| // Copyright 2015 The Vanadium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| // This file was auto-generated by the vanadium vdl tool. |
| var vdl = require('vanadium').vdl; |
| var makeError = require('vanadium').verror.makeError; |
| var actions = require('vanadium').verror.actions; |
| var canonicalize = require('vanadium').vdl.canonicalize; |
| |
| |
| |
| |
| |
| var access = require('./../../../../v23/security/access'); |
| var permissions = require('./../../../../v23/services/permissions'); |
| |
| module.exports = {}; |
| |
| |
| |
| // Types: |
| |
| |
| |
| |
| // Consts: |
| |
| |
| |
| // Errors: |
| |
| module.exports.InvalidNameError = makeError('v.io/syncbase/v23/services/syncbase.InvalidName', actions.NO_RETRY, { |
| 'en': '{1:}{2:} invalid name: {3}', |
| }, [ |
| vdl.types.STRING, |
| ]); |
| |
| |
| |
| |
| // Services: |
| |
| |
| |
| function Service(){} |
| module.exports.Service = Service; |
| |
| |
| |
| Service.prototype.setPermissions = function(ctx, serverCall, perms, version) { |
| throw new Error('Method SetPermissions not implemented'); |
| }; |
| |
| |
| Service.prototype.getPermissions = function(ctx, serverCall) { |
| throw new Error('Method GetPermissions not implemented'); |
| }; |
| |
| |
| |
| Service.prototype._serviceDescription = { |
| name: 'Service', |
| pkgPath: 'v.io/syncbase/v23/services/syncbase', |
| doc: "// Service represents a Vanadium Syncbase service.\n// Service.Glob operates over App names.", |
| embeds: [{ |
| name: 'Object', |
| pkgPath: 'v.io/v23/services/permissions', |
| doc: "// Object provides access control for Vanadium objects.\n//\n// Vanadium services implementing dynamic access control would typically embed\n// this interface and tag additional methods defined by the service with one of\n// Admin, Read, Write, Resolve etc. For example, the VDL definition of the\n// object would be:\n//\n// package mypackage\n//\n// import \"v.io/v23/security/access\"\n// import \"v.io/v23/services/permissions\"\n//\n// type MyObject interface {\n// permissions.Object\n// MyRead() (string, error) {access.Read}\n// MyWrite(string) error {access.Write}\n// }\n//\n// If the set of pre-defined tags is insufficient, services may define their\n// own tag type and annotate all methods with this new type.\n//\n// Instead of embedding this Object interface, define SetPermissions and\n// GetPermissions in their own interface. Authorization policies will typically\n// respect annotations of a single type. For example, the VDL definition of an\n// object would be:\n//\n// package mypackage\n//\n// import \"v.io/v23/security/access\"\n//\n// type MyTag string\n//\n// const (\n// Blue = MyTag(\"Blue\")\n// Red = MyTag(\"Red\")\n// )\n//\n// type MyObject interface {\n// MyMethod() (string, error) {Blue}\n//\n// // Allow clients to change access via the access.Object interface:\n// SetPermissions(perms access.Permissions, version string) error {Red}\n// GetPermissions() (perms access.Permissions, version string, err error) {Blue}\n// }" |
| }, |
| ], |
| methods: [ |
| |
| |
| { |
| name: 'SetPermissions', |
| doc: "// SetPermissions replaces the current Permissions for an object. version\n// allows for optional, optimistic concurrency control. If non-empty,\n// version's value must come from GetPermissions. If any client has\n// successfully called SetPermissions in the meantime, the version will be\n// stale and SetPermissions will fail. If empty, SetPermissions performs an\n// unconditional update.\n//\n// Permissions objects are expected to be small. It is up to the\n// implementation to define the exact limit, though it should probably be\n// around 100KB. Large lists of principals can be represented concisely using\n// blessings.\n//\n// There is some ambiguity when calling SetPermissions on a mount point.\n// Does it affect the mount itself or does it affect the service endpoint\n// that the mount points to? The chosen behavior is that it affects the\n// service endpoint. To modify the mount point's Permissions, use\n// ResolveToMountTable to get an endpoint and call SetPermissions on that.\n// This means that clients must know when a name refers to a mount point to\n// change its Permissions.", |
| inArgs: [{ |
| name: 'perms', |
| doc: "", |
| type: new access.Permissions()._type |
| }, |
| { |
| name: 'version', |
| doc: "", |
| type: vdl.types.STRING |
| }, |
| ], |
| outArgs: [], |
| inStream: null, |
| outStream: null, |
| tags: [canonicalize.reduce(new access.Tag("Admin", true), new access.Tag()._type), ] |
| }, |
| |
| |
| { |
| name: 'GetPermissions', |
| doc: "// GetPermissions returns the complete, current Permissions for an object. The\n// returned version can be passed to a subsequent call to SetPermissions for\n// optimistic concurrency control. A successful call to SetPermissions will\n// invalidate version, and the client must call GetPermissions again to get\n// the current version.", |
| inArgs: [], |
| outArgs: [{ |
| name: 'perms', |
| doc: "", |
| type: new access.Permissions()._type |
| }, |
| { |
| name: 'version', |
| doc: "", |
| type: vdl.types.STRING |
| }, |
| ], |
| inStream: null, |
| outStream: null, |
| tags: [canonicalize.reduce(new access.Tag("Admin", true), new access.Tag()._type), ] |
| }, |
| |
| ] |
| }; |
| |
| |
| |
| function App(){} |
| module.exports.App = App; |
| |
| |
| |
| App.prototype.create = function(ctx, serverCall, perms) { |
| throw new Error('Method Create not implemented'); |
| }; |
| |
| |
| App.prototype.delete = function(ctx, serverCall) { |
| throw new Error('Method Delete not implemented'); |
| }; |
| |
| |
| App.prototype.setPermissions = function(ctx, serverCall, perms, version) { |
| throw new Error('Method SetPermissions not implemented'); |
| }; |
| |
| |
| App.prototype.getPermissions = function(ctx, serverCall) { |
| throw new Error('Method GetPermissions not implemented'); |
| }; |
| |
| |
| |
| App.prototype._serviceDescription = { |
| name: 'App', |
| pkgPath: 'v.io/syncbase/v23/services/syncbase', |
| doc: "// App represents the data for a specific app instance (possibly a combination\n// of user, device, and app).\n// App.Glob operates over Database names.", |
| embeds: [{ |
| name: 'Object', |
| pkgPath: 'v.io/v23/services/permissions', |
| doc: "// Object provides access control for Vanadium objects.\n//\n// Vanadium services implementing dynamic access control would typically embed\n// this interface and tag additional methods defined by the service with one of\n// Admin, Read, Write, Resolve etc. For example, the VDL definition of the\n// object would be:\n//\n// package mypackage\n//\n// import \"v.io/v23/security/access\"\n// import \"v.io/v23/services/permissions\"\n//\n// type MyObject interface {\n// permissions.Object\n// MyRead() (string, error) {access.Read}\n// MyWrite(string) error {access.Write}\n// }\n//\n// If the set of pre-defined tags is insufficient, services may define their\n// own tag type and annotate all methods with this new type.\n//\n// Instead of embedding this Object interface, define SetPermissions and\n// GetPermissions in their own interface. Authorization policies will typically\n// respect annotations of a single type. For example, the VDL definition of an\n// object would be:\n//\n// package mypackage\n//\n// import \"v.io/v23/security/access\"\n//\n// type MyTag string\n//\n// const (\n// Blue = MyTag(\"Blue\")\n// Red = MyTag(\"Red\")\n// )\n//\n// type MyObject interface {\n// MyMethod() (string, error) {Blue}\n//\n// // Allow clients to change access via the access.Object interface:\n// SetPermissions(perms access.Permissions, version string) error {Red}\n// GetPermissions() (perms access.Permissions, version string, err error) {Blue}\n// }" |
| }, |
| ], |
| methods: [ |
| |
| |
| { |
| name: 'Create', |
| doc: "// Create creates this App.\n// If perms is nil, we inherit (copy) the Service perms.\n// Create requires the caller to have Write permission at the Service.", |
| inArgs: [{ |
| name: 'perms', |
| doc: "", |
| type: new access.Permissions()._type |
| }, |
| ], |
| outArgs: [], |
| inStream: null, |
| outStream: null, |
| tags: [canonicalize.reduce(new access.Tag("Write", true), new access.Tag()._type), ] |
| }, |
| |
| |
| { |
| name: 'Delete', |
| doc: "// Delete deletes this App.", |
| inArgs: [], |
| outArgs: [], |
| inStream: null, |
| outStream: null, |
| tags: [canonicalize.reduce(new access.Tag("Write", true), new access.Tag()._type), ] |
| }, |
| |
| |
| { |
| name: 'SetPermissions', |
| doc: "// SetPermissions replaces the current Permissions for an object. version\n// allows for optional, optimistic concurrency control. If non-empty,\n// version's value must come from GetPermissions. If any client has\n// successfully called SetPermissions in the meantime, the version will be\n// stale and SetPermissions will fail. If empty, SetPermissions performs an\n// unconditional update.\n//\n// Permissions objects are expected to be small. It is up to the\n// implementation to define the exact limit, though it should probably be\n// around 100KB. Large lists of principals can be represented concisely using\n// blessings.\n//\n// There is some ambiguity when calling SetPermissions on a mount point.\n// Does it affect the mount itself or does it affect the service endpoint\n// that the mount points to? The chosen behavior is that it affects the\n// service endpoint. To modify the mount point's Permissions, use\n// ResolveToMountTable to get an endpoint and call SetPermissions on that.\n// This means that clients must know when a name refers to a mount point to\n// change its Permissions.", |
| inArgs: [{ |
| name: 'perms', |
| doc: "", |
| type: new access.Permissions()._type |
| }, |
| { |
| name: 'version', |
| doc: "", |
| type: vdl.types.STRING |
| }, |
| ], |
| outArgs: [], |
| inStream: null, |
| outStream: null, |
| tags: [canonicalize.reduce(new access.Tag("Admin", true), new access.Tag()._type), ] |
| }, |
| |
| |
| { |
| name: 'GetPermissions', |
| doc: "// GetPermissions returns the complete, current Permissions for an object. The\n// returned version can be passed to a subsequent call to SetPermissions for\n// optimistic concurrency control. A successful call to SetPermissions will\n// invalidate version, and the client must call GetPermissions again to get\n// the current version.", |
| inArgs: [], |
| outArgs: [{ |
| name: 'perms', |
| doc: "", |
| type: new access.Permissions()._type |
| }, |
| { |
| name: 'version', |
| doc: "", |
| type: vdl.types.STRING |
| }, |
| ], |
| inStream: null, |
| outStream: null, |
| tags: [canonicalize.reduce(new access.Tag("Admin", true), new access.Tag()._type), ] |
| }, |
| |
| ] |
| }; |
| |
| |
| |
| |
| |