134 lines
3.2 KiB
Protocol Buffer
134 lines
3.2 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package rbac.v1;
|
|
|
|
option go_package = "git.lendry.ru/lendry-erp/proto.git/go;pb";
|
|
|
|
|
|
|
|
service RbacService {
|
|
rpc CreateRole(CreateRoleRequest) returns (ModifyRoleResponse);
|
|
rpc UpdateRole(UpdateRoleRequest) returns (ModifyRoleResponse);
|
|
rpc DeleteRole(DeleteRoleRequest) returns (DeleteRoleResponse);
|
|
|
|
rpc CreatePermission(CreatePermissionRequest) returns (ModifyPermissionResponse);
|
|
rpc UpdatePermission(UpdatePermissionRequest) returns (ModifyPermissionResponse);
|
|
|
|
rpc GetAllPermissions (GetAllPermissionsRequest) returns (GetAllPermissionsResponse);
|
|
rpc GetAllRoles(GetAllRolesRequest) returns (GetAllRolesResponse);
|
|
|
|
rpc AssignRolesByName(AssignRolesByNameRequest) returns (ModifyRoleResponse);
|
|
rpc GetUserRolesAndPermissions(GetUserRolesRequest) returns (GetUserRolesResponse);
|
|
rpc AssignRoleToUser(AssignRoleToUserRequest) returns (ModifyRoleResponse);
|
|
rpc RevokeRoleFromUser(RevokeRoleFromUserRequest) returns (ModifyRoleResponse);
|
|
|
|
rpc SyncLdapRoles(SyncLdapRolesRequest) returns (ModifyRoleResponse);
|
|
}
|
|
|
|
message GetAllPermissionsRequest {
|
|
string user_id = 1;
|
|
string session_id=2;
|
|
}
|
|
|
|
message GetAllPermissionsResponse {
|
|
repeated Permission permissions = 1;
|
|
}
|
|
|
|
message Permission {
|
|
string id = 1;
|
|
string code = 2;
|
|
string description = 3;
|
|
string module = 4;
|
|
repeated string roles = 5;
|
|
}
|
|
|
|
message GetAllRolesRequest {
|
|
string user_id = 1;
|
|
string session_id=2;
|
|
}
|
|
|
|
message GetAllRolesResponse {
|
|
repeated Roles roles = 1;
|
|
}
|
|
|
|
message CreateRoleRequest {
|
|
string name = 1;
|
|
int32 level = 2;
|
|
repeated string permission_codes = 3;
|
|
}
|
|
|
|
message UpdateRoleRequest {
|
|
string id = 1;
|
|
optional string name = 2;
|
|
optional int32 level = 3;
|
|
repeated string permission_codes = 4;
|
|
}
|
|
|
|
message ModifyRoleResponse {
|
|
bool success = 1;
|
|
string message = 2;
|
|
}
|
|
|
|
message DeleteRoleRequest {
|
|
string id = 1;
|
|
}
|
|
|
|
message DeleteRoleResponse {
|
|
bool success = 1;
|
|
string message = 2;
|
|
optional string fallback_role_name = 3;
|
|
}
|
|
|
|
message CreatePermissionRequest {
|
|
string code = 1;
|
|
string description = 2;
|
|
string module = 3;
|
|
}
|
|
|
|
message UpdatePermissionRequest {
|
|
string id = 1;
|
|
repeated string role_ids = 2; // Привязка к конкретным ролям
|
|
}
|
|
|
|
message ModifyPermissionResponse {
|
|
bool success = 1;
|
|
string message = 2;
|
|
}
|
|
|
|
message Roles {
|
|
string id = 1;
|
|
string name = 2;
|
|
int32 level = 3;
|
|
repeated string permissions = 4;
|
|
repeated string ldap_mapping = 5;
|
|
repeated string accounts = 6;
|
|
}
|
|
|
|
message GetUserRolesRequest {
|
|
string user_id = 1;
|
|
}
|
|
|
|
message GetUserRolesResponse {
|
|
repeated string roles = 1; // например: ["ADMIN", "MANAGER"]
|
|
repeated string permissions = 2; // например: ["users:read", "billing:write"]
|
|
int32 max_role_level = 3; // Максимальный уровень роли пользователя
|
|
}
|
|
|
|
message AssignRolesByNameRequest {
|
|
string user_id = 1;
|
|
repeated string roles = 2;
|
|
}
|
|
message AssignRoleToUserRequest {
|
|
string user_id = 1;
|
|
int32 role_id = 2;
|
|
}
|
|
|
|
message RevokeRoleFromUserRequest {
|
|
string user_id = 1;
|
|
int32 role_id = 2;
|
|
}
|
|
|
|
message SyncLdapRolesRequest {
|
|
string user_id = 1;
|
|
repeated string ldap_groups = 2;
|
|
} |