diff --git a/cmd/karavictl/cmd/tenant.go b/cmd/karavictl/cmd/tenant.go index 7989efd3..08c0bea6 100644 --- a/cmd/karavictl/cmd/tenant.go +++ b/cmd/karavictl/cmd/tenant.go @@ -30,6 +30,8 @@ import ( "github.com/spf13/cobra" "google.golang.org/grpc" "google.golang.org/grpc/credentials" + "google.golang.org/protobuf/encoding/protojson" + "google.golang.org/protobuf/reflect/protoreflect" ) // NewTenantCmd creates a new tenant command @@ -54,6 +56,7 @@ func NewTenantCmd() *cobra.Command { tenantCmd.AddCommand(NewTenantGetCmd()) tenantCmd.AddCommand(NewTenantListCmd()) tenantCmd.AddCommand(NewTenantRevokeCmd()) + tenantCmd.AddCommand(NewTenantUpdateCmd()) return tenantCmd } @@ -121,3 +124,11 @@ func jsonOutput(w io.Writer, v interface{}) error { } return nil } + +// jsonOutput() omits boolean flag on false value while encoding +func jsonOutputEmitEmpty(w io.Writer, m protoreflect.ProtoMessage) error { + enc := protojson.MarshalOptions{Multiline: true, EmitUnpopulated: true, Indent: ""} + data := enc.Format(m) + fmt.Fprintln(w, data) + return nil +} diff --git a/cmd/karavictl/cmd/tenant_create.go b/cmd/karavictl/cmd/tenant_create.go index 35099ebb..a1596305 100644 --- a/cmd/karavictl/cmd/tenant_create.go +++ b/cmd/karavictl/cmd/tenant_create.go @@ -55,17 +55,24 @@ func NewTenantCreateCmd() *cobra.Command { reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), errors.New("empty name not allowed")) } + approveSdc, err := cmd.Flags().GetBool("approvesdc") + if err != nil { + reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + } + _, err = tenantClient.CreateTenant(context.Background(), &pb.CreateTenantRequest{ Tenant: &pb.Tenant{ - Name: name, + Name: name, + Approvesdc: approveSdc, }, }) if err != nil { - reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + reportErrorAndExit(jsonOutput, cmd.ErrOrStderr(), err) } }, } tenantCreateCmd.Flags().StringP("name", "n", "", "Tenant name") + tenantCreateCmd.Flags().Bool("approvesdc", true, "To allow/deny SDC approval requests") return tenantCreateCmd } diff --git a/cmd/karavictl/cmd/tenant_create_test.go b/cmd/karavictl/cmd/tenant_create_test.go index 8c348bef..e106cc4a 100644 --- a/cmd/karavictl/cmd/tenant_create_test.go +++ b/cmd/karavictl/cmd/tenant_create_test.go @@ -162,4 +162,25 @@ func TestTenantCreate(t *testing.T) { t.Errorf("got err %q, want %q", gotErr.ErrorMsg, wantErrMsg) } }) + t.Run("it requests creation of a tenant with setting approvesdc flag explicitly", func(t *testing.T) { + defer afterFn() + CreateTenantServiceClient = func(_ string, _ bool) (pb.TenantServiceClient, io.Closer, error) { + return &fakeTenantServiceClient{}, ioutil.NopCloser(nil), nil + } + JSONOutput = func(w io.Writer, _ interface{}) error { + return nil + } + osExit = func(code int) { + } + var gotOutput bytes.Buffer + + cmd := NewRootCmd() + cmd.SetOutput(&gotOutput) + cmd.SetArgs([]string{"tenant", "create", "-n", "testname", "--approvesdc", "true"}) + cmd.Execute() + + if len(gotOutput.Bytes()) != 0 { + t.Errorf("expected zero output but got %q", string(gotOutput.Bytes())) + } + }) } diff --git a/cmd/karavictl/cmd/tenant_get.go b/cmd/karavictl/cmd/tenant_get.go index c2472698..35639aac 100644 --- a/cmd/karavictl/cmd/tenant_get.go +++ b/cmd/karavictl/cmd/tenant_get.go @@ -58,12 +58,12 @@ func NewTenantGetCmd() *cobra.Command { Name: name, }) if err != nil { - reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + reportErrorAndExit(jsonOutput, cmd.ErrOrStderr(), err) } - err = JSONOutput(cmd.OutOrStdout(), &t) + err = jsonOutputEmitEmpty(cmd.ErrOrStderr(), t) if err != nil { - reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + reportErrorAndExit(jsonOutput, cmd.ErrOrStderr(), err) } }, } diff --git a/cmd/karavictl/cmd/tenant_test.go b/cmd/karavictl/cmd/tenant_test.go index f11ca051..4604331b 100644 --- a/cmd/karavictl/cmd/tenant_test.go +++ b/cmd/karavictl/cmd/tenant_test.go @@ -24,6 +24,7 @@ import ( type fakeTenantServiceClient struct { pb.TenantServiceClient CreateTenantFn func(context.Context, *pb.CreateTenantRequest, ...grpc.CallOption) (*pb.Tenant, error) + UpdateTenantFn func(context.Context, *pb.UpdateTenantRequest, ...grpc.CallOption) (*pb.Tenant, error) GetTenantFn func(context.Context, *pb.GetTenantRequest, ...grpc.CallOption) (*pb.Tenant, error) DeleteTenantFn func(context.Context, *pb.DeleteTenantRequest, ...grpc.CallOption) (*pb.DeleteTenantResponse, error) ListTenantFn func(context.Context, *pb.ListTenantRequest, ...grpc.CallOption) (*pb.ListTenantResponse, error) @@ -40,6 +41,15 @@ func (f *fakeTenantServiceClient) CreateTenant(ctx context.Context, in *pb.Creat }, nil } +func (f *fakeTenantServiceClient) UpdateTenant(ctx context.Context, in *pb.UpdateTenantRequest, opts ...grpc.CallOption) (*pb.Tenant, error) { + if f.UpdateTenantFn != nil { + return f.UpdateTenantFn(ctx, in, opts...) + } + return &pb.Tenant{ + Name: "testname", + }, nil +} + func (f *fakeTenantServiceClient) GetTenant(ctx context.Context, in *pb.GetTenantRequest, opts ...grpc.CallOption) (*pb.Tenant, error) { if f.GetTenantFn != nil { return f.GetTenantFn(ctx, in, opts...) diff --git a/cmd/karavictl/cmd/tenant_update.go b/cmd/karavictl/cmd/tenant_update.go new file mode 100644 index 00000000..550af3a4 --- /dev/null +++ b/cmd/karavictl/cmd/tenant_update.go @@ -0,0 +1,76 @@ +// Copyright © 2023 Dell Inc., or its subsidiaries. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package cmd + +import ( + "context" + "errors" + "karavi-authorization/pb" + "strings" + + "github.com/spf13/cobra" +) + +// NewTenantUpdateCmd creates a new update command for tenant +func NewTenantUpdateCmd() *cobra.Command { + tenantUpdateCmd := &cobra.Command{ + Use: "update", + TraverseChildren: true, + Short: "Update a tenant resource within CSM Authorization", + Long: `Updates a tenant resource within CSM Authorization`, + Run: func(cmd *cobra.Command, args []string) { + addr, err := cmd.Flags().GetString("addr") + if err != nil { + reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + } + + insecure, err := cmd.Flags().GetBool("insecure") + if err != nil { + reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + } + + tenantClient, conn, err := CreateTenantServiceClient(addr, insecure) + if err != nil { + reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + } + defer conn.Close() + + name, err := cmd.Flags().GetString("name") + if err != nil { + reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + } + if strings.TrimSpace(name) == "" { + reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), errors.New("empty name not allowed")) + } + + approveSdc, err := cmd.Flags().GetBool("approvesdc") + if err != nil { + reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + } + + _, err = tenantClient.UpdateTenant(context.Background(), &pb.UpdateTenantRequest{ + TenantName: name, + Approvesdc: approveSdc, + }) + if err != nil { + reportErrorAndExit(JSONOutput, cmd.ErrOrStderr(), err) + } + }, + } + + tenantUpdateCmd.Flags().StringP("name", "n", "", "Tenant name") + tenantUpdateCmd.Flags().Bool("approvesdc", true, "To allow/deny SDC approval requests") + return tenantUpdateCmd +} diff --git a/cmd/karavictl/cmd/tenant_update_test.go b/cmd/karavictl/cmd/tenant_update_test.go new file mode 100644 index 00000000..29828fd7 --- /dev/null +++ b/cmd/karavictl/cmd/tenant_update_test.go @@ -0,0 +1,165 @@ +// Copyright © 2023 Dell Inc., or its subsidiaries. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package cmd + +import ( + "bytes" + "context" + "encoding/json" + "errors" + "io" + "io/ioutil" + "karavi-authorization/pb" + "os" + "testing" + + "google.golang.org/grpc" +) + +func TestTenantUpdate(t *testing.T) { + afterFn := func() { + CreateTenantServiceClient = createTenantServiceClient + JSONOutput = jsonOutput + osExit = os.Exit + } + + t.Run("it requests updation of a tenant", func(t *testing.T) { + defer afterFn() + CreateTenantServiceClient = func(_ string, _ bool) (pb.TenantServiceClient, io.Closer, error) { + return &fakeTenantServiceClient{}, ioutil.NopCloser(nil), nil + } + JSONOutput = func(w io.Writer, _ interface{}) error { + return nil + } + osExit = func(code int) { + } + var gotOutput bytes.Buffer + + cmd := NewRootCmd() + cmd.SetOutput(&gotOutput) + cmd.SetArgs([]string{"tenant", "update", "-n", "testname", "--approvesdc", "true"}) + cmd.Execute() + + if len(gotOutput.Bytes()) != 0 { + t.Errorf("expected zero output but got %q", string(gotOutput.Bytes())) + } + }) + t.Run("it requires a valid tenant server connection", func(t *testing.T) { + defer afterFn() + CreateTenantServiceClient = func(_ string, _ bool) (pb.TenantServiceClient, io.Closer, error) { + return nil, ioutil.NopCloser(nil), errors.New("test error") + } + var gotCode int + done := make(chan struct{}) + osExit = func(code int) { + gotCode = code + done <- struct{}{} + done <- struct{}{} // we can't let this function return + } + var gotOutput bytes.Buffer + + cmd := NewRootCmd() + cmd.SetErr(&gotOutput) + cmd.SetArgs([]string{"tenant", "update", "-n", "testname", "--approvesdc", "true"}) + go cmd.Execute() + <-done + + wantCode := 1 + if gotCode != wantCode { + t.Errorf("got exit code %d, want %d", gotCode, wantCode) + } + var gotErr CommandError + if err := json.NewDecoder(&gotOutput).Decode(&gotErr); err != nil { + t.Fatal(err) + } + wantErrMsg := "test error" + if gotErr.ErrorMsg != wantErrMsg { + t.Errorf("got err %q, want %q", gotErr.ErrorMsg, wantErrMsg) + } + }) + t.Run("it requires a valid name argument", func(t *testing.T) { + defer afterFn() + CreateTenantServiceClient = func(_ string, _ bool) (pb.TenantServiceClient, io.Closer, error) { + return &fakeTenantServiceClient{}, ioutil.NopCloser(nil), nil + } + var gotCode int + done := make(chan struct{}) + osExit = func(code int) { + gotCode = code + done <- struct{}{} + done <- struct{}{} // we can't let this function return + } + + var gotOutput bytes.Buffer + + rootCmd := NewRootCmd() + rootCmd.SetErr(&gotOutput) + rootCmd.SetArgs([]string{"tenant", "update"}) + + go rootCmd.Execute() + <-done + + wantCode := 1 + if gotCode != wantCode { + t.Errorf("got exit code %d, want %d", gotCode, wantCode) + } + var gotErr CommandError + if err := json.NewDecoder(&gotOutput).Decode(&gotErr); err != nil { + t.Fatal(err) + } + wantErrMsg := "empty name not allowed" + if gotErr.ErrorMsg != wantErrMsg { + t.Errorf("got err %q, want %q", gotErr.ErrorMsg, wantErrMsg) + } + }) + t.Run("it handles server errors", func(t *testing.T) { + defer afterFn() + CreateTenantServiceClient = func(_ string, _ bool) (pb.TenantServiceClient, io.Closer, error) { + return &fakeTenantServiceClient{ + UpdateTenantFn: func(_ context.Context, _ *pb.UpdateTenantRequest, _ ...grpc.CallOption) (*pb.Tenant, error) { + return nil, errors.New("test error") + }, + }, ioutil.NopCloser(nil), nil + } + var gotCode int + done := make(chan struct{}) + osExit = func(code int) { + gotCode = code + done <- struct{}{} + done <- struct{}{} // we can't let this function return + } + var gotOutput bytes.Buffer + + rootCmd := NewRootCmd() + rootCmd.SetErr(&gotOutput) + rootCmd.SetArgs([]string{"tenant", "update", "-n", "test", "--approvesdc", "true"}) + + go rootCmd.Execute() + <-done + + wantCode := 1 + if gotCode != wantCode { + t.Errorf("got exit code %d, want %d", gotCode, wantCode) + } + var gotErr CommandError + if err := json.NewDecoder(&gotOutput).Decode(&gotErr); err != nil { + t.Fatal(err) + } + wantErrMsg := "test error" + if gotErr.ErrorMsg != wantErrMsg { + t.Errorf("got err %q, want %q", gotErr.ErrorMsg, wantErrMsg) + } + }) +} diff --git a/cmd/proxy-server/main.go b/cmd/proxy-server/main.go index 6a7c8548..95ece17c 100644 --- a/cmd/proxy-server/main.go +++ b/cmd/proxy-server/main.go @@ -28,6 +28,7 @@ import ( "karavi-authorization/internal/quota" "karavi-authorization/internal/role-service" "karavi-authorization/internal/role-service/roles" + "karavi-authorization/internal/sdc" "karavi-authorization/internal/storage-service" "karavi-authorization/internal/token" "karavi-authorization/internal/token/jwx" @@ -253,6 +254,7 @@ func run(log *logrus.Entry) error { } }() enf := quota.NewRedisEnforcement(context.Background(), quota.WithRedis(rdb)) + sdcapr := sdc.NewSdcApprover(context.Background(), sdc.WithRedis(rdb)) // Start tracing support @@ -312,7 +314,7 @@ func run(log *logrus.Entry) error { sysViper.WatchConfig() // Create handlers for the supported storage arrays. - powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, cfg.OpenPolicyAgent.Host) + powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, sdcapr, cfg.OpenPolicyAgent.Host) powerMaxHandler := proxy.NewPowerMaxHandler(log, enf, cfg.OpenPolicyAgent.Host) powerScaleHandler := proxy.NewPowerScaleHandler(log, enf, cfg.OpenPolicyAgent.Host) diff --git a/cmd/proxy-server/main_test.go b/cmd/proxy-server/main_test.go index 0b4f77e8..33263468 100644 --- a/cmd/proxy-server/main_test.go +++ b/cmd/proxy-server/main_test.go @@ -124,7 +124,7 @@ func TestUpdateStorageSystems(t *testing.T) { logger := logrus.NewEntry(logrus.New()) powerScaleHandler := proxy.NewPowerScaleHandler(logger, nil, "") - powerFlexHandler := proxy.NewPowerFlexHandler(logger, nil, "") + powerFlexHandler := proxy.NewPowerFlexHandler(logger, nil, nil, "") powerMaxHandler := proxy.NewPowerMaxHandler(logger, nil, "") // When diff --git a/deploy/airgap-prepare.sh b/deploy/airgap-prepare.sh index e02069fc..1b7a18e8 100755 --- a/deploy/airgap-prepare.sh +++ b/deploy/airgap-prepare.sh @@ -13,7 +13,7 @@ # limitations under the License. ARCH=amd64 -SIDECAR_DOCKER_TAG=1.5.1 +SIDECAR_DOCKER_TAG=nightly DIST=dist K3S_INSTALL_SCRIPT=${DIST}/k3s-install.sh diff --git a/deploy/deployment.yaml b/deploy/deployment.yaml index b49a78d0..e5f8345f 100644 --- a/deploy/deployment.yaml +++ b/deploy/deployment.yaml @@ -63,7 +63,7 @@ spec: spec: containers: - name: proxy-server - image: proxy-server:1.5.1 + image: proxy-server:nightly imagePullPolicy: IfNotPresent ports: - containerPort: 8080 @@ -122,7 +122,7 @@ spec: spec: containers: - name: tenant-service - image: tenant-service:1.5.1 + image: tenant-service:nightly imagePullPolicy: IfNotPresent ports: - containerPort: 50051 @@ -188,7 +188,7 @@ spec: serviceAccountName: storage-service containers: - name: storage-service - image: storage-service:1.5.1 + image: storage-service:nightly imagePullPolicy: IfNotPresent ports: - containerPort: 50051 @@ -252,7 +252,7 @@ spec: serviceAccountName: role-service containers: - name: role-service - image: role-service:1.5.1 + image: role-service:nightly imagePullPolicy: IfNotPresent ports: - containerPort: 50051 diff --git a/go.mod b/go.mod index cce060a4..e4b8100e 100644 --- a/go.mod +++ b/go.mod @@ -29,9 +29,10 @@ require ( go.opentelemetry.io/otel/sdk/export/metric v0.26.0 go.opentelemetry.io/otel/sdk/metric v0.26.0 golang.org/x/sync v0.0.0-20220923202941-7f9b1623fab7 - golang.org/x/term v0.1.0 - google.golang.org/grpc v1.43.0 - google.golang.org/protobuf v1.28.0 + golang.org/x/term v0.3.0 + google.golang.org/grpc v1.52.0 + google.golang.org/protobuf v1.28.1 + gopkg.in/yaml.v2 v2.4.0 k8s.io/api v0.25.2 k8s.io/apimachinery v0.25.2 k8s.io/client-go v0.25.2 @@ -63,7 +64,7 @@ require ( github.com/prometheus/common v0.26.0 // indirect github.com/prometheus/procfs v0.6.0 // indirect go.opentelemetry.io/otel/internal/metric v0.26.0 // indirect - golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect + golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783 // indirect golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect google.golang.org/appengine v1.6.7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect @@ -113,10 +114,10 @@ require ( go.uber.org/multierr v1.7.0 // indirect go.uber.org/zap v1.23.0 // indirect golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d // indirect - golang.org/x/net v0.1.1-0.20221104162952-702349b0e862 // indirect - golang.org/x/sys v0.2.0 // indirect - golang.org/x/text v0.4.0 // indirect - google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect + golang.org/x/net v0.4.0 // indirect + golang.org/x/sys v0.3.0 // indirect + golang.org/x/text v0.5.0 // indirect + google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.66.2 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index c6f5a67e..7f9feae9 100644 --- a/go.sum +++ b/go.sum @@ -252,7 +252,7 @@ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -679,6 +679,8 @@ golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210917221730-978cfadd31cf/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.4.0 h1:Q5QPcMlvfxFTAPV0+07Xz/MpK9NTXu2VDUuy0FeMfaU= +golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= golang.org/x/net v0.1.1-0.20221104162952-702349b0e862 h1:KrLJ+iz8J6j6VVr/OCfULAcK+xozUmWE43fKpMR4MlI= golang.org/x/net v0.1.1-0.20221104162952-702349b0e862/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -697,8 +699,9 @@ golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg= golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783 h1:nt+Q6cXKz4MosCSpnbMtqiQ8Oz0pxTef2B4Vca2lvfk= +golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -789,12 +792,12 @@ golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211205182925-97ca703d548d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ= +golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.1.0 h1:g6Z6vPFA9dYBAF7DWcH6sCcOntplXsDKcliusYijMlw= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.3.0 h1:qoo4akIqOcDME5bhc/NgxUdovd6BSS2uMsVjB56q1xI= +golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -804,8 +807,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM= +golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -973,8 +976,9 @@ google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ6 google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211203200212-54befc351ae9/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa h1:I0YcKz0I7OAhddo7ya8kMnvprhcWM045PmkBdMO9zN0= google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6 h1:a2S6M0+660BgMNl++4JPlcAO/CjkqYItDEZwkoDQK7c= +google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -1003,8 +1007,8 @@ google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9K google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k= google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc v1.43.0 h1:Eeu7bZtDZ2DpRCsLhUlcrLnvYaMK1Gz86a+hMVvELmM= -google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.52.0 h1:kd48UiU7EHsV4rnLyOJRuP/Il/UHE7gdDAQ+SZI7nZk= +google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= @@ -1019,8 +1023,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= +google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/internal/proxy/powerflex_handler.go b/internal/proxy/powerflex_handler.go index 70d3f30c..28a2606a 100644 --- a/internal/proxy/powerflex_handler.go +++ b/internal/proxy/powerflex_handler.go @@ -25,6 +25,7 @@ import ( "karavi-authorization/internal/decision" "karavi-authorization/internal/powerflex" "karavi-authorization/internal/quota" + "karavi-authorization/internal/sdc" "karavi-authorization/internal/token" "karavi-authorization/internal/web" "net" @@ -67,20 +68,22 @@ type System struct { // PowerFlexHandler is the proxy handler for PowerFlex systems type PowerFlexHandler struct { - log *logrus.Entry - mu sync.Mutex // guards systems map - systems map[string]*System - enforcer *quota.RedisEnforcement - opaHost string + log *logrus.Entry + mu sync.Mutex // guards systems map + systems map[string]*System + enforcer *quota.RedisEnforcement + sdcapprover *sdc.RedisSdcApprover + opaHost string } // NewPowerFlexHandler returns a new PowerFlexHandler -func NewPowerFlexHandler(log *logrus.Entry, enforcer *quota.RedisEnforcement, opaHost string) *PowerFlexHandler { +func NewPowerFlexHandler(log *logrus.Entry, enforcer *quota.RedisEnforcement, sdcapprover *sdc.RedisSdcApprover, opaHost string) *PowerFlexHandler { return &PowerFlexHandler{ - log: log, - systems: make(map[string]*System), - enforcer: enforcer, - opaHost: opaHost, + log: log, + systems: make(map[string]*System), + enforcer: enforcer, + sdcapprover: sdcapprover, + opaHost: opaHost, } } @@ -230,6 +233,8 @@ func (h *PowerFlexHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { v.volumeMapHandler(proxyHandler, h.enforcer, h.opaHost).ServeHTTP(w, r) case strings.HasSuffix(r.URL.Path, "/action/removeMappedSdc/"): v.volumeUnmapHandler(proxyHandler, h.enforcer, h.opaHost).ServeHTTP(w, r) + case strings.HasSuffix(r.URL.Path, "/action/approveSdc/"): + v.sdcApproveHandler(proxyHandler, h.sdcapprover, h.opaHost).ServeHTTP(w, r) default: proxyHandler.ServeHTTP(w, r) } @@ -893,6 +898,100 @@ func (s *System) volumeUnmapHandler(next http.Handler, enf *quota.RedisEnforceme }) } +func (s *System) sdcApproveHandler(next http.Handler, sdcapp *sdc.RedisSdcApprover, opaHost string) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + ctx, span := trace.SpanFromContext(r.Context()).TracerProvider().Tracer("").Start(r.Context(), "sdcApproveHandler") + defer span.End() + + // Read the body. + b, err := ioutil.ReadAll(r.Body) + if err != nil { + writeError(w, "powerflex", "failed to read body", http.StatusInternalServerError, s.log) + return + } + defer r.Body.Close() + + var requestBody map[string]json.RawMessage + err = json.NewDecoder(bytes.NewReader(b)).Decode(&requestBody) + if err != nil { + writeError(w, "powerflex", "decoding request body", http.StatusInternalServerError, s.log) + return + } + + jwtGroup := r.Context().Value(web.JWTTenantName) + group, ok := jwtGroup.(string) + if !ok { + writeError(w, "powerflex", "incorrect type for JWT group", http.StatusInternalServerError, s.log) + return + } + + jwtValue := r.Context().Value(web.JWTKey) + jwtToken, ok := jwtValue.(token.Token) + if !ok { + writeError(w, "powerflex", "incorrect type for JWT token", http.StatusInternalServerError, s.log) + return + } + + claims, err := jwtToken.Claims() + if err != nil { + writeError(w, "powerflex", "decoding token claims", http.StatusInternalServerError, s.log) + return + } + + s.log.Debugln("Asking OPA...") + // Request policy decision from OPA + ans, err := decision.Can(func() decision.Query { + return decision.Query{ + Host: opaHost, + Policy: "/karavi/sdc/approve", + Input: map[string]interface{}{ + "claims": claims, + }, + } + }) + if err != nil { + s.log.WithError(err).Error("asking OPA for sdc approval decision") + writeError(w, "powerflex", fmt.Sprintf("asking OPA for sdc approval decision: %v", err), http.StatusInternalServerError, s.log) + return + } + + var opaResp OPAResponse + err = json.NewDecoder(bytes.NewReader(ans)).Decode(&opaResp) + if err != nil { + writeError(w, "powerflex", "decoding opa request body", http.StatusInternalServerError, s.log) + return + } + s.log.WithField("opa_response", string(ans)).Debug("OPA Response") + if resp := opaResp.Result; !resp.Response.Allowed { + switch { + case resp.Claims.Group == "": + writeError(w, "powerflex", "invalid token", http.StatusUnauthorized, s.log) + default: + writeError(w, "powerflex", fmt.Sprintf("request denied: %v", resp.Response.Status.Reason), http.StatusBadRequest, s.log) + } + return + } + + qr := sdc.Request{ + Group: group, + } + ok, err = sdcapp.CheckSdcApproveFlag(ctx, qr) + if err != nil { + writeError(w, "powerflex", fmt.Sprintf("sdc approve request failed: %v", err), http.StatusInternalServerError, s.log) + return + } + if !ok { + writeError(w, "powerflex", "sdc approve request denied", http.StatusForbidden, s.log) + return + } + + // Reset the original request + r.Body = ioutil.NopCloser(bytes.NewBuffer(b)) + r = r.WithContext(ctx) + next.ServeHTTP(w, r) + }) +} + // OPAResponse is the respone payload from OPA type OPAResponse struct { Result struct { diff --git a/internal/proxy/powerflex_handler_test.go b/internal/proxy/powerflex_handler_test.go index c390352e..eaea585f 100644 --- a/internal/proxy/powerflex_handler_test.go +++ b/internal/proxy/powerflex_handler_test.go @@ -23,6 +23,7 @@ import ( "io/ioutil" "karavi-authorization/internal/proxy" "karavi-authorization/internal/quota" + "karavi-authorization/internal/sdc" "karavi-authorization/internal/token" "karavi-authorization/internal/token/jwx" "karavi-authorization/internal/web" @@ -67,7 +68,7 @@ func TestPowerFlex(t *testing.T) { rtr := newTestRouter() // Create the PowerFlex handler and configure it with a system // where the endpoint is our test server. - powerFlexHandler := proxy.NewPowerFlexHandler(log, nil, hostPort(t, fakeOPA.URL)) + powerFlexHandler := proxy.NewPowerFlexHandler(log, nil, nil, hostPort(t, fakeOPA.URL)) powerFlexHandler.UpdateSystems(context.Background(), strings.NewReader(fmt.Sprintf(` { "powerflex": { @@ -128,7 +129,7 @@ func TestPowerFlex(t *testing.T) { rtr := newTestRouter() // Create the PowerFlex handler and configure it with a system // where the endpoint is our test server. - powerFlexHandler := proxy.NewPowerFlexHandler(log, nil, hostPort(t, fakeOPA.URL)) + powerFlexHandler := proxy.NewPowerFlexHandler(log, nil, nil, hostPort(t, fakeOPA.URL)) powerFlexHandler.UpdateSystems(context.Background(), strings.NewReader(fmt.Sprintf(` { "powerflex": { @@ -288,7 +289,7 @@ func TestPowerFlex(t *testing.T) { // Create the PowerFlex handler and configure it with a system // where the endpoint is our test server. - powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, hostPort(t, fakeOPA.URL)) + powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, nil, hostPort(t, fakeOPA.URL)) powerFlexHandler.UpdateSystems(context.Background(), strings.NewReader(fmt.Sprintf(` { "powerflex": { @@ -475,7 +476,7 @@ func TestPowerFlex(t *testing.T) { // Create the PowerFlex handler and configure it with a system // where the endpoint is our test server. - powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, hostPort(t, fakeOPA.URL)) + powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, nil, hostPort(t, fakeOPA.URL)) powerFlexHandler.UpdateSystems(context.Background(), strings.NewReader(fmt.Sprintf(` { "powerflex": { @@ -684,7 +685,7 @@ func TestPowerFlex(t *testing.T) { // Create the PowerFlex handler and configure it with a system // where the endpoint is our test server. - powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, hostPort(t, fakeOPA.URL)) + powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, nil, hostPort(t, fakeOPA.URL)) powerFlexHandler.UpdateSystems(context.Background(), strings.NewReader(fmt.Sprintf(` { "powerflex": { @@ -822,7 +823,7 @@ func TestPowerFlex(t *testing.T) { rtr := newTestRouter() // Create a PowerFlexHandler and update it with the fake PowerFlex - powerFlexHandler := proxy.NewPowerFlexHandler(log, nil, hostPort(t, fakeOPA.URL)) + powerFlexHandler := proxy.NewPowerFlexHandler(log, nil, nil, hostPort(t, fakeOPA.URL)) // Cancel the powerflex token getter so we don't get any race conditions with the fakePowerFlex server systemCtx, cancel := context.WithCancel(context.Background()) @@ -965,7 +966,7 @@ func TestPowerFlex(t *testing.T) { rtr := newTestRouter() // Create a PowerFlexHandler and update it with the fake PowerFlex - powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, hostPort(t, fakeOPA.URL)) + powerFlexHandler := proxy.NewPowerFlexHandler(log, enf, nil, hostPort(t, fakeOPA.URL)) // Cancel the powerflex token getter so we don't get any race conditions with the fakePowerFlex server systemCtx, cancel := context.WithCancel(context.Background()) @@ -1125,7 +1126,7 @@ func TestPowerFlex(t *testing.T) { }) // Create a PowerFlexHandler and update it with the fake PowerFlex - powerFlexHandler := proxy.NewPowerFlexHandler(log, sut, hostPort(t, fakeOPA.URL)) + powerFlexHandler := proxy.NewPowerFlexHandler(log, sut, nil, hostPort(t, fakeOPA.URL)) powerFlexHandler.UpdateSystems(context.Background(), strings.NewReader(fmt.Sprintf(` { "powerflex": { @@ -1165,6 +1166,149 @@ func TestPowerFlex(t *testing.T) { } }) + t.Run("it denies tenant's approvesdc request if tenant does not have permission", func(t *testing.T) { + // Logging. + log := logrus.New().WithContext(context.Background()) + log.Logger.SetOutput(os.Stdout) + + // Token manager + tm := jwx.NewTokenManager(jwx.HS256) + + // Create a redis enforcer + rdb := testCreateRedisInstance(t) + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + sdcapp := sdc.NewSdcApprover(ctx, sdc.WithRedis(rdb)) + sdcreq := sdc.Request{ + Group: "TestingGroup", + } + _, err := rdb.HSet(mocktenantKey(sdcreq.Group), "approve_sdc", false).Result() + if err != nil { + t.Errorf("error setting mock flag value: %v", err) + } + + // Prepare tenant A's token + // Create the claims + claimsA := token.Claims{ + Issuer: "com.dell.karavi", + ExpiresAt: time.Now().Add(30 * time.Second).Unix(), + Audience: "karavi", + Subject: "Alice", + Roles: "DevTesting", + Group: "TestingGroup", + } + + tokenA, err := tm.NewWithClaims(claimsA) + if err != nil { + t.Fatal(err) + } + + body := struct { + Group string `json:"group"` + }{ + Group: "TestingGroup", + } + data, err := json.Marshal(body) + if err != nil { + t.Fatal(err) + } + payload := bytes.NewBuffer(data) + + w := httptest.NewRecorder() + r := httptest.NewRequest(http.MethodPost, "/api/instances/System::542a2d5f5122210f/action/approveSdc", payload) + reqCtx := context.WithValue(context.Background(), web.JWTKey, tokenA) + reqCtx = context.WithValue(reqCtx, web.JWTTenantName, "TestingGroup") + r = r.WithContext(reqCtx) + + // Build a fake powerflex backend, since it will try to create and delete volumes for real. + // We'll use the URL of this test server as part of the systems config. + fakePowerFlex := buildTestTLSServer(t, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case "/api/login": + w.Write([]byte("token")) + case "/api/version": + w.Write([]byte("3.5")) + case "/api/instances/System::542a2d5f5122210f/action/approveSdc/": + w.WriteHeader(http.StatusOK) + default: + t.Errorf("Unexpected api call to fake PowerFlex: %v", r.URL.Path) + } + })) + fakeOPA := buildTestServer(t, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + t.Logf("Incoming OPA request: %v", r.URL.Path) + switch r.URL.Path { + case "/v1/data/karavi/authz/url": + w.Write([]byte(`{"result": {"allow": true}}`)) + case "/v1/data/karavi/sdc/approve": + w.Write([]byte(`{"result": {"claims":{"group": "TestingGroup"}, "response": {"allowed": true}}}`)) + } + })) + // Add headers that the sidecar-proxy would add, in order to identify + // the request as intended for a PowerFlex with the given systemID. + r.Header.Add("Forwarded", "by=csi-vxflexos") + r.Header.Add("Forwarded", fmt.Sprintf("for=%s;542a2d5f5122210f", fakePowerFlex.URL)) + + // Create the router and assign the appropriate handlers. + rtr := newTestRouter() + + sdcapp.CheckSdcApproveFlag(reqCtx, sdcreq) + t.Run("NewRedisEnforcer", func(t *testing.T) { + if sdcapp == nil { + t.Fatal("expected non-nil return value for redis enforcemnt") + } + }) + // Create the PowerFlex handler and configure it with a system + // where the endpoint is our test server. + powerFlexHandler := proxy.NewPowerFlexHandler(log, nil, sdcapp, hostPort(t, fakeOPA.URL)) + powerFlexHandler.UpdateSystems(context.Background(), strings.NewReader(fmt.Sprintf(` + { + "powerflex": { + "542a2d5f5122210f": { + "endpoint": "%s", + "user": "admin", + "pass": "Password123", + "insecure": true + } + } + } + `, fakePowerFlex.URL)), logrus.New().WithContext(context.Background())) + systemHandlers := map[string]http.Handler{ + "powerflex": web.Adapt(powerFlexHandler), + } + dh := proxy.NewDispatchHandler(log, systemHandlers) + rtr.ProxyHandler = dh + h := web.Adapt(rtr.Handler(), web.CleanMW()) + + h.ServeHTTP(w, r) + + if got, want := w.Result().StatusCode, http.StatusForbidden; got != want { + fmt.Printf("Create request: %v\n", *r) + fmt.Printf("Create response: %v\n", string(w.Body.Bytes())) + t.Errorf("got %v, want %v", got, want) + } + + // This response should come from our PowerFlex handler, NOT the (fake) + // PowerFlex itself. + type ApprovesdcRequestResponse struct { + ErrorCode int `json:"errorCode"` + HttpStatusCode int `json:"httpStatusCode"` + Message string `json:"message"` + } + got := ApprovesdcRequestResponse{} + err = json.Unmarshal(w.Body.Bytes(), &got) + if err != nil { + t.Errorf("error demarshalling approvesdc request response: %v", err) + } + want := ApprovesdcRequestResponse{ + ErrorCode: 403, + HttpStatusCode: 403, + Message: "sdc approve request denied", + } + if !strings.Contains(got.Message, want.Message) || got.ErrorCode != want.ErrorCode || got.HttpStatusCode != want.HttpStatusCode { + t.Errorf("got %q, expected response body to contain %q", got, want) + } + }) + t.Run("provisioning request with a role with infinite quota", func(t *testing.T) { // Logging log := logrus.New().WithContext(context.Background()) @@ -1249,7 +1393,6 @@ func TestPowerFlex(t *testing.T) { w.Write([]byte("{\"id\": \"847ce5f30000005a\"}")) } })) - // Add headers that the sidecar-proxy would add, in order to identify // the request as intended for a PowerFlex with the given systemID. r.Header.Add("Forwarded", "by=csi-vxflexos") @@ -1278,7 +1421,7 @@ func TestPowerFlex(t *testing.T) { }) // Create a PowerFlexHandler and update it with the fake PowerFlex - powerFlexHandler := proxy.NewPowerFlexHandler(log, sut, hostPort(t, fakeOPA.URL)) + powerFlexHandler := proxy.NewPowerFlexHandler(log, sut, nil, hostPort(t, fakeOPA.URL)) powerFlexHandler.UpdateSystems(context.Background(), strings.NewReader(fmt.Sprintf(` { "powerflex": { @@ -1319,6 +1462,10 @@ func TestPowerFlex(t *testing.T) { }) } +func mocktenantKey(name string) string { + return fmt.Sprintf("tenant:%s:data", name) +} + func newTestRouter() *web.Router { noopHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}) return &web.Router{ diff --git a/internal/proxy/powerscale_handler_test.go b/internal/proxy/powerscale_handler_test.go index 7f1a90a3..35ce151f 100644 --- a/internal/proxy/powerscale_handler_test.go +++ b/internal/proxy/powerscale_handler_test.go @@ -28,7 +28,6 @@ import ( "os" "strings" "testing" - "time" "github.com/sirupsen/logrus" ) @@ -81,13 +80,12 @@ func testPowerScaleServeHTTP(t *testing.T) { r.Header.Set("Forwarded", "for=https://1.1.1.1;1234567890") w := httptest.NewRecorder() - go sut.ServeHTTP(w, r) - - select { - case <-done: - case <-time.After(10 * time.Second): - t.Fatal("timed out waiting for proxied request") - } + go func() { + sut.ServeHTTP(w, r) + done <- struct{}{} + }() + <-done + <-done // we also need to wait for the HTTP request to fully complete. if got, want := w.Result().StatusCode, http.StatusOK; got != want { t.Errorf("got status code %d, want status code %d", got, want) diff --git a/internal/quota/enforcer_test.go b/internal/quota/enforcer_test.go index e483635c..5068b9fe 100644 --- a/internal/quota/enforcer_test.go +++ b/internal/quota/enforcer_test.go @@ -4,7 +4,7 @@ // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // -// http://www.apache.org/licenses/LICENSE-2.0 +// http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, diff --git a/internal/sdc/fake.go b/internal/sdc/fake.go new file mode 100644 index 00000000..354c9445 --- /dev/null +++ b/internal/sdc/fake.go @@ -0,0 +1,32 @@ +// Copyright © 2023 Dell Inc., or its subsidiaries. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package sdc + +// FakeRedis is used for mocking out commonly used functions for +// the Redis client. +type FakeRedis struct { + PingFn func() (string, error) + HGetFn func(key, field string) (string, error) +} + +// Ping delegates to the PingFn function field. +func (f *FakeRedis) Ping() (string, error) { + return f.PingFn() +} + +// HGet delegates to the HGetFn function field. +func (f *FakeRedis) HGet(key, field string) (string, error) { + return f.HGetFn(key, field) +} diff --git a/internal/sdc/sdc_approve.go b/internal/sdc/sdc_approve.go new file mode 100644 index 00000000..8db31347 --- /dev/null +++ b/internal/sdc/sdc_approve.go @@ -0,0 +1,129 @@ +// Copyright © 2023 Dell Inc., or its subsidiaries. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package sdc + +import ( + "context" + "fmt" + "log" + "strconv" + + "github.com/go-redis/redis" + "go.opentelemetry.io/otel/trace" +) + +type sdcDB interface { + Ping() (string, error) + HGet(key, field string) (string, error) +} + +// RedisDB wraps a real redis client and adapts it +// to work with the sdcDB interface. +type RedisDB struct { + Client *redis.Client +} + +var _ sdcDB = (*RedisDB)(nil) + +// Ping wraps the original Ping method. +func (r *RedisDB) Ping() (string, error) { + return r.Client.Ping().Result() +} + +// HGet wraps the original HGet method. +func (r *RedisDB) HGet(key, field string) (string, error) { + return r.Client.HGet(key, field).Result() +} + +// RedisSdcApprover is a wrapper around a redis client to approve requests. +type RedisSdcApprover struct { + rdb sdcDB +} + +// Option is to be used for functional options +// with NewRedisSdcApprover +type Option func(v *RedisSdcApprover) + +// WithRedis allows for configuring the enforcer with +// a *redis.Client. +func WithRedis(rdb *redis.Client) Option { + return func(v *RedisSdcApprover) { + v.rdb = &RedisDB{rdb} + } +} + +// WithDB allows for configuring the enforcer with +// a value that implements the DB interface. +func WithDB(db sdcDB) Option { + return func(v *RedisSdcApprover) { + v.rdb = db + } +} + +// NewSdcApprover returns a new RedisSdcApprover. +func NewSdcApprover(ctx context.Context, opts ...Option) *RedisSdcApprover { + v := &RedisSdcApprover{} + for _, opt := range opts { + opt(v) + } + return v +} + +// Request is a request to redis. +type Request struct { + Group string `json:"group"` +} + +// Ping pings the redis instance. +func (sa *RedisSdcApprover) Ping() error { + res, err := sa.rdb.Ping() + if err != nil { + return err + } + log.Println("Redis response:", res) + return nil +} + +// DataKey returns a redis formatted data key based on the Request data. +func (r Request) DataKey() string { + return fmt.Sprintf("tenant:%s:data", r.Group) +} + +// ApproveSdcField returns the redis formatted approved capacity field. +func (r Request) ApproveSdcField() string { + return "approve_sdc" +} + +// CheckSdcApproveFlag checks the approvesdc flag value of the tenant +func (sa *RedisSdcApprover) CheckSdcApproveFlag(ctx context.Context, r Request) (bool, error) { + ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("").Start(ctx, "checkSdcApproveFlag") + defer span.End() + var err error + + flagvalue, err := sa.rdb.HGet(r.DataKey(), r.ApproveSdcField()) + if err != nil { + return false, err + } + + flagvaluebool, err := strconv.ParseBool(flagvalue) + if err != nil { + return false, err + } + + if flagvaluebool { + return true, nil + } + return false, nil +} diff --git a/internal/sdc/sdc_approve_test.go b/internal/sdc/sdc_approve_test.go new file mode 100644 index 00000000..5572d826 --- /dev/null +++ b/internal/sdc/sdc_approve_test.go @@ -0,0 +1,177 @@ +// Copyright © 2023 Dell Inc., or its subsidiaries. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package sdc_test + +import ( + "context" + "errors" + "karavi-authorization/internal/sdc" + "testing" + + "github.com/alicebob/miniredis/v2" + "github.com/go-redis/redis" +) + +var ErrFake = errors.New("test error") + +func TestSdcApprover_Ping(t *testing.T) { + rdb := testCreateRedisInstance(t) + t.Run("returns the error", func(t *testing.T) { + sut := sdc.NewSdcApprover(context.Background(), sdc.WithDB(&sdc.FakeRedis{ + PingFn: func() (string, error) { return "", ErrFake }, + })) + + gotErr := sut.Ping() + + wantErr := ErrFake + if gotErr != wantErr { + t.Errorf("got err %v, want %v", gotErr, wantErr) + } + }) + t.Run("nil error on success", func(t *testing.T) { + sut := sdc.NewSdcApprover(context.Background(), sdc.WithRedis(rdb)) + + err := sut.Ping() + if err != nil { + t.Fatal(err) + } + }) +} + +func TestSdcApprover_checkSdcApproveFlag(t *testing.T) { + mr, err := miniredis.Run() + if err != nil { + t.Fatal(err) + } + defer mr.Close() + req := buildRequest() + rc := redis.NewClient(&redis.Options{Addr: mr.Addr()}) + + t.Run("returns true if key value is true", func(t *testing.T) { + mr.HSet(req.DataKey(), req.ApproveSdcField(), "true") + sut := sdc.NewSdcApprover(context.Background(), sdc.WithRedis(rc)) + + got, err := sut.CheckSdcApproveFlag(context.Background(), req) + if err != nil { + t.Fatal(err) + } + + want := true + if got != want { + t.Errorf("got %v, want %v", got, want) + } + }) + t.Run("returns false if key vale is false", func(t *testing.T) { + mr.FlushAll() + mr.HSet(req.DataKey(), req.ApproveSdcField(), "false") + sut := sdc.NewSdcApprover(context.Background(), sdc.WithRedis(rc)) + + got, err := sut.CheckSdcApproveFlag(context.Background(), req) + if err != nil { + t.Fatal(err) + } + + want := false + if got != want { + t.Errorf("got %v, want %v", got, want) + } + }) + t.Run("returns any error", func(t *testing.T) { + sut := sdc.NewSdcApprover(context.Background(), + sdc.WithDB(&sdc.FakeRedis{HGetFn: func(key, field string) (string, error) { + return "false", ErrFake + }, + })) + + _, got := sut.CheckSdcApproveFlag(context.Background(), req) + + want := ErrFake + if got != want { + t.Errorf("got %v, want %v", got, want) + } + }) +} + +func buildRequest() sdc.Request { + return sdc.Request{ + Group: "mytenant", + } +} + +func TestRequest(t *testing.T) { + t.Run("keys", func(t *testing.T) { + type keyFunc func() string + r := buildRequest() + + var tests = []struct { + name string + fn keyFunc + want string + }{ + {"DataKey", r.DataKey, "tenant:mytenant:data"}, + } + for _, tt := range tests { + tt := tt + t.Run(tt.name, func(t *testing.T) { + got := tt.fn() + if got != tt.want { + t.Errorf("%s(): got %q, want %q", tt.name, got, tt.want) + } + + }) + } + }) + t.Run("fields", func(t *testing.T) { + type fieldFunc func() string + r := buildRequest() + + var tests = []struct { + name string + fn fieldFunc + want string + }{ + {"ApproveSdcField", r.ApproveSdcField, "approve_sdc"}, + } + for _, tt := range tests { + tt := tt + t.Run(tt.name, func(t *testing.T) { + got := tt.fn() + if got != tt.want { + t.Errorf("%s(): got %q, want %q", tt.name, got, tt.want) + } + + }) + } + }) +} + +type tb interface { + testing.TB +} + +func testCreateRedisInstance(t tb) *redis.Client { + t.Helper() + mr, err := miniredis.Run() + if err != nil { + t.Fatal(err) + } + t.Cleanup(func() { + mr.Close() + }) + + return redis.NewClient(&redis.Options{ + Addr: mr.Addr(), + }) +} diff --git a/internal/tenantsvc/service.go b/internal/tenantsvc/service.go index 3508c859..f0d85011 100644 --- a/internal/tenantsvc/service.go +++ b/internal/tenantsvc/service.go @@ -20,6 +20,7 @@ import ( "fmt" "karavi-authorization/internal/token" "karavi-authorization/pb" + "strconv" "strings" "time" @@ -111,6 +112,51 @@ func (t *TenantService) CreateTenant(ctx context.Context, req *pb.CreateTenantRe return t.createOrUpdateTenant(ctx, req.Tenant, false) } +// UpdateTenant handles tenant updation requests. +func (t *TenantService) UpdateTenant(ctx context.Context, req *pb.UpdateTenantRequest) (*pb.Tenant, error) { + m, err := t.rdb.HGetAll(tenantKey(req.TenantName)).Result() + if err != nil { + return nil, err + } + + if len(m) == 0 { + return nil, ErrTenantNotFound + } + + newFlag := strconv.FormatBool(req.Approvesdc) + if err != nil { + return nil, err + } + + existingFlag, err := t.rdb.HGet(tenantKey(req.TenantName), "approve_sdc").Result() + if err != nil { + return nil, err + } + + if strings.EqualFold(newFlag, existingFlag) { + return nil, err + } + + _, err = t.rdb.HSet(tenantKey(req.TenantName), "approve_sdc", newFlag).Result() + if err != nil { + return nil, err + } + + val, err := t.rdb.HGet(tenantKey(req.TenantName), "approve_sdc").Result() + if err != nil { + return nil, err + } + approvesdc, err := strconv.ParseBool(val) + if err != nil { + return nil, err + } + + return &pb.Tenant{ + Name: req.TenantName, + Approvesdc: approvesdc, + }, nil +} + // GetTenant handles tenant query requests. func (t *TenantService) GetTenant(ctx context.Context, req *pb.GetTenantRequest) (*pb.Tenant, error) { m, err := t.rdb.HGetAll(tenantKey(req.Name)).Result() @@ -127,9 +173,19 @@ func (t *TenantService) GetTenant(ctx context.Context, req *pb.GetTenantRequest) return nil, err } + approveSdc, err := t.rdb.HGet(tenantKey(req.Name), "approve_sdc").Result() + if err != nil { + return nil, err + } + approvesdc, err := strconv.ParseBool(approveSdc) + if err != nil { + return nil, err + } + return &pb.Tenant{ - Name: req.Name, - Roles: strings.Join(roles, ","), + Name: req.Name, + Roles: strings.Join(roles, ","), + Approvesdc: approvesdc, }, nil } @@ -381,9 +437,15 @@ func (t *TenantService) createOrUpdateTenant(ctx context.Context, v *pb.Tenant, return nil, err } + _, err = t.rdb.HSet(tenantKey(v.Name), "approve_sdc", v.Approvesdc).Result() + if err != nil { + return nil, err + } + return &pb.Tenant{ - Name: v.Name, - Roles: v.Roles, + Name: v.Name, + Roles: v.Roles, + Approvesdc: v.Approvesdc, }, nil } diff --git a/internal/tenantsvc/service_test.go b/internal/tenantsvc/service_test.go index b7de0d0b..cfcfc0a2 100644 --- a/internal/tenantsvc/service_test.go +++ b/internal/tenantsvc/service_test.go @@ -53,6 +53,7 @@ func TestTenantService(t *testing.T) { } t.Run("CreateTenant", testCreateTenant(sut, afterFn)) + t.Run("UpdateTenant", testUpdateTenant(sut, afterFn)) t.Run("GetTenant", testGetTenant(sut, rdb, afterFn)) t.Run("DeleteTenant", testDeleteTenant(sut, afterFn)) t.Run("ListTenant", testListTenant(sut, rdb, afterFn)) @@ -102,6 +103,58 @@ func testCreateTenant(sut *tenantsvc.TenantService, afterFn AfterFunc) func(*tes t.Error("CreateTenant: expected returned tenant to be nil") } }) + t.Run("it creates a tenant entry with approvesdc flag set", func(t *testing.T) { + defer afterFn() + + wantName := "tenant" + wantFlag := false + got, err := sut.CreateTenant(context.Background(), &pb.CreateTenantRequest{ + Tenant: &pb.Tenant{ + Name: wantName, + Roles: "role1,role2", + Approvesdc: false, + }, + }) + checkError(t, err) + + if got.Name != wantName { + t.Errorf("CreateTenant: got name = %q, want %q", got.Name, wantName) + } + if got.Approvesdc != wantFlag { + t.Errorf("CreateTenant: got name = %v, want %v", got.Approvesdc, wantFlag) + } + }) + } +} + +func testUpdateTenant(sut *tenantsvc.TenantService, afterFn AfterFunc) func(*testing.T) { + return func(t *testing.T) { + t.Run("it updates a created tenant", func(t *testing.T) { + defer afterFn() + wantName := "tenant-1" + wantApprovedsc := false + _, err := sut.CreateTenant(context.Background(), &pb.CreateTenantRequest{ + Tenant: &pb.Tenant{ + Name: wantName, + Approvesdc: true, + }, + }) + if err != nil { + t.Fatal(err) + } + + got, err := sut.UpdateTenant(context.Background(), &pb.UpdateTenantRequest{ + TenantName: wantName, + Approvesdc: wantApprovedsc, + }) + + if got.Name != wantName { + t.Errorf("UpdateTenant: got name = %q, want %q", got.Name, wantName) + } + if got.Approvesdc != wantApprovedsc { + t.Errorf("UpdateTenant: got approvedsdc = %v, want %v", got.Approvesdc, wantApprovedsc) + } + }) } } @@ -146,6 +199,26 @@ func testGetTenant(sut *tenantsvc.TenantService, rdb *redis.Client, afterFn Afte t.Errorf("got roles = %v, want %v", got.Roles, wantRoles) } }) + t.Run("it shows the approvesdc flag value with a created tenant", func(t *testing.T) { + defer afterFn() + tenantName := "tenant-3" + roleName := "role-3" + approvesdc := true + createTenant(t, sut, tenantConfig{Name: tenantName, Roles: roleName, Approvesdc: approvesdc}) + + got, err := sut.GetTenant(context.Background(), &pb.GetTenantRequest{ + Name: tenantName, + }) + checkError(t, err) + wantName := tenantName + if got.Name != wantName { + t.Errorf("got name = %q, want %q", got.Name, wantName) + } + wantapprovesdc := true + if got.Approvesdc != wantapprovesdc { + t.Errorf("got approvesdc = %v, want %v", got.Approvesdc, wantapprovesdc) + } + }) t.Run("it returns redis errors", func(t *testing.T) { defer afterFn() _, err := sut.GetTenant(context.Background(), &pb.GetTenantRequest{ @@ -475,9 +548,10 @@ func checkError(t *testing.T, err error) { } type tenantConfig struct { - Name string - Roles string - Revoked bool + Name string + Roles string + Revoked bool + Approvesdc bool } func createTenant(t *testing.T, svc *tenantsvc.TenantService, cfg tenantConfig) { @@ -485,7 +559,8 @@ func createTenant(t *testing.T, svc *tenantsvc.TenantService, cfg tenantConfig) tnt, err := svc.CreateTenant(context.Background(), &pb.CreateTenantRequest{ Tenant: &pb.Tenant{ - Name: cfg.Name, + Name: cfg.Name, + Approvesdc: cfg.Approvesdc, }, }) checkError(t, err) diff --git a/pb/tenant_service.pb.go b/pb/tenant_service.pb.go index 872c2f37..873d03d7 100644 --- a/pb/tenant_service.pb.go +++ b/pb/tenant_service.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.15.8 +// protoc-gen-go v1.28.1 +// protoc v3.6.1 // source: pb/tenant_service.proto package pb @@ -25,8 +25,9 @@ type Tenant struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - Roles string `protobuf:"bytes,2,opt,name=roles,proto3" json:"roles,omitempty"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Roles string `protobuf:"bytes,2,opt,name=roles,proto3" json:"roles,omitempty"` + Approvesdc bool `protobuf:"varint,3,opt,name=approvesdc,proto3" json:"approvesdc,omitempty"` } func (x *Tenant) Reset() { @@ -75,6 +76,13 @@ func (x *Tenant) GetRoles() string { return "" } +func (x *Tenant) GetApprovesdc() bool { + if x != nil { + return x.Approvesdc + } + return false +} + type CreateTenantRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -122,6 +130,61 @@ func (x *CreateTenantRequest) GetTenant() *Tenant { return nil } +type UpdateTenantRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + TenantName string `protobuf:"bytes,1,opt,name=TenantName,proto3" json:"TenantName,omitempty"` + Approvesdc bool `protobuf:"varint,2,opt,name=approvesdc,proto3" json:"approvesdc,omitempty"` +} + +func (x *UpdateTenantRequest) Reset() { + *x = UpdateTenantRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_pb_tenant_service_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UpdateTenantRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateTenantRequest) ProtoMessage() {} + +func (x *UpdateTenantRequest) ProtoReflect() protoreflect.Message { + mi := &file_pb_tenant_service_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateTenantRequest.ProtoReflect.Descriptor instead. +func (*UpdateTenantRequest) Descriptor() ([]byte, []int) { + return file_pb_tenant_service_proto_rawDescGZIP(), []int{2} +} + +func (x *UpdateTenantRequest) GetTenantName() string { + if x != nil { + return x.TenantName + } + return "" +} + +func (x *UpdateTenantRequest) GetApprovesdc() bool { + if x != nil { + return x.Approvesdc + } + return false +} + type GetTenantRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -133,7 +196,7 @@ type GetTenantRequest struct { func (x *GetTenantRequest) Reset() { *x = GetTenantRequest{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[2] + mi := &file_pb_tenant_service_proto_msgTypes[3] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -146,7 +209,7 @@ func (x *GetTenantRequest) String() string { func (*GetTenantRequest) ProtoMessage() {} func (x *GetTenantRequest) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[2] + mi := &file_pb_tenant_service_proto_msgTypes[3] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -159,7 +222,7 @@ func (x *GetTenantRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use GetTenantRequest.ProtoReflect.Descriptor instead. func (*GetTenantRequest) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{2} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{3} } func (x *GetTenantRequest) GetName() string { @@ -180,7 +243,7 @@ type DeleteTenantRequest struct { func (x *DeleteTenantRequest) Reset() { *x = DeleteTenantRequest{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[3] + mi := &file_pb_tenant_service_proto_msgTypes[4] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -193,7 +256,7 @@ func (x *DeleteTenantRequest) String() string { func (*DeleteTenantRequest) ProtoMessage() {} func (x *DeleteTenantRequest) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[3] + mi := &file_pb_tenant_service_proto_msgTypes[4] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -206,7 +269,7 @@ func (x *DeleteTenantRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use DeleteTenantRequest.ProtoReflect.Descriptor instead. func (*DeleteTenantRequest) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{3} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{4} } func (x *DeleteTenantRequest) GetName() string { @@ -225,7 +288,7 @@ type DeleteTenantResponse struct { func (x *DeleteTenantResponse) Reset() { *x = DeleteTenantResponse{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[4] + mi := &file_pb_tenant_service_proto_msgTypes[5] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -238,7 +301,7 @@ func (x *DeleteTenantResponse) String() string { func (*DeleteTenantResponse) ProtoMessage() {} func (x *DeleteTenantResponse) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[4] + mi := &file_pb_tenant_service_proto_msgTypes[5] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -251,7 +314,7 @@ func (x *DeleteTenantResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use DeleteTenantResponse.ProtoReflect.Descriptor instead. func (*DeleteTenantResponse) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{4} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{5} } type ListTenantRequest struct { @@ -266,7 +329,7 @@ type ListTenantRequest struct { func (x *ListTenantRequest) Reset() { *x = ListTenantRequest{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[5] + mi := &file_pb_tenant_service_proto_msgTypes[6] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -279,7 +342,7 @@ func (x *ListTenantRequest) String() string { func (*ListTenantRequest) ProtoMessage() {} func (x *ListTenantRequest) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[5] + mi := &file_pb_tenant_service_proto_msgTypes[6] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -292,7 +355,7 @@ func (x *ListTenantRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use ListTenantRequest.ProtoReflect.Descriptor instead. func (*ListTenantRequest) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{5} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{6} } func (x *ListTenantRequest) GetPageSize() int32 { @@ -321,7 +384,7 @@ type ListTenantResponse struct { func (x *ListTenantResponse) Reset() { *x = ListTenantResponse{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[6] + mi := &file_pb_tenant_service_proto_msgTypes[7] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -334,7 +397,7 @@ func (x *ListTenantResponse) String() string { func (*ListTenantResponse) ProtoMessage() {} func (x *ListTenantResponse) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[6] + mi := &file_pb_tenant_service_proto_msgTypes[7] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -347,7 +410,7 @@ func (x *ListTenantResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use ListTenantResponse.ProtoReflect.Descriptor instead. func (*ListTenantResponse) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{6} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{7} } func (x *ListTenantResponse) GetTenants() []*Tenant { @@ -376,7 +439,7 @@ type BindRoleRequest struct { func (x *BindRoleRequest) Reset() { *x = BindRoleRequest{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[7] + mi := &file_pb_tenant_service_proto_msgTypes[8] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -389,7 +452,7 @@ func (x *BindRoleRequest) String() string { func (*BindRoleRequest) ProtoMessage() {} func (x *BindRoleRequest) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[7] + mi := &file_pb_tenant_service_proto_msgTypes[8] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -402,7 +465,7 @@ func (x *BindRoleRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use BindRoleRequest.ProtoReflect.Descriptor instead. func (*BindRoleRequest) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{7} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{8} } func (x *BindRoleRequest) GetTenantName() string { @@ -428,7 +491,7 @@ type BindRoleResponse struct { func (x *BindRoleResponse) Reset() { *x = BindRoleResponse{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[8] + mi := &file_pb_tenant_service_proto_msgTypes[9] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -441,7 +504,7 @@ func (x *BindRoleResponse) String() string { func (*BindRoleResponse) ProtoMessage() {} func (x *BindRoleResponse) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[8] + mi := &file_pb_tenant_service_proto_msgTypes[9] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -454,7 +517,7 @@ func (x *BindRoleResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use BindRoleResponse.ProtoReflect.Descriptor instead. func (*BindRoleResponse) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{8} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{9} } type UnbindRoleRequest struct { @@ -469,7 +532,7 @@ type UnbindRoleRequest struct { func (x *UnbindRoleRequest) Reset() { *x = UnbindRoleRequest{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[9] + mi := &file_pb_tenant_service_proto_msgTypes[10] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -482,7 +545,7 @@ func (x *UnbindRoleRequest) String() string { func (*UnbindRoleRequest) ProtoMessage() {} func (x *UnbindRoleRequest) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[9] + mi := &file_pb_tenant_service_proto_msgTypes[10] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -495,7 +558,7 @@ func (x *UnbindRoleRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use UnbindRoleRequest.ProtoReflect.Descriptor instead. func (*UnbindRoleRequest) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{9} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{10} } func (x *UnbindRoleRequest) GetTenantName() string { @@ -521,7 +584,7 @@ type UnbindRoleResponse struct { func (x *UnbindRoleResponse) Reset() { *x = UnbindRoleResponse{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[10] + mi := &file_pb_tenant_service_proto_msgTypes[11] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -534,7 +597,7 @@ func (x *UnbindRoleResponse) String() string { func (*UnbindRoleResponse) ProtoMessage() {} func (x *UnbindRoleResponse) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[10] + mi := &file_pb_tenant_service_proto_msgTypes[11] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -547,7 +610,7 @@ func (x *UnbindRoleResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use UnbindRoleResponse.ProtoReflect.Descriptor instead. func (*UnbindRoleResponse) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{10} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{11} } type GenerateTokenRequest struct { @@ -563,7 +626,7 @@ type GenerateTokenRequest struct { func (x *GenerateTokenRequest) Reset() { *x = GenerateTokenRequest{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[11] + mi := &file_pb_tenant_service_proto_msgTypes[12] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -576,7 +639,7 @@ func (x *GenerateTokenRequest) String() string { func (*GenerateTokenRequest) ProtoMessage() {} func (x *GenerateTokenRequest) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[11] + mi := &file_pb_tenant_service_proto_msgTypes[12] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -589,7 +652,7 @@ func (x *GenerateTokenRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use GenerateTokenRequest.ProtoReflect.Descriptor instead. func (*GenerateTokenRequest) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{11} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{12} } func (x *GenerateTokenRequest) GetTenantName() string { @@ -624,7 +687,7 @@ type GenerateTokenResponse struct { func (x *GenerateTokenResponse) Reset() { *x = GenerateTokenResponse{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[12] + mi := &file_pb_tenant_service_proto_msgTypes[13] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -637,7 +700,7 @@ func (x *GenerateTokenResponse) String() string { func (*GenerateTokenResponse) ProtoMessage() {} func (x *GenerateTokenResponse) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[12] + mi := &file_pb_tenant_service_proto_msgTypes[13] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -650,7 +713,7 @@ func (x *GenerateTokenResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use GenerateTokenResponse.ProtoReflect.Descriptor instead. func (*GenerateTokenResponse) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{12} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{13} } func (x *GenerateTokenResponse) GetToken() string { @@ -673,7 +736,7 @@ type RefreshTokenRequest struct { func (x *RefreshTokenRequest) Reset() { *x = RefreshTokenRequest{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[13] + mi := &file_pb_tenant_service_proto_msgTypes[14] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -686,7 +749,7 @@ func (x *RefreshTokenRequest) String() string { func (*RefreshTokenRequest) ProtoMessage() {} func (x *RefreshTokenRequest) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[13] + mi := &file_pb_tenant_service_proto_msgTypes[14] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -699,7 +762,7 @@ func (x *RefreshTokenRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use RefreshTokenRequest.ProtoReflect.Descriptor instead. func (*RefreshTokenRequest) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{13} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{14} } func (x *RefreshTokenRequest) GetRefreshToken() string { @@ -734,7 +797,7 @@ type RefreshTokenResponse struct { func (x *RefreshTokenResponse) Reset() { *x = RefreshTokenResponse{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[14] + mi := &file_pb_tenant_service_proto_msgTypes[15] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -747,7 +810,7 @@ func (x *RefreshTokenResponse) String() string { func (*RefreshTokenResponse) ProtoMessage() {} func (x *RefreshTokenResponse) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[14] + mi := &file_pb_tenant_service_proto_msgTypes[15] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -760,7 +823,7 @@ func (x *RefreshTokenResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RefreshTokenResponse.ProtoReflect.Descriptor instead. func (*RefreshTokenResponse) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{14} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{15} } func (x *RefreshTokenResponse) GetAccessToken() string { @@ -781,7 +844,7 @@ type RevokeTenantRequest struct { func (x *RevokeTenantRequest) Reset() { *x = RevokeTenantRequest{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[15] + mi := &file_pb_tenant_service_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -794,7 +857,7 @@ func (x *RevokeTenantRequest) String() string { func (*RevokeTenantRequest) ProtoMessage() {} func (x *RevokeTenantRequest) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[15] + mi := &file_pb_tenant_service_proto_msgTypes[16] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -807,7 +870,7 @@ func (x *RevokeTenantRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use RevokeTenantRequest.ProtoReflect.Descriptor instead. func (*RevokeTenantRequest) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{15} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{16} } func (x *RevokeTenantRequest) GetTenantName() string { @@ -826,7 +889,7 @@ type RevokeTenantResponse struct { func (x *RevokeTenantResponse) Reset() { *x = RevokeTenantResponse{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[16] + mi := &file_pb_tenant_service_proto_msgTypes[17] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -839,7 +902,7 @@ func (x *RevokeTenantResponse) String() string { func (*RevokeTenantResponse) ProtoMessage() {} func (x *RevokeTenantResponse) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[16] + mi := &file_pb_tenant_service_proto_msgTypes[17] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -852,7 +915,7 @@ func (x *RevokeTenantResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RevokeTenantResponse.ProtoReflect.Descriptor instead. func (*RevokeTenantResponse) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{16} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{17} } type CancelRevokeTenantRequest struct { @@ -866,7 +929,7 @@ type CancelRevokeTenantRequest struct { func (x *CancelRevokeTenantRequest) Reset() { *x = CancelRevokeTenantRequest{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[17] + mi := &file_pb_tenant_service_proto_msgTypes[18] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -879,7 +942,7 @@ func (x *CancelRevokeTenantRequest) String() string { func (*CancelRevokeTenantRequest) ProtoMessage() {} func (x *CancelRevokeTenantRequest) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[17] + mi := &file_pb_tenant_service_proto_msgTypes[18] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -892,7 +955,7 @@ func (x *CancelRevokeTenantRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use CancelRevokeTenantRequest.ProtoReflect.Descriptor instead. func (*CancelRevokeTenantRequest) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{17} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{18} } func (x *CancelRevokeTenantRequest) GetTenantName() string { @@ -911,7 +974,7 @@ type CancelRevokeTenantResponse struct { func (x *CancelRevokeTenantResponse) Reset() { *x = CancelRevokeTenantResponse{} if protoimpl.UnsafeEnabled { - mi := &file_pb_tenant_service_proto_msgTypes[18] + mi := &file_pb_tenant_service_proto_msgTypes[19] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -924,7 +987,7 @@ func (x *CancelRevokeTenantResponse) String() string { func (*CancelRevokeTenantResponse) ProtoMessage() {} func (x *CancelRevokeTenantResponse) ProtoReflect() protoreflect.Message { - mi := &file_pb_tenant_service_proto_msgTypes[18] + mi := &file_pb_tenant_service_proto_msgTypes[19] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -937,7 +1000,7 @@ func (x *CancelRevokeTenantResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use CancelRevokeTenantResponse.ProtoReflect.Descriptor instead. func (*CancelRevokeTenantResponse) Descriptor() ([]byte, []int) { - return file_pb_tenant_service_proto_rawDescGZIP(), []int{18} + return file_pb_tenant_service_proto_rawDescGZIP(), []int{19} } var File_pb_tenant_service_proto protoreflect.FileDescriptor @@ -945,129 +1008,141 @@ var File_pb_tenant_service_proto protoreflect.FileDescriptor var file_pb_tenant_service_proto_rawDesc = []byte{ 0x0a, 0x17, 0x70, 0x62, 0x2f, 0x74, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x06, 0x6b, 0x61, 0x72, 0x61, 0x76, - 0x69, 0x22, 0x32, 0x0a, 0x06, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, + 0x69, 0x22, 0x52, 0x0a, 0x06, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, - 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x22, 0x3d, 0x0a, 0x13, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, + 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x12, 0x1e, 0x0a, 0x0a, 0x61, 0x70, 0x70, 0x72, 0x6f, 0x76, 0x65, + 0x73, 0x64, 0x63, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x61, 0x70, 0x70, 0x72, 0x6f, + 0x76, 0x65, 0x73, 0x64, 0x63, 0x22, 0x3d, 0x0a, 0x13, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x26, 0x0a, 0x06, 0x74, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x06, 0x74, 0x65, - 0x6e, 0x61, 0x6e, 0x74, 0x22, 0x26, 0x0a, 0x10, 0x47, 0x65, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, - 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x29, 0x0a, 0x13, - 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, - 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x16, 0x0a, 0x14, 0x44, 0x65, 0x6c, 0x65, 0x74, - 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, - 0x4f, 0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, - 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, 0x61, 0x67, 0x65, 0x53, 0x69, 0x7a, - 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, - 0x22, 0x66, 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x28, 0x0a, 0x07, 0x74, 0x65, 0x6e, 0x61, 0x6e, 0x74, - 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, - 0x2e, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x07, 0x74, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x73, - 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, - 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, - 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x4d, 0x0a, 0x0f, 0x42, 0x69, 0x6e, 0x64, - 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x0a, 0x54, - 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x52, - 0x6f, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x52, - 0x6f, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x12, 0x0a, 0x10, 0x42, 0x69, 0x6e, 0x64, 0x52, - 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x4f, 0x0a, 0x11, 0x55, - 0x6e, 0x62, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x12, 0x1e, 0x0a, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, - 0x12, 0x1a, 0x0a, 0x08, 0x52, 0x6f, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x08, 0x52, 0x6f, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x14, 0x0a, 0x12, - 0x55, 0x6e, 0x62, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x22, 0x88, 0x01, 0x0a, 0x14, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x54, - 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x0a, 0x54, + 0x6e, 0x61, 0x6e, 0x74, 0x22, 0x55, 0x0a, 0x13, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x54, 0x65, + 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x28, 0x0a, 0x0f, 0x52, - 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x54, 0x4c, 0x18, 0x02, - 0x20, 0x01, 0x28, 0x03, 0x52, 0x0f, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, - 0x65, 0x6e, 0x54, 0x54, 0x4c, 0x12, 0x26, 0x0a, 0x0e, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, - 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x54, 0x4c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x41, - 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x54, 0x4c, 0x22, 0x2d, 0x0a, - 0x15, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x87, 0x01, 0x0a, - 0x13, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x12, 0x22, 0x0a, 0x0c, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, - 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x52, 0x65, 0x66, 0x72, - 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x20, 0x0a, 0x0b, 0x41, 0x63, 0x63, 0x65, - 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x41, - 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x2a, 0x0a, 0x10, 0x4a, 0x57, - 0x54, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x4a, 0x57, 0x54, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, - 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x22, 0x38, 0x0a, 0x14, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, - 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x20, - 0x0a, 0x0b, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x0b, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, - 0x22, 0x35, 0x0a, 0x13, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, + 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x61, + 0x70, 0x70, 0x72, 0x6f, 0x76, 0x65, 0x73, 0x64, 0x63, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, + 0x0a, 0x61, 0x70, 0x70, 0x72, 0x6f, 0x76, 0x65, 0x73, 0x64, 0x63, 0x22, 0x26, 0x0a, 0x10, 0x47, + 0x65, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, + 0x61, 0x6d, 0x65, 0x22, 0x29, 0x0a, 0x13, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x65, 0x6e, + 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, + 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x16, + 0x0a, 0x14, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x4f, 0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x65, + 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x70, + 0x61, 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, + 0x70, 0x61, 0x67, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, + 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x09, 0x70, 0x61, + 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x66, 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, 0x54, + 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x28, 0x0a, + 0x07, 0x74, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0e, + 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x07, + 0x74, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, + 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, + 0x4d, 0x0a, 0x0f, 0x42, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, + 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x52, 0x6f, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x52, 0x6f, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x12, + 0x0a, 0x10, 0x42, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x4f, 0x0a, 0x11, 0x55, 0x6e, 0x62, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x54, 0x65, 0x6e, - 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x16, 0x0a, 0x14, 0x52, 0x65, 0x76, 0x6f, 0x6b, - 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, - 0x3b, 0x0a, 0x19, 0x43, 0x61, 0x6e, 0x63, 0x65, 0x6c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, - 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x0a, - 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x1c, 0x0a, 0x1a, - 0x43, 0x61, 0x6e, 0x63, 0x65, 0x6c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, - 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x32, 0xec, 0x05, 0x0a, 0x0d, 0x54, - 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x3d, 0x0a, 0x0c, - 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x1b, 0x2e, 0x6b, - 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, - 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x6b, 0x61, 0x72, 0x61, - 0x76, 0x69, 0x2e, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x22, 0x00, 0x12, 0x37, 0x0a, 0x09, 0x47, - 0x65, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x18, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, - 0x69, 0x2e, 0x47, 0x65, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x54, 0x65, 0x6e, 0x61, - 0x6e, 0x74, 0x22, 0x00, 0x12, 0x4b, 0x0a, 0x0c, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x65, - 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x1b, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x44, 0x65, - 0x6c, 0x65, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x1a, 0x1c, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, - 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, - 0x00, 0x12, 0x45, 0x0a, 0x0a, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, - 0x19, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x65, 0x6e, - 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x6b, 0x61, 0x72, - 0x61, 0x76, 0x69, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x3f, 0x0a, 0x08, 0x42, 0x69, 0x6e, 0x64, - 0x52, 0x6f, 0x6c, 0x65, 0x12, 0x17, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x42, 0x69, - 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x18, 0x2e, - 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x42, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, - 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x45, 0x0a, 0x0a, 0x55, 0x6e, 0x62, - 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x12, 0x19, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, - 0x2e, 0x55, 0x6e, 0x62, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x55, 0x6e, 0x62, 0x69, - 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, - 0x12, 0x4e, 0x0a, 0x0d, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, - 0x6e, 0x12, 0x1c, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, - 0x61, 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, - 0x1d, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, - 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, - 0x12, 0x4b, 0x0a, 0x0c, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, - 0x12, 0x1b, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, - 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, - 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, - 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x4b, 0x0a, - 0x0c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x1b, 0x2e, - 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, - 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x6b, 0x61, 0x72, - 0x61, 0x76, 0x69, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, - 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x5d, 0x0a, 0x12, 0x43, 0x61, - 0x6e, 0x63, 0x65, 0x6c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, - 0x12, 0x21, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x43, 0x61, 0x6e, 0x63, 0x65, 0x6c, + 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x52, 0x6f, 0x6c, 0x65, 0x4e, + 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x52, 0x6f, 0x6c, 0x65, 0x4e, + 0x61, 0x6d, 0x65, 0x22, 0x14, 0x0a, 0x12, 0x55, 0x6e, 0x62, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, + 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x88, 0x01, 0x0a, 0x14, 0x47, 0x65, + 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, + 0x6d, 0x65, 0x12, 0x28, 0x0a, 0x0f, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, + 0x65, 0x6e, 0x54, 0x54, 0x4c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0f, 0x52, 0x65, 0x66, + 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x54, 0x4c, 0x12, 0x26, 0x0a, 0x0e, + 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x54, 0x4c, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, + 0x6e, 0x54, 0x54, 0x4c, 0x22, 0x2d, 0x0a, 0x15, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, + 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, + 0x05, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x54, 0x6f, + 0x6b, 0x65, 0x6e, 0x22, 0x87, 0x01, 0x0a, 0x13, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, + 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x22, 0x0a, 0x0c, 0x52, + 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0c, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, + 0x20, 0x0a, 0x0b, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, + 0x6e, 0x12, 0x2a, 0x0a, 0x10, 0x4a, 0x57, 0x54, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x53, + 0x65, 0x63, 0x72, 0x65, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x4a, 0x57, 0x54, + 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x22, 0x38, 0x0a, + 0x14, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, + 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x41, 0x63, 0x63, 0x65, + 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x35, 0x0a, 0x13, 0x52, 0x65, 0x76, 0x6f, 0x6b, + 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, + 0x0a, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0x16, + 0x0a, 0x14, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x3b, 0x0a, 0x19, 0x43, 0x61, 0x6e, 0x63, 0x65, 0x6c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, - 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x43, 0x61, 0x6e, - 0x63, 0x65, 0x6c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, - 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, - 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x64, 0x65, 0x6c, 0x6c, 0x2f, 0x6b, 0x61, 0x72, - 0x61, 0x76, 0x69, 0x2d, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, 0x61, 0x6d, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x4e, + 0x61, 0x6d, 0x65, 0x22, 0x1c, 0x0a, 0x1a, 0x43, 0x61, 0x6e, 0x63, 0x65, 0x6c, 0x52, 0x65, 0x76, + 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x32, 0xab, 0x06, 0x0a, 0x0d, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x12, 0x3d, 0x0a, 0x0c, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x65, 0x6e, + 0x61, 0x6e, 0x74, 0x12, 0x1b, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x0e, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, + 0x22, 0x00, 0x12, 0x3d, 0x0a, 0x0c, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, + 0x6e, 0x74, 0x12, 0x1b, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x55, 0x70, 0x64, 0x61, + 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x0e, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x22, + 0x00, 0x12, 0x37, 0x0a, 0x09, 0x47, 0x65, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x18, + 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x47, 0x65, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, + 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, + 0x69, 0x2e, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x22, 0x00, 0x12, 0x4b, 0x0a, 0x0c, 0x44, 0x65, + 0x6c, 0x65, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x1b, 0x2e, 0x6b, 0x61, 0x72, + 0x61, 0x76, 0x69, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, + 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x45, 0x0a, 0x0a, 0x4c, 0x69, 0x73, 0x74, 0x54, + 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x19, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x4c, + 0x69, 0x73, 0x74, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x1a, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x54, 0x65, + 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x3f, + 0x0a, 0x08, 0x42, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x12, 0x17, 0x2e, 0x6b, 0x61, 0x72, + 0x61, 0x76, 0x69, 0x2e, 0x42, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x18, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x42, 0x69, 0x6e, + 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, + 0x45, 0x0a, 0x0a, 0x55, 0x6e, 0x62, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x12, 0x19, 0x2e, + 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x55, 0x6e, 0x62, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, + 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, + 0x69, 0x2e, 0x55, 0x6e, 0x62, 0x69, 0x6e, 0x64, 0x52, 0x6f, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x4e, 0x0a, 0x0d, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, + 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1c, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, + 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x47, + 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x4b, 0x0a, 0x0c, 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, + 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1b, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, + 0x52, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x52, 0x65, 0x66, + 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x22, 0x00, 0x12, 0x4b, 0x0a, 0x0c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, + 0x61, 0x6e, 0x74, 0x12, 0x1b, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x52, 0x65, 0x76, + 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x1c, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, + 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, + 0x12, 0x5d, 0x0a, 0x12, 0x43, 0x61, 0x6e, 0x63, 0x65, 0x6c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, + 0x54, 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x12, 0x21, 0x2e, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2e, + 0x43, 0x61, 0x6e, 0x63, 0x65, 0x6c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, 0x65, 0x6e, 0x61, + 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x6b, 0x61, 0x72, 0x61, + 0x76, 0x69, 0x2e, 0x43, 0x61, 0x6e, 0x63, 0x65, 0x6c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x54, + 0x65, 0x6e, 0x61, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, + 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x64, 0x65, + 0x6c, 0x6c, 0x2f, 0x6b, 0x61, 0x72, 0x61, 0x76, 0x69, 0x2d, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x33, } var ( @@ -1082,53 +1157,56 @@ func file_pb_tenant_service_proto_rawDescGZIP() []byte { return file_pb_tenant_service_proto_rawDescData } -var file_pb_tenant_service_proto_msgTypes = make([]protoimpl.MessageInfo, 19) +var file_pb_tenant_service_proto_msgTypes = make([]protoimpl.MessageInfo, 20) var file_pb_tenant_service_proto_goTypes = []interface{}{ (*Tenant)(nil), // 0: karavi.Tenant (*CreateTenantRequest)(nil), // 1: karavi.CreateTenantRequest - (*GetTenantRequest)(nil), // 2: karavi.GetTenantRequest - (*DeleteTenantRequest)(nil), // 3: karavi.DeleteTenantRequest - (*DeleteTenantResponse)(nil), // 4: karavi.DeleteTenantResponse - (*ListTenantRequest)(nil), // 5: karavi.ListTenantRequest - (*ListTenantResponse)(nil), // 6: karavi.ListTenantResponse - (*BindRoleRequest)(nil), // 7: karavi.BindRoleRequest - (*BindRoleResponse)(nil), // 8: karavi.BindRoleResponse - (*UnbindRoleRequest)(nil), // 9: karavi.UnbindRoleRequest - (*UnbindRoleResponse)(nil), // 10: karavi.UnbindRoleResponse - (*GenerateTokenRequest)(nil), // 11: karavi.GenerateTokenRequest - (*GenerateTokenResponse)(nil), // 12: karavi.GenerateTokenResponse - (*RefreshTokenRequest)(nil), // 13: karavi.RefreshTokenRequest - (*RefreshTokenResponse)(nil), // 14: karavi.RefreshTokenResponse - (*RevokeTenantRequest)(nil), // 15: karavi.RevokeTenantRequest - (*RevokeTenantResponse)(nil), // 16: karavi.RevokeTenantResponse - (*CancelRevokeTenantRequest)(nil), // 17: karavi.CancelRevokeTenantRequest - (*CancelRevokeTenantResponse)(nil), // 18: karavi.CancelRevokeTenantResponse + (*UpdateTenantRequest)(nil), // 2: karavi.UpdateTenantRequest + (*GetTenantRequest)(nil), // 3: karavi.GetTenantRequest + (*DeleteTenantRequest)(nil), // 4: karavi.DeleteTenantRequest + (*DeleteTenantResponse)(nil), // 5: karavi.DeleteTenantResponse + (*ListTenantRequest)(nil), // 6: karavi.ListTenantRequest + (*ListTenantResponse)(nil), // 7: karavi.ListTenantResponse + (*BindRoleRequest)(nil), // 8: karavi.BindRoleRequest + (*BindRoleResponse)(nil), // 9: karavi.BindRoleResponse + (*UnbindRoleRequest)(nil), // 10: karavi.UnbindRoleRequest + (*UnbindRoleResponse)(nil), // 11: karavi.UnbindRoleResponse + (*GenerateTokenRequest)(nil), // 12: karavi.GenerateTokenRequest + (*GenerateTokenResponse)(nil), // 13: karavi.GenerateTokenResponse + (*RefreshTokenRequest)(nil), // 14: karavi.RefreshTokenRequest + (*RefreshTokenResponse)(nil), // 15: karavi.RefreshTokenResponse + (*RevokeTenantRequest)(nil), // 16: karavi.RevokeTenantRequest + (*RevokeTenantResponse)(nil), // 17: karavi.RevokeTenantResponse + (*CancelRevokeTenantRequest)(nil), // 18: karavi.CancelRevokeTenantRequest + (*CancelRevokeTenantResponse)(nil), // 19: karavi.CancelRevokeTenantResponse } var file_pb_tenant_service_proto_depIdxs = []int32{ 0, // 0: karavi.CreateTenantRequest.tenant:type_name -> karavi.Tenant 0, // 1: karavi.ListTenantResponse.tenants:type_name -> karavi.Tenant 1, // 2: karavi.TenantService.CreateTenant:input_type -> karavi.CreateTenantRequest - 2, // 3: karavi.TenantService.GetTenant:input_type -> karavi.GetTenantRequest - 3, // 4: karavi.TenantService.DeleteTenant:input_type -> karavi.DeleteTenantRequest - 5, // 5: karavi.TenantService.ListTenant:input_type -> karavi.ListTenantRequest - 7, // 6: karavi.TenantService.BindRole:input_type -> karavi.BindRoleRequest - 9, // 7: karavi.TenantService.UnbindRole:input_type -> karavi.UnbindRoleRequest - 11, // 8: karavi.TenantService.GenerateToken:input_type -> karavi.GenerateTokenRequest - 13, // 9: karavi.TenantService.RefreshToken:input_type -> karavi.RefreshTokenRequest - 15, // 10: karavi.TenantService.RevokeTenant:input_type -> karavi.RevokeTenantRequest - 17, // 11: karavi.TenantService.CancelRevokeTenant:input_type -> karavi.CancelRevokeTenantRequest - 0, // 12: karavi.TenantService.CreateTenant:output_type -> karavi.Tenant - 0, // 13: karavi.TenantService.GetTenant:output_type -> karavi.Tenant - 4, // 14: karavi.TenantService.DeleteTenant:output_type -> karavi.DeleteTenantResponse - 6, // 15: karavi.TenantService.ListTenant:output_type -> karavi.ListTenantResponse - 8, // 16: karavi.TenantService.BindRole:output_type -> karavi.BindRoleResponse - 10, // 17: karavi.TenantService.UnbindRole:output_type -> karavi.UnbindRoleResponse - 12, // 18: karavi.TenantService.GenerateToken:output_type -> karavi.GenerateTokenResponse - 14, // 19: karavi.TenantService.RefreshToken:output_type -> karavi.RefreshTokenResponse - 16, // 20: karavi.TenantService.RevokeTenant:output_type -> karavi.RevokeTenantResponse - 18, // 21: karavi.TenantService.CancelRevokeTenant:output_type -> karavi.CancelRevokeTenantResponse - 12, // [12:22] is the sub-list for method output_type - 2, // [2:12] is the sub-list for method input_type + 2, // 3: karavi.TenantService.UpdateTenant:input_type -> karavi.UpdateTenantRequest + 3, // 4: karavi.TenantService.GetTenant:input_type -> karavi.GetTenantRequest + 4, // 5: karavi.TenantService.DeleteTenant:input_type -> karavi.DeleteTenantRequest + 6, // 6: karavi.TenantService.ListTenant:input_type -> karavi.ListTenantRequest + 8, // 7: karavi.TenantService.BindRole:input_type -> karavi.BindRoleRequest + 10, // 8: karavi.TenantService.UnbindRole:input_type -> karavi.UnbindRoleRequest + 12, // 9: karavi.TenantService.GenerateToken:input_type -> karavi.GenerateTokenRequest + 14, // 10: karavi.TenantService.RefreshToken:input_type -> karavi.RefreshTokenRequest + 16, // 11: karavi.TenantService.RevokeTenant:input_type -> karavi.RevokeTenantRequest + 18, // 12: karavi.TenantService.CancelRevokeTenant:input_type -> karavi.CancelRevokeTenantRequest + 0, // 13: karavi.TenantService.CreateTenant:output_type -> karavi.Tenant + 0, // 14: karavi.TenantService.UpdateTenant:output_type -> karavi.Tenant + 0, // 15: karavi.TenantService.GetTenant:output_type -> karavi.Tenant + 5, // 16: karavi.TenantService.DeleteTenant:output_type -> karavi.DeleteTenantResponse + 7, // 17: karavi.TenantService.ListTenant:output_type -> karavi.ListTenantResponse + 9, // 18: karavi.TenantService.BindRole:output_type -> karavi.BindRoleResponse + 11, // 19: karavi.TenantService.UnbindRole:output_type -> karavi.UnbindRoleResponse + 13, // 20: karavi.TenantService.GenerateToken:output_type -> karavi.GenerateTokenResponse + 15, // 21: karavi.TenantService.RefreshToken:output_type -> karavi.RefreshTokenResponse + 17, // 22: karavi.TenantService.RevokeTenant:output_type -> karavi.RevokeTenantResponse + 19, // 23: karavi.TenantService.CancelRevokeTenant:output_type -> karavi.CancelRevokeTenantResponse + 13, // [13:24] is the sub-list for method output_type + 2, // [2:13] is the sub-list for method input_type 2, // [2:2] is the sub-list for extension type_name 2, // [2:2] is the sub-list for extension extendee 0, // [0:2] is the sub-list for field type_name @@ -1165,7 +1243,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetTenantRequest); i { + switch v := v.(*UpdateTenantRequest); i { case 0: return &v.state case 1: @@ -1177,7 +1255,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*DeleteTenantRequest); i { + switch v := v.(*GetTenantRequest); i { case 0: return &v.state case 1: @@ -1189,7 +1267,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*DeleteTenantResponse); i { + switch v := v.(*DeleteTenantRequest); i { case 0: return &v.state case 1: @@ -1201,7 +1279,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ListTenantRequest); i { + switch v := v.(*DeleteTenantResponse); i { case 0: return &v.state case 1: @@ -1213,7 +1291,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ListTenantResponse); i { + switch v := v.(*ListTenantRequest); i { case 0: return &v.state case 1: @@ -1225,7 +1303,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*BindRoleRequest); i { + switch v := v.(*ListTenantResponse); i { case 0: return &v.state case 1: @@ -1237,7 +1315,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*BindRoleResponse); i { + switch v := v.(*BindRoleRequest); i { case 0: return &v.state case 1: @@ -1249,7 +1327,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*UnbindRoleRequest); i { + switch v := v.(*BindRoleResponse); i { case 0: return &v.state case 1: @@ -1261,7 +1339,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*UnbindRoleResponse); i { + switch v := v.(*UnbindRoleRequest); i { case 0: return &v.state case 1: @@ -1273,7 +1351,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GenerateTokenRequest); i { + switch v := v.(*UnbindRoleResponse); i { case 0: return &v.state case 1: @@ -1285,7 +1363,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GenerateTokenResponse); i { + switch v := v.(*GenerateTokenRequest); i { case 0: return &v.state case 1: @@ -1297,7 +1375,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RefreshTokenRequest); i { + switch v := v.(*GenerateTokenResponse); i { case 0: return &v.state case 1: @@ -1309,7 +1387,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RefreshTokenResponse); i { + switch v := v.(*RefreshTokenRequest); i { case 0: return &v.state case 1: @@ -1321,7 +1399,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RevokeTenantRequest); i { + switch v := v.(*RefreshTokenResponse); i { case 0: return &v.state case 1: @@ -1333,7 +1411,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RevokeTenantResponse); i { + switch v := v.(*RevokeTenantRequest); i { case 0: return &v.state case 1: @@ -1345,7 +1423,7 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CancelRevokeTenantRequest); i { + switch v := v.(*RevokeTenantResponse); i { case 0: return &v.state case 1: @@ -1357,6 +1435,18 @@ func file_pb_tenant_service_proto_init() { } } file_pb_tenant_service_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CancelRevokeTenantRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_pb_tenant_service_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*CancelRevokeTenantResponse); i { case 0: return &v.state @@ -1375,7 +1465,7 @@ func file_pb_tenant_service_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_pb_tenant_service_proto_rawDesc, NumEnums: 0, - NumMessages: 19, + NumMessages: 20, NumExtensions: 0, NumServices: 1, }, diff --git a/pb/tenant_service.proto b/pb/tenant_service.proto index d74c045a..2b956712 100644 --- a/pb/tenant_service.proto +++ b/pb/tenant_service.proto @@ -7,12 +7,18 @@ option go_package = "github.com/dell/karavi-authorization/pb"; message Tenant { string name = 1; string roles = 2; + bool approvesdc = 3; } message CreateTenantRequest { Tenant tenant = 1; } +message UpdateTenantRequest { + string TenantName = 1; + bool approvesdc = 2; +} + message GetTenantRequest { string name = 1; } @@ -81,6 +87,7 @@ message CancelRevokeTenantResponse {} service TenantService { rpc CreateTenant(CreateTenantRequest) returns (Tenant) {}; + rpc UpdateTenant(UpdateTenantRequest) returns (Tenant) {}; rpc GetTenant(GetTenantRequest) returns (Tenant) {}; rpc DeleteTenant(DeleteTenantRequest) returns (DeleteTenantResponse) {}; rpc ListTenant(ListTenantRequest) returns (ListTenantResponse) {}; diff --git a/pb/tenant_service_grpc.pb.go b/pb/tenant_service_grpc.pb.go index 09f34e4d..4da9e863 100644 --- a/pb/tenant_service_grpc.pb.go +++ b/pb/tenant_service_grpc.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: // - protoc-gen-go-grpc v1.2.0 -// - protoc v3.15.8 +// - protoc v3.6.1 // source: pb/tenant_service.proto package pb @@ -23,6 +23,7 @@ const _ = grpc.SupportPackageIsVersion7 // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. type TenantServiceClient interface { CreateTenant(ctx context.Context, in *CreateTenantRequest, opts ...grpc.CallOption) (*Tenant, error) + UpdateTenant(ctx context.Context, in *UpdateTenantRequest, opts ...grpc.CallOption) (*Tenant, error) GetTenant(ctx context.Context, in *GetTenantRequest, opts ...grpc.CallOption) (*Tenant, error) DeleteTenant(ctx context.Context, in *DeleteTenantRequest, opts ...grpc.CallOption) (*DeleteTenantResponse, error) ListTenant(ctx context.Context, in *ListTenantRequest, opts ...grpc.CallOption) (*ListTenantResponse, error) @@ -51,6 +52,15 @@ func (c *tenantServiceClient) CreateTenant(ctx context.Context, in *CreateTenant return out, nil } +func (c *tenantServiceClient) UpdateTenant(ctx context.Context, in *UpdateTenantRequest, opts ...grpc.CallOption) (*Tenant, error) { + out := new(Tenant) + err := c.cc.Invoke(ctx, "/karavi.TenantService/UpdateTenant", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + func (c *tenantServiceClient) GetTenant(ctx context.Context, in *GetTenantRequest, opts ...grpc.CallOption) (*Tenant, error) { out := new(Tenant) err := c.cc.Invoke(ctx, "/karavi.TenantService/GetTenant", in, out, opts...) @@ -137,6 +147,7 @@ func (c *tenantServiceClient) CancelRevokeTenant(ctx context.Context, in *Cancel // for forward compatibility type TenantServiceServer interface { CreateTenant(context.Context, *CreateTenantRequest) (*Tenant, error) + UpdateTenant(context.Context, *UpdateTenantRequest) (*Tenant, error) GetTenant(context.Context, *GetTenantRequest) (*Tenant, error) DeleteTenant(context.Context, *DeleteTenantRequest) (*DeleteTenantResponse, error) ListTenant(context.Context, *ListTenantRequest) (*ListTenantResponse, error) @@ -156,6 +167,9 @@ type UnimplementedTenantServiceServer struct { func (UnimplementedTenantServiceServer) CreateTenant(context.Context, *CreateTenantRequest) (*Tenant, error) { return nil, status.Errorf(codes.Unimplemented, "method CreateTenant not implemented") } +func (UnimplementedTenantServiceServer) UpdateTenant(context.Context, *UpdateTenantRequest) (*Tenant, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateTenant not implemented") +} func (UnimplementedTenantServiceServer) GetTenant(context.Context, *GetTenantRequest) (*Tenant, error) { return nil, status.Errorf(codes.Unimplemented, "method GetTenant not implemented") } @@ -214,6 +228,24 @@ func _TenantService_CreateTenant_Handler(srv interface{}, ctx context.Context, d return interceptor(ctx, in, info, handler) } +func _TenantService_UpdateTenant_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateTenantRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(TenantServiceServer).UpdateTenant(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/karavi.TenantService/UpdateTenant", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(TenantServiceServer).UpdateTenant(ctx, req.(*UpdateTenantRequest)) + } + return interceptor(ctx, in, info, handler) +} + func _TenantService_GetTenant_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { in := new(GetTenantRequest) if err := dec(in); err != nil { @@ -387,6 +419,10 @@ var TenantService_ServiceDesc = grpc.ServiceDesc{ MethodName: "CreateTenant", Handler: _TenantService_CreateTenant_Handler, }, + { + MethodName: "UpdateTenant", + Handler: _TenantService_UpdateTenant_Handler, + }, { MethodName: "GetTenant", Handler: _TenantService_GetTenant_Handler, diff --git a/policies/policy-install.sh b/policies/policy-install.sh index 4d9e82af..60994a1d 100755 --- a/policies/policy-install.sh +++ b/policies/policy-install.sh @@ -45,3 +45,5 @@ $K3S kubectl create configmap volumes-create -n karavi --from-file=./volumes_cre $K3S kubectl create configmap volumes-delete -n karavi --from-file=./volumes_delete.rego --save-config --dry-run=client -o yaml | $K3S kubectl apply -f - $K3S kubectl create configmap volumes-unmap -n karavi --from-file=./volumes_unmap.rego --save-config --dry-run=client -o yaml | $K3S kubectl apply -f - $K3S kubectl create configmap volumes-map -n karavi --from-file=./volumes_map.rego --save-config --dry-run=client -o yaml | $K3S kubectl apply -f - +$K3S kubectl create configmap sdc-approve -n karavi --from-file=./sdc_approve.rego --save-config --dry-run=client -o yaml | $K3S kubectl apply -f - + diff --git a/policies/sdc_approve.rego b/policies/sdc_approve.rego new file mode 100644 index 00000000..fc0f7e96 --- /dev/null +++ b/policies/sdc_approve.rego @@ -0,0 +1,40 @@ +# Copyright © 2023 Dell Inc., or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +package karavi.sdc.approve + +import data.karavi.common + +# Allow requests by default. +default allow = true + +default response = { + "allowed": true +} +response = { + "allowed": false, + "status": { + "reason": reason, + }, +} { + reason = concat(", ", deny) + reason != "" +} + +default claims = {} +claims = input.claims +deny[msg] { + claims == {} + msg := sprintf("missing claims", []) +}