From f798617b396cac79eb976a10ec13a1ad0abc9bb5 Mon Sep 17 00:00:00 2001 From: Ronen Hilewicz Date: Mon, 28 Oct 2024 12:28:39 -0400 Subject: [PATCH] Remove unused Expand[Relation|Permission] --- cache/expand.go | 92 - cache/expand_test.go | 132 -- cache/expand_test.json | 4465 ---------------------------------------- cache/metadata_test.go | 20 + 4 files changed, 20 insertions(+), 4689 deletions(-) delete mode 100644 cache/expand.go delete mode 100644 cache/expand_test.go delete mode 100644 cache/expand_test.json diff --git a/cache/expand.go b/cache/expand.go deleted file mode 100644 index 820ebbe..0000000 --- a/cache/expand.go +++ /dev/null @@ -1,92 +0,0 @@ -package cache - -import ( - "github.com/aserto-dev/azm/model" - "github.com/samber/lo" -) - -// ExpandRelation, returns list of relations which are a union of the given relation. -// For example, when a writer relation inherits reader, the expansion of a reader = reader + writer. -func (c *Cache) ExpandRelation(on model.ObjectName, rn model.RelationName) []model.RelationName { - c.mtx.RLock() - defer c.mtx.RUnlock() - - results := []model.RelationName{} - - // starting object type and relation must exist in order to be expanded. - if o, ok := c.model.Objects[on]; !ok { - return results - } else if _, ok := o.Relations[rn]; !ok { - return results - } - - // get relation set for given object:relation. - r := c.model.Objects[on].Relations[rn] - - // include given permission in result set - results = append(results, rn) - - // iterate through relation set, determine if it "unions" with the given relation. - for _, rt := range r.Union { - switch { - case rt.IsSubject() && rt.Object == on: - results = append(results, rt.Relation) - case rt.IsDirect(): - results = append(results, c.ExpandRelation(on, model.RelationName(rt.Object))...) - } - } - - return lo.Uniq(results) -} - -// ExpandPermission returns list of relations which cover the given permission for the given object type. -func (c *Cache) ExpandPermission(on model.ObjectName, pn model.RelationName) []model.RelationName { - c.mtx.RLock() - defer c.mtx.RUnlock() - - norm, _ := model.NormalizeIdentifier(string(pn)) - pn = model.RelationName(norm) - - results := []model.RelationName{} - - // starting object type and permission must exist in order to be expanded. - o, ok := c.model.Objects[on] - if !ok { - return results - } - if _, ok := o.Permissions[pn]; !ok { - return results - } - - p := c.model.Objects[on].Permissions[pn] - - results = append(results, c.expandUnion(o, p.Union...)...) - - for _, rn := range results { - results = append(results, c.ExpandRelation(on, rn)...) - } - - return lo.Uniq(results) -} - -// convert union []string to []model.RelationName. -func (c *Cache) expandUnion(o *model.Object, u ...*model.PermissionTerm) []model.RelationName { - result := []model.RelationName{} - for _, ref := range u { - if ref.IsArrow() { - continue - } - - result = append(result, ref.RelOrPerm) - exp := lo.FilterMap(o.Relations[ref.RelOrPerm].Union, func(r *model.RelationRef, _ int) (*model.PermissionTerm, bool) { - if !r.IsDirect() { - return &model.PermissionTerm{}, false - } - _, ok := o.Relations[model.RelationName(r.Object)] - return &model.PermissionTerm{RelOrPerm: model.RelationName(r.Object)}, ok - - }) - result = append(result, c.expandUnion(o, exp...)...) - } - return result -} diff --git a/cache/expand_test.go b/cache/expand_test.go deleted file mode 100644 index acc81c6..0000000 --- a/cache/expand_test.go +++ /dev/null @@ -1,132 +0,0 @@ -package cache_test - -import ( - "encoding/json" - "os" - "path/filepath" - "strings" - "testing" - - "github.com/aserto-dev/azm/cache" - "github.com/aserto-dev/azm/model" - v2 "github.com/aserto-dev/azm/v2" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -// load model cache from serialized model file. -func loadModelCache(t *testing.T, path string) *cache.Cache { - r, err := os.Open(path) - require.NoError(t, err) - defer r.Close() - - var mc model.Model - dec := json.NewDecoder(r) - if err := dec.Decode(&mc); err != nil { - require.NoError(t, err) - } - - return cache.New(&mc) -} - -// helper to regenerate the serialized cache from a manifest. -func loadFromManifest(t *testing.T, path string) *cache.Cache { // nolint:unused - r, err := os.Open(path) - require.NoError(t, err) - defer r.Close() - - m, err := v2.Load(r) - require.NoError(t, err) - - cachefile := strings.TrimSuffix(path, filepath.Ext(path)) + ".json" - w, err := os.Create(cachefile) - require.NoError(t, err) - defer w.Close() - - require.NoError(t, m.Write(w)) - - return cache.New(m) -} - -func TestExpandRelation(t *testing.T) { - mc := loadModelCache(t, "./expand_test.json") - - // tenant:directory-reader does not exist, results should be an empty array. - relations := mc.ExpandRelation("tenant", "directory-reader") - assert.Len(t, relations, 0) - - // system:directory-store-writer is not union-ed with any other relations, - // results should be an single element array, of the requested relation. - relations = mc.ExpandRelation("system", "directory-store-writer") - assert.Len(t, relations, 1) - assert.Contains(t, relations, model.RelationName("directory-store-writer")) - - // tenant:directory-client-reader is union-ed by directory-client-writer. - relations = mc.ExpandRelation("tenant", "directory-client-reader") - assert.Len(t, relations, 2) - assert.Contains(t, relations, model.RelationName("directory-client-reader")) - assert.Contains(t, relations, model.RelationName("directory-client-writer")) - - // tenant:viewer is union-ed by owner, admin, member. - relations = mc.ExpandRelation("tenant", "viewer") - assert.Len(t, relations, 4) - assert.Contains(t, relations, model.RelationName("viewer")) - assert.Contains(t, relations, model.RelationName("owner")) - assert.Contains(t, relations, model.RelationName("admin")) - assert.Contains(t, relations, model.RelationName("member")) - - // tenant:member is union-ed by owner, admin. - relations = mc.ExpandRelation("tenant", "member") - assert.Len(t, relations, 3) - assert.Contains(t, relations, model.RelationName("owner")) - assert.Contains(t, relations, model.RelationName("admin")) - assert.Contains(t, relations, model.RelationName("member")) - - // tenant:admin is union-ed by owner. - relations = mc.ExpandRelation("tenant", "admin") - assert.Len(t, relations, 2) - assert.Contains(t, relations, model.RelationName("owner")) - assert.Contains(t, relations, model.RelationName("admin")) - - // tenant:owner is not union-ed by any other relation - relations = mc.ExpandRelation("tenant", "owner") - assert.Len(t, relations, 1) - assert.Contains(t, relations, model.RelationName("owner")) - - // tenant:none-relation none-relation is a none existing relation - relations = mc.ExpandRelation("tenant", "non-relation") - assert.Len(t, relations, 0) - - // none-tenant:none-relation, none-tenant is a none existing tenant - relations = mc.ExpandRelation("none-tenant", "non-relation") - assert.Len(t, relations, 0) -} - -func TestExpandPermission(t *testing.T) { - mc := loadModelCache(t, "./expand_test.json") - - relations := mc.ExpandPermission("tenant", "none-permission") - assert.Len(t, relations, 0) - - relations = mc.ExpandPermission("none-tenant", "none-permission") - assert.Len(t, relations, 0) - - relations = mc.ExpandPermission("tenant", "aserto.directory.writer.v2.Writer.SetObject") - assert.Len(t, relations, 3) - assert.Contains(t, relations, model.RelationName("owner")) - assert.Contains(t, relations, model.RelationName("admin")) - assert.Contains(t, relations, model.RelationName("directory-client-writer")) - - relations = mc.ExpandPermission("tenant", "aserto.directory.reader.v2.Reader.GetObject") - assert.Len(t, relations, 6) - assert.Contains(t, relations, model.RelationName("owner")) - assert.Contains(t, relations, model.RelationName("admin")) - assert.Contains(t, relations, model.RelationName("member")) - assert.Contains(t, relations, model.RelationName("viewer")) - assert.Contains(t, relations, model.RelationName("directory-client-reader")) - assert.Contains(t, relations, model.RelationName("directory-client-writer")) - - relations = mc.ExpandPermission("tenant", "aserto.tenant.onboarding.v1.Onboarding.ClaimTenant") - assert.Len(t, relations, 1) - assert.Contains(t, relations, model.RelationName("owner")) -} diff --git a/cache/expand_test.json b/cache/expand_test.json deleted file mode 100644 index 64f701c..0000000 --- a/cache/expand_test.json +++ /dev/null @@ -1,4465 +0,0 @@ -{ - "version": 2, - "types": { - "application": { - "relations": { - "user": {} - } - }, - "group": { - "relations": { - "member": {} - } - }, - "identity": { - "relations": { - "identifier": {} - } - }, - "machine": {}, - "resource": {}, - "service": {}, - "system": { - "relations": { - "admin": {}, - "directory-reader": { - "union": [ - { - "object": "system", - "relation": "directory-writer" - } - ] - }, - "directory-store-reader": { - "union": [ - { - "object": "system", - "relation": "directory-store-writer" - } - ] - }, - "directory-store-writer": {}, - "directory-writer": {}, - "task-handler": {}, - "task-manager": {}, - "user": {} - }, - "permissions": { - "aserto.authorizer.authorizer.v1.authorizer.decisiontree": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.authorizer.v1.authorizer.is": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.authorizer.v1.authorizer.query": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.createtenant": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.createuser": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteapplpermission": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteapplproperty": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteapplrole": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteresource": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deletetenant": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuser": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuserapplication": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuserpermission": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuserproperty": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuserrole": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getapplpermissions": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getapplproperties": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getapplroles": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getidentity": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getresource": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getuser": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getuserpermissions": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getuserproperties": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getuserroles": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getvalue": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.listresources": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.listtenants": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.listuserapplications": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.listusers": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.loadusers": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplpermission": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplpermissions": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplproperties": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplproperty": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplrole": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplroles": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setresource": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserpermission": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserpermissions": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserproperties": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserproperty": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserrole": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserroles": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.directory.v1.directory.updateuser": { - "union": [ - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.authorizer.policy.v1.policy.getmodule": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.policy.v1.policy.getpolicies": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.policy.v1.policy.listpolicies": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.system.v1.system.getruntime": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.system.v1.system.setloglevel": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.system.v1.system.setupruntime": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.system.v1.system.tenantconfig": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.system.v1.system.unloadruntime": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.common.info.v1.config.get": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.common.info.v1.info.info": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.executequery": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.getdecisionlog": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.getdecisions": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.getuser": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.listdecisionlogs": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.listusers": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.executequery": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.getdecisionlog": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.getdecisions": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.getuser": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.listdecisionlogs": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.listusers": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.exporter.v2.exporter.export": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.importer.v2.importer.import": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.reader.v2.reader.checkpermission": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.checkrelation": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getgraph": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobject": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobjectmany": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobjects": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobjecttype": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobjecttypes": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getpermission": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getpermissions": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getrelation": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getrelations": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getrelationtype": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getrelationtypes": { - "union": [ - { - "rel_or_perm": "directory-reader" - } - ] - }, - "aserto.directory.store.v2.store.createtenant": { - "union": [ - { - "rel_or_perm": "directory-store-writer" - } - ] - }, - "aserto.directory.store.v2.store.deletetenant": { - "union": [ - { - "rel_or_perm": "directory-store-writer" - } - ] - }, - "aserto.directory.store.v2.store.gettenant": { - "union": [ - { - "rel_or_perm": "directory-store-reader" - } - ] - }, - "aserto.directory.store.v2.store.info": { - "union": [ - { - "rel_or_perm": "directory-store-writer" - } - ] - }, - "aserto.directory.store.v2.store.listtenants": { - "union": [ - { - "rel_or_perm": "directory-store-reader" - } - ] - }, - "aserto.directory.store.v2.store.migrateschema": { - "union": [ - { - "rel_or_perm": "directory-store-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.deleteobject": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.deleteobjecttype": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.deletepermission": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.deleterelation": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.deleterelationtype": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.setobject": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.setobjecttype": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.setpermission": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.setrelation": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.directory.writer.v2.writer.setrelationtype": { - "union": [ - { - "rel_or_perm": "directory-writer" - } - ] - }, - "aserto.discovery.policy.v1.discovery.opadiscovery": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.discovery.policy.v2.discovery.opainstancediscovery": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.funnel.v1.funnel.runworkflow": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.funnel.v1.funnel.startworkflow": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.funnel.v1.funnel.stopworkflow": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.system.aonadeleteorg": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.system.authorizerdeleteorg": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.system.harddeleteorg": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.system.tenantdeleteorg": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.user.getpolicystate": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.user.policy": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.user.testwf": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.management.v2.controller.commandstream": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.management.v2.controlplane.execcommand": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.management.v2.controlplane.listinstanceregistrations": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.createimage": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.getreadaccesstoken": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.getwriteaccesstoken": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listdigests": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listimages": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listorgs": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listpublicimages": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listpublicorgs": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listtagswithdetails": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.removeimage": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.repoavailable": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.setimagevisibility": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.createpolicyimage": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.deletepolicyimage": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.getpolicyimage": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.listpolicyimages": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.listpublicpolicyimages": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.updatepolicyimage": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.createpolicyrepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.deletepolicyrepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.getpolicyrepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.listpolicyrepos": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.listpublicpolicyrepos": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.updatepolicyrepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.tenant.listpublictenants": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.tenant.listtenants": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.system.v2.tenantcache.invalidatesecretskey": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.task.handler.v1.handler.handlejob": { - "union": [ - { - "rel_or_perm": "task-handler" - } - ] - }, - "aserto.task.handler.v1.handler.handletask": { - "union": [ - { - "rel_or_perm": "task-handler" - } - ] - }, - "aserto.task.manager.v1.manager.createjob": { - "union": [ - { - "rel_or_perm": "task-manager" - } - ] - }, - "aserto.task.manager.v1.manager.createtask": { - "union": [ - { - "rel_or_perm": "task-manager" - } - ] - }, - "aserto.task.manager.v1.manager.deletejob": { - "union": [ - { - "rel_or_perm": "task-manager" - } - ] - }, - "aserto.task.manager.v1.manager.deletetask": { - "union": [ - { - "rel_or_perm": "task-manager" - } - ] - }, - "aserto.task.manager.v1.manager.execjob": { - "union": [ - { - "rel_or_perm": "task-manager" - } - ] - }, - "aserto.task.manager.v1.manager.exectask": { - "union": [ - { - "rel_or_perm": "task-manager" - } - ] - }, - "aserto.task.manager.v1.manager.getjob": { - "union": [ - { - "rel_or_perm": "task-manager" - } - ] - }, - "aserto.task.manager.v1.manager.gettask": { - "union": [ - { - "rel_or_perm": "task-manager" - } - ] - }, - "aserto.tenant.account.v1.account.getaccount": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.account.v1.account.listinvites": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.account.v1.account.signupaccount": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.account.v1.account.updateaccount": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.connectionavailable": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.createconnection": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.deleteconnection": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.getconnection": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.listconnections": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.rotatesecret": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.updateconnection": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.verifyconnection": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.onboarding.v1.onboarding.claimtenant": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.onboarding.v1.onboarding.inviteuser": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.onboarding.v1.onboarding.tenantavailable": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.createpolicyref": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.deletepolicyref": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.listpolicyrefs": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.opadiscovery": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.opainstancediscovery": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.updatepolicyref": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy_builder.v1.policybuilder.createpolicybuilder": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy_builder.v1.policybuilder.deletepolicybuilder": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy_builder.v1.policybuilder.listpolicybuilders": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.getinvites": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.getprofile": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.inviteuser": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.removemember": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.respondtoinvite": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.provider.v1.provider.getprovider": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.provider.v1.provider.listproviderkinds": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.provider.v1.provider.listproviders": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.clonerepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.createregistryrepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.deleteregistryrepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.getregistryrepotag": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.listorgs": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.listregistryrepodigests": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.listregistryrepos": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.listregistryrepotags": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.registryrepoavailable": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.validpolicyregistryrepotag": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.createrepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.getprofile": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.getrepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.isrepoconnected": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.listorg": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.listrepo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.listtemplates": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.deleteaccount": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.deletetenant": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.getaccount": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.getmachineaccount": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.listaccounts": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.listdeletedtenants": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.listtenants": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.restoredeletedtenant": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.setaccountdeleted": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.setloglevel": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.system.v1.system.settenantdeleted": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.account.deleteaccount": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.instance.createinstance": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.instance.deleteinstance": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.instance.listinstance": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.instance.updateinstance": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.createpolicy": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.deletepolicy": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.getpolicy": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.listpolicy": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.policynameavailable": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.updatepolicy": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policystate.getpolicystate": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policystate.setpolicystate": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.repository.createrepository": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.repository.deleterepository": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.repository.getrepository": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.repository.updaterepository": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.source.createsource": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.source.deletesource": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.source.getsource": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.source.updatesource": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.tenant.deletetenant": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - }, - "grpc.reflection.v1alpha.serverreflection.serverreflectioninfo": { - "union": [ - { - "rel_or_perm": "admin" - } - ] - } - } - }, - "tenant": { - "relations": { - "account": {}, - "admin": { - "union": [ - { - "object": "tenant", - "relation": "owner" - } - ] - }, - "decision-log-reader": {}, - "directory-client-reader": { - "union": [ - { - "object": "tenant", - "relation": "directory-client-writer" - } - ] - }, - "directory-client-writer": {}, - "discovery-client": {}, - "edge-authorizer": {}, - "member": { - "union": [ - { - "object": "tenant", - "relation": "owner" - }, - { - "object": "tenant", - "relation": "admin" - } - ] - }, - "owner": {}, - "viewer": { - "union": [ - { - "object": "tenant", - "relation": "owner" - }, - { - "object": "tenant", - "relation": "member" - }, - { - "object": "tenant", - "relation": "admin" - } - ] - } - }, - "permissions": { - "aserto.authorizer.authorizer.v1.authorizer.decisiontree": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.authorizer.v1.authorizer.is": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.authorizer.v1.authorizer.query": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.createtenant": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.createuser": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteapplpermission": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteapplproperty": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteapplrole": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteresource": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deletetenant": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuser": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuserapplication": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuserpermission": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuserproperty": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.deleteuserrole": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getapplpermissions": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getapplproperties": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getapplroles": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getidentity": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getresource": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getuser": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getuserpermissions": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getuserproperties": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getuserroles": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.getvalue": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.listresources": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.listtenants": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.listuserapplications": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.listusers": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.authorizer.directory.v1.directory.loadusers": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplpermission": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplpermissions": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplproperties": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplproperty": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplrole": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setapplroles": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setresource": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserpermission": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserpermissions": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserproperties": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserproperty": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserrole": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.setuserroles": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.directory.v1.directory.updateuser": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.authorizer.system.v1.system.unloadruntime": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.common.info.v1.info.info": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.executequery": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.getdecisionlog": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.getdecisions": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.getuser": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.listdecisionlogs": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v1.decisionlogs.listusers": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.executequery": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.getdecisionlog": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.getdecisions": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.getuser": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.listdecisionlogs": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.decision_logs.v2.decisionlogs.listusers": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "decision-log-reader" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.exporter.v2.exporter.export": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.importer.v2.importer.import": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.reader.v2.reader.checkpermission": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.checkrelation": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getgraph": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobject": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobjectmany": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobjects": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobjecttype": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getobjecttypes": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getpermission": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getpermissions": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getrelation": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getrelations": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getrelationtype": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.reader.v2.reader.getrelationtypes": { - "union": [ - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "directory-client-reader" - } - ] - }, - "aserto.directory.writer.v2.writer.deleteobject": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.writer.v2.writer.deleteobjecttype": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.writer.v2.writer.deletepermission": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.writer.v2.writer.deleterelation": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.writer.v2.writer.deleterelationtype": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.writer.v2.writer.setobject": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.writer.v2.writer.setobjecttype": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.writer.v2.writer.setpermission": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.writer.v2.writer.setrelation": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.directory.writer.v2.writer.setrelationtype": { - "union": [ - { - "rel_or_perm": "directory-client-writer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.discovery.policy.v1.discovery.opadiscovery": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "discovery-client" - } - ] - }, - "aserto.discovery.policy.v2.discovery.opainstancediscovery": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "discovery-client" - } - ] - }, - "aserto.funnel.v1.funnel.runworkflow": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.funnel.v1.funnel.startworkflow": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.funnel.v1.funnel.stopworkflow": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.user.getpolicystate": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.user.policy": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.maestro.user.testwf": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.management.v2.controller.commandstream": { - "union": [ - { - "rel_or_perm": "edge-authorizer" - } - ] - }, - "aserto.management.v2.controlplane.execcommand": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.management.v2.controlplane.listinstanceregistrations": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.createimage": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.getreadaccesstoken": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.getwriteaccesstoken": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listdigests": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listimages": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listorgs": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listpublicimages": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listpublicorgs": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.listtagswithdetails": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.removeimage": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.repoavailable": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry.v1.registry.setimagevisibility": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.createpolicyimage": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.deletepolicyimage": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.getpolicyimage": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.listpolicyimages": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.listpublicpolicyimages": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policy.updatepolicyimage": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.createpolicyrepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.deletepolicyrepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.getpolicyrepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.listpolicyrepos": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.policyrepo.updatepolicyrepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.tenant.listpublictenants": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.registry_tenant.v1.tenant.listtenants": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.account.v1.account.getaccount": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.account.v1.account.listinvites": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.account.v1.account.signupaccount": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.account.v1.account.updateaccount": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.connectionavailable": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.createconnection": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.deleteconnection": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.getconnection": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.listconnections": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.rotatesecret": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.updateconnection": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.connection.v1.connection.verifyconnection": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.onboarding.v1.onboarding.claimtenant": { - "union": [ - { - "rel_or_perm": "owner" - } - ] - }, - "aserto.tenant.onboarding.v1.onboarding.inviteuser": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.onboarding.v1.onboarding.tenantavailable": { - "union": [ - { - "rel_or_perm": "owner" - } - ] - }, - "aserto.tenant.policy.v1.policy.createpolicyref": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.deletepolicyref": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.listpolicyrefs": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.opadiscovery": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - }, - { - "rel_or_perm": "discovery-client" - } - ] - }, - "aserto.tenant.policy.v1.policy.opainstancediscovery": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy.v1.policy.updatepolicyref": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy_builder.v1.policybuilder.createpolicybuilder": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy_builder.v1.policybuilder.deletepolicybuilder": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.policy_builder.v1.policybuilder.listpolicybuilders": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.getinvites": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.getprofile": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.inviteuser": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.removemember": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.profile.v1.profile.respondtoinvite": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.provider.v1.provider.getprovider": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.provider.v1.provider.listproviderkinds": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.provider.v1.provider.listproviders": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.clonerepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.createregistryrepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.deleteregistryrepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.getregistryrepotag": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.listorgs": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.listregistryrepodigests": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.listregistryrepos": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.listregistryrepotags": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.registryrepoavailable": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.registry.v1.registry.validpolicyregistryrepotag": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.createrepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.getprofile": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.getrepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.isrepoconnected": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.listorg": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.listrepo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.scc.v1.sourcecodectl.listtemplates": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.account.deleteaccount": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.instance.createinstance": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.instance.deleteinstance": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.instance.listinstance": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.instance.updateinstance": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.createpolicy": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.deletepolicy": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.getpolicy": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.listpolicy": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.policynameavailable": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policy.updatepolicy": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policystate.getpolicystate": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.policystate.setpolicystate": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.repository.createrepository": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.repository.deleterepository": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.repository.getrepository": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.repository.updaterepository": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.source.createsource": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.source.deletesource": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.source.getsource": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.source.updatesource": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "aserto.tenant.v2.tenant.deletetenant": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "admin" - } - ] - }, - "grpc.reflection.v1alpha.serverreflection.serverreflectioninfo": { - "union": [ - { - "rel_or_perm": "owner" - }, - { - "rel_or_perm": "member" - }, - { - "rel_or_perm": "viewer" - }, - { - "rel_or_perm": "admin" - } - ] - } - } - }, - "tenant-name": { - "relations": { - "tenant": {} - } - }, - "user": { - "relations": { - "manager": {} - } - }, - "user-v1": {} - }, - "metadata": null -} diff --git a/cache/metadata_test.go b/cache/metadata_test.go index dd9ce9b..83867d8 100644 --- a/cache/metadata_test.go +++ b/cache/metadata_test.go @@ -2,14 +2,34 @@ package cache_test import ( + "encoding/json" + "os" "testing" + "github.com/aserto-dev/azm/cache" + "github.com/aserto-dev/azm/model" "github.com/aserto-dev/azm/paging" dsc2 "github.com/aserto-dev/go-directory/aserto/directory/common/v2" "github.com/aserto-dev/go-directory/pkg/derr" asserts "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" ) +// load model cache from serialized model file. +func loadModelCache(t *testing.T, path string) *cache.Cache { // nolint: unparam + r, err := os.Open(path) + require.NoError(t, err) + defer r.Close() + + var mc model.Model + dec := json.NewDecoder(r) + if err := dec.Decode(&mc); err != nil { + require.NoError(t, err) + } + + return cache.New(&mc) +} + func TestGetObjectTypeV2(t *testing.T) { assert := asserts.New(t) mc := loadModelCache(t, "./metadata_test.json")