feat: add batch-check proto definition

openfga/v1/openfga_service.proto

@@ -9,6 +9,7 @@ import "google/protobuf/struct.proto";
 import "google/protobuf/timestamp.proto";
 import "google/protobuf/wrappers.proto";
 import "openfga/v1/authzmodel.proto";
+import "openfga/v1/errors_ignore.proto";
 import "openfga/v1/openfga.proto";
 import "openfga/v1/openfga_service_consistency.proto";
 import "protoc-gen-openapiv2/options/annotations.proto";
@@ -326,6 +327,73 @@ service OpenFGAService {
     };
   }
 
+  rpc BatchCheck(BatchCheckRequest) returns (BatchCheckResponse) {
+    option (google.api.http) = {
+      post: "/stores/{store_id}/batch-check"
+      body: "*"
+    };
+
+    option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
+      summary: "Send a list of `check` operations in a single request"
+      tags: ["Relationship Queries"]
+      operation_id: "BatchCheck"
+      description:
+        "The `BatchCheck` API functions nearly identically to `Check`, but instead of checking a single "
+        "user-object relationship BatchCheck accepts a list of relationships to check and returns a map containing a response "
+        "for each check it received.\n\n"
+        "Within each `BatchCheckItem`, this endpoint requires a `correlation_id` in the form of a string containing only "
+        "alphanumeric characters or hyphens with a maximum length of 36 characters. This `correlation_id` is used to map the result "
+        "of each check to the item which was checked, so it must be unique for each item in the batch. "
+        "We recommend using a UUID or ULID as the `correlation_id`, but you can use whatever unique identifier you need as long "
+        " as it matches this regex pattern: `^[\\w\\d-]{1,36}$`\n\n"
+        "For more details on how `Check` functions, see the docs for `/check`.\n\n"
+        "### Examples\n"
+        "#### A BatchCheckRequest\n"
+        "```json\n"
+        "{\n"
+        "  \"checks\": [\n"
+        "     {\n"
+        "       \"tuple_key\": {\n"
+        "         \"object\": \"document:2021-budget\"\n"
+        "         \"relation\": \"reader\",\n"
+        "         \"user\": \"user:anne\",\n"
+        "       },\n"
+        "       \"contextual_tuples\": {...}\n"
+        "       \"context\": {}\n"
+        "       \"correlation_id\": \"01JA8PM3QM7VBPGB8KMPK8SBD5\"\n"
+        "     },\n"
+        "     {\n"
+        "       \"tuple_key\": {\n"
+        "         \"object\": \"document:2021-budget\"\n"
+        "         \"relation\": \"reader\",\n"
+        "         \"user\": \"user:bob\",\n"
+        "       },\n"
+        "       \"contextual_tuples\": {...}\n"
+        "       \"context\": {}\n"
+        "       \"correlation_id\": \"01JA8PMM6A90NV5ET0F28CYSZQ\"\n"
+        "     },\n"
+        "   ]\n"
+        "}\n"
+        "```\n\n"
+        "Below is a possible response to the above request. Note that the result map's keys are the `correlation_id` values from the checked items in the request:\n"
+        "```json\n"
+        "{\n"
+        "   \"result\": {\n"
+        "     \"01JA8PMM6A90NV5ET0F28CYSZQ\": {\n"
+        "       \"allowed\": false, \n"
+        "       \"error\": {\"message\": \"\"}, \n"
+        "       \"query_duration_ms\": 5\n"
+        "    },\n"
+        "     \"01JA8PM3QM7VBPGB8KMPK8SBD5\": {\n"
+        "       \"allowed\": true, \n"
+        "       \"error\": {\"message\": \"\"}, \n"
+        "       \"query_duration_ms\": 3\n"
+        "    }\n"
+        "}\n"
+        "```\n"
+    };
+  }
+
   rpc Expand(ExpandRequest) returns (ExpandResponse) {
     option (google.api.http) = {
       post: "/stores/{store_id}/expand"
@@ -1175,6 +1243,66 @@ message CheckResponse {
   string resolution = 2;
 }
 
+message BatchCheckRequest {
+  string store_id = 1 [
+    json_name = "store_id",
+    (google.api.field_behavior) = REQUIRED,
+    (validate.rules).string = {pattern: "^[ABCDEFGHJKMNPQRSTVWXYZ0-9]{26}$"},
+    (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {example: "\"01YCP46JKYM8FJCQ37NMBYHE5X\""}
+  ];
+
+  repeated BatchCheckItem checks = 2 [(google.api.field_behavior) = REQUIRED];
+
+  string authorization_model_id = 3 [
+    json_name = "authorization_model_id",
+    (validate.rules).string = {
+      pattern: "^[ABCDEFGHJKMNPQRSTVWXYZ0-9]{26}$"
+      ignore_empty: true
+    },
+    (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {example: "\"01G5JAVJ41T49E9TT3SKVS7X1J\""}
+  ];
+
+  ConsistencyPreference consistency = 4 [(validate.rules).enum.defined_only = true];
+}
+
+message BatchCheckItem {
+  CheckRequestTupleKey tuple_key = 1 [(google.api.field_behavior) = REQUIRED];
+  openfga.v1.ContextualTupleKeys contextual_tuples = 2 [json_name = "contextual_tuples"];
+  google.protobuf.Struct context = 3;
+
+  string correlation_id = 4 [
+    (validate.rules).string = {pattern: "^[\\w\\d-]{1,36}$"},
+    (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
+      example: "\"1cd93d8c-8e45-43c6-9a15-cbb3c7f394bc\""
+      description: "correlation_id must be a string containing only letters, numbers, or hyphens, with length ≤ 36 characters."
+    },
+    (google.api.field_behavior) = REQUIRED
+  ];
+}
+
+message BatchCheckResponse {
+  map<string, BatchCheckSingleResult> result = 1 [(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
+    example: '{"1cd93d8c-8e45-43c6-9a15-cbb3c7f394bc": {"allowed": true, "queryDurationMs": 3, "error": {"message": ""}}}'
+    description: "map keys are the correlation_id values from the BatchCheckItems in the request"
+  }];
+}
+
+message BatchCheckSingleResult {
+  oneof check_result {
+    bool allowed = 2;
+    CheckError error = 3;
+  }
+  google.protobuf.Int32Value query_duration_ms = 4;
+}
+
+message CheckError {
+  oneof code {
+    ErrorCode input_error = 1;
+    InternalErrorCode internal_error = 2;
+  }
+  string message = 3;
+}
+
 message ExpandRequest {
   string store_id = 1 [
     json_name = "store_id",