|
| 1 | +// Copyright 2023 Google LLC |
| 2 | +// |
| 3 | +// Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | +// you may not use this file except in compliance with the License. |
| 5 | +// You may obtain a copy of the License at |
| 6 | +// |
| 7 | +// http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | +// |
| 9 | +// Unless required by applicable law or agreed to in writing, software |
| 10 | +// distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | +// See the License for the specific language governing permissions and |
| 13 | +// limitations under the License. |
| 14 | + |
| 15 | +syntax = "proto3"; |
| 16 | + |
| 17 | +package google.api; |
| 18 | + |
| 19 | +import "google/protobuf/descriptor.proto"; |
| 20 | + |
| 21 | +option cc_enable_arenas = true; |
| 22 | +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; |
| 23 | +option java_multiple_files = true; |
| 24 | +option java_outer_classname = "PolicyProto"; |
| 25 | +option java_package = "com.google.api"; |
| 26 | +option objc_class_prefix = "GAPI"; |
| 27 | + |
| 28 | +// Provides `google.api.field_policy` annotation at proto fields. |
| 29 | +extend google.protobuf.FieldOptions { |
| 30 | + // See [FieldPolicy][]. |
| 31 | + FieldPolicy field_policy = 158361448; |
| 32 | +} |
| 33 | + |
| 34 | +// Provides `google.api.method_policy` annotation at proto methods. |
| 35 | +extend google.protobuf.MethodOptions { |
| 36 | + // See [MethodPolicy][]. |
| 37 | + MethodPolicy method_policy = 161893301; |
| 38 | +} |
| 39 | + |
| 40 | +// Google API Policy Annotation |
| 41 | +// |
| 42 | +// This message defines a simple API policy annotation that can be used to |
| 43 | +// annotate API request and response message fields with applicable policies. |
| 44 | +// One field may have multiple applicable policies that must all be satisfied |
| 45 | +// before a request can be processed. This policy annotation is used to |
| 46 | +// generate the overall policy that will be used for automatic runtime |
| 47 | +// policy enforcement and documentation generation. |
| 48 | +message FieldPolicy { |
| 49 | + // Selects one or more request or response message fields to apply this |
| 50 | + // `FieldPolicy`. |
| 51 | + // |
| 52 | + // When a `FieldPolicy` is used in proto annotation, the selector must |
| 53 | + // be left as empty. The service config generator will automatically fill |
| 54 | + // the correct value. |
| 55 | + // |
| 56 | + // When a `FieldPolicy` is used in service config, the selector must be a |
| 57 | + // comma-separated string with valid request or response field paths, |
| 58 | + // such as "foo.bar" or "foo.bar,foo.baz". |
| 59 | + string selector = 1; |
| 60 | + |
| 61 | + // Specifies the required permission(s) for the resource referred to by the |
| 62 | + // field. It requires the field contains a valid resource reference, and |
| 63 | + // the request must pass the permission checks to proceed. For example, |
| 64 | + // "resourcemanager.projects.get". |
| 65 | + string resource_permission = 2; |
| 66 | + |
| 67 | + // Specifies the resource type for the resource referred to by the field. |
| 68 | + string resource_type = 3; |
| 69 | +} |
| 70 | + |
| 71 | +// Defines policies applying to an RPC method. |
| 72 | +message MethodPolicy { |
| 73 | + // Selects a method to which these policies should be enforced, for example, |
| 74 | + // "google.pubsub.v1.Subscriber.CreateSubscription". |
| 75 | + // |
| 76 | + // Refer to [selector][google.api.DocumentationRule.selector] for syntax |
| 77 | + // details. |
| 78 | + // |
| 79 | + // NOTE: This field must not be set in the proto annotation. It will be |
| 80 | + // automatically filled by the service config compiler . |
| 81 | + string selector = 9; |
| 82 | + |
| 83 | + // Policies that are applicable to the request message. |
| 84 | + repeated FieldPolicy request_policies = 2; |
| 85 | +} |
0 commit comments