONS_UPDATE_PASSWORD	2	The password of the user can be updated.
USER_PERMISSIONS_UPDATE_EMAIL	3	The email of the user can be updated.
USER_PERMISSIONS_UPDATE_STATUS	4	The status (active/inactive) of the user can be changed.
USER_PERMISSIONS_UPDATE_ROLES	5	The roles of the user can be altered.
USER_PERMISSIONS_UPDATE_ENTITY	6	Ths entity of the user can be set.

UserStatus¶

UserStatus

Enum UserStatus values¶
Name	Number	Description
USER_STATUS_UNSPECIFIED	0	The user status is unspecified/unknown.
USER_STATUS_INACTIVE	1	The user is inactive and cannot sign in.
USER_STATUS_ACTIVE	2	The user is active and can sign in.

AccessControlManagementService¶

A service for managing the access to the CaosDB Server via user accounts, roles and permissions.

AccessControlManagementService service methods¶
Method Name	Request Type	Response Type	Description
ListUsers	ListUsersRequest	ListUsersResponse	Request the list of known users.
RetrieveSingleUser	RetrieveSingleUserRequest	RetrieveSingleUserResponse	Retrieve a single user
CreateSingleUser	CreateSingleUserRequest	CreateSingleUserResponse	Create a single new user
UpdateSingleUser	UpdateSingleUserRequest	UpdateSingleUserResponse	Update a single user
DeleteSingleUser	DeleteSingleUserRequest	DeleteSingleUserResponse	Delete a single user
ListRoles	ListRolesRequest	ListRolesResponse	Request the list of roles.
RetrieveSingleRole	RetrieveSingleRoleRequest	RetrieveSingleRoleResponse	Retrieve a single role
CreateSingleRole	CreateSingleRoleRequest	CreateSingleRoleResponse	Create a single new role
UpdateSingleRole	UpdateSingleRoleRequest	UpdateSingleRoleResponse	Update a single role
DeleteSingleRole	DeleteSingleRoleRequest	DeleteSingleRoleResponse	Delete a single role
ListKnownPermissions	ListKnownPermissionsRequest	ListKnownPermissionsResponse	List all known permissions