From ccd6d5d43be178c3b9be2b6f39f90fb6a6e7cfd5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 21 Nov 2025 17:10:18 +0000 Subject: [PATCH] Bump github.com/conductorone/baton-sdk from 0.5.5 to 0.5.9 Bumps [github.com/conductorone/baton-sdk](https://github.com/conductorone/baton-sdk) from 0.5.5 to 0.5.9. - [Release notes](https://github.com/conductorone/baton-sdk/releases) - [Commits](https://github.com/conductorone/baton-sdk/compare/v0.5.5...v0.5.9) --- updated-dependencies: - dependency-name: github.com/conductorone/baton-sdk dependency-version: 0.5.9 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 +- .../baton-sdk/internal/connector/connector.go | 5 +- .../baton-sdk/pb/c1/config/v1/config.pb.go | 19 +- .../pb/c1/config/v1/config.pb.validate.go | 2 + .../pb/c1/config/v1/config_protoopaque.pb.go | 19 +- .../pb/c1/connector/v2/connector.pb.go | 314 ++++++-- .../c1/connector/v2/connector.pb.validate.go | 269 +++++++ .../connector/v2/connector_protoopaque.pb.go | 316 ++++++-- .../pb/c1/connector/v2/entitlement.pb.go | 272 ++++++- .../connector/v2/entitlement.pb.validate.go | 399 ++++++++++ .../pb/c1/connector/v2/entitlement_grpc.pb.go | 40 +- .../v2/entitlement_protoopaque.pb.go | 278 ++++++- .../pb/c1/connectorapi/baton/v1/session.pb.go | 12 +- .../baton/v1/session.pb.validate.go | 8 +- .../baton/v1/session_protoopaque.pb.go | 12 +- .../conductorone/baton-sdk/pkg/cli/cli.go | 2 +- .../baton-sdk/pkg/cli/commands.go | 21 +- .../baton-sdk/pkg/cli/lambda_server__added.go | 31 +- .../pkg/cli/lambda_server_omitted.go | 1 + .../baton-sdk/pkg/cli/lazy_session.go | 78 +- .../baton-sdk/pkg/config/config.go | 16 +- .../baton-sdk/pkg/config/generate.go | 12 + .../pkg/connectorbuilder/connectorbuilder.go | 10 + .../pkg/connectorbuilder/resource_syncer.go | 81 +- .../pkg/connectorbuilder/session_store.go | 1 + .../baton-sdk/pkg/connectorrunner/runner.go | 13 + .../baton-sdk/pkg/dotc1z/entitlements.go | 10 + .../conductorone/baton-sdk/pkg/dotc1z/file.go | 39 +- .../baton-sdk/pkg/dotc1z/sync_runs.go | 2 + .../baton-sdk/pkg/field/defaults.go | 18 + .../baton-sdk/pkg/field/field_group.go | 10 + .../baton-sdk/pkg/field/marshal.go | 1 + .../baton-sdk/pkg/field/struct.go | 26 + .../baton-sdk/pkg/field/validation.go | 29 +- .../baton-sdk/pkg/sdk/empty_connector.go | 10 + .../conductorone/baton-sdk/pkg/sdk/version.go | 2 +- .../baton-sdk/pkg/session/memory_cache.go | 215 ++++++ .../baton-sdk/pkg/session/noop_session.go | 52 ++ .../conductorone/baton-sdk/pkg/sync/state.go | 18 + .../conductorone/baton-sdk/pkg/sync/syncer.go | 713 +++++++++++------- .../baton-sdk/pkg/synccompactor/compactor.go | 34 +- .../baton-sdk/pkg/types/tasks/tasks.go | 7 + vendor/modules.txt | 2 +- 44 files changed, 2873 insertions(+), 552 deletions(-) create mode 100644 vendor/github.com/conductorone/baton-sdk/pkg/session/memory_cache.go create mode 100644 vendor/github.com/conductorone/baton-sdk/pkg/session/noop_session.go diff --git a/go.mod b/go.mod index 8b099416..f0eb20a7 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/conductorone/baton-dropbox go 1.25.2 require ( - github.com/conductorone/baton-sdk v0.5.5 + github.com/conductorone/baton-sdk v0.5.21 github.com/ennyjfrick/ruleguard-logfatal v0.0.2 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 github.com/quasilyte/go-ruleguard/dsl v0.3.22 diff --git a/go.sum b/go.sum index 72a1775d..04b9db02 100644 --- a/go.sum +++ b/go.sum @@ -60,8 +60,8 @@ github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyY github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/conductorone/baton-sdk v0.5.5 h1:enu64g8Owm4Iv3zk/RGXgaujfBzvI9QCw6j6u2OgKCA= -github.com/conductorone/baton-sdk v0.5.5/go.mod h1:TQuaFYyonGW1Xblxjm+qQE3XsJGAZvTMPGaO4c4Yv6E= +github.com/conductorone/baton-sdk v0.5.21 h1:9/x7wu6frktwe8qsqDkNgEU/XlAAeTAL7B1Hb+exbi4= +github.com/conductorone/baton-sdk v0.5.21/go.mod h1:TQuaFYyonGW1Xblxjm+qQE3XsJGAZvTMPGaO4c4Yv6E= github.com/conductorone/dpop v0.2.3 h1:s91U3845GHQ6P6FWrdNr2SEOy1ES/jcFs1JtKSl2S+o= github.com/conductorone/dpop v0.2.3/go.mod h1:gyo8TtzB9SCFCsjsICH4IaLZ7y64CcrDXMOPBwfq/3s= github.com/conductorone/dpop/integrations/dpop_grpc v0.2.3 h1:kLMCNIh0Mo2vbvvkCmJ3ixsPbXEJ6HPcW53Ku9yje3s= diff --git a/vendor/github.com/conductorone/baton-sdk/internal/connector/connector.go b/vendor/github.com/conductorone/baton-sdk/internal/connector/connector.go index 6c6e07d5..fad4f16b 100644 --- a/vendor/github.com/conductorone/baton-sdk/internal/connector/connector.go +++ b/vendor/github.com/conductorone/baton-sdk/internal/connector/connector.go @@ -273,7 +273,10 @@ func (cw *wrapper) runServer(ctx context.Context, serverCred *tlsV1.Credential) cw.SessionServer = server go func() { defer sessionListenerFile.Close() - serverErr := session.StartGRPCSessionServerWithOptions(ctx, sessionListener, server, grpc.Creds(credentials.NewTLS(tlsConfig))) + serverErr := session.StartGRPCSessionServerWithOptions(ctx, sessionListener, server, + grpc.Creds(credentials.NewTLS(tlsConfig)), + grpc.ChainUnaryInterceptor(ugrpc.UnaryServerInterceptor(ctx)...), + ) if serverErr != nil { l.Error("failed to create session store server", zap.Error(serverErr)) return diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config.pb.go index 10482b57..14ec079e 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config.pb.go @@ -439,6 +439,7 @@ type FieldGroup struct { DisplayName string `protobuf:"bytes,2,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"` HelpText string `protobuf:"bytes,3,opt,name=help_text,json=helpText,proto3" json:"help_text,omitempty"` Fields []string `protobuf:"bytes,4,rep,name=fields,proto3" json:"fields,omitempty"` + Default bool `protobuf:"varint,5,opt,name=default,proto3" json:"default,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -496,6 +497,13 @@ func (x *FieldGroup) GetFields() []string { return nil } +func (x *FieldGroup) GetDefault() bool { + if x != nil { + return x.Default + } + return false +} + func (x *FieldGroup) SetName(v string) { x.Name = v } @@ -512,6 +520,10 @@ func (x *FieldGroup) SetFields(v []string) { x.Fields = v } +func (x *FieldGroup) SetDefault(v bool) { + x.Default = v +} + type FieldGroup_builder struct { _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. @@ -519,6 +531,7 @@ type FieldGroup_builder struct { DisplayName string HelpText string Fields []string + Default bool } func (b0 FieldGroup_builder) Build() *FieldGroup { @@ -529,6 +542,7 @@ func (b0 FieldGroup_builder) Build() *FieldGroup { x.DisplayName = b.DisplayName x.HelpText = b.HelpText x.Fields = b.Fields + x.Default = b.Default return m0 } @@ -1514,13 +1528,14 @@ const file_c1_config_v1_config_proto_rawDesc = "" + "\x15secondary_field_names\x18\x03 \x03(\tR\x13secondaryFieldNames\x12\x12\n" + "\x04name\x18\x04 \x01(\tR\x04name\x12\x1b\n" + "\thelp_text\x18\x05 \x01(\tR\bhelpText\x12$\n" + - "\x0eis_field_group\x18\x06 \x01(\bR\fisFieldGroup\"x\n" + + "\x0eis_field_group\x18\x06 \x01(\bR\fisFieldGroup\"\x92\x01\n" + "\n" + "FieldGroup\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x12!\n" + "\fdisplay_name\x18\x02 \x01(\tR\vdisplayName\x12\x1b\n" + "\thelp_text\x18\x03 \x01(\tR\bhelpText\x12\x16\n" + - "\x06fields\x18\x04 \x03(\tR\x06fields\"\xab\x04\n" + + "\x06fields\x18\x04 \x03(\tR\x06fields\x12\x18\n" + + "\adefault\x18\x05 \x01(\bR\adefault\"\xab\x04\n" + "\x05Field\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x12!\n" + "\fdisplay_name\x18\x02 \x01(\tR\vdisplayName\x12 \n" + diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config.pb.validate.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config.pb.validate.go index 523c7c7b..ff0ca67d 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config.pb.validate.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config.pb.validate.go @@ -386,6 +386,8 @@ func (m *FieldGroup) validate(all bool) error { // no validation rules for HelpText + // no validation rules for Default + if len(errors) > 0 { return FieldGroupMultiError(errors) } diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config_protoopaque.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config_protoopaque.pb.go index 763ebc8b..5dd83dbf 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config_protoopaque.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/config/v1/config_protoopaque.pb.go @@ -445,6 +445,7 @@ type FieldGroup struct { xxx_hidden_DisplayName string `protobuf:"bytes,2,opt,name=display_name,json=displayName,proto3"` xxx_hidden_HelpText string `protobuf:"bytes,3,opt,name=help_text,json=helpText,proto3"` xxx_hidden_Fields []string `protobuf:"bytes,4,rep,name=fields,proto3"` + xxx_hidden_Default bool `protobuf:"varint,5,opt,name=default,proto3"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -502,6 +503,13 @@ func (x *FieldGroup) GetFields() []string { return nil } +func (x *FieldGroup) GetDefault() bool { + if x != nil { + return x.xxx_hidden_Default + } + return false +} + func (x *FieldGroup) SetName(v string) { x.xxx_hidden_Name = v } @@ -518,6 +526,10 @@ func (x *FieldGroup) SetFields(v []string) { x.xxx_hidden_Fields = v } +func (x *FieldGroup) SetDefault(v bool) { + x.xxx_hidden_Default = v +} + type FieldGroup_builder struct { _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. @@ -525,6 +537,7 @@ type FieldGroup_builder struct { DisplayName string HelpText string Fields []string + Default bool } func (b0 FieldGroup_builder) Build() *FieldGroup { @@ -535,6 +548,7 @@ func (b0 FieldGroup_builder) Build() *FieldGroup { x.xxx_hidden_DisplayName = b.DisplayName x.xxx_hidden_HelpText = b.HelpText x.xxx_hidden_Fields = b.Fields + x.xxx_hidden_Default = b.Default return m0 } @@ -1506,13 +1520,14 @@ const file_c1_config_v1_config_proto_rawDesc = "" + "\x15secondary_field_names\x18\x03 \x03(\tR\x13secondaryFieldNames\x12\x12\n" + "\x04name\x18\x04 \x01(\tR\x04name\x12\x1b\n" + "\thelp_text\x18\x05 \x01(\tR\bhelpText\x12$\n" + - "\x0eis_field_group\x18\x06 \x01(\bR\fisFieldGroup\"x\n" + + "\x0eis_field_group\x18\x06 \x01(\bR\fisFieldGroup\"\x92\x01\n" + "\n" + "FieldGroup\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x12!\n" + "\fdisplay_name\x18\x02 \x01(\tR\vdisplayName\x12\x1b\n" + "\thelp_text\x18\x03 \x01(\tR\bhelpText\x12\x16\n" + - "\x06fields\x18\x04 \x03(\tR\x06fields\"\xab\x04\n" + + "\x06fields\x18\x04 \x03(\tR\x06fields\x12\x18\n" + + "\adefault\x18\x05 \x01(\bR\adefault\"\xab\x04\n" + "\x05Field\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x12!\n" + "\fdisplay_name\x18\x02 \x01(\tR\vdisplayName\x12 \n" + diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.go index b35f5d10..21ac6d98 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.go @@ -832,17 +832,132 @@ func (b0 ConnectorCapabilities_builder) Build() *ConnectorCapabilities { return m0 } +type CapabilityPermission struct { + state protoimpl.MessageState `protogen:"hybrid.v1"` + Permission string `protobuf:"bytes,1,opt,name=permission,proto3" json:"permission,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CapabilityPermission) Reset() { + *x = CapabilityPermission{} + mi := &file_c1_connector_v2_connector_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CapabilityPermission) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CapabilityPermission) ProtoMessage() {} + +func (x *CapabilityPermission) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_connector_proto_msgTypes[7] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +func (x *CapabilityPermission) GetPermission() string { + if x != nil { + return x.Permission + } + return "" +} + +func (x *CapabilityPermission) SetPermission(v string) { + x.Permission = v +} + +type CapabilityPermission_builder struct { + _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. + + Permission string +} + +func (b0 CapabilityPermission_builder) Build() *CapabilityPermission { + m0 := &CapabilityPermission{} + b, x := &b0, m0 + _, _ = b, x + x.Permission = b.Permission + return m0 +} + +type CapabilityPermissions struct { + state protoimpl.MessageState `protogen:"hybrid.v1"` + Permissions []*CapabilityPermission `protobuf:"bytes,1,rep,name=permissions,proto3" json:"permissions,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CapabilityPermissions) Reset() { + *x = CapabilityPermissions{} + mi := &file_c1_connector_v2_connector_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CapabilityPermissions) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CapabilityPermissions) ProtoMessage() {} + +func (x *CapabilityPermissions) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_connector_proto_msgTypes[8] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +func (x *CapabilityPermissions) GetPermissions() []*CapabilityPermission { + if x != nil { + return x.Permissions + } + return nil +} + +func (x *CapabilityPermissions) SetPermissions(v []*CapabilityPermission) { + x.Permissions = v +} + +type CapabilityPermissions_builder struct { + _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. + + Permissions []*CapabilityPermission +} + +func (b0 CapabilityPermissions_builder) Build() *CapabilityPermissions { + m0 := &CapabilityPermissions{} + b, x := &b0, m0 + _, _ = b, x + x.Permissions = b.Permissions + return m0 +} + type ResourceTypeCapability struct { state protoimpl.MessageState `protogen:"hybrid.v1"` ResourceType *ResourceType `protobuf:"bytes,1,opt,name=resource_type,json=resourceType,proto3" json:"resource_type,omitempty"` Capabilities []Capability `protobuf:"varint,2,rep,packed,name=capabilities,proto3,enum=c1.connector.v2.Capability" json:"capabilities,omitempty"` + Permissions *CapabilityPermissions `protobuf:"bytes,3,opt,name=permissions,proto3" json:"permissions,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *ResourceTypeCapability) Reset() { *x = ResourceTypeCapability{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[7] + mi := &file_c1_connector_v2_connector_proto_msgTypes[9] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -854,7 +969,7 @@ func (x *ResourceTypeCapability) String() string { func (*ResourceTypeCapability) ProtoMessage() {} func (x *ResourceTypeCapability) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[7] + mi := &file_c1_connector_v2_connector_proto_msgTypes[9] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -879,6 +994,13 @@ func (x *ResourceTypeCapability) GetCapabilities() []Capability { return nil } +func (x *ResourceTypeCapability) GetPermissions() *CapabilityPermissions { + if x != nil { + return x.Permissions + } + return nil +} + func (x *ResourceTypeCapability) SetResourceType(v *ResourceType) { x.ResourceType = v } @@ -887,6 +1009,10 @@ func (x *ResourceTypeCapability) SetCapabilities(v []Capability) { x.Capabilities = v } +func (x *ResourceTypeCapability) SetPermissions(v *CapabilityPermissions) { + x.Permissions = v +} + func (x *ResourceTypeCapability) HasResourceType() bool { if x == nil { return false @@ -894,15 +1020,27 @@ func (x *ResourceTypeCapability) HasResourceType() bool { return x.ResourceType != nil } +func (x *ResourceTypeCapability) HasPermissions() bool { + if x == nil { + return false + } + return x.Permissions != nil +} + func (x *ResourceTypeCapability) ClearResourceType() { x.ResourceType = nil } +func (x *ResourceTypeCapability) ClearPermissions() { + x.Permissions = nil +} + type ResourceTypeCapability_builder struct { _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. ResourceType *ResourceType Capabilities []Capability + Permissions *CapabilityPermissions } func (b0 ResourceTypeCapability_builder) Build() *ResourceTypeCapability { @@ -911,6 +1049,7 @@ func (b0 ResourceTypeCapability_builder) Build() *ResourceTypeCapability { _, _ = b, x x.ResourceType = b.ResourceType x.Capabilities = b.Capabilities + x.Permissions = b.Permissions return m0 } @@ -922,7 +1061,7 @@ type ConnectorServiceGetMetadataRequest struct { func (x *ConnectorServiceGetMetadataRequest) Reset() { *x = ConnectorServiceGetMetadataRequest{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[8] + mi := &file_c1_connector_v2_connector_proto_msgTypes[10] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -934,7 +1073,7 @@ func (x *ConnectorServiceGetMetadataRequest) String() string { func (*ConnectorServiceGetMetadataRequest) ProtoMessage() {} func (x *ConnectorServiceGetMetadataRequest) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[8] + mi := &file_c1_connector_v2_connector_proto_msgTypes[10] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -966,7 +1105,7 @@ type ConnectorServiceGetMetadataResponse struct { func (x *ConnectorServiceGetMetadataResponse) Reset() { *x = ConnectorServiceGetMetadataResponse{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[9] + mi := &file_c1_connector_v2_connector_proto_msgTypes[11] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -978,7 +1117,7 @@ func (x *ConnectorServiceGetMetadataResponse) String() string { func (*ConnectorServiceGetMetadataResponse) ProtoMessage() {} func (x *ConnectorServiceGetMetadataResponse) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[9] + mi := &file_c1_connector_v2_connector_proto_msgTypes[11] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1033,7 +1172,7 @@ type ConnectorServiceValidateRequest struct { func (x *ConnectorServiceValidateRequest) Reset() { *x = ConnectorServiceValidateRequest{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[10] + mi := &file_c1_connector_v2_connector_proto_msgTypes[12] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1045,7 +1184,7 @@ func (x *ConnectorServiceValidateRequest) String() string { func (*ConnectorServiceValidateRequest) ProtoMessage() {} func (x *ConnectorServiceValidateRequest) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[10] + mi := &file_c1_connector_v2_connector_proto_msgTypes[12] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1080,7 +1219,7 @@ type ConnectorServiceValidateResponse struct { func (x *ConnectorServiceValidateResponse) Reset() { *x = ConnectorServiceValidateResponse{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[11] + mi := &file_c1_connector_v2_connector_proto_msgTypes[13] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1092,7 +1231,7 @@ func (x *ConnectorServiceValidateResponse) String() string { func (*ConnectorServiceValidateResponse) ProtoMessage() {} func (x *ConnectorServiceValidateResponse) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[11] + mi := &file_c1_connector_v2_connector_proto_msgTypes[13] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1150,7 +1289,7 @@ type ConnectorAccountCreationSchema struct { func (x *ConnectorAccountCreationSchema) Reset() { *x = ConnectorAccountCreationSchema{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[12] + mi := &file_c1_connector_v2_connector_proto_msgTypes[14] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1162,7 +1301,7 @@ func (x *ConnectorAccountCreationSchema) String() string { func (*ConnectorAccountCreationSchema) ProtoMessage() {} func (x *ConnectorAccountCreationSchema) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[12] + mi := &file_c1_connector_v2_connector_proto_msgTypes[14] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1220,7 +1359,7 @@ type ConnectorAccountCreationSchema_Field struct { func (x *ConnectorAccountCreationSchema_Field) Reset() { *x = ConnectorAccountCreationSchema_Field{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[14] + mi := &file_c1_connector_v2_connector_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1232,7 +1371,7 @@ func (x *ConnectorAccountCreationSchema_Field) String() string { func (*ConnectorAccountCreationSchema_Field) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_Field) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[14] + mi := &file_c1_connector_v2_connector_proto_msgTypes[16] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1558,7 +1697,7 @@ func (b0 ConnectorAccountCreationSchema_Field_builder) Build() *ConnectorAccount type case_ConnectorAccountCreationSchema_Field_Field protoreflect.FieldNumber func (x case_ConnectorAccountCreationSchema_Field_Field) String() string { - md := file_c1_connector_v2_connector_proto_msgTypes[14].Descriptor() + md := file_c1_connector_v2_connector_proto_msgTypes[16].Descriptor() if x == 0 { return "not set" } @@ -1613,7 +1752,7 @@ type ConnectorAccountCreationSchema_StringField struct { func (x *ConnectorAccountCreationSchema_StringField) Reset() { *x = ConnectorAccountCreationSchema_StringField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[15] + mi := &file_c1_connector_v2_connector_proto_msgTypes[17] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1625,7 +1764,7 @@ func (x *ConnectorAccountCreationSchema_StringField) String() string { func (*ConnectorAccountCreationSchema_StringField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_StringField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[15] + mi := &file_c1_connector_v2_connector_proto_msgTypes[17] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1681,7 +1820,7 @@ type ConnectorAccountCreationSchema_BoolField struct { func (x *ConnectorAccountCreationSchema_BoolField) Reset() { *x = ConnectorAccountCreationSchema_BoolField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[16] + mi := &file_c1_connector_v2_connector_proto_msgTypes[18] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1693,7 +1832,7 @@ func (x *ConnectorAccountCreationSchema_BoolField) String() string { func (*ConnectorAccountCreationSchema_BoolField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_BoolField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[16] + mi := &file_c1_connector_v2_connector_proto_msgTypes[18] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1749,7 +1888,7 @@ type ConnectorAccountCreationSchema_StringListField struct { func (x *ConnectorAccountCreationSchema_StringListField) Reset() { *x = ConnectorAccountCreationSchema_StringListField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[17] + mi := &file_c1_connector_v2_connector_proto_msgTypes[19] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1761,7 +1900,7 @@ func (x *ConnectorAccountCreationSchema_StringListField) String() string { func (*ConnectorAccountCreationSchema_StringListField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_StringListField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[17] + mi := &file_c1_connector_v2_connector_proto_msgTypes[19] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1806,7 +1945,7 @@ type ConnectorAccountCreationSchema_IntField struct { func (x *ConnectorAccountCreationSchema_IntField) Reset() { *x = ConnectorAccountCreationSchema_IntField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[18] + mi := &file_c1_connector_v2_connector_proto_msgTypes[20] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1818,7 +1957,7 @@ func (x *ConnectorAccountCreationSchema_IntField) String() string { func (*ConnectorAccountCreationSchema_IntField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_IntField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[18] + mi := &file_c1_connector_v2_connector_proto_msgTypes[20] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1874,7 +2013,7 @@ type ConnectorAccountCreationSchema_MapField struct { func (x *ConnectorAccountCreationSchema_MapField) Reset() { *x = ConnectorAccountCreationSchema_MapField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[19] + mi := &file_c1_connector_v2_connector_proto_msgTypes[21] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1886,7 +2025,7 @@ func (x *ConnectorAccountCreationSchema_MapField) String() string { func (*ConnectorAccountCreationSchema_MapField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_MapField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[19] + mi := &file_c1_connector_v2_connector_proto_msgTypes[21] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1957,10 +2096,17 @@ const file_c1_connector_v2_connector_proto_rawDesc = "" + "\x15ConnectorCapabilities\x12e\n" + "\x1aresource_type_capabilities\x18\x01 \x03(\v2'.c1.connector.v2.ResourceTypeCapabilityR\x18resourceTypeCapabilities\x12R\n" + "\x16connector_capabilities\x18\x02 \x03(\x0e2\x1b.c1.connector.v2.CapabilityR\x15connectorCapabilities\x12Q\n" + - "\x12credential_details\x18\x03 \x01(\v2\".c1.connector.v2.CredentialDetailsR\x11credentialDetails\"\x9d\x01\n" + + "\x12credential_details\x18\x03 \x01(\v2\".c1.connector.v2.CredentialDetailsR\x11credentialDetails\"6\n" + + "\x14CapabilityPermission\x12\x1e\n" + + "\n" + + "permission\x18\x01 \x01(\tR\n" + + "permission\"`\n" + + "\x15CapabilityPermissions\x12G\n" + + "\vpermissions\x18\x01 \x03(\v2%.c1.connector.v2.CapabilityPermissionR\vpermissions\"\xe7\x01\n" + "\x16ResourceTypeCapability\x12B\n" + "\rresource_type\x18\x01 \x01(\v2\x1d.c1.connector.v2.ResourceTypeR\fresourceType\x12?\n" + - "\fcapabilities\x18\x02 \x03(\x0e2\x1b.c1.connector.v2.CapabilityR\fcapabilities\"$\n" + + "\fcapabilities\x18\x02 \x03(\x0e2\x1b.c1.connector.v2.CapabilityR\fcapabilities\x12H\n" + + "\vpermissions\x18\x03 \x01(\v2&.c1.connector.v2.CapabilityPermissionsR\vpermissions\"$\n" + "\"ConnectorServiceGetMetadataRequest\"e\n" + "#ConnectorServiceGetMetadataResponse\x12>\n" + "\bmetadata\x18\x01 \x01(\v2\".c1.connector.v2.ConnectorMetadataR\bmetadata\"!\n" + @@ -2034,7 +2180,7 @@ const file_c1_connector_v2_connector_proto_rawDesc = "" + "\aCleanup\x12/.c1.connector.v2.ConnectorServiceCleanupRequest\x1a0.c1.connector.v2.ConnectorServiceCleanupResponseB6Z4github.com/conductorone/baton-sdk/pb/c1/connector/v2b\x06proto3" var file_c1_connector_v2_connector_proto_enumTypes = make([]protoimpl.EnumInfo, 2) -var file_c1_connector_v2_connector_proto_msgTypes = make([]protoimpl.MessageInfo, 21) +var file_c1_connector_v2_connector_proto_msgTypes = make([]protoimpl.MessageInfo, 23) var file_c1_connector_v2_connector_proto_goTypes = []any{ (Capability)(0), // 0: c1.connector.v2.Capability (CapabilityDetailCredentialOption)(0), // 1: c1.connector.v2.CapabilityDetailCredentialOption @@ -2045,67 +2191,71 @@ var file_c1_connector_v2_connector_proto_goTypes = []any{ (*CredentialDetailsAccountProvisioning)(nil), // 6: c1.connector.v2.CredentialDetailsAccountProvisioning (*CredentialDetailsCredentialRotation)(nil), // 7: c1.connector.v2.CredentialDetailsCredentialRotation (*ConnectorCapabilities)(nil), // 8: c1.connector.v2.ConnectorCapabilities - (*ResourceTypeCapability)(nil), // 9: c1.connector.v2.ResourceTypeCapability - (*ConnectorServiceGetMetadataRequest)(nil), // 10: c1.connector.v2.ConnectorServiceGetMetadataRequest - (*ConnectorServiceGetMetadataResponse)(nil), // 11: c1.connector.v2.ConnectorServiceGetMetadataResponse - (*ConnectorServiceValidateRequest)(nil), // 12: c1.connector.v2.ConnectorServiceValidateRequest - (*ConnectorServiceValidateResponse)(nil), // 13: c1.connector.v2.ConnectorServiceValidateResponse - (*ConnectorAccountCreationSchema)(nil), // 14: c1.connector.v2.ConnectorAccountCreationSchema - nil, // 15: c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry - (*ConnectorAccountCreationSchema_Field)(nil), // 16: c1.connector.v2.ConnectorAccountCreationSchema.Field - (*ConnectorAccountCreationSchema_StringField)(nil), // 17: c1.connector.v2.ConnectorAccountCreationSchema.StringField - (*ConnectorAccountCreationSchema_BoolField)(nil), // 18: c1.connector.v2.ConnectorAccountCreationSchema.BoolField - (*ConnectorAccountCreationSchema_StringListField)(nil), // 19: c1.connector.v2.ConnectorAccountCreationSchema.StringListField - (*ConnectorAccountCreationSchema_IntField)(nil), // 20: c1.connector.v2.ConnectorAccountCreationSchema.IntField - (*ConnectorAccountCreationSchema_MapField)(nil), // 21: c1.connector.v2.ConnectorAccountCreationSchema.MapField - nil, // 22: c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry - (*anypb.Any)(nil), // 23: google.protobuf.Any - (*AssetRef)(nil), // 24: c1.connector.v2.AssetRef - (*structpb.Struct)(nil), // 25: google.protobuf.Struct - (*ResourceType)(nil), // 26: c1.connector.v2.ResourceType + (*CapabilityPermission)(nil), // 9: c1.connector.v2.CapabilityPermission + (*CapabilityPermissions)(nil), // 10: c1.connector.v2.CapabilityPermissions + (*ResourceTypeCapability)(nil), // 11: c1.connector.v2.ResourceTypeCapability + (*ConnectorServiceGetMetadataRequest)(nil), // 12: c1.connector.v2.ConnectorServiceGetMetadataRequest + (*ConnectorServiceGetMetadataResponse)(nil), // 13: c1.connector.v2.ConnectorServiceGetMetadataResponse + (*ConnectorServiceValidateRequest)(nil), // 14: c1.connector.v2.ConnectorServiceValidateRequest + (*ConnectorServiceValidateResponse)(nil), // 15: c1.connector.v2.ConnectorServiceValidateResponse + (*ConnectorAccountCreationSchema)(nil), // 16: c1.connector.v2.ConnectorAccountCreationSchema + nil, // 17: c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry + (*ConnectorAccountCreationSchema_Field)(nil), // 18: c1.connector.v2.ConnectorAccountCreationSchema.Field + (*ConnectorAccountCreationSchema_StringField)(nil), // 19: c1.connector.v2.ConnectorAccountCreationSchema.StringField + (*ConnectorAccountCreationSchema_BoolField)(nil), // 20: c1.connector.v2.ConnectorAccountCreationSchema.BoolField + (*ConnectorAccountCreationSchema_StringListField)(nil), // 21: c1.connector.v2.ConnectorAccountCreationSchema.StringListField + (*ConnectorAccountCreationSchema_IntField)(nil), // 22: c1.connector.v2.ConnectorAccountCreationSchema.IntField + (*ConnectorAccountCreationSchema_MapField)(nil), // 23: c1.connector.v2.ConnectorAccountCreationSchema.MapField + nil, // 24: c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry + (*anypb.Any)(nil), // 25: google.protobuf.Any + (*AssetRef)(nil), // 26: c1.connector.v2.AssetRef + (*structpb.Struct)(nil), // 27: google.protobuf.Struct + (*ResourceType)(nil), // 28: c1.connector.v2.ResourceType } var file_c1_connector_v2_connector_proto_depIdxs = []int32{ - 23, // 0: c1.connector.v2.ConnectorServiceCleanupRequest.annotations:type_name -> google.protobuf.Any - 23, // 1: c1.connector.v2.ConnectorServiceCleanupResponse.annotations:type_name -> google.protobuf.Any - 24, // 2: c1.connector.v2.ConnectorMetadata.icon:type_name -> c1.connector.v2.AssetRef - 24, // 3: c1.connector.v2.ConnectorMetadata.logo:type_name -> c1.connector.v2.AssetRef - 25, // 4: c1.connector.v2.ConnectorMetadata.profile:type_name -> google.protobuf.Struct - 23, // 5: c1.connector.v2.ConnectorMetadata.annotations:type_name -> google.protobuf.Any + 25, // 0: c1.connector.v2.ConnectorServiceCleanupRequest.annotations:type_name -> google.protobuf.Any + 25, // 1: c1.connector.v2.ConnectorServiceCleanupResponse.annotations:type_name -> google.protobuf.Any + 26, // 2: c1.connector.v2.ConnectorMetadata.icon:type_name -> c1.connector.v2.AssetRef + 26, // 3: c1.connector.v2.ConnectorMetadata.logo:type_name -> c1.connector.v2.AssetRef + 27, // 4: c1.connector.v2.ConnectorMetadata.profile:type_name -> google.protobuf.Struct + 25, // 5: c1.connector.v2.ConnectorMetadata.annotations:type_name -> google.protobuf.Any 8, // 6: c1.connector.v2.ConnectorMetadata.capabilities:type_name -> c1.connector.v2.ConnectorCapabilities - 14, // 7: c1.connector.v2.ConnectorMetadata.account_creation_schema:type_name -> c1.connector.v2.ConnectorAccountCreationSchema + 16, // 7: c1.connector.v2.ConnectorMetadata.account_creation_schema:type_name -> c1.connector.v2.ConnectorAccountCreationSchema 6, // 8: c1.connector.v2.CredentialDetails.capability_account_provisioning:type_name -> c1.connector.v2.CredentialDetailsAccountProvisioning 7, // 9: c1.connector.v2.CredentialDetails.capability_credential_rotation:type_name -> c1.connector.v2.CredentialDetailsCredentialRotation 1, // 10: c1.connector.v2.CredentialDetailsAccountProvisioning.supported_credential_options:type_name -> c1.connector.v2.CapabilityDetailCredentialOption 1, // 11: c1.connector.v2.CredentialDetailsAccountProvisioning.preferred_credential_option:type_name -> c1.connector.v2.CapabilityDetailCredentialOption 1, // 12: c1.connector.v2.CredentialDetailsCredentialRotation.supported_credential_options:type_name -> c1.connector.v2.CapabilityDetailCredentialOption 1, // 13: c1.connector.v2.CredentialDetailsCredentialRotation.preferred_credential_option:type_name -> c1.connector.v2.CapabilityDetailCredentialOption - 9, // 14: c1.connector.v2.ConnectorCapabilities.resource_type_capabilities:type_name -> c1.connector.v2.ResourceTypeCapability + 11, // 14: c1.connector.v2.ConnectorCapabilities.resource_type_capabilities:type_name -> c1.connector.v2.ResourceTypeCapability 0, // 15: c1.connector.v2.ConnectorCapabilities.connector_capabilities:type_name -> c1.connector.v2.Capability 5, // 16: c1.connector.v2.ConnectorCapabilities.credential_details:type_name -> c1.connector.v2.CredentialDetails - 26, // 17: c1.connector.v2.ResourceTypeCapability.resource_type:type_name -> c1.connector.v2.ResourceType - 0, // 18: c1.connector.v2.ResourceTypeCapability.capabilities:type_name -> c1.connector.v2.Capability - 4, // 19: c1.connector.v2.ConnectorServiceGetMetadataResponse.metadata:type_name -> c1.connector.v2.ConnectorMetadata - 23, // 20: c1.connector.v2.ConnectorServiceValidateResponse.annotations:type_name -> google.protobuf.Any - 15, // 21: c1.connector.v2.ConnectorAccountCreationSchema.field_map:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry - 16, // 22: c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry.value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.Field - 17, // 23: c1.connector.v2.ConnectorAccountCreationSchema.Field.string_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.StringField - 18, // 24: c1.connector.v2.ConnectorAccountCreationSchema.Field.bool_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.BoolField - 19, // 25: c1.connector.v2.ConnectorAccountCreationSchema.Field.string_list_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.StringListField - 20, // 26: c1.connector.v2.ConnectorAccountCreationSchema.Field.int_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.IntField - 21, // 27: c1.connector.v2.ConnectorAccountCreationSchema.Field.map_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.MapField - 22, // 28: c1.connector.v2.ConnectorAccountCreationSchema.MapField.default_value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry - 16, // 29: c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry.value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.Field - 10, // 30: c1.connector.v2.ConnectorService.GetMetadata:input_type -> c1.connector.v2.ConnectorServiceGetMetadataRequest - 12, // 31: c1.connector.v2.ConnectorService.Validate:input_type -> c1.connector.v2.ConnectorServiceValidateRequest - 2, // 32: c1.connector.v2.ConnectorService.Cleanup:input_type -> c1.connector.v2.ConnectorServiceCleanupRequest - 11, // 33: c1.connector.v2.ConnectorService.GetMetadata:output_type -> c1.connector.v2.ConnectorServiceGetMetadataResponse - 13, // 34: c1.connector.v2.ConnectorService.Validate:output_type -> c1.connector.v2.ConnectorServiceValidateResponse - 3, // 35: c1.connector.v2.ConnectorService.Cleanup:output_type -> c1.connector.v2.ConnectorServiceCleanupResponse - 33, // [33:36] is the sub-list for method output_type - 30, // [30:33] is the sub-list for method input_type - 30, // [30:30] is the sub-list for extension type_name - 30, // [30:30] is the sub-list for extension extendee - 0, // [0:30] is the sub-list for field type_name + 9, // 17: c1.connector.v2.CapabilityPermissions.permissions:type_name -> c1.connector.v2.CapabilityPermission + 28, // 18: c1.connector.v2.ResourceTypeCapability.resource_type:type_name -> c1.connector.v2.ResourceType + 0, // 19: c1.connector.v2.ResourceTypeCapability.capabilities:type_name -> c1.connector.v2.Capability + 10, // 20: c1.connector.v2.ResourceTypeCapability.permissions:type_name -> c1.connector.v2.CapabilityPermissions + 4, // 21: c1.connector.v2.ConnectorServiceGetMetadataResponse.metadata:type_name -> c1.connector.v2.ConnectorMetadata + 25, // 22: c1.connector.v2.ConnectorServiceValidateResponse.annotations:type_name -> google.protobuf.Any + 17, // 23: c1.connector.v2.ConnectorAccountCreationSchema.field_map:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry + 18, // 24: c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry.value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.Field + 19, // 25: c1.connector.v2.ConnectorAccountCreationSchema.Field.string_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.StringField + 20, // 26: c1.connector.v2.ConnectorAccountCreationSchema.Field.bool_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.BoolField + 21, // 27: c1.connector.v2.ConnectorAccountCreationSchema.Field.string_list_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.StringListField + 22, // 28: c1.connector.v2.ConnectorAccountCreationSchema.Field.int_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.IntField + 23, // 29: c1.connector.v2.ConnectorAccountCreationSchema.Field.map_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.MapField + 24, // 30: c1.connector.v2.ConnectorAccountCreationSchema.MapField.default_value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry + 18, // 31: c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry.value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.Field + 12, // 32: c1.connector.v2.ConnectorService.GetMetadata:input_type -> c1.connector.v2.ConnectorServiceGetMetadataRequest + 14, // 33: c1.connector.v2.ConnectorService.Validate:input_type -> c1.connector.v2.ConnectorServiceValidateRequest + 2, // 34: c1.connector.v2.ConnectorService.Cleanup:input_type -> c1.connector.v2.ConnectorServiceCleanupRequest + 13, // 35: c1.connector.v2.ConnectorService.GetMetadata:output_type -> c1.connector.v2.ConnectorServiceGetMetadataResponse + 15, // 36: c1.connector.v2.ConnectorService.Validate:output_type -> c1.connector.v2.ConnectorServiceValidateResponse + 3, // 37: c1.connector.v2.ConnectorService.Cleanup:output_type -> c1.connector.v2.ConnectorServiceCleanupResponse + 35, // [35:38] is the sub-list for method output_type + 32, // [32:35] is the sub-list for method input_type + 32, // [32:32] is the sub-list for extension type_name + 32, // [32:32] is the sub-list for extension extendee + 0, // [0:32] is the sub-list for field type_name } func init() { file_c1_connector_v2_connector_proto_init() } @@ -2115,23 +2265,23 @@ func file_c1_connector_v2_connector_proto_init() { } file_c1_connector_v2_asset_proto_init() file_c1_connector_v2_resource_proto_init() - file_c1_connector_v2_connector_proto_msgTypes[14].OneofWrappers = []any{ + file_c1_connector_v2_connector_proto_msgTypes[16].OneofWrappers = []any{ (*ConnectorAccountCreationSchema_Field_StringField)(nil), (*ConnectorAccountCreationSchema_Field_BoolField)(nil), (*ConnectorAccountCreationSchema_Field_StringListField)(nil), (*ConnectorAccountCreationSchema_Field_IntField)(nil), (*ConnectorAccountCreationSchema_Field_MapField)(nil), } - file_c1_connector_v2_connector_proto_msgTypes[15].OneofWrappers = []any{} - file_c1_connector_v2_connector_proto_msgTypes[16].OneofWrappers = []any{} + file_c1_connector_v2_connector_proto_msgTypes[17].OneofWrappers = []any{} file_c1_connector_v2_connector_proto_msgTypes[18].OneofWrappers = []any{} + file_c1_connector_v2_connector_proto_msgTypes[20].OneofWrappers = []any{} type x struct{} out := protoimpl.TypeBuilder{ File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_c1_connector_v2_connector_proto_rawDesc), len(file_c1_connector_v2_connector_proto_rawDesc)), NumEnums: 2, - NumMessages: 21, + NumMessages: 23, NumExtensions: 0, NumServices: 1, }, diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.validate.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.validate.go index 1e7b5301..b6f86d8f 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.validate.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.validate.go @@ -1217,6 +1217,246 @@ var _ interface { ErrorName() string } = ConnectorCapabilitiesValidationError{} +// Validate checks the field values on CapabilityPermission with the rules +// defined in the proto definition for this message. If any rules are +// violated, the first error encountered is returned, or nil if there are no violations. +func (m *CapabilityPermission) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on CapabilityPermission with the rules +// defined in the proto definition for this message. If any rules are +// violated, the result is a list of violation errors wrapped in +// CapabilityPermissionMultiError, or nil if none found. +func (m *CapabilityPermission) ValidateAll() error { + return m.validate(true) +} + +func (m *CapabilityPermission) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + // no validation rules for Permission + + if len(errors) > 0 { + return CapabilityPermissionMultiError(errors) + } + + return nil +} + +// CapabilityPermissionMultiError is an error wrapping multiple validation +// errors returned by CapabilityPermission.ValidateAll() if the designated +// constraints aren't met. +type CapabilityPermissionMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m CapabilityPermissionMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m CapabilityPermissionMultiError) AllErrors() []error { return m } + +// CapabilityPermissionValidationError is the validation error returned by +// CapabilityPermission.Validate if the designated constraints aren't met. +type CapabilityPermissionValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e CapabilityPermissionValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e CapabilityPermissionValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e CapabilityPermissionValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e CapabilityPermissionValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e CapabilityPermissionValidationError) ErrorName() string { + return "CapabilityPermissionValidationError" +} + +// Error satisfies the builtin error interface +func (e CapabilityPermissionValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sCapabilityPermission.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = CapabilityPermissionValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = CapabilityPermissionValidationError{} + +// Validate checks the field values on CapabilityPermissions with the rules +// defined in the proto definition for this message. If any rules are +// violated, the first error encountered is returned, or nil if there are no violations. +func (m *CapabilityPermissions) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on CapabilityPermissions with the rules +// defined in the proto definition for this message. If any rules are +// violated, the result is a list of violation errors wrapped in +// CapabilityPermissionsMultiError, or nil if none found. +func (m *CapabilityPermissions) ValidateAll() error { + return m.validate(true) +} + +func (m *CapabilityPermissions) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + for idx, item := range m.GetPermissions() { + _, _ = idx, item + + if all { + switch v := interface{}(item).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, CapabilityPermissionsValidationError{ + field: fmt.Sprintf("Permissions[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, CapabilityPermissionsValidationError{ + field: fmt.Sprintf("Permissions[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(item).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return CapabilityPermissionsValidationError{ + field: fmt.Sprintf("Permissions[%v]", idx), + reason: "embedded message failed validation", + cause: err, + } + } + } + + } + + if len(errors) > 0 { + return CapabilityPermissionsMultiError(errors) + } + + return nil +} + +// CapabilityPermissionsMultiError is an error wrapping multiple validation +// errors returned by CapabilityPermissions.ValidateAll() if the designated +// constraints aren't met. +type CapabilityPermissionsMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m CapabilityPermissionsMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m CapabilityPermissionsMultiError) AllErrors() []error { return m } + +// CapabilityPermissionsValidationError is the validation error returned by +// CapabilityPermissions.Validate if the designated constraints aren't met. +type CapabilityPermissionsValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e CapabilityPermissionsValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e CapabilityPermissionsValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e CapabilityPermissionsValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e CapabilityPermissionsValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e CapabilityPermissionsValidationError) ErrorName() string { + return "CapabilityPermissionsValidationError" +} + +// Error satisfies the builtin error interface +func (e CapabilityPermissionsValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sCapabilityPermissions.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = CapabilityPermissionsValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = CapabilityPermissionsValidationError{} + // Validate checks the field values on ResourceTypeCapability with the rules // defined in the proto definition for this message. If any rules are // violated, the first error encountered is returned, or nil if there are no violations. @@ -1268,6 +1508,35 @@ func (m *ResourceTypeCapability) validate(all bool) error { } } + if all { + switch v := interface{}(m.GetPermissions()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ResourceTypeCapabilityValidationError{ + field: "Permissions", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ResourceTypeCapabilityValidationError{ + field: "Permissions", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetPermissions()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ResourceTypeCapabilityValidationError{ + field: "Permissions", + reason: "embedded message failed validation", + cause: err, + } + } + } + if len(errors) > 0 { return ResourceTypeCapabilityMultiError(errors) } diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector_protoopaque.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector_protoopaque.pb.go index fe2917be..e8ec7de5 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector_protoopaque.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector_protoopaque.pb.go @@ -840,17 +840,134 @@ func (b0 ConnectorCapabilities_builder) Build() *ConnectorCapabilities { return m0 } +type CapabilityPermission struct { + state protoimpl.MessageState `protogen:"opaque.v1"` + xxx_hidden_Permission string `protobuf:"bytes,1,opt,name=permission,proto3"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CapabilityPermission) Reset() { + *x = CapabilityPermission{} + mi := &file_c1_connector_v2_connector_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CapabilityPermission) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CapabilityPermission) ProtoMessage() {} + +func (x *CapabilityPermission) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_connector_proto_msgTypes[7] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +func (x *CapabilityPermission) GetPermission() string { + if x != nil { + return x.xxx_hidden_Permission + } + return "" +} + +func (x *CapabilityPermission) SetPermission(v string) { + x.xxx_hidden_Permission = v +} + +type CapabilityPermission_builder struct { + _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. + + Permission string +} + +func (b0 CapabilityPermission_builder) Build() *CapabilityPermission { + m0 := &CapabilityPermission{} + b, x := &b0, m0 + _, _ = b, x + x.xxx_hidden_Permission = b.Permission + return m0 +} + +type CapabilityPermissions struct { + state protoimpl.MessageState `protogen:"opaque.v1"` + xxx_hidden_Permissions *[]*CapabilityPermission `protobuf:"bytes,1,rep,name=permissions,proto3"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CapabilityPermissions) Reset() { + *x = CapabilityPermissions{} + mi := &file_c1_connector_v2_connector_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CapabilityPermissions) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CapabilityPermissions) ProtoMessage() {} + +func (x *CapabilityPermissions) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_connector_proto_msgTypes[8] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +func (x *CapabilityPermissions) GetPermissions() []*CapabilityPermission { + if x != nil { + if x.xxx_hidden_Permissions != nil { + return *x.xxx_hidden_Permissions + } + } + return nil +} + +func (x *CapabilityPermissions) SetPermissions(v []*CapabilityPermission) { + x.xxx_hidden_Permissions = &v +} + +type CapabilityPermissions_builder struct { + _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. + + Permissions []*CapabilityPermission +} + +func (b0 CapabilityPermissions_builder) Build() *CapabilityPermissions { + m0 := &CapabilityPermissions{} + b, x := &b0, m0 + _, _ = b, x + x.xxx_hidden_Permissions = &b.Permissions + return m0 +} + type ResourceTypeCapability struct { state protoimpl.MessageState `protogen:"opaque.v1"` xxx_hidden_ResourceType *ResourceType `protobuf:"bytes,1,opt,name=resource_type,json=resourceType,proto3"` xxx_hidden_Capabilities []Capability `protobuf:"varint,2,rep,packed,name=capabilities,proto3,enum=c1.connector.v2.Capability"` + xxx_hidden_Permissions *CapabilityPermissions `protobuf:"bytes,3,opt,name=permissions,proto3"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *ResourceTypeCapability) Reset() { *x = ResourceTypeCapability{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[7] + mi := &file_c1_connector_v2_connector_proto_msgTypes[9] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -862,7 +979,7 @@ func (x *ResourceTypeCapability) String() string { func (*ResourceTypeCapability) ProtoMessage() {} func (x *ResourceTypeCapability) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[7] + mi := &file_c1_connector_v2_connector_proto_msgTypes[9] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -887,6 +1004,13 @@ func (x *ResourceTypeCapability) GetCapabilities() []Capability { return nil } +func (x *ResourceTypeCapability) GetPermissions() *CapabilityPermissions { + if x != nil { + return x.xxx_hidden_Permissions + } + return nil +} + func (x *ResourceTypeCapability) SetResourceType(v *ResourceType) { x.xxx_hidden_ResourceType = v } @@ -895,6 +1019,10 @@ func (x *ResourceTypeCapability) SetCapabilities(v []Capability) { x.xxx_hidden_Capabilities = v } +func (x *ResourceTypeCapability) SetPermissions(v *CapabilityPermissions) { + x.xxx_hidden_Permissions = v +} + func (x *ResourceTypeCapability) HasResourceType() bool { if x == nil { return false @@ -902,15 +1030,27 @@ func (x *ResourceTypeCapability) HasResourceType() bool { return x.xxx_hidden_ResourceType != nil } +func (x *ResourceTypeCapability) HasPermissions() bool { + if x == nil { + return false + } + return x.xxx_hidden_Permissions != nil +} + func (x *ResourceTypeCapability) ClearResourceType() { x.xxx_hidden_ResourceType = nil } +func (x *ResourceTypeCapability) ClearPermissions() { + x.xxx_hidden_Permissions = nil +} + type ResourceTypeCapability_builder struct { _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. ResourceType *ResourceType Capabilities []Capability + Permissions *CapabilityPermissions } func (b0 ResourceTypeCapability_builder) Build() *ResourceTypeCapability { @@ -919,6 +1059,7 @@ func (b0 ResourceTypeCapability_builder) Build() *ResourceTypeCapability { _, _ = b, x x.xxx_hidden_ResourceType = b.ResourceType x.xxx_hidden_Capabilities = b.Capabilities + x.xxx_hidden_Permissions = b.Permissions return m0 } @@ -930,7 +1071,7 @@ type ConnectorServiceGetMetadataRequest struct { func (x *ConnectorServiceGetMetadataRequest) Reset() { *x = ConnectorServiceGetMetadataRequest{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[8] + mi := &file_c1_connector_v2_connector_proto_msgTypes[10] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -942,7 +1083,7 @@ func (x *ConnectorServiceGetMetadataRequest) String() string { func (*ConnectorServiceGetMetadataRequest) ProtoMessage() {} func (x *ConnectorServiceGetMetadataRequest) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[8] + mi := &file_c1_connector_v2_connector_proto_msgTypes[10] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -974,7 +1115,7 @@ type ConnectorServiceGetMetadataResponse struct { func (x *ConnectorServiceGetMetadataResponse) Reset() { *x = ConnectorServiceGetMetadataResponse{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[9] + mi := &file_c1_connector_v2_connector_proto_msgTypes[11] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -986,7 +1127,7 @@ func (x *ConnectorServiceGetMetadataResponse) String() string { func (*ConnectorServiceGetMetadataResponse) ProtoMessage() {} func (x *ConnectorServiceGetMetadataResponse) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[9] + mi := &file_c1_connector_v2_connector_proto_msgTypes[11] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1041,7 +1182,7 @@ type ConnectorServiceValidateRequest struct { func (x *ConnectorServiceValidateRequest) Reset() { *x = ConnectorServiceValidateRequest{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[10] + mi := &file_c1_connector_v2_connector_proto_msgTypes[12] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1053,7 +1194,7 @@ func (x *ConnectorServiceValidateRequest) String() string { func (*ConnectorServiceValidateRequest) ProtoMessage() {} func (x *ConnectorServiceValidateRequest) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[10] + mi := &file_c1_connector_v2_connector_proto_msgTypes[12] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1088,7 +1229,7 @@ type ConnectorServiceValidateResponse struct { func (x *ConnectorServiceValidateResponse) Reset() { *x = ConnectorServiceValidateResponse{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[11] + mi := &file_c1_connector_v2_connector_proto_msgTypes[13] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1100,7 +1241,7 @@ func (x *ConnectorServiceValidateResponse) String() string { func (*ConnectorServiceValidateResponse) ProtoMessage() {} func (x *ConnectorServiceValidateResponse) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[11] + mi := &file_c1_connector_v2_connector_proto_msgTypes[13] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1160,7 +1301,7 @@ type ConnectorAccountCreationSchema struct { func (x *ConnectorAccountCreationSchema) Reset() { *x = ConnectorAccountCreationSchema{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[12] + mi := &file_c1_connector_v2_connector_proto_msgTypes[14] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1172,7 +1313,7 @@ func (x *ConnectorAccountCreationSchema) String() string { func (*ConnectorAccountCreationSchema) ProtoMessage() {} func (x *ConnectorAccountCreationSchema) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[12] + mi := &file_c1_connector_v2_connector_proto_msgTypes[14] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1223,7 +1364,7 @@ type ConnectorAccountCreationSchema_Field struct { func (x *ConnectorAccountCreationSchema_Field) Reset() { *x = ConnectorAccountCreationSchema_Field{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[14] + mi := &file_c1_connector_v2_connector_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1235,7 +1376,7 @@ func (x *ConnectorAccountCreationSchema_Field) String() string { func (*ConnectorAccountCreationSchema_Field) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_Field) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[14] + mi := &file_c1_connector_v2_connector_proto_msgTypes[16] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1554,7 +1695,7 @@ func (b0 ConnectorAccountCreationSchema_Field_builder) Build() *ConnectorAccount type case_ConnectorAccountCreationSchema_Field_Field protoreflect.FieldNumber func (x case_ConnectorAccountCreationSchema_Field_Field) String() string { - md := file_c1_connector_v2_connector_proto_msgTypes[14].Descriptor() + md := file_c1_connector_v2_connector_proto_msgTypes[16].Descriptor() if x == 0 { return "not set" } @@ -1611,7 +1752,7 @@ type ConnectorAccountCreationSchema_StringField struct { func (x *ConnectorAccountCreationSchema_StringField) Reset() { *x = ConnectorAccountCreationSchema_StringField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[15] + mi := &file_c1_connector_v2_connector_proto_msgTypes[17] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1623,7 +1764,7 @@ func (x *ConnectorAccountCreationSchema_StringField) String() string { func (*ConnectorAccountCreationSchema_StringField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_StringField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[15] + mi := &file_c1_connector_v2_connector_proto_msgTypes[17] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1689,7 +1830,7 @@ type ConnectorAccountCreationSchema_BoolField struct { func (x *ConnectorAccountCreationSchema_BoolField) Reset() { *x = ConnectorAccountCreationSchema_BoolField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[16] + mi := &file_c1_connector_v2_connector_proto_msgTypes[18] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1701,7 +1842,7 @@ func (x *ConnectorAccountCreationSchema_BoolField) String() string { func (*ConnectorAccountCreationSchema_BoolField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_BoolField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[16] + mi := &file_c1_connector_v2_connector_proto_msgTypes[18] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1762,7 +1903,7 @@ type ConnectorAccountCreationSchema_StringListField struct { func (x *ConnectorAccountCreationSchema_StringListField) Reset() { *x = ConnectorAccountCreationSchema_StringListField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[17] + mi := &file_c1_connector_v2_connector_proto_msgTypes[19] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1774,7 +1915,7 @@ func (x *ConnectorAccountCreationSchema_StringListField) String() string { func (*ConnectorAccountCreationSchema_StringListField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_StringListField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[17] + mi := &file_c1_connector_v2_connector_proto_msgTypes[19] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1821,7 +1962,7 @@ type ConnectorAccountCreationSchema_IntField struct { func (x *ConnectorAccountCreationSchema_IntField) Reset() { *x = ConnectorAccountCreationSchema_IntField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[18] + mi := &file_c1_connector_v2_connector_proto_msgTypes[20] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1833,7 +1974,7 @@ func (x *ConnectorAccountCreationSchema_IntField) String() string { func (*ConnectorAccountCreationSchema_IntField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_IntField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[18] + mi := &file_c1_connector_v2_connector_proto_msgTypes[20] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1894,7 +2035,7 @@ type ConnectorAccountCreationSchema_MapField struct { func (x *ConnectorAccountCreationSchema_MapField) Reset() { *x = ConnectorAccountCreationSchema_MapField{} - mi := &file_c1_connector_v2_connector_proto_msgTypes[19] + mi := &file_c1_connector_v2_connector_proto_msgTypes[21] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1906,7 +2047,7 @@ func (x *ConnectorAccountCreationSchema_MapField) String() string { func (*ConnectorAccountCreationSchema_MapField) ProtoMessage() {} func (x *ConnectorAccountCreationSchema_MapField) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_connector_proto_msgTypes[19] + mi := &file_c1_connector_v2_connector_proto_msgTypes[21] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1977,10 +2118,17 @@ const file_c1_connector_v2_connector_proto_rawDesc = "" + "\x15ConnectorCapabilities\x12e\n" + "\x1aresource_type_capabilities\x18\x01 \x03(\v2'.c1.connector.v2.ResourceTypeCapabilityR\x18resourceTypeCapabilities\x12R\n" + "\x16connector_capabilities\x18\x02 \x03(\x0e2\x1b.c1.connector.v2.CapabilityR\x15connectorCapabilities\x12Q\n" + - "\x12credential_details\x18\x03 \x01(\v2\".c1.connector.v2.CredentialDetailsR\x11credentialDetails\"\x9d\x01\n" + + "\x12credential_details\x18\x03 \x01(\v2\".c1.connector.v2.CredentialDetailsR\x11credentialDetails\"6\n" + + "\x14CapabilityPermission\x12\x1e\n" + + "\n" + + "permission\x18\x01 \x01(\tR\n" + + "permission\"`\n" + + "\x15CapabilityPermissions\x12G\n" + + "\vpermissions\x18\x01 \x03(\v2%.c1.connector.v2.CapabilityPermissionR\vpermissions\"\xe7\x01\n" + "\x16ResourceTypeCapability\x12B\n" + "\rresource_type\x18\x01 \x01(\v2\x1d.c1.connector.v2.ResourceTypeR\fresourceType\x12?\n" + - "\fcapabilities\x18\x02 \x03(\x0e2\x1b.c1.connector.v2.CapabilityR\fcapabilities\"$\n" + + "\fcapabilities\x18\x02 \x03(\x0e2\x1b.c1.connector.v2.CapabilityR\fcapabilities\x12H\n" + + "\vpermissions\x18\x03 \x01(\v2&.c1.connector.v2.CapabilityPermissionsR\vpermissions\"$\n" + "\"ConnectorServiceGetMetadataRequest\"e\n" + "#ConnectorServiceGetMetadataResponse\x12>\n" + "\bmetadata\x18\x01 \x01(\v2\".c1.connector.v2.ConnectorMetadataR\bmetadata\"!\n" + @@ -2054,7 +2202,7 @@ const file_c1_connector_v2_connector_proto_rawDesc = "" + "\aCleanup\x12/.c1.connector.v2.ConnectorServiceCleanupRequest\x1a0.c1.connector.v2.ConnectorServiceCleanupResponseB6Z4github.com/conductorone/baton-sdk/pb/c1/connector/v2b\x06proto3" var file_c1_connector_v2_connector_proto_enumTypes = make([]protoimpl.EnumInfo, 2) -var file_c1_connector_v2_connector_proto_msgTypes = make([]protoimpl.MessageInfo, 21) +var file_c1_connector_v2_connector_proto_msgTypes = make([]protoimpl.MessageInfo, 23) var file_c1_connector_v2_connector_proto_goTypes = []any{ (Capability)(0), // 0: c1.connector.v2.Capability (CapabilityDetailCredentialOption)(0), // 1: c1.connector.v2.CapabilityDetailCredentialOption @@ -2065,67 +2213,71 @@ var file_c1_connector_v2_connector_proto_goTypes = []any{ (*CredentialDetailsAccountProvisioning)(nil), // 6: c1.connector.v2.CredentialDetailsAccountProvisioning (*CredentialDetailsCredentialRotation)(nil), // 7: c1.connector.v2.CredentialDetailsCredentialRotation (*ConnectorCapabilities)(nil), // 8: c1.connector.v2.ConnectorCapabilities - (*ResourceTypeCapability)(nil), // 9: c1.connector.v2.ResourceTypeCapability - (*ConnectorServiceGetMetadataRequest)(nil), // 10: c1.connector.v2.ConnectorServiceGetMetadataRequest - (*ConnectorServiceGetMetadataResponse)(nil), // 11: c1.connector.v2.ConnectorServiceGetMetadataResponse - (*ConnectorServiceValidateRequest)(nil), // 12: c1.connector.v2.ConnectorServiceValidateRequest - (*ConnectorServiceValidateResponse)(nil), // 13: c1.connector.v2.ConnectorServiceValidateResponse - (*ConnectorAccountCreationSchema)(nil), // 14: c1.connector.v2.ConnectorAccountCreationSchema - nil, // 15: c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry - (*ConnectorAccountCreationSchema_Field)(nil), // 16: c1.connector.v2.ConnectorAccountCreationSchema.Field - (*ConnectorAccountCreationSchema_StringField)(nil), // 17: c1.connector.v2.ConnectorAccountCreationSchema.StringField - (*ConnectorAccountCreationSchema_BoolField)(nil), // 18: c1.connector.v2.ConnectorAccountCreationSchema.BoolField - (*ConnectorAccountCreationSchema_StringListField)(nil), // 19: c1.connector.v2.ConnectorAccountCreationSchema.StringListField - (*ConnectorAccountCreationSchema_IntField)(nil), // 20: c1.connector.v2.ConnectorAccountCreationSchema.IntField - (*ConnectorAccountCreationSchema_MapField)(nil), // 21: c1.connector.v2.ConnectorAccountCreationSchema.MapField - nil, // 22: c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry - (*anypb.Any)(nil), // 23: google.protobuf.Any - (*AssetRef)(nil), // 24: c1.connector.v2.AssetRef - (*structpb.Struct)(nil), // 25: google.protobuf.Struct - (*ResourceType)(nil), // 26: c1.connector.v2.ResourceType + (*CapabilityPermission)(nil), // 9: c1.connector.v2.CapabilityPermission + (*CapabilityPermissions)(nil), // 10: c1.connector.v2.CapabilityPermissions + (*ResourceTypeCapability)(nil), // 11: c1.connector.v2.ResourceTypeCapability + (*ConnectorServiceGetMetadataRequest)(nil), // 12: c1.connector.v2.ConnectorServiceGetMetadataRequest + (*ConnectorServiceGetMetadataResponse)(nil), // 13: c1.connector.v2.ConnectorServiceGetMetadataResponse + (*ConnectorServiceValidateRequest)(nil), // 14: c1.connector.v2.ConnectorServiceValidateRequest + (*ConnectorServiceValidateResponse)(nil), // 15: c1.connector.v2.ConnectorServiceValidateResponse + (*ConnectorAccountCreationSchema)(nil), // 16: c1.connector.v2.ConnectorAccountCreationSchema + nil, // 17: c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry + (*ConnectorAccountCreationSchema_Field)(nil), // 18: c1.connector.v2.ConnectorAccountCreationSchema.Field + (*ConnectorAccountCreationSchema_StringField)(nil), // 19: c1.connector.v2.ConnectorAccountCreationSchema.StringField + (*ConnectorAccountCreationSchema_BoolField)(nil), // 20: c1.connector.v2.ConnectorAccountCreationSchema.BoolField + (*ConnectorAccountCreationSchema_StringListField)(nil), // 21: c1.connector.v2.ConnectorAccountCreationSchema.StringListField + (*ConnectorAccountCreationSchema_IntField)(nil), // 22: c1.connector.v2.ConnectorAccountCreationSchema.IntField + (*ConnectorAccountCreationSchema_MapField)(nil), // 23: c1.connector.v2.ConnectorAccountCreationSchema.MapField + nil, // 24: c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry + (*anypb.Any)(nil), // 25: google.protobuf.Any + (*AssetRef)(nil), // 26: c1.connector.v2.AssetRef + (*structpb.Struct)(nil), // 27: google.protobuf.Struct + (*ResourceType)(nil), // 28: c1.connector.v2.ResourceType } var file_c1_connector_v2_connector_proto_depIdxs = []int32{ - 23, // 0: c1.connector.v2.ConnectorServiceCleanupRequest.annotations:type_name -> google.protobuf.Any - 23, // 1: c1.connector.v2.ConnectorServiceCleanupResponse.annotations:type_name -> google.protobuf.Any - 24, // 2: c1.connector.v2.ConnectorMetadata.icon:type_name -> c1.connector.v2.AssetRef - 24, // 3: c1.connector.v2.ConnectorMetadata.logo:type_name -> c1.connector.v2.AssetRef - 25, // 4: c1.connector.v2.ConnectorMetadata.profile:type_name -> google.protobuf.Struct - 23, // 5: c1.connector.v2.ConnectorMetadata.annotations:type_name -> google.protobuf.Any + 25, // 0: c1.connector.v2.ConnectorServiceCleanupRequest.annotations:type_name -> google.protobuf.Any + 25, // 1: c1.connector.v2.ConnectorServiceCleanupResponse.annotations:type_name -> google.protobuf.Any + 26, // 2: c1.connector.v2.ConnectorMetadata.icon:type_name -> c1.connector.v2.AssetRef + 26, // 3: c1.connector.v2.ConnectorMetadata.logo:type_name -> c1.connector.v2.AssetRef + 27, // 4: c1.connector.v2.ConnectorMetadata.profile:type_name -> google.protobuf.Struct + 25, // 5: c1.connector.v2.ConnectorMetadata.annotations:type_name -> google.protobuf.Any 8, // 6: c1.connector.v2.ConnectorMetadata.capabilities:type_name -> c1.connector.v2.ConnectorCapabilities - 14, // 7: c1.connector.v2.ConnectorMetadata.account_creation_schema:type_name -> c1.connector.v2.ConnectorAccountCreationSchema + 16, // 7: c1.connector.v2.ConnectorMetadata.account_creation_schema:type_name -> c1.connector.v2.ConnectorAccountCreationSchema 6, // 8: c1.connector.v2.CredentialDetails.capability_account_provisioning:type_name -> c1.connector.v2.CredentialDetailsAccountProvisioning 7, // 9: c1.connector.v2.CredentialDetails.capability_credential_rotation:type_name -> c1.connector.v2.CredentialDetailsCredentialRotation 1, // 10: c1.connector.v2.CredentialDetailsAccountProvisioning.supported_credential_options:type_name -> c1.connector.v2.CapabilityDetailCredentialOption 1, // 11: c1.connector.v2.CredentialDetailsAccountProvisioning.preferred_credential_option:type_name -> c1.connector.v2.CapabilityDetailCredentialOption 1, // 12: c1.connector.v2.CredentialDetailsCredentialRotation.supported_credential_options:type_name -> c1.connector.v2.CapabilityDetailCredentialOption 1, // 13: c1.connector.v2.CredentialDetailsCredentialRotation.preferred_credential_option:type_name -> c1.connector.v2.CapabilityDetailCredentialOption - 9, // 14: c1.connector.v2.ConnectorCapabilities.resource_type_capabilities:type_name -> c1.connector.v2.ResourceTypeCapability + 11, // 14: c1.connector.v2.ConnectorCapabilities.resource_type_capabilities:type_name -> c1.connector.v2.ResourceTypeCapability 0, // 15: c1.connector.v2.ConnectorCapabilities.connector_capabilities:type_name -> c1.connector.v2.Capability 5, // 16: c1.connector.v2.ConnectorCapabilities.credential_details:type_name -> c1.connector.v2.CredentialDetails - 26, // 17: c1.connector.v2.ResourceTypeCapability.resource_type:type_name -> c1.connector.v2.ResourceType - 0, // 18: c1.connector.v2.ResourceTypeCapability.capabilities:type_name -> c1.connector.v2.Capability - 4, // 19: c1.connector.v2.ConnectorServiceGetMetadataResponse.metadata:type_name -> c1.connector.v2.ConnectorMetadata - 23, // 20: c1.connector.v2.ConnectorServiceValidateResponse.annotations:type_name -> google.protobuf.Any - 15, // 21: c1.connector.v2.ConnectorAccountCreationSchema.field_map:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry - 16, // 22: c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry.value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.Field - 17, // 23: c1.connector.v2.ConnectorAccountCreationSchema.Field.string_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.StringField - 18, // 24: c1.connector.v2.ConnectorAccountCreationSchema.Field.bool_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.BoolField - 19, // 25: c1.connector.v2.ConnectorAccountCreationSchema.Field.string_list_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.StringListField - 20, // 26: c1.connector.v2.ConnectorAccountCreationSchema.Field.int_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.IntField - 21, // 27: c1.connector.v2.ConnectorAccountCreationSchema.Field.map_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.MapField - 22, // 28: c1.connector.v2.ConnectorAccountCreationSchema.MapField.default_value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry - 16, // 29: c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry.value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.Field - 10, // 30: c1.connector.v2.ConnectorService.GetMetadata:input_type -> c1.connector.v2.ConnectorServiceGetMetadataRequest - 12, // 31: c1.connector.v2.ConnectorService.Validate:input_type -> c1.connector.v2.ConnectorServiceValidateRequest - 2, // 32: c1.connector.v2.ConnectorService.Cleanup:input_type -> c1.connector.v2.ConnectorServiceCleanupRequest - 11, // 33: c1.connector.v2.ConnectorService.GetMetadata:output_type -> c1.connector.v2.ConnectorServiceGetMetadataResponse - 13, // 34: c1.connector.v2.ConnectorService.Validate:output_type -> c1.connector.v2.ConnectorServiceValidateResponse - 3, // 35: c1.connector.v2.ConnectorService.Cleanup:output_type -> c1.connector.v2.ConnectorServiceCleanupResponse - 33, // [33:36] is the sub-list for method output_type - 30, // [30:33] is the sub-list for method input_type - 30, // [30:30] is the sub-list for extension type_name - 30, // [30:30] is the sub-list for extension extendee - 0, // [0:30] is the sub-list for field type_name + 9, // 17: c1.connector.v2.CapabilityPermissions.permissions:type_name -> c1.connector.v2.CapabilityPermission + 28, // 18: c1.connector.v2.ResourceTypeCapability.resource_type:type_name -> c1.connector.v2.ResourceType + 0, // 19: c1.connector.v2.ResourceTypeCapability.capabilities:type_name -> c1.connector.v2.Capability + 10, // 20: c1.connector.v2.ResourceTypeCapability.permissions:type_name -> c1.connector.v2.CapabilityPermissions + 4, // 21: c1.connector.v2.ConnectorServiceGetMetadataResponse.metadata:type_name -> c1.connector.v2.ConnectorMetadata + 25, // 22: c1.connector.v2.ConnectorServiceValidateResponse.annotations:type_name -> google.protobuf.Any + 17, // 23: c1.connector.v2.ConnectorAccountCreationSchema.field_map:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry + 18, // 24: c1.connector.v2.ConnectorAccountCreationSchema.FieldMapEntry.value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.Field + 19, // 25: c1.connector.v2.ConnectorAccountCreationSchema.Field.string_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.StringField + 20, // 26: c1.connector.v2.ConnectorAccountCreationSchema.Field.bool_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.BoolField + 21, // 27: c1.connector.v2.ConnectorAccountCreationSchema.Field.string_list_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.StringListField + 22, // 28: c1.connector.v2.ConnectorAccountCreationSchema.Field.int_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.IntField + 23, // 29: c1.connector.v2.ConnectorAccountCreationSchema.Field.map_field:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.MapField + 24, // 30: c1.connector.v2.ConnectorAccountCreationSchema.MapField.default_value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry + 18, // 31: c1.connector.v2.ConnectorAccountCreationSchema.MapField.DefaultValueEntry.value:type_name -> c1.connector.v2.ConnectorAccountCreationSchema.Field + 12, // 32: c1.connector.v2.ConnectorService.GetMetadata:input_type -> c1.connector.v2.ConnectorServiceGetMetadataRequest + 14, // 33: c1.connector.v2.ConnectorService.Validate:input_type -> c1.connector.v2.ConnectorServiceValidateRequest + 2, // 34: c1.connector.v2.ConnectorService.Cleanup:input_type -> c1.connector.v2.ConnectorServiceCleanupRequest + 13, // 35: c1.connector.v2.ConnectorService.GetMetadata:output_type -> c1.connector.v2.ConnectorServiceGetMetadataResponse + 15, // 36: c1.connector.v2.ConnectorService.Validate:output_type -> c1.connector.v2.ConnectorServiceValidateResponse + 3, // 37: c1.connector.v2.ConnectorService.Cleanup:output_type -> c1.connector.v2.ConnectorServiceCleanupResponse + 35, // [35:38] is the sub-list for method output_type + 32, // [32:35] is the sub-list for method input_type + 32, // [32:32] is the sub-list for extension type_name + 32, // [32:32] is the sub-list for extension extendee + 0, // [0:32] is the sub-list for field type_name } func init() { file_c1_connector_v2_connector_proto_init() } @@ -2135,23 +2287,23 @@ func file_c1_connector_v2_connector_proto_init() { } file_c1_connector_v2_asset_proto_init() file_c1_connector_v2_resource_proto_init() - file_c1_connector_v2_connector_proto_msgTypes[14].OneofWrappers = []any{ + file_c1_connector_v2_connector_proto_msgTypes[16].OneofWrappers = []any{ (*connectorAccountCreationSchema_Field_StringField)(nil), (*connectorAccountCreationSchema_Field_BoolField)(nil), (*connectorAccountCreationSchema_Field_StringListField)(nil), (*connectorAccountCreationSchema_Field_IntField)(nil), (*connectorAccountCreationSchema_Field_MapField)(nil), } - file_c1_connector_v2_connector_proto_msgTypes[15].OneofWrappers = []any{} - file_c1_connector_v2_connector_proto_msgTypes[16].OneofWrappers = []any{} + file_c1_connector_v2_connector_proto_msgTypes[17].OneofWrappers = []any{} file_c1_connector_v2_connector_proto_msgTypes[18].OneofWrappers = []any{} + file_c1_connector_v2_connector_proto_msgTypes[20].OneofWrappers = []any{} type x struct{} out := protoimpl.TypeBuilder{ File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_c1_connector_v2_connector_proto_rawDesc), len(file_c1_connector_v2_connector_proto_rawDesc)), NumEnums: 2, - NumMessages: 21, + NumMessages: 23, NumExtensions: 0, NumServices: 1, }, diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement.pb.go index c996ec09..fca3e908 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement.pb.go @@ -443,6 +443,204 @@ func (b0 EntitlementsServiceListEntitlementsResponse_builder) Build() *Entitleme return m0 } +type EntitlementsServiceListStaticEntitlementsRequest struct { + state protoimpl.MessageState `protogen:"hybrid.v1"` + ResourceTypeId string `protobuf:"bytes,1,opt,name=resource_type_id,json=resourceTypeId,proto3" json:"resource_type_id,omitempty"` + PageSize uint32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"` + PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"` + Annotations []*anypb.Any `protobuf:"bytes,4,rep,name=annotations,proto3" json:"annotations,omitempty"` + ActiveSyncId string `protobuf:"bytes,5,opt,name=active_sync_id,json=activeSyncId,proto3" json:"active_sync_id,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) Reset() { + *x = EntitlementsServiceListStaticEntitlementsRequest{} + mi := &file_c1_connector_v2_entitlement_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EntitlementsServiceListStaticEntitlementsRequest) ProtoMessage() {} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_entitlement_proto_msgTypes[3] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetResourceTypeId() string { + if x != nil { + return x.ResourceTypeId + } + return "" +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetPageSize() uint32 { + if x != nil { + return x.PageSize + } + return 0 +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetPageToken() string { + if x != nil { + return x.PageToken + } + return "" +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetAnnotations() []*anypb.Any { + if x != nil { + return x.Annotations + } + return nil +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetActiveSyncId() string { + if x != nil { + return x.ActiveSyncId + } + return "" +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetResourceTypeId(v string) { + x.ResourceTypeId = v +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetPageSize(v uint32) { + x.PageSize = v +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetPageToken(v string) { + x.PageToken = v +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetAnnotations(v []*anypb.Any) { + x.Annotations = v +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetActiveSyncId(v string) { + x.ActiveSyncId = v +} + +type EntitlementsServiceListStaticEntitlementsRequest_builder struct { + _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. + + ResourceTypeId string + PageSize uint32 + PageToken string + Annotations []*anypb.Any + ActiveSyncId string +} + +func (b0 EntitlementsServiceListStaticEntitlementsRequest_builder) Build() *EntitlementsServiceListStaticEntitlementsRequest { + m0 := &EntitlementsServiceListStaticEntitlementsRequest{} + b, x := &b0, m0 + _, _ = b, x + x.ResourceTypeId = b.ResourceTypeId + x.PageSize = b.PageSize + x.PageToken = b.PageToken + x.Annotations = b.Annotations + x.ActiveSyncId = b.ActiveSyncId + return m0 +} + +type EntitlementsServiceListStaticEntitlementsResponse struct { + state protoimpl.MessageState `protogen:"hybrid.v1"` + List []*Entitlement `protobuf:"bytes,1,rep,name=list,proto3" json:"list,omitempty"` + NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"` + Annotations []*anypb.Any `protobuf:"bytes,3,rep,name=annotations,proto3" json:"annotations,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) Reset() { + *x = EntitlementsServiceListStaticEntitlementsResponse{} + mi := &file_c1_connector_v2_entitlement_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EntitlementsServiceListStaticEntitlementsResponse) ProtoMessage() {} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_entitlement_proto_msgTypes[4] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) GetList() []*Entitlement { + if x != nil { + return x.List + } + return nil +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) GetNextPageToken() string { + if x != nil { + return x.NextPageToken + } + return "" +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) GetAnnotations() []*anypb.Any { + if x != nil { + return x.Annotations + } + return nil +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) SetList(v []*Entitlement) { + x.List = v +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) SetNextPageToken(v string) { + x.NextPageToken = v +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) SetAnnotations(v []*anypb.Any) { + x.Annotations = v +} + +type EntitlementsServiceListStaticEntitlementsResponse_builder struct { + _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. + + List []*Entitlement + NextPageToken string + Annotations []*anypb.Any +} + +func (b0 EntitlementsServiceListStaticEntitlementsResponse_builder) Build() *EntitlementsServiceListStaticEntitlementsResponse { + m0 := &EntitlementsServiceListStaticEntitlementsResponse{} + b, x := &b0, m0 + _, _ = b, x + x.List = b.List + x.NextPageToken = b.NextPageToken + x.Annotations = b.Annotations + return m0 +} + var File_c1_connector_v2_entitlement_proto protoreflect.FileDescriptor const file_c1_connector_v2_entitlement_proto_rawDesc = "" + @@ -476,37 +674,59 @@ const file_c1_connector_v2_entitlement_proto_rawDesc = "" + "+EntitlementsServiceListEntitlementsResponse\x120\n" + "\x04list\x18\x01 \x03(\v2\x1c.c1.connector.v2.EntitlementR\x04list\x126\n" + "\x0fnext_page_token\x18\x02 \x01(\tB\x0e\xfaB\vr\t \x01(\x80\x80@\xd0\x01\x01R\rnextPageToken\x126\n" + - "\vannotations\x18\x03 \x03(\v2\x14.google.protobuf.AnyR\vannotations2\xa5\x01\n" + + "\vannotations\x18\x03 \x03(\v2\x14.google.protobuf.AnyR\vannotations\"\xad\x02\n" + + "0EntitlementsServiceListStaticEntitlementsRequest\x124\n" + + "\x10resource_type_id\x18\x01 \x01(\tB\n" + + "\xfaB\ar\x05 \x01(\x80\bR\x0eresourceTypeId\x12'\n" + + "\tpage_size\x18\x02 \x01(\rB\n" + + "\xfaB\a*\x05\x18\xfa\x01@\x01R\bpageSize\x12-\n" + + "\n" + + "page_token\x18\x03 \x01(\tB\x0e\xfaB\vr\t \x01(\x80\x80@\xd0\x01\x01R\tpageToken\x126\n" + + "\vannotations\x18\x04 \x03(\v2\x14.google.protobuf.AnyR\vannotations\x123\n" + + "\x0eactive_sync_id\x18\x05 \x01(\tB\r\xfaB\n" + + "r\b \x01(\x80\b\xd0\x01\x01R\factiveSyncId\"\xd5\x01\n" + + "1EntitlementsServiceListStaticEntitlementsResponse\x120\n" + + "\x04list\x18\x01 \x03(\v2\x1c.c1.connector.v2.EntitlementR\x04list\x126\n" + + "\x0fnext_page_token\x18\x02 \x01(\tB\x0e\xfaB\vr\t \x01(\x80\x80@\xd0\x01\x01R\rnextPageToken\x126\n" + + "\vannotations\x18\x03 \x03(\v2\x14.google.protobuf.AnyR\vannotations2\xc7\x02\n" + "\x13EntitlementsService\x12\x8d\x01\n" + - "\x10ListEntitlements\x12;.c1.connector.v2.EntitlementsServiceListEntitlementsRequest\x1a<.c1.connector.v2.EntitlementsServiceListEntitlementsResponseB6Z4github.com/conductorone/baton-sdk/pb/c1/connector/v2b\x06proto3" + "\x10ListEntitlements\x12;.c1.connector.v2.EntitlementsServiceListEntitlementsRequest\x1a<.c1.connector.v2.EntitlementsServiceListEntitlementsResponse\x12\x9f\x01\n" + + "\x16ListStaticEntitlements\x12A.c1.connector.v2.EntitlementsServiceListStaticEntitlementsRequest\x1aB.c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponseB6Z4github.com/conductorone/baton-sdk/pb/c1/connector/v2b\x06proto3" var file_c1_connector_v2_entitlement_proto_enumTypes = make([]protoimpl.EnumInfo, 1) -var file_c1_connector_v2_entitlement_proto_msgTypes = make([]protoimpl.MessageInfo, 3) +var file_c1_connector_v2_entitlement_proto_msgTypes = make([]protoimpl.MessageInfo, 5) var file_c1_connector_v2_entitlement_proto_goTypes = []any{ - (Entitlement_PurposeValue)(0), // 0: c1.connector.v2.Entitlement.PurposeValue - (*Entitlement)(nil), // 1: c1.connector.v2.Entitlement - (*EntitlementsServiceListEntitlementsRequest)(nil), // 2: c1.connector.v2.EntitlementsServiceListEntitlementsRequest - (*EntitlementsServiceListEntitlementsResponse)(nil), // 3: c1.connector.v2.EntitlementsServiceListEntitlementsResponse - (*Resource)(nil), // 4: c1.connector.v2.Resource - (*ResourceType)(nil), // 5: c1.connector.v2.ResourceType - (*anypb.Any)(nil), // 6: google.protobuf.Any + (Entitlement_PurposeValue)(0), // 0: c1.connector.v2.Entitlement.PurposeValue + (*Entitlement)(nil), // 1: c1.connector.v2.Entitlement + (*EntitlementsServiceListEntitlementsRequest)(nil), // 2: c1.connector.v2.EntitlementsServiceListEntitlementsRequest + (*EntitlementsServiceListEntitlementsResponse)(nil), // 3: c1.connector.v2.EntitlementsServiceListEntitlementsResponse + (*EntitlementsServiceListStaticEntitlementsRequest)(nil), // 4: c1.connector.v2.EntitlementsServiceListStaticEntitlementsRequest + (*EntitlementsServiceListStaticEntitlementsResponse)(nil), // 5: c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponse + (*Resource)(nil), // 6: c1.connector.v2.Resource + (*ResourceType)(nil), // 7: c1.connector.v2.ResourceType + (*anypb.Any)(nil), // 8: google.protobuf.Any } var file_c1_connector_v2_entitlement_proto_depIdxs = []int32{ - 4, // 0: c1.connector.v2.Entitlement.resource:type_name -> c1.connector.v2.Resource - 5, // 1: c1.connector.v2.Entitlement.grantable_to:type_name -> c1.connector.v2.ResourceType - 6, // 2: c1.connector.v2.Entitlement.annotations:type_name -> google.protobuf.Any - 0, // 3: c1.connector.v2.Entitlement.purpose:type_name -> c1.connector.v2.Entitlement.PurposeValue - 4, // 4: c1.connector.v2.EntitlementsServiceListEntitlementsRequest.resource:type_name -> c1.connector.v2.Resource - 6, // 5: c1.connector.v2.EntitlementsServiceListEntitlementsRequest.annotations:type_name -> google.protobuf.Any - 1, // 6: c1.connector.v2.EntitlementsServiceListEntitlementsResponse.list:type_name -> c1.connector.v2.Entitlement - 6, // 7: c1.connector.v2.EntitlementsServiceListEntitlementsResponse.annotations:type_name -> google.protobuf.Any - 2, // 8: c1.connector.v2.EntitlementsService.ListEntitlements:input_type -> c1.connector.v2.EntitlementsServiceListEntitlementsRequest - 3, // 9: c1.connector.v2.EntitlementsService.ListEntitlements:output_type -> c1.connector.v2.EntitlementsServiceListEntitlementsResponse - 9, // [9:10] is the sub-list for method output_type - 8, // [8:9] is the sub-list for method input_type - 8, // [8:8] is the sub-list for extension type_name - 8, // [8:8] is the sub-list for extension extendee - 0, // [0:8] is the sub-list for field type_name + 6, // 0: c1.connector.v2.Entitlement.resource:type_name -> c1.connector.v2.Resource + 7, // 1: c1.connector.v2.Entitlement.grantable_to:type_name -> c1.connector.v2.ResourceType + 8, // 2: c1.connector.v2.Entitlement.annotations:type_name -> google.protobuf.Any + 0, // 3: c1.connector.v2.Entitlement.purpose:type_name -> c1.connector.v2.Entitlement.PurposeValue + 6, // 4: c1.connector.v2.EntitlementsServiceListEntitlementsRequest.resource:type_name -> c1.connector.v2.Resource + 8, // 5: c1.connector.v2.EntitlementsServiceListEntitlementsRequest.annotations:type_name -> google.protobuf.Any + 1, // 6: c1.connector.v2.EntitlementsServiceListEntitlementsResponse.list:type_name -> c1.connector.v2.Entitlement + 8, // 7: c1.connector.v2.EntitlementsServiceListEntitlementsResponse.annotations:type_name -> google.protobuf.Any + 8, // 8: c1.connector.v2.EntitlementsServiceListStaticEntitlementsRequest.annotations:type_name -> google.protobuf.Any + 1, // 9: c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponse.list:type_name -> c1.connector.v2.Entitlement + 8, // 10: c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponse.annotations:type_name -> google.protobuf.Any + 2, // 11: c1.connector.v2.EntitlementsService.ListEntitlements:input_type -> c1.connector.v2.EntitlementsServiceListEntitlementsRequest + 4, // 12: c1.connector.v2.EntitlementsService.ListStaticEntitlements:input_type -> c1.connector.v2.EntitlementsServiceListStaticEntitlementsRequest + 3, // 13: c1.connector.v2.EntitlementsService.ListEntitlements:output_type -> c1.connector.v2.EntitlementsServiceListEntitlementsResponse + 5, // 14: c1.connector.v2.EntitlementsService.ListStaticEntitlements:output_type -> c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponse + 13, // [13:15] is the sub-list for method output_type + 11, // [11:13] is the sub-list for method input_type + 11, // [11:11] is the sub-list for extension type_name + 11, // [11:11] is the sub-list for extension extendee + 0, // [0:11] is the sub-list for field type_name } func init() { file_c1_connector_v2_entitlement_proto_init() } @@ -521,7 +741,7 @@ func file_c1_connector_v2_entitlement_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_c1_connector_v2_entitlement_proto_rawDesc), len(file_c1_connector_v2_entitlement_proto_rawDesc)), NumEnums: 1, - NumMessages: 3, + NumMessages: 5, NumExtensions: 0, NumServices: 1, }, diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement.pb.validate.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement.pb.validate.go index 013ab1bc..cf8fb4e8 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement.pb.validate.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement.pb.validate.go @@ -698,3 +698,402 @@ var _ interface { Cause() error ErrorName() string } = EntitlementsServiceListEntitlementsResponseValidationError{} + +// Validate checks the field values on +// EntitlementsServiceListStaticEntitlementsRequest with the rules defined in +// the proto definition for this message. If any rules are violated, the first +// error encountered is returned, or nil if there are no violations. +func (m *EntitlementsServiceListStaticEntitlementsRequest) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on +// EntitlementsServiceListStaticEntitlementsRequest with the rules defined in +// the proto definition for this message. If any rules are violated, the +// result is a list of violation errors wrapped in +// EntitlementsServiceListStaticEntitlementsRequestMultiError, or nil if none found. +func (m *EntitlementsServiceListStaticEntitlementsRequest) ValidateAll() error { + return m.validate(true) +} + +func (m *EntitlementsServiceListStaticEntitlementsRequest) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + if l := len(m.GetResourceTypeId()); l < 1 || l > 1024 { + err := EntitlementsServiceListStaticEntitlementsRequestValidationError{ + field: "ResourceTypeId", + reason: "value length must be between 1 and 1024 bytes, inclusive", + } + if !all { + return err + } + errors = append(errors, err) + } + + if m.GetPageSize() != 0 { + + if m.GetPageSize() > 250 { + err := EntitlementsServiceListStaticEntitlementsRequestValidationError{ + field: "PageSize", + reason: "value must be less than or equal to 250", + } + if !all { + return err + } + errors = append(errors, err) + } + + } + + if m.GetPageToken() != "" { + + if l := len(m.GetPageToken()); l < 1 || l > 1048576 { + err := EntitlementsServiceListStaticEntitlementsRequestValidationError{ + field: "PageToken", + reason: "value length must be between 1 and 1048576 bytes, inclusive", + } + if !all { + return err + } + errors = append(errors, err) + } + + } + + for idx, item := range m.GetAnnotations() { + _, _ = idx, item + + if all { + switch v := interface{}(item).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, EntitlementsServiceListStaticEntitlementsRequestValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, EntitlementsServiceListStaticEntitlementsRequestValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(item).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return EntitlementsServiceListStaticEntitlementsRequestValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + } + } + } + + } + + if m.GetActiveSyncId() != "" { + + if l := len(m.GetActiveSyncId()); l < 1 || l > 1024 { + err := EntitlementsServiceListStaticEntitlementsRequestValidationError{ + field: "ActiveSyncId", + reason: "value length must be between 1 and 1024 bytes, inclusive", + } + if !all { + return err + } + errors = append(errors, err) + } + + } + + if len(errors) > 0 { + return EntitlementsServiceListStaticEntitlementsRequestMultiError(errors) + } + + return nil +} + +// EntitlementsServiceListStaticEntitlementsRequestMultiError is an error +// wrapping multiple validation errors returned by +// EntitlementsServiceListStaticEntitlementsRequest.ValidateAll() if the +// designated constraints aren't met. +type EntitlementsServiceListStaticEntitlementsRequestMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m EntitlementsServiceListStaticEntitlementsRequestMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m EntitlementsServiceListStaticEntitlementsRequestMultiError) AllErrors() []error { return m } + +// EntitlementsServiceListStaticEntitlementsRequestValidationError is the +// validation error returned by +// EntitlementsServiceListStaticEntitlementsRequest.Validate if the designated +// constraints aren't met. +type EntitlementsServiceListStaticEntitlementsRequestValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e EntitlementsServiceListStaticEntitlementsRequestValidationError) Field() string { + return e.field +} + +// Reason function returns reason value. +func (e EntitlementsServiceListStaticEntitlementsRequestValidationError) Reason() string { + return e.reason +} + +// Cause function returns cause value. +func (e EntitlementsServiceListStaticEntitlementsRequestValidationError) Cause() error { + return e.cause +} + +// Key function returns key value. +func (e EntitlementsServiceListStaticEntitlementsRequestValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e EntitlementsServiceListStaticEntitlementsRequestValidationError) ErrorName() string { + return "EntitlementsServiceListStaticEntitlementsRequestValidationError" +} + +// Error satisfies the builtin error interface +func (e EntitlementsServiceListStaticEntitlementsRequestValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sEntitlementsServiceListStaticEntitlementsRequest.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = EntitlementsServiceListStaticEntitlementsRequestValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = EntitlementsServiceListStaticEntitlementsRequestValidationError{} + +// Validate checks the field values on +// EntitlementsServiceListStaticEntitlementsResponse with the rules defined in +// the proto definition for this message. If any rules are violated, the first +// error encountered is returned, or nil if there are no violations. +func (m *EntitlementsServiceListStaticEntitlementsResponse) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on +// EntitlementsServiceListStaticEntitlementsResponse with the rules defined in +// the proto definition for this message. If any rules are violated, the +// result is a list of violation errors wrapped in +// EntitlementsServiceListStaticEntitlementsResponseMultiError, or nil if none found. +func (m *EntitlementsServiceListStaticEntitlementsResponse) ValidateAll() error { + return m.validate(true) +} + +func (m *EntitlementsServiceListStaticEntitlementsResponse) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + for idx, item := range m.GetList() { + _, _ = idx, item + + if all { + switch v := interface{}(item).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, EntitlementsServiceListStaticEntitlementsResponseValidationError{ + field: fmt.Sprintf("List[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, EntitlementsServiceListStaticEntitlementsResponseValidationError{ + field: fmt.Sprintf("List[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(item).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return EntitlementsServiceListStaticEntitlementsResponseValidationError{ + field: fmt.Sprintf("List[%v]", idx), + reason: "embedded message failed validation", + cause: err, + } + } + } + + } + + if m.GetNextPageToken() != "" { + + if l := len(m.GetNextPageToken()); l < 1 || l > 1048576 { + err := EntitlementsServiceListStaticEntitlementsResponseValidationError{ + field: "NextPageToken", + reason: "value length must be between 1 and 1048576 bytes, inclusive", + } + if !all { + return err + } + errors = append(errors, err) + } + + } + + for idx, item := range m.GetAnnotations() { + _, _ = idx, item + + if all { + switch v := interface{}(item).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, EntitlementsServiceListStaticEntitlementsResponseValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, EntitlementsServiceListStaticEntitlementsResponseValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(item).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return EntitlementsServiceListStaticEntitlementsResponseValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + } + } + } + + } + + if len(errors) > 0 { + return EntitlementsServiceListStaticEntitlementsResponseMultiError(errors) + } + + return nil +} + +// EntitlementsServiceListStaticEntitlementsResponseMultiError is an error +// wrapping multiple validation errors returned by +// EntitlementsServiceListStaticEntitlementsResponse.ValidateAll() if the +// designated constraints aren't met. +type EntitlementsServiceListStaticEntitlementsResponseMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m EntitlementsServiceListStaticEntitlementsResponseMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m EntitlementsServiceListStaticEntitlementsResponseMultiError) AllErrors() []error { return m } + +// EntitlementsServiceListStaticEntitlementsResponseValidationError is the +// validation error returned by +// EntitlementsServiceListStaticEntitlementsResponse.Validate if the +// designated constraints aren't met. +type EntitlementsServiceListStaticEntitlementsResponseValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e EntitlementsServiceListStaticEntitlementsResponseValidationError) Field() string { + return e.field +} + +// Reason function returns reason value. +func (e EntitlementsServiceListStaticEntitlementsResponseValidationError) Reason() string { + return e.reason +} + +// Cause function returns cause value. +func (e EntitlementsServiceListStaticEntitlementsResponseValidationError) Cause() error { + return e.cause +} + +// Key function returns key value. +func (e EntitlementsServiceListStaticEntitlementsResponseValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e EntitlementsServiceListStaticEntitlementsResponseValidationError) ErrorName() string { + return "EntitlementsServiceListStaticEntitlementsResponseValidationError" +} + +// Error satisfies the builtin error interface +func (e EntitlementsServiceListStaticEntitlementsResponseValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sEntitlementsServiceListStaticEntitlementsResponse.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = EntitlementsServiceListStaticEntitlementsResponseValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = EntitlementsServiceListStaticEntitlementsResponseValidationError{} diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement_grpc.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement_grpc.pb.go index 821161d3..6286b134 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement_grpc.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement_grpc.pb.go @@ -19,7 +19,8 @@ import ( const _ = grpc.SupportPackageIsVersion9 const ( - EntitlementsService_ListEntitlements_FullMethodName = "/c1.connector.v2.EntitlementsService/ListEntitlements" + EntitlementsService_ListEntitlements_FullMethodName = "/c1.connector.v2.EntitlementsService/ListEntitlements" + EntitlementsService_ListStaticEntitlements_FullMethodName = "/c1.connector.v2.EntitlementsService/ListStaticEntitlements" ) // EntitlementsServiceClient is the client API for EntitlementsService service. @@ -27,6 +28,7 @@ const ( // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. type EntitlementsServiceClient interface { ListEntitlements(ctx context.Context, in *EntitlementsServiceListEntitlementsRequest, opts ...grpc.CallOption) (*EntitlementsServiceListEntitlementsResponse, error) + ListStaticEntitlements(ctx context.Context, in *EntitlementsServiceListStaticEntitlementsRequest, opts ...grpc.CallOption) (*EntitlementsServiceListStaticEntitlementsResponse, error) } type entitlementsServiceClient struct { @@ -47,11 +49,22 @@ func (c *entitlementsServiceClient) ListEntitlements(ctx context.Context, in *En return out, nil } +func (c *entitlementsServiceClient) ListStaticEntitlements(ctx context.Context, in *EntitlementsServiceListStaticEntitlementsRequest, opts ...grpc.CallOption) (*EntitlementsServiceListStaticEntitlementsResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(EntitlementsServiceListStaticEntitlementsResponse) + err := c.cc.Invoke(ctx, EntitlementsService_ListStaticEntitlements_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + // EntitlementsServiceServer is the server API for EntitlementsService service. // All implementations should embed UnimplementedEntitlementsServiceServer // for forward compatibility. type EntitlementsServiceServer interface { ListEntitlements(context.Context, *EntitlementsServiceListEntitlementsRequest) (*EntitlementsServiceListEntitlementsResponse, error) + ListStaticEntitlements(context.Context, *EntitlementsServiceListStaticEntitlementsRequest) (*EntitlementsServiceListStaticEntitlementsResponse, error) } // UnimplementedEntitlementsServiceServer should be embedded to have @@ -64,6 +77,9 @@ type UnimplementedEntitlementsServiceServer struct{} func (UnimplementedEntitlementsServiceServer) ListEntitlements(context.Context, *EntitlementsServiceListEntitlementsRequest) (*EntitlementsServiceListEntitlementsResponse, error) { return nil, status.Errorf(codes.Unimplemented, "method ListEntitlements not implemented") } +func (UnimplementedEntitlementsServiceServer) ListStaticEntitlements(context.Context, *EntitlementsServiceListStaticEntitlementsRequest) (*EntitlementsServiceListStaticEntitlementsResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListStaticEntitlements not implemented") +} func (UnimplementedEntitlementsServiceServer) testEmbeddedByValue() {} // UnsafeEntitlementsServiceServer may be embedded to opt out of forward compatibility for this service. @@ -102,6 +118,24 @@ func _EntitlementsService_ListEntitlements_Handler(srv interface{}, ctx context. return interceptor(ctx, in, info, handler) } +func _EntitlementsService_ListStaticEntitlements_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EntitlementsServiceListStaticEntitlementsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(EntitlementsServiceServer).ListStaticEntitlements(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: EntitlementsService_ListStaticEntitlements_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(EntitlementsServiceServer).ListStaticEntitlements(ctx, req.(*EntitlementsServiceListStaticEntitlementsRequest)) + } + return interceptor(ctx, in, info, handler) +} + // EntitlementsService_ServiceDesc is the grpc.ServiceDesc for EntitlementsService service. // It's only intended for direct use with grpc.RegisterService, // and not to be introspected or modified (even as a copy) @@ -113,6 +147,10 @@ var EntitlementsService_ServiceDesc = grpc.ServiceDesc{ MethodName: "ListEntitlements", Handler: _EntitlementsService_ListEntitlements_Handler, }, + { + MethodName: "ListStaticEntitlements", + Handler: _EntitlementsService_ListStaticEntitlements_Handler, + }, }, Streams: []grpc.StreamDesc{}, Metadata: "c1/connector/v2/entitlement.proto", diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement_protoopaque.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement_protoopaque.pb.go index d9f09c90..88a1142b 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement_protoopaque.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/entitlement_protoopaque.pb.go @@ -453,6 +453,210 @@ func (b0 EntitlementsServiceListEntitlementsResponse_builder) Build() *Entitleme return m0 } +type EntitlementsServiceListStaticEntitlementsRequest struct { + state protoimpl.MessageState `protogen:"opaque.v1"` + xxx_hidden_ResourceTypeId string `protobuf:"bytes,1,opt,name=resource_type_id,json=resourceTypeId,proto3"` + xxx_hidden_PageSize uint32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3"` + xxx_hidden_PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3"` + xxx_hidden_Annotations *[]*anypb.Any `protobuf:"bytes,4,rep,name=annotations,proto3"` + xxx_hidden_ActiveSyncId string `protobuf:"bytes,5,opt,name=active_sync_id,json=activeSyncId,proto3"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) Reset() { + *x = EntitlementsServiceListStaticEntitlementsRequest{} + mi := &file_c1_connector_v2_entitlement_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EntitlementsServiceListStaticEntitlementsRequest) ProtoMessage() {} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_entitlement_proto_msgTypes[3] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetResourceTypeId() string { + if x != nil { + return x.xxx_hidden_ResourceTypeId + } + return "" +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetPageSize() uint32 { + if x != nil { + return x.xxx_hidden_PageSize + } + return 0 +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetPageToken() string { + if x != nil { + return x.xxx_hidden_PageToken + } + return "" +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetAnnotations() []*anypb.Any { + if x != nil { + if x.xxx_hidden_Annotations != nil { + return *x.xxx_hidden_Annotations + } + } + return nil +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) GetActiveSyncId() string { + if x != nil { + return x.xxx_hidden_ActiveSyncId + } + return "" +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetResourceTypeId(v string) { + x.xxx_hidden_ResourceTypeId = v +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetPageSize(v uint32) { + x.xxx_hidden_PageSize = v +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetPageToken(v string) { + x.xxx_hidden_PageToken = v +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetAnnotations(v []*anypb.Any) { + x.xxx_hidden_Annotations = &v +} + +func (x *EntitlementsServiceListStaticEntitlementsRequest) SetActiveSyncId(v string) { + x.xxx_hidden_ActiveSyncId = v +} + +type EntitlementsServiceListStaticEntitlementsRequest_builder struct { + _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. + + ResourceTypeId string + PageSize uint32 + PageToken string + Annotations []*anypb.Any + ActiveSyncId string +} + +func (b0 EntitlementsServiceListStaticEntitlementsRequest_builder) Build() *EntitlementsServiceListStaticEntitlementsRequest { + m0 := &EntitlementsServiceListStaticEntitlementsRequest{} + b, x := &b0, m0 + _, _ = b, x + x.xxx_hidden_ResourceTypeId = b.ResourceTypeId + x.xxx_hidden_PageSize = b.PageSize + x.xxx_hidden_PageToken = b.PageToken + x.xxx_hidden_Annotations = &b.Annotations + x.xxx_hidden_ActiveSyncId = b.ActiveSyncId + return m0 +} + +type EntitlementsServiceListStaticEntitlementsResponse struct { + state protoimpl.MessageState `protogen:"opaque.v1"` + xxx_hidden_List *[]*Entitlement `protobuf:"bytes,1,rep,name=list,proto3"` + xxx_hidden_NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3"` + xxx_hidden_Annotations *[]*anypb.Any `protobuf:"bytes,3,rep,name=annotations,proto3"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) Reset() { + *x = EntitlementsServiceListStaticEntitlementsResponse{} + mi := &file_c1_connector_v2_entitlement_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EntitlementsServiceListStaticEntitlementsResponse) ProtoMessage() {} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_entitlement_proto_msgTypes[4] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) GetList() []*Entitlement { + if x != nil { + if x.xxx_hidden_List != nil { + return *x.xxx_hidden_List + } + } + return nil +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) GetNextPageToken() string { + if x != nil { + return x.xxx_hidden_NextPageToken + } + return "" +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) GetAnnotations() []*anypb.Any { + if x != nil { + if x.xxx_hidden_Annotations != nil { + return *x.xxx_hidden_Annotations + } + } + return nil +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) SetList(v []*Entitlement) { + x.xxx_hidden_List = &v +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) SetNextPageToken(v string) { + x.xxx_hidden_NextPageToken = v +} + +func (x *EntitlementsServiceListStaticEntitlementsResponse) SetAnnotations(v []*anypb.Any) { + x.xxx_hidden_Annotations = &v +} + +type EntitlementsServiceListStaticEntitlementsResponse_builder struct { + _ [0]func() // Prevents comparability and use of unkeyed literals for the builder. + + List []*Entitlement + NextPageToken string + Annotations []*anypb.Any +} + +func (b0 EntitlementsServiceListStaticEntitlementsResponse_builder) Build() *EntitlementsServiceListStaticEntitlementsResponse { + m0 := &EntitlementsServiceListStaticEntitlementsResponse{} + b, x := &b0, m0 + _, _ = b, x + x.xxx_hidden_List = &b.List + x.xxx_hidden_NextPageToken = b.NextPageToken + x.xxx_hidden_Annotations = &b.Annotations + return m0 +} + var File_c1_connector_v2_entitlement_proto protoreflect.FileDescriptor const file_c1_connector_v2_entitlement_proto_rawDesc = "" + @@ -486,37 +690,59 @@ const file_c1_connector_v2_entitlement_proto_rawDesc = "" + "+EntitlementsServiceListEntitlementsResponse\x120\n" + "\x04list\x18\x01 \x03(\v2\x1c.c1.connector.v2.EntitlementR\x04list\x126\n" + "\x0fnext_page_token\x18\x02 \x01(\tB\x0e\xfaB\vr\t \x01(\x80\x80@\xd0\x01\x01R\rnextPageToken\x126\n" + - "\vannotations\x18\x03 \x03(\v2\x14.google.protobuf.AnyR\vannotations2\xa5\x01\n" + + "\vannotations\x18\x03 \x03(\v2\x14.google.protobuf.AnyR\vannotations\"\xad\x02\n" + + "0EntitlementsServiceListStaticEntitlementsRequest\x124\n" + + "\x10resource_type_id\x18\x01 \x01(\tB\n" + + "\xfaB\ar\x05 \x01(\x80\bR\x0eresourceTypeId\x12'\n" + + "\tpage_size\x18\x02 \x01(\rB\n" + + "\xfaB\a*\x05\x18\xfa\x01@\x01R\bpageSize\x12-\n" + + "\n" + + "page_token\x18\x03 \x01(\tB\x0e\xfaB\vr\t \x01(\x80\x80@\xd0\x01\x01R\tpageToken\x126\n" + + "\vannotations\x18\x04 \x03(\v2\x14.google.protobuf.AnyR\vannotations\x123\n" + + "\x0eactive_sync_id\x18\x05 \x01(\tB\r\xfaB\n" + + "r\b \x01(\x80\b\xd0\x01\x01R\factiveSyncId\"\xd5\x01\n" + + "1EntitlementsServiceListStaticEntitlementsResponse\x120\n" + + "\x04list\x18\x01 \x03(\v2\x1c.c1.connector.v2.EntitlementR\x04list\x126\n" + + "\x0fnext_page_token\x18\x02 \x01(\tB\x0e\xfaB\vr\t \x01(\x80\x80@\xd0\x01\x01R\rnextPageToken\x126\n" + + "\vannotations\x18\x03 \x03(\v2\x14.google.protobuf.AnyR\vannotations2\xc7\x02\n" + "\x13EntitlementsService\x12\x8d\x01\n" + - "\x10ListEntitlements\x12;.c1.connector.v2.EntitlementsServiceListEntitlementsRequest\x1a<.c1.connector.v2.EntitlementsServiceListEntitlementsResponseB6Z4github.com/conductorone/baton-sdk/pb/c1/connector/v2b\x06proto3" + "\x10ListEntitlements\x12;.c1.connector.v2.EntitlementsServiceListEntitlementsRequest\x1a<.c1.connector.v2.EntitlementsServiceListEntitlementsResponse\x12\x9f\x01\n" + + "\x16ListStaticEntitlements\x12A.c1.connector.v2.EntitlementsServiceListStaticEntitlementsRequest\x1aB.c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponseB6Z4github.com/conductorone/baton-sdk/pb/c1/connector/v2b\x06proto3" var file_c1_connector_v2_entitlement_proto_enumTypes = make([]protoimpl.EnumInfo, 1) -var file_c1_connector_v2_entitlement_proto_msgTypes = make([]protoimpl.MessageInfo, 3) +var file_c1_connector_v2_entitlement_proto_msgTypes = make([]protoimpl.MessageInfo, 5) var file_c1_connector_v2_entitlement_proto_goTypes = []any{ - (Entitlement_PurposeValue)(0), // 0: c1.connector.v2.Entitlement.PurposeValue - (*Entitlement)(nil), // 1: c1.connector.v2.Entitlement - (*EntitlementsServiceListEntitlementsRequest)(nil), // 2: c1.connector.v2.EntitlementsServiceListEntitlementsRequest - (*EntitlementsServiceListEntitlementsResponse)(nil), // 3: c1.connector.v2.EntitlementsServiceListEntitlementsResponse - (*Resource)(nil), // 4: c1.connector.v2.Resource - (*ResourceType)(nil), // 5: c1.connector.v2.ResourceType - (*anypb.Any)(nil), // 6: google.protobuf.Any + (Entitlement_PurposeValue)(0), // 0: c1.connector.v2.Entitlement.PurposeValue + (*Entitlement)(nil), // 1: c1.connector.v2.Entitlement + (*EntitlementsServiceListEntitlementsRequest)(nil), // 2: c1.connector.v2.EntitlementsServiceListEntitlementsRequest + (*EntitlementsServiceListEntitlementsResponse)(nil), // 3: c1.connector.v2.EntitlementsServiceListEntitlementsResponse + (*EntitlementsServiceListStaticEntitlementsRequest)(nil), // 4: c1.connector.v2.EntitlementsServiceListStaticEntitlementsRequest + (*EntitlementsServiceListStaticEntitlementsResponse)(nil), // 5: c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponse + (*Resource)(nil), // 6: c1.connector.v2.Resource + (*ResourceType)(nil), // 7: c1.connector.v2.ResourceType + (*anypb.Any)(nil), // 8: google.protobuf.Any } var file_c1_connector_v2_entitlement_proto_depIdxs = []int32{ - 4, // 0: c1.connector.v2.Entitlement.resource:type_name -> c1.connector.v2.Resource - 5, // 1: c1.connector.v2.Entitlement.grantable_to:type_name -> c1.connector.v2.ResourceType - 6, // 2: c1.connector.v2.Entitlement.annotations:type_name -> google.protobuf.Any - 0, // 3: c1.connector.v2.Entitlement.purpose:type_name -> c1.connector.v2.Entitlement.PurposeValue - 4, // 4: c1.connector.v2.EntitlementsServiceListEntitlementsRequest.resource:type_name -> c1.connector.v2.Resource - 6, // 5: c1.connector.v2.EntitlementsServiceListEntitlementsRequest.annotations:type_name -> google.protobuf.Any - 1, // 6: c1.connector.v2.EntitlementsServiceListEntitlementsResponse.list:type_name -> c1.connector.v2.Entitlement - 6, // 7: c1.connector.v2.EntitlementsServiceListEntitlementsResponse.annotations:type_name -> google.protobuf.Any - 2, // 8: c1.connector.v2.EntitlementsService.ListEntitlements:input_type -> c1.connector.v2.EntitlementsServiceListEntitlementsRequest - 3, // 9: c1.connector.v2.EntitlementsService.ListEntitlements:output_type -> c1.connector.v2.EntitlementsServiceListEntitlementsResponse - 9, // [9:10] is the sub-list for method output_type - 8, // [8:9] is the sub-list for method input_type - 8, // [8:8] is the sub-list for extension type_name - 8, // [8:8] is the sub-list for extension extendee - 0, // [0:8] is the sub-list for field type_name + 6, // 0: c1.connector.v2.Entitlement.resource:type_name -> c1.connector.v2.Resource + 7, // 1: c1.connector.v2.Entitlement.grantable_to:type_name -> c1.connector.v2.ResourceType + 8, // 2: c1.connector.v2.Entitlement.annotations:type_name -> google.protobuf.Any + 0, // 3: c1.connector.v2.Entitlement.purpose:type_name -> c1.connector.v2.Entitlement.PurposeValue + 6, // 4: c1.connector.v2.EntitlementsServiceListEntitlementsRequest.resource:type_name -> c1.connector.v2.Resource + 8, // 5: c1.connector.v2.EntitlementsServiceListEntitlementsRequest.annotations:type_name -> google.protobuf.Any + 1, // 6: c1.connector.v2.EntitlementsServiceListEntitlementsResponse.list:type_name -> c1.connector.v2.Entitlement + 8, // 7: c1.connector.v2.EntitlementsServiceListEntitlementsResponse.annotations:type_name -> google.protobuf.Any + 8, // 8: c1.connector.v2.EntitlementsServiceListStaticEntitlementsRequest.annotations:type_name -> google.protobuf.Any + 1, // 9: c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponse.list:type_name -> c1.connector.v2.Entitlement + 8, // 10: c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponse.annotations:type_name -> google.protobuf.Any + 2, // 11: c1.connector.v2.EntitlementsService.ListEntitlements:input_type -> c1.connector.v2.EntitlementsServiceListEntitlementsRequest + 4, // 12: c1.connector.v2.EntitlementsService.ListStaticEntitlements:input_type -> c1.connector.v2.EntitlementsServiceListStaticEntitlementsRequest + 3, // 13: c1.connector.v2.EntitlementsService.ListEntitlements:output_type -> c1.connector.v2.EntitlementsServiceListEntitlementsResponse + 5, // 14: c1.connector.v2.EntitlementsService.ListStaticEntitlements:output_type -> c1.connector.v2.EntitlementsServiceListStaticEntitlementsResponse + 13, // [13:15] is the sub-list for method output_type + 11, // [11:13] is the sub-list for method input_type + 11, // [11:11] is the sub-list for extension type_name + 11, // [11:11] is the sub-list for extension extendee + 0, // [0:11] is the sub-list for field type_name } func init() { file_c1_connector_v2_entitlement_proto_init() } @@ -531,7 +757,7 @@ func file_c1_connector_v2_entitlement_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_c1_connector_v2_entitlement_proto_rawDesc), len(file_c1_connector_v2_entitlement_proto_rawDesc)), NumEnums: 1, - NumMessages: 3, + NumMessages: 5, NumExtensions: 0, NumServices: 1, }, diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session.pb.go index e428496c..dd64fa42 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session.pb.go @@ -1307,18 +1307,18 @@ const file_c1_connectorapi_baton_v1_session_proto_rawDesc = "" + "\n" + "GetAllItem\x12\x10\n" + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + - "\x05value\x18\x02 \x01(\fR\x05value\"\xa0\x01\n" + + "\x05value\x18\x02 \x01(\fR\x05value\"\xa2\x01\n" + "\n" + "SetRequest\x121\n" + "\async_id\x18\x01 \x01(\tB\x18\xfaB\x15r\x132\x11^[a-zA-Z0-9]{27}$R\x06syncId\x12\x1c\n" + "\x03key\x18\x02 \x01(\tB\n" + - "\xfaB\ar\x05\x10\x01\x18\x80\x02R\x03key\x12\x1f\n" + - "\x05value\x18\x03 \x01(\fB\t\xfaB\x06z\x04\x18\x80\x98\x02R\x05value\x12 \n" + + "\xfaB\ar\x05\x10\x01\x18\x80\x02R\x03key\x12!\n" + + "\x05value\x18\x03 \x01(\fB\v\xfaB\bz\x06\x10\x01\x18\x80\x98\x02R\x05value\x12 \n" + "\x06prefix\x18\x04 \x01(\tB\b\xfaB\x05r\x03\x18\x80\x02R\x06prefix\"\r\n" + - "\vSetResponse\"\x8b\x02\n" + + "\vSetResponse\"\x8d\x02\n" + "\x0eSetManyRequest\x121\n" + - "\async_id\x18\x01 \x01(\tB\x18\xfaB\x15r\x132\x11^[a-zA-Z0-9]{27}$R\x06syncId\x12i\n" + - "\x06values\x18\x02 \x03(\v24.c1.connectorapi.baton.v1.SetManyRequest.ValuesEntryB\x1b\xfaB\x18\x9a\x01\x15\b\x01\x10d\"\ar\x05\x10\x01\x18\x80\x02*\x06z\x04\x18\x80\x98\x02R\x06values\x12 \n" + + "\async_id\x18\x01 \x01(\tB\x18\xfaB\x15r\x132\x11^[a-zA-Z0-9]{27}$R\x06syncId\x12k\n" + + "\x06values\x18\x02 \x03(\v24.c1.connectorapi.baton.v1.SetManyRequest.ValuesEntryB\x1d\xfaB\x1a\x9a\x01\x17\b\x01\x10d\"\ar\x05\x10\x01\x18\x80\x02*\bz\x06\x10\x01\x18\x80\x98\x02R\x06values\x12 \n" + "\x06prefix\x18\x03 \x01(\tB\b\xfaB\x05r\x03\x18\x80\x02R\x06prefix\x1a9\n" + "\vValuesEntry\x12\x10\n" + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session.pb.validate.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session.pb.validate.go index dd272d9e..87696b1f 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session.pb.validate.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session.pb.validate.go @@ -1084,10 +1084,10 @@ func (m *SetRequest) validate(all bool) error { errors = append(errors, err) } - if len(m.GetValue()) > 35840 { + if l := len(m.GetValue()); l < 1 || l > 35840 { err := SetRequestValidationError{ field: "Value", - reason: "value length must be at most 35840 bytes", + reason: "value length must be between 1 and 35840 bytes, inclusive", } if !all { return err @@ -1351,10 +1351,10 @@ func (m *SetManyRequest) validate(all bool) error { errors = append(errors, err) } - if len(val) > 35840 { + if l := len(val); l < 1 || l > 35840 { err := SetManyRequestValidationError{ field: fmt.Sprintf("Values[%v]", key), - reason: "value length must be at most 35840 bytes", + reason: "value length must be between 1 and 35840 bytes, inclusive", } if !all { return err diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session_protoopaque.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session_protoopaque.pb.go index 446fdbdb..0285f149 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session_protoopaque.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connectorapi/baton/v1/session_protoopaque.pb.go @@ -1311,18 +1311,18 @@ const file_c1_connectorapi_baton_v1_session_proto_rawDesc = "" + "\n" + "GetAllItem\x12\x10\n" + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + - "\x05value\x18\x02 \x01(\fR\x05value\"\xa0\x01\n" + + "\x05value\x18\x02 \x01(\fR\x05value\"\xa2\x01\n" + "\n" + "SetRequest\x121\n" + "\async_id\x18\x01 \x01(\tB\x18\xfaB\x15r\x132\x11^[a-zA-Z0-9]{27}$R\x06syncId\x12\x1c\n" + "\x03key\x18\x02 \x01(\tB\n" + - "\xfaB\ar\x05\x10\x01\x18\x80\x02R\x03key\x12\x1f\n" + - "\x05value\x18\x03 \x01(\fB\t\xfaB\x06z\x04\x18\x80\x98\x02R\x05value\x12 \n" + + "\xfaB\ar\x05\x10\x01\x18\x80\x02R\x03key\x12!\n" + + "\x05value\x18\x03 \x01(\fB\v\xfaB\bz\x06\x10\x01\x18\x80\x98\x02R\x05value\x12 \n" + "\x06prefix\x18\x04 \x01(\tB\b\xfaB\x05r\x03\x18\x80\x02R\x06prefix\"\r\n" + - "\vSetResponse\"\x8b\x02\n" + + "\vSetResponse\"\x8d\x02\n" + "\x0eSetManyRequest\x121\n" + - "\async_id\x18\x01 \x01(\tB\x18\xfaB\x15r\x132\x11^[a-zA-Z0-9]{27}$R\x06syncId\x12i\n" + - "\x06values\x18\x02 \x03(\v24.c1.connectorapi.baton.v1.SetManyRequest.ValuesEntryB\x1b\xfaB\x18\x9a\x01\x15\b\x01\x10d\"\ar\x05\x10\x01\x18\x80\x02*\x06z\x04\x18\x80\x98\x02R\x06values\x12 \n" + + "\async_id\x18\x01 \x01(\tB\x18\xfaB\x15r\x132\x11^[a-zA-Z0-9]{27}$R\x06syncId\x12k\n" + + "\x06values\x18\x02 \x03(\v24.c1.connectorapi.baton.v1.SetManyRequest.ValuesEntryB\x1d\xfaB\x1a\x9a\x01\x17\b\x01\x10d\"\ar\x05\x10\x01\x18\x80\x02*\bz\x06\x10\x01\x18\x80\x98\x02R\x06values\x12 \n" + "\x06prefix\x18\x03 \x01(\tB\b\xfaB\x05r\x03\x18\x80\x02R\x06prefix\x1a9\n" + "\vValuesEntry\x12\x10\n" + "\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" + diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/cli/cli.go b/vendor/github.com/conductorone/baton-sdk/pkg/cli/cli.go index f0f69a07..93a6e3ba 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/cli/cli.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/cli/cli.go @@ -221,7 +221,7 @@ func SetFlagsAndConstraints(command *cobra.Command, schema field.Configuration) } // mark required - if f.Required { + if f.Required && len(schema.FieldGroups) == 0 { if f.Variant == field.BoolVariant { return fmt.Errorf("requiring %s of type %s does not make sense", f.FieldName, f.Variant) } diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/cli/commands.go b/vendor/github.com/conductorone/baton-sdk/pkg/cli/commands.go index f303d9d3..eea84255 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/cli/commands.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/cli/commands.go @@ -11,6 +11,7 @@ import ( "time" "github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap" + "github.com/maypok86/otter/v2" "github.com/spf13/cobra" "github.com/spf13/viper" "go.uber.org/zap" @@ -52,7 +53,9 @@ func getGRPCSessionStoreClient(ctx context.Context, serverCfg *v1.ServerConfig) if err != nil { return nil, err } - + if serverCfg.GetSessionStoreListenPort() == 0 { + return &session.NoOpSessionStore{}, nil + } // connected, grpc will handle retries for us. dialCtx, canc := context.WithTimeout(ctx, 5*time.Second) defer canc() @@ -153,7 +156,7 @@ func MakeMainCommand[T field.Configurable]( return fmt.Errorf("failed to make configuration: %w", err) } // validate required fields and relationship constraints - if err := field.Validate(confschema, t); err != nil { + if err := field.Validate(confschema, t, field.WithAuthMethod(v.GetString("auth-method"))); err != nil { return err } @@ -467,7 +470,7 @@ func MakeGRPCServerCommand[T field.Configurable]( return fmt.Errorf("failed to make configuration: %w", err) } // validate required fields and relationship constraints - if err := field.Validate(confschema, t); err != nil { + if err := field.Validate(confschema, t, field.WithAuthMethod(v.GetString("auth-method"))); err != nil { return err } @@ -516,9 +519,17 @@ func MakeGRPCServerCommand[T field.Configurable]( } runCtx = context.WithValue(runCtx, crypto.ContextClientSecretKey, secretJwk) } + + sessionStoreMaximumSize := v.GetInt(field.ServerSessionStoreMaximumSizeField.GetName()) sessionConstructor := getGRPCSessionStoreClient(runCtx, serverCfg) c, err := getconnector(runCtx, t, RunTimeOpts{ - SessionStore: &lazySessionStore{constructor: sessionConstructor}, + SessionStore: NewLazyCachingSessionStore(sessionConstructor, func(otterOptions *otter.Options[string, []byte]) { + if sessionStoreMaximumSize <= 0 { + otterOptions.MaximumWeight = 0 + } else { + otterOptions.MaximumWeight = uint64(sessionStoreMaximumSize) + } + }), }) if err != nil { return err @@ -612,7 +623,7 @@ func MakeCapabilitiesCommand[T field.Configurable]( return fmt.Errorf("failed to make configuration: %w", err) } // validate required fields and relationship constraints - if err := field.Validate(confschema, t); err != nil { + if err := field.Validate(confschema, t, field.WithAuthMethod(v.GetString("auth-method"))); err != nil { return err } diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/cli/lambda_server__added.go b/vendor/github.com/conductorone/baton-sdk/pkg/cli/lambda_server__added.go index 29372028..c2fd1848 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/cli/lambda_server__added.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/cli/lambda_server__added.go @@ -17,6 +17,7 @@ import ( "github.com/conductorone/baton-sdk/pkg/session" "github.com/conductorone/baton-sdk/pkg/ugrpc" "github.com/go-jose/go-jose/v4" + "github.com/maypok86/otter/v2" "github.com/mitchellh/mapstructure" "github.com/spf13/cobra" "github.com/spf13/viper" @@ -42,6 +43,7 @@ func OptionallyAddLambdaCommand[T field.Configurable]( getconnector GetConnectorFunc2[T], connectorSchema field.Configuration, mainCmd *cobra.Command, + sessionStoreEnabled bool, ) error { lambdaSchema := field.NewConfiguration(field.LambdaServerFields(), field.WithConstraints(field.LambdaServerRelationships...)) @@ -174,7 +176,16 @@ func OptionallyAddLambdaCommand[T field.Configurable]( } } - if err := field.Validate(connectorSchema, t); err != nil { + configStructMap := configStruct.AsMap() + + var fieldOptions []field.Option + if authMethod, ok := configStructMap["auth-method"]; ok { + if authMethodStr, ok := authMethod.(string); ok { + fieldOptions = append(fieldOptions, field.WithAuthMethod(authMethodStr)) + } + } + + if err := field.Validate(connectorSchema, t, fieldOptions...); err != nil { return fmt.Errorf("lambda-run: failed to validate config: %w", err) } @@ -186,9 +197,23 @@ func OptionallyAddLambdaCommand[T field.Configurable]( } runCtx = context.WithValue(runCtx, crypto.ContextClientSecretKey, secretJwk) } - + sessionStoreMaximumSize := v.GetInt(field.ServerSessionStoreMaximumSizeField.GetName()) + var sessionStoreConstructor sessions.SessionStoreConstructor + if sessionStoreEnabled { + sessionStoreConstructor = createSessionCacheConstructor(grpcClient) + } else { + sessionStoreConstructor = func(ctx context.Context, opt ...sessions.SessionStoreConstructorOption) (sessions.SessionStore, error) { + return &session.NoOpSessionStore{}, nil + } + } ops := RunTimeOpts{ - SessionStore: &lazySessionStore{constructor: createSessionCacheConstructor(grpcClient)}, + SessionStore: NewLazyCachingSessionStore(sessionStoreConstructor, func(otterOptions *otter.Options[string, []byte]) { + if sessionStoreMaximumSize <= 0 { + otterOptions.MaximumWeight = 0 + } else { + otterOptions.MaximumWeight = uint64(sessionStoreMaximumSize) + } + }), } if hasOauthField(connectorSchema.Fields) { diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/cli/lambda_server_omitted.go b/vendor/github.com/conductorone/baton-sdk/pkg/cli/lambda_server_omitted.go index b05691d6..eaaa608b 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/cli/lambda_server_omitted.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/cli/lambda_server_omitted.go @@ -18,6 +18,7 @@ func OptionallyAddLambdaCommand[T field.Configurable]( getconnector GetConnectorFunc2[T], connectorSchema field.Configuration, mainCmd *cobra.Command, + sessionStoreEnabled bool, ) error { return nil } diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/cli/lazy_session.go b/vendor/github.com/conductorone/baton-sdk/pkg/cli/lazy_session.go index 8a7801ac..6e03e0e7 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/cli/lazy_session.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/cli/lazy_session.go @@ -2,32 +2,78 @@ package cli import ( "context" + "math" "sync" + "time" + "github.com/conductorone/baton-sdk/pkg/session" "github.com/conductorone/baton-sdk/pkg/types/sessions" + "github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap" + "github.com/maypok86/otter/v2" + "github.com/maypok86/otter/v2/stats" ) -var _ sessions.SessionStore = (*lazySessionStore)(nil) +var _ sessions.SessionStore = (*lazyCachingSessionStore)(nil) -// lazySessionStore implements types.SessionStore interface but only creates the actual session +type OtterAdjuster func(otterOptions *otter.Options[string, []byte]) + +func NewLazyCachingSessionStore(constructor sessions.SessionStoreConstructor, otterAdjuster OtterAdjuster) *lazyCachingSessionStore { + otterOptions := &otter.Options[string, []byte]{ + // 15MB Note(kans): not much rigor went into this number. An arbirary sampling of lambda invocations suggests they use around 50MB out of 128MB. + MaximumWeight: 1024 * 1024 * 15, + ExpiryCalculator: otter.ExpiryWriting[string, []byte](10 * time.Minute), + StatsRecorder: stats.NewCounter(), + Weigher: func(key string, value []byte) uint32 { + totalLen := 32 + len(key) + len(value) + if totalLen < 0 { + return math.MaxUint32 + } + if totalLen > math.MaxInt32 { + return math.MaxUint32 + } + return uint32(totalLen) + }, + } + if otterAdjuster != nil { + otterAdjuster(otterOptions) + } + + if otterOptions.MaximumWeight == 0 { + otterOptions = nil + } + return &lazyCachingSessionStore{constructor: constructor, otterOptions: otterOptions} +} + +// lazyCachingSessionStore implements types.SessionStore interface but only creates the actual session // when a method is called for the first time. -type lazySessionStore struct { - constructor sessions.SessionStoreConstructor - once sync.Once - session sessions.SessionStore - err error +type lazyCachingSessionStore struct { + constructor sessions.SessionStoreConstructor + once sync.Once + session sessions.SessionStore + err error + otterOptions *otter.Options[string, []byte] } // ensureSession creates the actual session store if it hasn't been created yet. -func (l *lazySessionStore) ensureSession(ctx context.Context) error { +func (l *lazyCachingSessionStore) ensureSession(ctx context.Context) error { l.once.Do(func() { - l.session, l.err = l.constructor(ctx) + var ss sessions.SessionStore + ss, l.err = l.constructor(ctx) + if l.err != nil { + return + } + if l.otterOptions == nil { + ctxzap.Extract(ctx).Info("Session store cache is disabled") + l.session = ss + return + } + l.session, l.err = session.NewMemorySessionCache(l.otterOptions, ss) }) return l.err } // Get implements types.SessionStore. -func (l *lazySessionStore) Get(ctx context.Context, key string, opt ...sessions.SessionStoreOption) ([]byte, bool, error) { +func (l *lazyCachingSessionStore) Get(ctx context.Context, key string, opt ...sessions.SessionStoreOption) ([]byte, bool, error) { if err := l.ensureSession(ctx); err != nil { return nil, false, err } @@ -35,7 +81,7 @@ func (l *lazySessionStore) Get(ctx context.Context, key string, opt ...sessions. } // GetMany implements types.SessionStore. -func (l *lazySessionStore) GetMany(ctx context.Context, keys []string, opt ...sessions.SessionStoreOption) (map[string][]byte, error) { +func (l *lazyCachingSessionStore) GetMany(ctx context.Context, keys []string, opt ...sessions.SessionStoreOption) (map[string][]byte, error) { if err := l.ensureSession(ctx); err != nil { return nil, err } @@ -43,7 +89,7 @@ func (l *lazySessionStore) GetMany(ctx context.Context, keys []string, opt ...se } // Set implements types.SessionStore. -func (l *lazySessionStore) Set(ctx context.Context, key string, value []byte, opt ...sessions.SessionStoreOption) error { +func (l *lazyCachingSessionStore) Set(ctx context.Context, key string, value []byte, opt ...sessions.SessionStoreOption) error { if err := l.ensureSession(ctx); err != nil { return err } @@ -51,7 +97,7 @@ func (l *lazySessionStore) Set(ctx context.Context, key string, value []byte, op } // SetMany implements types.SessionStore. -func (l *lazySessionStore) SetMany(ctx context.Context, values map[string][]byte, opt ...sessions.SessionStoreOption) error { +func (l *lazyCachingSessionStore) SetMany(ctx context.Context, values map[string][]byte, opt ...sessions.SessionStoreOption) error { if err := l.ensureSession(ctx); err != nil { return err } @@ -59,7 +105,7 @@ func (l *lazySessionStore) SetMany(ctx context.Context, values map[string][]byte } // Delete implements types.SessionStore. -func (l *lazySessionStore) Delete(ctx context.Context, key string, opt ...sessions.SessionStoreOption) error { +func (l *lazyCachingSessionStore) Delete(ctx context.Context, key string, opt ...sessions.SessionStoreOption) error { if err := l.ensureSession(ctx); err != nil { return err } @@ -67,7 +113,7 @@ func (l *lazySessionStore) Delete(ctx context.Context, key string, opt ...sessio } // Clear implements types.SessionStore. -func (l *lazySessionStore) Clear(ctx context.Context, opt ...sessions.SessionStoreOption) error { +func (l *lazyCachingSessionStore) Clear(ctx context.Context, opt ...sessions.SessionStoreOption) error { if err := l.ensureSession(ctx); err != nil { return err } @@ -75,7 +121,7 @@ func (l *lazySessionStore) Clear(ctx context.Context, opt ...sessions.SessionSto } // GetAll implements types.SessionStore. -func (l *lazySessionStore) GetAll(ctx context.Context, pageToken string, opt ...sessions.SessionStoreOption) (map[string][]byte, string, error) { +func (l *lazyCachingSessionStore) GetAll(ctx context.Context, pageToken string, opt ...sessions.SessionStoreOption) (map[string][]byte, string, error) { if err := l.ensureSession(ctx); err != nil { return nil, "", err } diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/config/config.go b/vendor/github.com/conductorone/baton-sdk/pkg/config/config.go index 8fb3a295..c018e940 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/config/config.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/config/config.go @@ -143,7 +143,14 @@ func DefineConfigurationV2[T field.Configurable]( relationships = append(relationships, field.DefaultRelationships...) relationships = append(relationships, confschema.Constraints...) - err = cli.SetFlagsAndConstraints(mainCMD, field.NewConfiguration(confschema.Fields, field.WithConstraints(relationships...))) + err = cli.SetFlagsAndConstraints( + mainCMD, + field.NewConfiguration( + confschema.Fields, + field.WithConstraints(relationships...), + field.WithFieldGroups(confschema.FieldGroups), + ), + ) if err != nil { return nil, nil, err } @@ -151,7 +158,12 @@ func DefineConfigurationV2[T field.Configurable]( mainCMD.AddCommand(cli.AdditionalCommands(connectorName, confschema.Fields)...) cli.VisitFlags(mainCMD, v) - err = cli.OptionallyAddLambdaCommand(ctx, connectorName, v, connector, confschema, mainCMD) + sessionStoreEnabled, err := connectorrunner.IsSessionStoreEnabled(ctx, options...) + if err != nil { + return nil, nil, err + } + + err = cli.OptionallyAddLambdaCommand(ctx, connectorName, v, connector, confschema, mainCMD, sessionStoreEnabled) if err != nil { return nil, nil, err diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/config/generate.go b/vendor/github.com/conductorone/baton-sdk/pkg/config/generate.go index 6ce7100d..8d9b0709 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/config/generate.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/config/generate.go @@ -27,6 +27,18 @@ func Generate(name string, schema field.Configuration) { if len(schema.Fields) == 0 { panic("schema must contain at least one field") } + + defaultGroupCount := 0 + for _, group := range schema.FieldGroups { + if group.Default { + defaultGroupCount++ + } + } + + if defaultGroupCount > 1 { + panic("schema must not contain more than one default field group") + } + confschema := schema confschema.Fields = append(confschema.Fields, field.DefaultFields...) // Ensure unique fields diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/connectorbuilder.go b/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/connectorbuilder.go index 47a41c62..98a679df 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/connectorbuilder.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/connectorbuilder.go @@ -306,6 +306,7 @@ func (b *builder) Cleanup(ctx context.Context, request *v2.ConnectorServiceClean if b.sessionStore != nil { // Limit c1z size before we upload, because the uploads time out... // TODO(kans): we could hold onto the session store if we are in debug mode. + // TODO(kans): we should probably not do this for lambda connectors. err := b.sessionStore.Clear(ctx, sessions.WithSyncID(request.GetActiveSyncId())) if err != nil { l.Warn("error clearing session store", zap.Error(err)) @@ -357,9 +358,18 @@ func (b *builder) getCapabilities(ctx context.Context) (*v2.ConnectorCapabilitie connectorCaps[cap] = struct{}{} } + r := rb.ResourceType(ctx) + annos := annotations.Annotations(r.Annotations) + p := &v2.CapabilityPermissions{} + _, err := annos.Pick(p) + if err != nil { + return nil, err + } + resourceTypeCapabilities = append(resourceTypeCapabilities, v2.ResourceTypeCapability_builder{ ResourceType: rb.ResourceType(ctx), Capabilities: caps, + Permissions: p, }.Build()) } diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/resource_syncer.go b/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/resource_syncer.go index e29504de..bd95f56f 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/resource_syncer.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/resource_syncer.go @@ -44,6 +44,10 @@ type ResourceSyncerLimited interface { Grants(ctx context.Context, resource *v2.Resource, pToken *pagination.Token) ([]*v2.Grant, string, annotations.Annotations, error) } +type StaticEntitlementSyncer interface { + StaticEntitlements(ctx context.Context, pToken *pagination.Token) ([]*v2.Entitlement, string, annotations.Annotations, error) +} + type ResourceSyncerV2 interface { ResourceType ResourceSyncerV2Limited @@ -55,6 +59,10 @@ type ResourceSyncerV2Limited interface { Grants(ctx context.Context, resource *v2.Resource, opts resource.SyncOpAttrs) ([]*v2.Grant, *resource.SyncOpResults, error) } +type StaticEntitlementSyncerV2 interface { + StaticEntitlements(ctx context.Context, opts resource.SyncOpAttrs) ([]*v2.Entitlement, *resource.SyncOpResults, error) +} + // ResourceTargetedSyncer extends ResourceSyncer to add capabilities for directly syncing an individual resource // // Implementing this interface indicates the connector supports calling "get" on a resource @@ -132,7 +140,9 @@ func (b *builder) ListResources(ctx context.Context, request *v2.ResourcesServic } if request.GetPageToken() != "" && request.GetPageToken() == retOptions.NextPageToken { b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start)) - return resp, fmt.Errorf("error: listing resources failed: next page token is the same as the current page token. this is most likely a connector bug") + errMsg := fmt.Sprintf(" with page token %s resource type id %s and resource parent id: %s this is most likely a connector bug", + request.GetPageToken(), request.GetResourceTypeId(), request.GetParentResourceId()) + return resp, fmt.Errorf("error: listing resources failed: next page token is the same as the current page token %s", errMsg) } b.m.RecordTaskSuccess(ctx, tt, b.nowFunc().Sub(start)) @@ -168,6 +178,57 @@ func (b *builder) GetResource(ctx context.Context, request *v2.ResourceGetterSer }.Build(), nil } +// ListStaticEntitlements returns all the static entitlements for a given resource type. +// Static entitlements are used to create entitlements for all resources of a given resource type. +func (b *builder) ListStaticEntitlements(ctx context.Context, request *v2.EntitlementsServiceListStaticEntitlementsRequest) (*v2.EntitlementsServiceListStaticEntitlementsResponse, error) { + ctx, span := tracer.Start(ctx, "builder.ListStaticEntitlements") + defer span.End() + + start := b.nowFunc() + tt := tasks.ListStaticEntitlementsType + rb, ok := b.resourceSyncers[request.GetResourceTypeId()] + if !ok { + b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start)) + return nil, fmt.Errorf("error: list static entitlements with unknown resource type %s", request.GetResourceTypeId()) + } + rbse, ok := rb.(StaticEntitlementSyncerV2) + if !ok { + // Resource syncer doesn't support static entitlements. Return empty response. + return v2.EntitlementsServiceListStaticEntitlementsResponse_builder{ + List: []*v2.Entitlement{}, + NextPageToken: "", + Annotations: nil, + }.Build(), nil + } + + token := pagination.Token{ + Size: int(request.GetPageSize()), + Token: request.GetPageToken(), + } + opts := resource.SyncOpAttrs{SyncID: request.GetActiveSyncId(), PageToken: token, Session: WithSyncId(b.sessionStore, request.GetActiveSyncId())} + out, retOptions, err := rbse.StaticEntitlements(ctx, opts) + if retOptions == nil { + retOptions = &resource.SyncOpResults{} + } + + resp := v2.EntitlementsServiceListStaticEntitlementsResponse_builder{ + List: out, + NextPageToken: retOptions.NextPageToken, + Annotations: retOptions.Annotations, + }.Build() + if err != nil { + b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start)) + return nil, fmt.Errorf("error: listing static entitlements failed: %w", err) + } + if request.GetPageToken() != "" && request.GetPageToken() == retOptions.NextPageToken { + b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start)) + return resp, fmt.Errorf("error: listing static entitlements failed: next page token is the same as the current page token. this is most likely a connector bug") + } + + b.m.RecordTaskSuccess(ctx, tt, b.nowFunc().Sub(start)) + return resp, nil +} + // ListEntitlements returns all the entitlements for a given resource. func (b *builder) ListEntitlements(ctx context.Context, request *v2.EntitlementsServiceListEntitlementsRequest) (*v2.EntitlementsServiceListEntitlementsResponse, error) { ctx, span := tracer.Start(ctx, "builder.ListEntitlements") @@ -261,6 +322,9 @@ type resourceSyncerV1toV2 struct { rb ResourceSyncer } +var _ ResourceSyncerV2 = &resourceSyncerV1toV2{} +var _ StaticEntitlementSyncerV2 = &resourceSyncerV1toV2{} + func (rw *resourceSyncerV1toV2) ResourceType(ctx context.Context) *v2.ResourceType { return rw.rb.ResourceType(ctx) } @@ -277,13 +341,24 @@ func (rw *resourceSyncerV1toV2) Entitlements(ctx context.Context, r *v2.Resource return ents, ret, err } +func (rw *resourceSyncerV1toV2) StaticEntitlements(ctx context.Context, opts resource.SyncOpAttrs) ([]*v2.Entitlement, *resource.SyncOpResults, error) { + rb, ok := rw.rb.(StaticEntitlementSyncer) + if !ok { + return nil, &resource.SyncOpResults{NextPageToken: "", Annotations: annotations.Annotations{}}, nil + } + + ents, pageToken, annos, err := rb.StaticEntitlements(ctx, &opts.PageToken) + ret := &resource.SyncOpResults{NextPageToken: pageToken, Annotations: annos} + return ents, ret, err +} + func (rw *resourceSyncerV1toV2) Grants(ctx context.Context, r *v2.Resource, opts resource.SyncOpAttrs) ([]*v2.Grant, *resource.SyncOpResults, error) { grants, pageToken, annos, err := rw.rb.Grants(ctx, r, &opts.PageToken) ret := &resource.SyncOpResults{NextPageToken: pageToken, Annotations: annos} return grants, ret, err } -func (b *builder) addTargetedSyncer(_ context.Context, typeId string, in interface{}) error { +func (b *builder) addTargetedSyncer(_ context.Context, typeId string, in any) error { if targetedSyncer, ok := in.(ResourceTargetedSyncerLimited); ok { if _, ok := b.resourceTargetedSyncers[typeId]; ok { return fmt.Errorf("error: duplicate resource type found for resource targeted syncer %s", typeId) @@ -293,7 +368,7 @@ func (b *builder) addTargetedSyncer(_ context.Context, typeId string, in interfa return nil } -func (b *builder) addResourceSyncers(_ context.Context, typeId string, in interface{}) error { +func (b *builder) addResourceSyncers(_ context.Context, typeId string, in any) error { // no duplicates if _, ok := b.resourceSyncers[typeId]; ok { return fmt.Errorf("error: duplicate resource type found for resource builder %s", typeId) diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/session_store.go b/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/session_store.go index d6c869b5..1bf097b0 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/session_store.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/session_store.go @@ -21,6 +21,7 @@ func WithSyncId(ss sessions.SessionStore, syncID string) sessions.SessionStore { syncID: syncID, } } + func (w *SessionStoreWithSyncID) Get(ctx context.Context, key string, opt ...sessions.SessionStoreOption) ([]byte, bool, error) { opts := append([]sessions.SessionStoreOption{sessions.WithSyncID(w.syncID)}, opt...) return w.ss.Get(ctx, key, opts...) diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/connectorrunner/runner.go b/vendor/github.com/conductorone/baton-sdk/pkg/connectorrunner/runner.go index 621c8112..1f394597 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/connectorrunner/runner.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/connectorrunner/runner.go @@ -675,6 +675,19 @@ func WithSkipGrants(skip bool) Option { } } +func IsSessionStoreEnabled(ctx context.Context, options ...Option) (bool, error) { + cfg := &runnerConfig{} + + for _, o := range options { + err := o(ctx, cfg) + if err != nil { + return false, err + } + } + + return cfg.sessionStoreEnabled, nil +} + // NewConnectorRunner creates a new connector runner. func NewConnectorRunner(ctx context.Context, c types.ConnectorServer, opts ...Option) (*connectorRunner, error) { runner := &connectorRunner{} diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/entitlements.go b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/entitlements.go index 7e0940e0..af966794 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/entitlements.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/entitlements.go @@ -97,6 +97,16 @@ func (c *C1File) GetEntitlement(ctx context.Context, request *reader_v2.Entitlem }.Build(), nil } +func (c *C1File) ListStaticEntitlements(ctx context.Context, request *v2.EntitlementsServiceListStaticEntitlementsRequest) (*v2.EntitlementsServiceListStaticEntitlementsResponse, error) { + _, span := tracer.Start(ctx, "C1File.ListStaticEntitlements") + defer span.End() + + return v2.EntitlementsServiceListStaticEntitlementsResponse_builder{ + List: []*v2.Entitlement{}, + NextPageToken: "", + }.Build(), nil +} + func (c *C1File) PutEntitlements(ctx context.Context, entitlementObjs ...*v2.Entitlement) error { ctx, span := tracer.Start(ctx, "C1File.PutEntitlements") defer span.End() diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/file.go b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/file.go index 8e0b296e..de0a62ae 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/file.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/file.go @@ -2,6 +2,7 @@ package dotc1z import ( "errors" + "fmt" "io" "os" "path/filepath" @@ -65,9 +66,11 @@ func saveC1z(dbFilePath string, outputFilePath string) error { return err } defer func() { - err = dbFile.Close() - if err != nil { - zap.L().Error("failed to close db file", zap.Error(err)) + if dbFile != nil { + err = dbFile.Close() + if err != nil { + zap.L().Error("failed to close db file", zap.Error(err)) + } } }() @@ -75,7 +78,14 @@ func saveC1z(dbFilePath string, outputFilePath string) error { if err != nil { return err } - defer outFile.Close() + defer func() { + if outFile != nil { + err = outFile.Close() + if err != nil { + zap.L().Error("failed to close out file", zap.Error(err)) + } + } + }() // Write the magic file header _, err = outFile.Write(C1ZFileHeader) @@ -83,7 +93,9 @@ func saveC1z(dbFilePath string, outputFilePath string) error { return err } - c1z, err := zstd.NewWriter(outFile) + c1z, err := zstd.NewWriter(outFile, + zstd.WithEncoderConcurrency(1), + ) if err != nil { return err } @@ -102,5 +114,22 @@ func saveC1z(dbFilePath string, outputFilePath string) error { return err } + err = outFile.Sync() + if err != nil { + return fmt.Errorf("failed to sync out file: %w", err) + } + + err = outFile.Close() + if err != nil { + return fmt.Errorf("failed to close out file: %w", err) + } + outFile = nil + + err = dbFile.Close() + if err != nil { + return fmt.Errorf("failed to close db file: %w", err) + } + dbFile = nil + return nil } diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/sync_runs.go b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/sync_runs.go index bdd0b760..49fe3f8f 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/sync_runs.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/dotc1z/sync_runs.go @@ -672,10 +672,12 @@ func (c *C1File) Cleanup(ctx context.Context) error { } } + l.Debug("vacuuming database") err = c.Vacuum(ctx) if err != nil { return err } + l.Debug("vacuum complete") c.dbUpdated = true diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/field/defaults.go b/vendor/github.com/conductorone/baton-sdk/pkg/field/defaults.go index f35b62d5..8a05c793 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/field/defaults.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/field/defaults.go @@ -95,6 +95,14 @@ var ( WithPersistent(true), WithExportTarget(ExportTargetNone), ) + + authMethod = StringField( + "auth-method", + WithDescription(""), + WithPersistent(true), + WithExportTarget(ExportTargetNone), + ) + skipGrants = BoolField("skip-grants", WithDescription("This must be set to skip syncing of grants only (entitlements will still be synced)"), WithPersistent(true), @@ -222,6 +230,13 @@ var ( WithRequired(true), WithDescription("The expected audience claim in the JWT (optional)"), WithExportTarget(ExportTargetNone)) + + ServerSessionStoreMaximumSizeField = IntField("session-store-maximum-size", + WithDescription("The maximum size of the local in-memory session store cache in bytes."), + WithDefaultValue(1024*1024*15), + WithExportTarget(ExportTargetOps), + WithHidden(true), + WithPersistent(true)) ) func LambdaServerFields() []SchemaField { @@ -287,6 +302,7 @@ var DefaultFields = []SchemaField{ compactSyncsField, invokeActionField, invokeActionArgsField, + ServerSessionStoreMaximumSizeField, otelCollectorEndpoint, otelCollectorEndpointTLSCertPath, @@ -294,6 +310,8 @@ var DefaultFields = []SchemaField{ otelCollectorEndpointTlSInsecure, otelTracingDisabled, otelLoggingDisabled, + + authMethod, } func IsFieldAmongDefaultList(f SchemaField) bool { diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/field/field_group.go b/vendor/github.com/conductorone/baton-sdk/pkg/field/field_group.go index ed54a317..884c23e1 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/field/field_group.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/field/field_group.go @@ -5,6 +5,7 @@ type SchemaFieldGroup struct { DisplayName string HelpText string Fields []SchemaField + Default bool } func WithFieldGroups(fieldGroups []SchemaFieldGroup) configOption { @@ -14,3 +15,12 @@ func WithFieldGroups(fieldGroups []SchemaFieldGroup) configOption { return c } } + +func (i *SchemaFieldGroup) FieldMap() map[string]SchemaField { + fieldMap := make(map[string]SchemaField, len(i.Fields)) + for _, f := range i.Fields { + fieldMap[f.FieldName] = f + } + + return fieldMap +} diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/field/marshal.go b/vendor/github.com/conductorone/baton-sdk/pkg/field/marshal.go index 2e68a63d..029e97f8 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/field/marshal.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/field/marshal.go @@ -68,6 +68,7 @@ func fieldGroupToV1(fg SchemaFieldGroup) *v1_conf.FieldGroup { Name: fg.Name, DisplayName: fg.DisplayName, HelpText: fg.HelpText, + Default: fg.Default, }.Build() fieldGroupV1.SetFields(make([]string, 0, len(fg.Fields))) diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/field/struct.go b/vendor/github.com/conductorone/baton-sdk/pkg/field/struct.go index 4ea8b27d..26c69581 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/field/struct.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/field/struct.go @@ -90,3 +90,29 @@ func NewConfiguration(fields []SchemaField, opts ...configOption) Configuration return configuration } + +func (c *Configuration) FieldGroupFields(group string) map[string]SchemaField { + var fieldGroupMap map[string]SchemaField + + for _, fg := range c.FieldGroups { + if fg.Name == group { + fieldGroupMap = fg.FieldMap() + break + } + } + + if fieldGroupMap == nil { + for _, fg := range c.FieldGroups { + if fg.Default { + fieldGroupMap = fg.FieldMap() + break + } + } + } + + if fieldGroupMap == nil && len(c.FieldGroups) >= 1 { + fieldGroupMap = c.FieldGroups[0].FieldMap() + } + + return fieldGroupMap +} diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/field/validation.go b/vendor/github.com/conductorone/baton-sdk/pkg/field/validation.go index 168aa90f..9ec1dff3 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/field/validation.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/field/validation.go @@ -328,16 +328,43 @@ type Configurable interface { GetStringMap(key string) map[string]any } +type validateOptions struct { + authGroup string +} + +type Option func(*validateOptions) + +func WithAuthMethod(authMethod string) Option { + return func(o *validateOptions) { + o.authGroup = authMethod + } +} + // Validate perform validation of field requirement and constraints // relationships after the configuration is read. // We don't check the following: // - if sets of fields are mutually exclusive and required // together at the same time -func Validate(c Configuration, v Configurable) error { +func Validate(c Configuration, v Configurable, opts ...Option) error { + var validateOpts validateOptions + + for _, opt := range opts { + opt(&validateOpts) + } + present := make(map[string]int) validationErrors := &ErrConfigurationMissingFields{} + fieldGroupMap := c.FieldGroupFields(validateOpts.authGroup) + for _, f := range c.Fields { + if fieldGroupMap != nil { + if _, ok := fieldGroupMap[f.FieldName]; !ok { + // skip fields not in the selected auth method group + continue + } + } + // Note: the viper methods are actually casting // internal strings into the desired type. var isPresent bool diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/sdk/empty_connector.go b/vendor/github.com/conductorone/baton-sdk/pkg/sdk/empty_connector.go index f7862da7..4126ad1b 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/sdk/empty_connector.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/sdk/empty_connector.go @@ -53,6 +53,16 @@ func (n *emptyConnector) ListEntitlements( }.Build(), nil } +func (n *emptyConnector) ListStaticEntitlements( + ctx context.Context, + request *v2.EntitlementsServiceListStaticEntitlementsRequest, + opts ...grpc.CallOption, +) (*v2.EntitlementsServiceListStaticEntitlementsResponse, error) { + return v2.EntitlementsServiceListStaticEntitlementsResponse_builder{ + List: []*v2.Entitlement{}, + }.Build(), nil +} + // ListGrants returns a list of grants. func (n *emptyConnector) ListGrants(ctx context.Context, request *v2.GrantsServiceListGrantsRequest, opts ...grpc.CallOption) (*v2.GrantsServiceListGrantsResponse, error) { return v2.GrantsServiceListGrantsResponse_builder{ diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go b/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go index a1e86492..2dc5c3ad 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go @@ -1,3 +1,3 @@ package sdk -const Version = "v0.5.4" +const Version = "v0.5.20" diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/session/memory_cache.go b/vendor/github.com/conductorone/baton-sdk/pkg/session/memory_cache.go new file mode 100644 index 00000000..3881ded4 --- /dev/null +++ b/vendor/github.com/conductorone/baton-sdk/pkg/session/memory_cache.go @@ -0,0 +1,215 @@ +package session + +import ( + "context" + "errors" + "fmt" + "strings" + + "github.com/conductorone/baton-sdk/pkg/types/sessions" + "github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap" + "github.com/maypok86/otter/v2" + "go.uber.org/zap" +) + +var _ sessions.SessionStore = (*MemorySessionCache)(nil) + +func NewMemorySessionCache(otterOptions *otter.Options[string, []byte], ss sessions.SessionStore) (*MemorySessionCache, error) { + cache, err := otter.New(otterOptions) + if err != nil { + return nil, err + } + return &MemorySessionCache{cache: cache, ss: ss}, nil +} + +type MemorySessionCache struct { + cache *otter.Cache[string, []byte] + ss sessions.SessionStore +} + +// The cache is potentially used across syncs. +// Cross sync isolation is achieved by using the syncID in the cache key. +func cacheKey(bag *sessions.SessionStoreBag, key string) string { + return fmt.Sprintf("%s/%s/%s", bag.SyncID, bag.Prefix, key) +} + +func cacheKeys(bag *sessions.SessionStoreBag, keys []string) []string { + newKeys := make([]string, len(keys)) + prefix := fmt.Sprintf("%s/%s/", bag.SyncID, bag.Prefix) + for i, key := range keys { + newKeys[i] = fmt.Sprintf("%s%s", prefix, key) + } + return newKeys +} + +func stripPrefix(bag *sessions.SessionStoreBag, key string) string { + prefix := fmt.Sprintf("%s/%s/", bag.SyncID, bag.Prefix) + return strings.TrimPrefix(key, prefix) +} + +func stripPrefixes(bag *sessions.SessionStoreBag, keys []string) []string { + prefix := fmt.Sprintf("%s/%s/", bag.SyncID, bag.Prefix) + newKeys := make([]string, len(keys)) + for i, key := range keys { + newKeys[i] = strings.TrimPrefix(key, prefix) + } + return newKeys +} + +func (m *MemorySessionCache) Clear(ctx context.Context, opt ...sessions.SessionStoreOption) error { + l := ctxzap.Extract(ctx) + s := m.cache.Stats() + l.Info( + "MemorySessionCache Stats", + zap.Uint64("hits", s.Hits), + zap.Uint64("misses", s.Misses), + zap.Int("estimatedEntries", m.cache.EstimatedSize()), + zap.Uint64("weightedSize", m.cache.WeightedSize()), + ) + + bag, err := applyOptions(ctx, opt...) + if err != nil { + return err + } + err = m.ss.Clear(ctx, opt...) + if err != nil { + return err + } + prefix := fmt.Sprintf("%s/", bag.SyncID) + if bag.Prefix != "" { + prefix = cacheKey(bag, "") + } + + var keysToInvalidate []string + for key := range m.cache.Keys() { + if strings.HasPrefix(key, prefix) { + keysToInvalidate = append(keysToInvalidate, key) + } + } + for _, key := range keysToInvalidate { + _, _ = m.cache.Invalidate(key) + } + + return nil +} + +func (m *MemorySessionCache) Delete(ctx context.Context, key string, opt ...sessions.SessionStoreOption) error { + bag, err := applyOptions(ctx, opt...) + if err != nil { + return err + } + + err = m.ss.Delete(ctx, key, opt...) + if err != nil { + return err + } + _, _ = m.cache.Invalidate(cacheKey(bag, key)) + return nil +} + +type CacheItem struct { + Value []byte +} + +func (m *MemorySessionCache) Get(ctx context.Context, key string, opt ...sessions.SessionStoreOption) ([]byte, bool, error) { + bag, err := applyOptions(ctx, opt...) + if err != nil { + return nil, false, err + } + + v, err := m.cache.Get(ctx, cacheKey(bag, key), otter.LoaderFunc[string, []byte](func(ctx context.Context, _ string) ([]byte, error) { + v, found, err := m.ss.Get(ctx, key, opt...) + if err != nil { + return nil, err + } + if !found { + return nil, otter.ErrNotFound + } + return v, nil + })) + if errors.Is(err, otter.ErrNotFound) { + return nil, false, nil + } + if err != nil { + return nil, false, err + } + return v, true, nil +} + +// GetAll always calls the backing store and caches the results. +func (m *MemorySessionCache) GetAll(ctx context.Context, pageToken string, opt ...sessions.SessionStoreOption) (map[string][]byte, string, error) { + bag, err := applyOptions(ctx, opt...) + if err != nil { + return nil, "", err + } + values, nextPageToken, err := m.ss.GetAll(ctx, pageToken, opt...) + if err != nil { + return nil, "", err + } + for key, value := range values { + _, _ = m.cache.Set(cacheKey(bag, key), value) + } + + return values, nextPageToken, nil +} + +func (m *MemorySessionCache) GetMany(ctx context.Context, keys []string, opt ...sessions.SessionStoreOption) (map[string][]byte, error) { + bag, err := applyOptions(ctx, opt...) + if err != nil { + return nil, err + } + values, err := m.cache.BulkGet(ctx, cacheKeys(bag, keys), otter.BulkLoaderFunc[string, []byte](func(ctx context.Context, cacheKeys []string) (map[string][]byte, error) { + backingValues, err := m.ss.GetMany(ctx, stripPrefixes(bag, cacheKeys), opt...) + if err != nil { + return nil, err + } + cacheKeyValues := make(map[string][]byte, len(backingValues)) + for k, v := range backingValues { + cacheKeyValues[cacheKey(bag, k)] = v + } + + return cacheKeyValues, nil + })) + + if err != nil { + return nil, err + } + unprefixedValues := make(map[string][]byte) + for k, v := range values { + // NOTE(kans): GetMany returns nil values for missing keys, so we need to filter them out. + // We do not allow nil values in the session store. + if v == nil { + continue + } + unprefixedValues[stripPrefix(bag, k)] = v + } + return unprefixedValues, nil +} + +func (m *MemorySessionCache) Set(ctx context.Context, key string, value []byte, opt ...sessions.SessionStoreOption) error { + bag, err := applyOptions(ctx, opt...) + if err != nil { + return err + } + err = m.ss.Set(ctx, key, value, opt...) + if err != nil { + return err + } + _, _ = m.cache.Set(cacheKey(bag, key), value) + return nil +} + +func (m *MemorySessionCache) SetMany(ctx context.Context, values map[string][]byte, opt ...sessions.SessionStoreOption) error { + bag, err := applyOptions(ctx, opt...) + if err != nil { + return err + } + err = m.ss.SetMany(ctx, values, opt...) + if err != nil { + return err + } + for key, value := range values { + _, _ = m.cache.Set(cacheKey(bag, key), value) + } + return nil +} diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/session/noop_session.go b/vendor/github.com/conductorone/baton-sdk/pkg/session/noop_session.go new file mode 100644 index 00000000..11300026 --- /dev/null +++ b/vendor/github.com/conductorone/baton-sdk/pkg/session/noop_session.go @@ -0,0 +1,52 @@ +package session + +import ( + "context" + "fmt" + + "github.com/conductorone/baton-sdk/pkg/types/sessions" + "github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap" + "go.uber.org/zap" +) + +var _ sessions.SessionStore = (*NoOpSessionStore)(nil) + +// Don't panic in dev (ideally). +type NoOpSessionStore struct{} + +var ErrSessionStoreDisabled = fmt.Errorf("session store is disabled by connector author. It must be explicitly enabled via RunConnector WithSessionStoreEnabled()") + +func (n *NoOpSessionStore) logAndError(ctx context.Context, operation string) error { + l := ctxzap.Extract(ctx) + l.Warn("NoOpSessionStore operation ignored", zap.String("operation", operation)) + return fmt.Errorf("%w: operation %s is not supported", ErrSessionStoreDisabled, operation) +} + +func (n *NoOpSessionStore) Get(ctx context.Context, key string, opt ...sessions.SessionStoreOption) ([]byte, bool, error) { + return nil, false, n.logAndError(ctx, "Get") +} + +func (n *NoOpSessionStore) GetMany(ctx context.Context, keys []string, opt ...sessions.SessionStoreOption) (map[string][]byte, error) { + return nil, n.logAndError(ctx, "GetMany") +} + +func (n *NoOpSessionStore) Set(ctx context.Context, key string, value []byte, opt ...sessions.SessionStoreOption) error { + return n.logAndError(ctx, "Set") +} + +func (n *NoOpSessionStore) SetMany(ctx context.Context, values map[string][]byte, opt ...sessions.SessionStoreOption) error { + return n.logAndError(ctx, "SetMany") +} + +func (n *NoOpSessionStore) Delete(ctx context.Context, key string, opt ...sessions.SessionStoreOption) error { + return n.logAndError(ctx, "Delete") +} + +func (n *NoOpSessionStore) Clear(ctx context.Context, opt ...sessions.SessionStoreOption) error { + // NOTE: we call this unconditionally for cleanup, so don't throw. + return nil +} + +func (n *NoOpSessionStore) GetAll(ctx context.Context, pageToken string, opt ...sessions.SessionStoreOption) (map[string][]byte, string, error) { + return nil, "", n.logAndError(ctx, "GetAll") +} diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/sync/state.go b/vendor/github.com/conductorone/baton-sdk/pkg/sync/state.go index df84ee86..71e14911 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/sync/state.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/sync/state.go @@ -19,6 +19,7 @@ type State interface { ResourceTypeID(ctx context.Context) string ResourceID(ctx context.Context) string EntitlementGraph(ctx context.Context) *expand.EntitlementGraph + ClearEntitlementGraph(ctx context.Context) ParentResourceID(ctx context.Context) string ParentResourceTypeID(ctx context.Context) string PageToken(ctx context.Context) string @@ -51,6 +52,8 @@ func (s ActionOp) String() string { return "list-resources" case SyncEntitlementsOp: return "list-entitlements" + case ListResourcesForEntitlementsOp: + return "list-resources-for-entitlements" case SyncGrantsOp: return "list-grants" case SyncExternalResourcesOp: @@ -61,6 +64,8 @@ func (s ActionOp) String() string { return "grant-expansion" case SyncTargetedResourceOp: return "targeted-resource-sync" + case SyncStaticEntitlementsOp: + return "list-static-entitlements" default: return "unknown" } @@ -104,11 +109,17 @@ func newActionOp(str string) ActionOp { return SyncExternalResourcesOp case SyncTargetedResourceOp.String(): return SyncTargetedResourceOp + case SyncStaticEntitlementsOp.String(): + return SyncStaticEntitlementsOp + case ListResourcesForEntitlementsOp.String(): + return ListResourcesForEntitlementsOp default: return UnknownOp } } +// Do not change the order of these constants, and only append new ones at the end. +// Otherwise resuming a sync started by an older version of baton-sdk will cause very strange behavior. const ( UnknownOp ActionOp = iota InitOp @@ -121,6 +132,7 @@ const ( SyncAssetsOp SyncGrantExpansionOp SyncTargetedResourceOp + SyncStaticEntitlementsOp ) // Action stores the current operation, page token, and optional fields for which resource is being worked with. @@ -225,6 +237,7 @@ func (st *state) Unmarshal(input string) error { st.actions = token.Actions st.currentAction = token.CurrentAction st.needsExpansion = token.NeedsExpansion + st.entitlementGraph = token.EntitlementGraph st.hasExternalResourceGrants = token.HasExternalResourceGrants st.shouldSkipEntitlementsAndGrants = token.ShouldSkipEntitlementsAndGrants st.shouldSkipGrants = token.ShouldSkipGrants @@ -370,6 +383,11 @@ func (st *state) EntitlementGraph(ctx context.Context) *expand.EntitlementGraph return st.entitlementGraph } +// ClearEntitlementGraph clears the entitlement graph. This is meant to make the final sync token less confusing. +func (st *state) ClearEntitlementGraph(ctx context.Context) { + st.entitlementGraph = nil +} + func (st *state) ParentResourceID(ctx context.Context) string { c := st.Current() if c == nil { diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/sync/syncer.go b/vendor/github.com/conductorone/baton-sdk/pkg/sync/syncer.go index a3ca48e4..ad918f11 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/sync/syncer.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/sync/syncer.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "io" + "iter" "os" "slices" "strconv" @@ -427,6 +428,39 @@ func (s *syncer) Sync(ctx context.Context) error { return err } s.state = state + if !newSync { + currentAction := s.state.Current() + currentActionOp := "" + currentActionPageToken := "" + currentActionResourceID := "" + currentActionResourceTypeID := "" + if currentAction != nil { + currentActionOp = currentAction.Op.String() + currentActionPageToken = currentAction.PageToken + currentActionResourceID = currentAction.ResourceID + currentActionResourceTypeID = currentAction.ResourceTypeID + } + entitlementGraph := s.state.EntitlementGraph(ctx) + l.Info("resumed previous sync", + zap.String("sync_id", syncID), + zap.String("sync_type", string(s.syncType)), + zap.String("current_action_op", currentActionOp), + zap.String("current_action_resource_id", currentActionResourceID), + zap.String("current_action_resource_type_id", currentActionResourceTypeID), + zap.String("current_action_page_token", currentActionPageToken), + zap.Bool("needs_expansion", s.state.NeedsExpansion()), + zap.Bool("has_external_resources_grants", s.state.HasExternalResourcesGrants()), + zap.Bool("should_fetch_related_resources", s.state.ShouldFetchRelatedResources()), + zap.Bool("should_skip_entitlements_and_grants", s.state.ShouldSkipEntitlementsAndGrants()), + zap.Bool("should_skip_grants", s.state.ShouldSkipGrants()), + zap.Bool("graph_loaded", entitlementGraph.Loaded), + zap.Bool("graph_has_no_cycles", entitlementGraph.HasNoCycles), + zap.Int("graph_depth", entitlementGraph.Depth), + zap.Int("graph_actions", len(entitlementGraph.Actions)), + zap.Int("graph_edges", len(entitlementGraph.Edges)), + zap.Int("graph_nodes", len(entitlementGraph.Nodes)), + ) + } retryer := retry.NewRetryer(ctx, retry.RetryConfig{ MaxAttempts: 0, @@ -450,8 +484,13 @@ func (s *syncer) Sync(ctx context.Context) error { err = context.Cause(runCtx) switch { case errors.Is(err, context.DeadlineExceeded): - l.Debug("sync run duration has expired, exiting sync early", zap.String("sync_id", syncID)) - return ErrSyncNotComplete + l.Info("sync run duration has expired, exiting sync early", zap.String("sync_id", syncID)) + // It would be nice to remove this once we're more confident in the checkpointing logic. + checkpointErr := s.Checkpoint(ctx, true) + if checkpointErr != nil { + l.Error("error checkpointing before exiting sync", zap.Error(checkpointErr)) + } + return errors.Join(checkpointErr, ErrSyncNotComplete) default: l.Error("sync context cancelled", zap.String("sync_id", syncID), zap.Error(err)) return err @@ -512,6 +551,7 @@ func (s *syncer) Sync(ctx context.Context) error { s.state.PushAction(ctx, Action{Op: SyncGrantsOp}) } s.state.PushAction(ctx, Action{Op: SyncEntitlementsOp}) + s.state.PushAction(ctx, Action{Op: SyncStaticEntitlementsOp}) } s.state.PushAction(ctx, Action{Op: SyncResourcesOp}) s.state.PushAction(ctx, Action{Op: SyncResourceTypesOp}) @@ -549,6 +589,18 @@ func (s *syncer) Sync(ctx context.Context) error { } continue + case SyncStaticEntitlementsOp: + err = s.SyncStaticEntitlements(ctx) + if isWarning(ctx, err) { + l.Warn("skipping sync static entitlements action", zap.Any("stateAction", stateAction), zap.Error(err)) + warnings = append(warnings, err) + s.state.FinishAction(ctx) + continue + } + if !retryer.ShouldWaitAndRetry(ctx, err) { + return err + } + continue case SyncEntitlementsOp: err = s.SyncEntitlements(ctx) if isWarning(ctx, err) { @@ -605,7 +657,8 @@ func (s *syncer) Sync(ctx context.Context) error { } } - // Force a checkpoint to clear sync_token. + // Force a checkpoint to clear completed actions & entitlement graph in sync_token. + s.state.ClearEntitlementGraph(ctx) err = s.Checkpoint(ctx, true) if err != nil { return err @@ -680,6 +733,29 @@ func (s *syncer) SkipSync(ctx context.Context) error { return nil } +func (s *syncer) listAllResourceTypes(ctx context.Context) iter.Seq2[[]*v2.ResourceType, error] { + return func(yield func([]*v2.ResourceType, error) bool) { + pageToken := "" + for { + resp, err := s.connector.ListResourceTypes(ctx, v2.ResourceTypesServiceListResourceTypesRequest_builder{PageToken: pageToken}.Build()) + if err != nil { + _ = yield(nil, err) + return + } + resourceTypes := resp.GetList() + if len(resourceTypes) > 0 { + if !yield(resourceTypes, err) { + return + } + } + pageToken = resp.GetNextPageToken() + if pageToken == "" { + return + } + } + } +} + // SyncResourceTypes calls the ListResourceType() connector endpoint and persists the results in to the datasource. func (s *syncer) SyncResourceTypes(ctx context.Context) error { ctx, span := tracer.Start(ctx, "syncer.SyncResourceTypes") @@ -1214,6 +1290,95 @@ func (s *syncer) syncEntitlementsForResource(ctx context.Context, resourceID *v2 return nil } +func (s *syncer) SyncStaticEntitlements(ctx context.Context) error { + ctx, span := tracer.Start(ctx, "syncer.SyncStaticEntitlements") + defer span.End() + + if s.state.ResourceTypeID(ctx) != "" { + return s.syncStaticEntitlementsForResourceType(ctx, s.state.ResourceTypeID(ctx)) + } + + ctxzap.Extract(ctx).Info("Syncing static entitlements...") + s.handleInitialActionForStep(ctx, *s.state.Current()) + + s.state.FinishAction(ctx) + for rts, err := range s.listAllResourceTypes(ctx) { + if err != nil { + return err + } + for _, rt := range rts { + // Queue up actions to sync static entitlements for each resource type + s.state.PushAction(ctx, Action{Op: SyncStaticEntitlementsOp, ResourceTypeID: rt.GetId()}) + } + } + + return nil +} + +func (s *syncer) syncStaticEntitlementsForResourceType(ctx context.Context, resourceTypeID string) error { + ctx, span := tracer.Start(ctx, "syncer.syncStaticEntitlementsForResource") + defer span.End() + + resp, err := s.connector.ListStaticEntitlements(ctx, v2.EntitlementsServiceListStaticEntitlementsRequest_builder{ + ResourceTypeId: resourceTypeID, + PageToken: s.state.PageToken(ctx), + ActiveSyncId: s.getActiveSyncID(), + }.Build()) + if err != nil { + return err + } + + for _, ent := range resp.GetList() { + resourcePageToken := "" + for { + // get all resources of resource type and create entitlements for each one + resourcesResp, err := s.store.ListResources(ctx, v2.ResourcesServiceListResourcesRequest_builder{ + ResourceTypeId: resourceTypeID, + PageToken: resourcePageToken, + ActiveSyncId: s.getActiveSyncID(), + }.Build()) + if err != nil { + return err + } + entitlements := []*v2.Entitlement{} + for _, resource := range resourcesResp.GetList() { + entitlements = append(entitlements, &v2.Entitlement{ + Resource: resource, + Id: entitlement.NewEntitlementID(resource, ent.GetSlug()), + DisplayName: ent.GetDisplayName(), + Description: ent.GetDescription(), + GrantableTo: ent.GetGrantableTo(), + Annotations: ent.GetAnnotations(), + }) + } + err = s.store.PutEntitlements(ctx, entitlements...) + if err != nil { + return err + } + resourcePageToken = resourcesResp.GetNextPageToken() + if resourcePageToken == "" { + break + } + } + } + + s.handleProgress(ctx, s.state.Current(), len(resp.GetList())) + + if resp.GetNextPageToken() != "" { + err = s.state.NextPage(ctx, resp.GetNextPageToken()) + if err != nil { + return err + } + } else { + s.counts.EntitlementsProgress[resourceTypeID] += 1 + s.counts.LogEntitlementsProgress(ctx, resourceTypeID) + + s.state.FinishAction(ctx) + } + + return nil +} + // syncAssetsForResource looks up a resource given the input ID. From there it looks to see if there are any traits that // include references to an asset. For each AssetRef, we then call GetAsset on the connector and stream the asset from the connector. // Once we have the entire asset, we put it in the database. @@ -1850,24 +2015,20 @@ func (s *syncer) SyncExternalResourcesWithGrantToEntitlement(ctx context.Context return err } - grants, err := s.listExternalGrantsForEntitlement(ctx, filterEntitlement.GetEntitlement()) - if err != nil { - return err - } - - ents := make([]*v2.Entitlement, 0) - principals := make([]*v2.Resource, 0) - resourceTypes := make([]*v2.ResourceType, 0) resourceTypeIDs := mapset.NewSet[string]() resourceIDs := make(map[string]*v2.ResourceId) - grantsForEnts := make([]*v2.Grant, 0) - - for _, g := range grants { - resourceTypeIDs.Add(g.GetPrincipal().GetId().GetResourceType()) - resourceIDs[g.GetPrincipal().GetId().GetResource()] = g.GetPrincipal().GetId() + for grants, err := range s.listExternalGrantsForEntitlement(ctx, filterEntitlement.GetEntitlement()) { + if err != nil { + return err + } + for _, g := range grants { + resourceTypeIDs.Add(g.GetPrincipal().GetId().GetResourceType()) + resourceIDs[g.GetPrincipal().GetId().GetResource()] = g.GetPrincipal().GetId() + } } + resourceTypes := make([]*v2.ResourceType, 0) for _, resourceTypeId := range resourceTypeIDs.ToSlice() { resourceTypeResp, err := s.externalResourceReader.GetResourceType(ctx, reader_v2.ResourceTypesReaderServiceGetResourceTypeRequest_builder{ResourceTypeId: resourceTypeId}.Build()) if err != nil { @@ -1886,6 +2047,12 @@ func (s *syncer) SyncExternalResourcesWithGrantToEntitlement(ctx context.Context skipEGForResourceType[resourceTypeResp.GetResourceType().GetId()] = skipEntitlements } + err = s.store.PutResourceTypes(ctx, resourceTypes...) + if err != nil { + return err + } + + principals := make([]*v2.Resource, 0) for _, resourceId := range resourceIDs { resourceResp, err := s.externalResourceReader.GetResource(ctx, reader_v2.ResourcesReaderServiceGetResourceRequest_builder{ResourceId: resourceId}.Build()) if err != nil { @@ -1907,6 +2074,13 @@ func (s *syncer) SyncExternalResourcesWithGrantToEntitlement(ctx context.Context principals = append(principals, resourceVal) } + err = s.store.PutResources(ctx, principals...) + if err != nil { + return err + } + + entsCount := 0 + ents := make([]*v2.Entitlement, 0) for _, principal := range principals { rAnnos := annotations.Annotations(principal.GetAnnotations()) skipEnts := skipEGForResourceType[principal.GetId().GetResourceType()] || rAnnos.Contains(&v2.SkipEntitlementsAndGrants{}) @@ -1919,45 +2093,37 @@ func (s *syncer) SyncExternalResourcesWithGrantToEntitlement(ctx context.Context return err } ents = append(ents, resourceEnts...) + entsCount += len(resourceEnts) + } + + err = s.store.PutEntitlements(ctx, ents...) + if err != nil { + return err } + grantsForEntsCount := 0 for _, ent := range ents { rAnnos := annotations.Annotations(ent.GetResource().GetAnnotations()) if rAnnos.Contains(&v2.SkipGrants{}) { continue } - grantsForEnt, err := s.listExternalGrantsForEntitlement(ctx, ent) - if err != nil { - return err + for grants, err := range s.listExternalGrantsForEntitlement(ctx, ent) { + if err != nil { + return err + } + grantsForEntsCount += len(grants) + err = s.store.PutGrants(ctx, grants...) + if err != nil { + return err + } } - grantsForEnts = append(grantsForEnts, grantsForEnt...) - } - - err = s.store.PutResourceTypes(ctx, resourceTypes...) - if err != nil { - return err - } - - err = s.store.PutResources(ctx, principals...) - if err != nil { - return err - } - - err = s.store.PutEntitlements(ctx, ents...) - if err != nil { - return err - } - - err = s.store.PutGrants(ctx, grantsForEnts...) - if err != nil { - return err } l.Info("Synced external resources for entitlement", zap.Int("resource_type_count", len(resourceTypes)), zap.Int("resource_count", len(principals)), - zap.Int("entitlement_count", len(ents)), - zap.Int("grant_count", len(grantsForEnts)), + zap.Int("entitlement_count", entsCount), + zap.Int("grant_count", grantsForEntsCount), ) err = s.processGrantsWithExternalPrincipals(ctx, principals) @@ -1987,7 +2153,6 @@ func (s *syncer) SyncExternalResourcesUsersAndGroups(ctx context.Context) error userAndGroupResourceTypes := make([]*v2.ResourceType, 0) ents := make([]*v2.Entitlement, 0) principals := make([]*v2.Resource, 0) - grantsForEnts := make([]*v2.Grant, 0) for _, rt := range resourceTypes { for _, t := range rt.GetTraits() { if t == v2.ResourceType_TRAIT_USER || t == v2.ResourceType_TRAIT_GROUP { @@ -1997,6 +2162,11 @@ func (s *syncer) SyncExternalResourcesUsersAndGroups(ctx context.Context) error } } + err = s.store.PutResourceTypes(ctx, userAndGroupResourceTypes...) + if err != nil { + return err + } + for _, rt := range userAndGroupResourceTypes { rtAnnos := annotations.Annotations(rt.GetAnnotations()) skipEntitlements := rtAnnos.Contains(&v2.SkipEntitlementsAndGrants{}) @@ -2016,6 +2186,13 @@ func (s *syncer) SyncExternalResourcesUsersAndGroups(ctx context.Context) error } } + err = s.store.PutResources(ctx, principals...) + if err != nil { + return err + } + + entsCount := 0 + principalsCount := len(principals) for _, principal := range principals { skipEnts := skipEGForResourceType[principal.GetId().GetResourceType()] if skipEnts { @@ -2031,45 +2208,36 @@ func (s *syncer) SyncExternalResourcesUsersAndGroups(ctx context.Context) error return err } ents = append(ents, resourceEnts...) + entsCount += len(resourceEnts) + err = s.store.PutEntitlements(ctx, resourceEnts...) + if err != nil { + return err + } } + grantsForEntsCount := 0 for _, ent := range ents { rAnnos := annotations.Annotations(ent.GetResource().GetAnnotations()) if rAnnos.Contains(&v2.SkipGrants{}) { continue } - grantsForEnt, err := s.listExternalGrantsForEntitlement(ctx, ent) - if err != nil { - return err + for grants, err := range s.listExternalGrantsForEntitlement(ctx, ent) { + if err != nil { + return err + } + grantsForEntsCount += len(grants) + err = s.store.PutGrants(ctx, grants...) + if err != nil { + return err + } } - grantsForEnts = append(grantsForEnts, grantsForEnt...) - } - - err = s.store.PutResourceTypes(ctx, userAndGroupResourceTypes...) - if err != nil { - return err - } - - err = s.store.PutResources(ctx, principals...) - if err != nil { - return err - } - - err = s.store.PutEntitlements(ctx, ents...) - if err != nil { - return err - } - - err = s.store.PutGrants(ctx, grantsForEnts...) - if err != nil { - return err } l.Info("Synced external resources", zap.Int("resource_type_count", len(userAndGroupResourceTypes)), - zap.Int("resource_count", len(principals)), - zap.Int("entitlement_count", len(ents)), - zap.Int("grant_count", len(grantsForEnts)), + zap.Int("resource_count", principalsCount), + zap.Int("entitlement_count", entsCount), + zap.Int("grant_count", grantsForEntsCount), ) err = s.processGrantsWithExternalPrincipals(ctx, principals) @@ -2123,24 +2291,30 @@ func (s *syncer) listExternalEntitlementsForResource(ctx context.Context, resour return ents, nil } -func (s *syncer) listExternalGrantsForEntitlement(ctx context.Context, ent *v2.Entitlement) ([]*v2.Grant, error) { - grantsForEnts := make([]*v2.Grant, 0) - entitlementGrantPageToken := "" - for { - grantsForEntitlementResp, err := s.externalResourceReader.ListGrantsForEntitlement(ctx, reader_v2.GrantsReaderServiceListGrantsForEntitlementRequest_builder{ - Entitlement: ent, - PageToken: entitlementGrantPageToken, - }.Build()) - if err != nil { - return nil, err - } - grantsForEnts = append(grantsForEnts, grantsForEntitlementResp.GetList()...) - entitlementGrantPageToken = grantsForEntitlementResp.GetNextPageToken() - if entitlementGrantPageToken == "" { - break +func (s *syncer) listExternalGrantsForEntitlement(ctx context.Context, ent *v2.Entitlement) iter.Seq2[[]*v2.Grant, error] { + return func(yield func([]*v2.Grant, error) bool) { + pageToken := "" + for { + grantsForEntitlementResp, err := s.externalResourceReader.ListGrantsForEntitlement(ctx, reader_v2.GrantsReaderServiceListGrantsForEntitlementRequest_builder{ + Entitlement: ent, + PageToken: pageToken, + }.Build()) + if err != nil { + _ = yield(nil, err) + return + } + grants := grantsForEntitlementResp.GetList() + if len(grants) > 0 { + if !yield(grants, err) { + return + } + } + pageToken = grantsForEntitlementResp.GetNextPageToken() + if pageToken == "" { + return + } } } - return grantsForEnts, nil } func (s *syncer) listExternalResourceTypes(ctx context.Context) ([]*v2.ResourceType, error) { @@ -2162,24 +2336,29 @@ func (s *syncer) listExternalResourceTypes(ctx context.Context) ([]*v2.ResourceT return resourceTypes, nil } -func (s *syncer) listAllGrants(ctx context.Context) ([]*v2.Grant, error) { - grants := make([]*v2.Grant, 0) - pageToken := "" - for { - grantsResp, err := s.store.ListGrants(ctx, v2.GrantsServiceListGrantsRequest_builder{ - PageToken: pageToken, - }.Build()) - if err != nil { - return nil, err - } +func (s *syncer) listAllGrants(ctx context.Context) iter.Seq2[[]*v2.Grant, error] { + return func(yield func([]*v2.Grant, error) bool) { + pageToken := "" + for { + grantsResp, err := s.store.ListGrants(ctx, v2.GrantsServiceListGrantsRequest_builder{ + PageToken: pageToken, + }.Build()) + if err != nil { + _ = yield(nil, err) + return + } - grants = append(grants, grantsResp.GetList()...) - pageToken = grantsResp.GetNextPageToken() - if pageToken == "" { - break + if len(grantsResp.GetList()) > 0 { + if !yield(grantsResp.GetList(), err) { + return + } + } + pageToken = grantsResp.GetNextPageToken() + if pageToken == "" { + return + } } } - return grants, nil } func (s *syncer) processGrantsWithExternalPrincipals(ctx context.Context, principals []*v2.Resource) error { @@ -2219,196 +2398,197 @@ func (s *syncer) processGrantsWithExternalPrincipals(ctx context.Context, princi grantsToDelete := make([]string, 0) expandedGrants := make([]*v2.Grant, 0) - grants, err := s.listAllGrants(ctx) - if err != nil { - return err - } - - for _, grant := range grants { - annos := annotations.Annotations(grant.GetAnnotations()) - if !annos.ContainsAny(&v2.ExternalResourceMatchAll{}, &v2.ExternalResourceMatch{}, &v2.ExternalResourceMatchID{}) { - continue - } - - // Match all - matchResourceMatchAllAnno, err := GetExternalResourceMatchAllAnnotation(annos) + for grants, err := range s.listAllGrants(ctx) { if err != nil { return err } - if matchResourceMatchAllAnno != nil { - var processPrincipals []*v2.Resource - switch matchResourceMatchAllAnno.GetResourceType() { - case v2.ResourceType_TRAIT_USER: - processPrincipals = userPrincipals - case v2.ResourceType_TRAIT_GROUP: - processPrincipals = groupPrincipals - default: - l.Error("unexpected external resource type trait", zap.Any("trait", matchResourceMatchAllAnno.GetResourceType())) - } - for _, principal := range processPrincipals { - newGrant := newGrantForExternalPrincipal(grant, principal) - expandedGrants = append(expandedGrants, newGrant) + + for _, grant := range grants { + annos := annotations.Annotations(grant.GetAnnotations()) + if !annos.ContainsAny(&v2.ExternalResourceMatchAll{}, &v2.ExternalResourceMatch{}, &v2.ExternalResourceMatchID{}) { + continue } - grantsToDelete = append(grantsToDelete, grant.GetId()) - continue - } - expandableAnno, err := GetExpandableAnnotation(annos) - if err != nil { - return err - } - expandableEntitlementsResourceMap := make(map[string][]*v2.Entitlement) - if expandableAnno != nil { - for _, entId := range expandableAnno.GetEntitlementIds() { - parsedEnt, err := bid.ParseEntitlementBid(entId) - if err != nil { - l.Error("error parsing expandable entitlement bid", zap.Any("entitlementId", entId)) - continue - } - resourceBID, err := bid.MakeBid(parsedEnt.GetResource()) - if err != nil { - l.Error("error making resource bid", zap.Any("parsedEnt.Resource", parsedEnt.GetResource())) - continue + // Match all + matchResourceMatchAllAnno, err := GetExternalResourceMatchAllAnnotation(annos) + if err != nil { + return err + } + if matchResourceMatchAllAnno != nil { + var processPrincipals []*v2.Resource + switch matchResourceMatchAllAnno.GetResourceType() { + case v2.ResourceType_TRAIT_USER: + processPrincipals = userPrincipals + case v2.ResourceType_TRAIT_GROUP: + processPrincipals = groupPrincipals + default: + l.Error("unexpected external resource type trait", zap.Any("trait", matchResourceMatchAllAnno.GetResourceType())) } - entitlementMap, ok := expandableEntitlementsResourceMap[resourceBID] - if !ok { - entitlementMap = make([]*v2.Entitlement, 0) + for _, principal := range processPrincipals { + newGrant := newGrantForExternalPrincipal(grant, principal) + expandedGrants = append(expandedGrants, newGrant) } - entitlementMap = append(entitlementMap, parsedEnt) - expandableEntitlementsResourceMap[resourceBID] = entitlementMap + grantsToDelete = append(grantsToDelete, grant.GetId()) + continue } - } - // Match by ID - matchResourceMatchIDAnno, err := GetExternalResourceMatchIDAnnotation(annos) - if err != nil { - return err - } - if matchResourceMatchIDAnno != nil { - if principal, ok := principalMap[matchResourceMatchIDAnno.GetId()]; ok { - newGrant := newGrantForExternalPrincipal(grant, principal) - expandedGrants = append(expandedGrants, newGrant) - - newGrantAnnos := annotations.Annotations(newGrant.GetAnnotations()) - - newExpandableEntitlementIDs := make([]string, 0) - if expandableAnno != nil { - groupPrincipalBID, err := bid.MakeBid(grant.GetPrincipal()) + expandableAnno, err := GetExpandableAnnotation(annos) + if err != nil { + return err + } + expandableEntitlementsResourceMap := make(map[string][]*v2.Entitlement) + if expandableAnno != nil { + for _, entId := range expandableAnno.GetEntitlementIds() { + parsedEnt, err := bid.ParseEntitlementBid(entId) if err != nil { - l.Error("error making group principal bid", zap.Error(err), zap.Any("grant.Principal", grant.GetPrincipal())) + l.Error("error parsing expandable entitlement bid", zap.Any("entitlementId", entId)) continue } - - principalEntitlements := expandableEntitlementsResourceMap[groupPrincipalBID] - for _, expandableGrant := range principalEntitlements { - newExpandableEntId := entitlement.NewEntitlementID(principal, expandableGrant.GetSlug()) - _, err := s.store.GetEntitlement(ctx, reader_v2.EntitlementsReaderServiceGetEntitlementRequest_builder{EntitlementId: newExpandableEntId}.Build()) - if err != nil { - if errors.Is(err, sql.ErrNoRows) { - l.Error("found no entitlement with entitlement id generated from external source sync", zap.Any("entitlementId", newExpandableEntId)) - continue - } - return err - } - newExpandableEntitlementIDs = append(newExpandableEntitlementIDs, newExpandableEntId) + resourceBID, err := bid.MakeBid(parsedEnt.GetResource()) + if err != nil { + l.Error("error making resource bid", zap.Any("parsedEnt.Resource", parsedEnt.GetResource())) + continue } - - newExpandableAnno := v2.GrantExpandable_builder{ - EntitlementIds: newExpandableEntitlementIDs, - Shallow: expandableAnno.GetShallow(), - ResourceTypeIds: expandableAnno.GetResourceTypeIds(), - }.Build() - newGrantAnnos.Update(newExpandableAnno) - newGrant.SetAnnotations(newGrantAnnos) - expandedGrants = append(expandedGrants, newGrant) + entitlementMap, ok := expandableEntitlementsResourceMap[resourceBID] + if !ok { + entitlementMap = make([]*v2.Entitlement, 0) + } + entitlementMap = append(entitlementMap, parsedEnt) + expandableEntitlementsResourceMap[resourceBID] = entitlementMap } } - // We still want to delete the grant even if there are no matches - // Since it does not correspond to any known user - grantsToDelete = append(grantsToDelete, grant.GetId()) - } + // Match by ID + matchResourceMatchIDAnno, err := GetExternalResourceMatchIDAnnotation(annos) + if err != nil { + return err + } + if matchResourceMatchIDAnno != nil { + if principal, ok := principalMap[matchResourceMatchIDAnno.GetId()]; ok { + newGrant := newGrantForExternalPrincipal(grant, principal) + expandedGrants = append(expandedGrants, newGrant) - // Match by key/val - matchExternalResource, err := GetExternalResourceMatchAnnotation(annos) - if err != nil { - return err - } + newGrantAnnos := annotations.Annotations(newGrant.GetAnnotations()) - if matchExternalResource != nil { - switch matchExternalResource.GetResourceType() { - case v2.ResourceType_TRAIT_USER: - for _, userPrincipal := range userPrincipals { - userTrait, err := resource.GetUserTrait(userPrincipal) - if err != nil { - l.Error("error getting user trait", zap.Any("userPrincipal", userPrincipal)) - continue - } - if matchExternalResource.GetKey() == "email" { - if userTraitContainsEmail(userTrait.GetEmails(), matchExternalResource.GetValue()) { - newGrant := newGrantForExternalPrincipal(grant, userPrincipal) - expandedGrants = append(expandedGrants, newGrant) - // continue to next principal since we found an email match + newExpandableEntitlementIDs := make([]string, 0) + if expandableAnno != nil { + groupPrincipalBID, err := bid.MakeBid(grant.GetPrincipal()) + if err != nil { + l.Error("error making group principal bid", zap.Error(err), zap.Any("grant.Principal", grant.GetPrincipal())) continue } - } - profileVal, ok := resource.GetProfileStringValue(userTrait.GetProfile(), matchExternalResource.GetKey()) - if ok && strings.EqualFold(profileVal, matchExternalResource.GetValue()) { - newGrant := newGrantForExternalPrincipal(grant, userPrincipal) + + principalEntitlements := expandableEntitlementsResourceMap[groupPrincipalBID] + for _, expandableGrant := range principalEntitlements { + newExpandableEntId := entitlement.NewEntitlementID(principal, expandableGrant.GetSlug()) + _, err := s.store.GetEntitlement(ctx, reader_v2.EntitlementsReaderServiceGetEntitlementRequest_builder{EntitlementId: newExpandableEntId}.Build()) + if err != nil { + if errors.Is(err, sql.ErrNoRows) { + l.Error("found no entitlement with entitlement id generated from external source sync", zap.Any("entitlementId", newExpandableEntId)) + continue + } + return err + } + newExpandableEntitlementIDs = append(newExpandableEntitlementIDs, newExpandableEntId) + } + + newExpandableAnno := v2.GrantExpandable_builder{ + EntitlementIds: newExpandableEntitlementIDs, + Shallow: expandableAnno.GetShallow(), + ResourceTypeIds: expandableAnno.GetResourceTypeIds(), + }.Build() + newGrantAnnos.Update(newExpandableAnno) + newGrant.SetAnnotations(newGrantAnnos) expandedGrants = append(expandedGrants, newGrant) } } - case v2.ResourceType_TRAIT_GROUP: - for _, groupPrincipal := range groupPrincipals { - groupTrait, err := resource.GetGroupTrait(groupPrincipal) - if err != nil { - l.Error("error getting group trait", zap.Any("groupPrincipal", groupPrincipal)) - continue - } - profileVal, ok := resource.GetProfileStringValue(groupTrait.GetProfile(), matchExternalResource.GetKey()) - if ok && strings.EqualFold(profileVal, matchExternalResource.GetValue()) { - newGrant := newGrantForExternalPrincipal(grant, groupPrincipal) - newGrantAnnos := annotations.Annotations(newGrant.GetAnnotations()) - - newExpandableEntitlementIDs := make([]string, 0) - if expandableAnno != nil { - groupPrincipalBID, err := bid.MakeBid(grant.GetPrincipal()) - if err != nil { - l.Error("error making group principal bid", zap.Error(err), zap.Any("grant.Principal", grant.GetPrincipal())) + + // We still want to delete the grant even if there are no matches + // Since it does not correspond to any known user + grantsToDelete = append(grantsToDelete, grant.GetId()) + } + + // Match by key/val + matchExternalResource, err := GetExternalResourceMatchAnnotation(annos) + if err != nil { + return err + } + + if matchExternalResource != nil { + switch matchExternalResource.GetResourceType() { + case v2.ResourceType_TRAIT_USER: + for _, userPrincipal := range userPrincipals { + userTrait, err := resource.GetUserTrait(userPrincipal) + if err != nil { + l.Error("error getting user trait", zap.Any("userPrincipal", userPrincipal)) + continue + } + if matchExternalResource.GetKey() == "email" { + if userTraitContainsEmail(userTrait.GetEmails(), matchExternalResource.GetValue()) { + newGrant := newGrantForExternalPrincipal(grant, userPrincipal) + expandedGrants = append(expandedGrants, newGrant) + // continue to next principal since we found an email match continue } - - principalEntitlements := expandableEntitlementsResourceMap[groupPrincipalBID] - for _, expandableGrant := range principalEntitlements { - newExpandableEntId := entitlement.NewEntitlementID(groupPrincipal, expandableGrant.GetSlug()) - _, err := s.store.GetEntitlement(ctx, reader_v2.EntitlementsReaderServiceGetEntitlementRequest_builder{EntitlementId: newExpandableEntId}.Build()) + } + profileVal, ok := resource.GetProfileStringValue(userTrait.GetProfile(), matchExternalResource.GetKey()) + if ok && strings.EqualFold(profileVal, matchExternalResource.GetValue()) { + newGrant := newGrantForExternalPrincipal(grant, userPrincipal) + expandedGrants = append(expandedGrants, newGrant) + } + } + case v2.ResourceType_TRAIT_GROUP: + for _, groupPrincipal := range groupPrincipals { + groupTrait, err := resource.GetGroupTrait(groupPrincipal) + if err != nil { + l.Error("error getting group trait", zap.Any("groupPrincipal", groupPrincipal)) + continue + } + profileVal, ok := resource.GetProfileStringValue(groupTrait.GetProfile(), matchExternalResource.GetKey()) + if ok && strings.EqualFold(profileVal, matchExternalResource.GetValue()) { + newGrant := newGrantForExternalPrincipal(grant, groupPrincipal) + newGrantAnnos := annotations.Annotations(newGrant.GetAnnotations()) + + newExpandableEntitlementIDs := make([]string, 0) + if expandableAnno != nil { + groupPrincipalBID, err := bid.MakeBid(grant.GetPrincipal()) if err != nil { - if errors.Is(err, sql.ErrNoRows) { - l.Error("found no entitlement with entitlement id generated from external source sync", zap.Any("entitlementId", newExpandableEntId)) - continue + l.Error("error making group principal bid", zap.Error(err), zap.Any("grant.Principal", grant.GetPrincipal())) + continue + } + + principalEntitlements := expandableEntitlementsResourceMap[groupPrincipalBID] + for _, expandableGrant := range principalEntitlements { + newExpandableEntId := entitlement.NewEntitlementID(groupPrincipal, expandableGrant.GetSlug()) + _, err := s.store.GetEntitlement(ctx, reader_v2.EntitlementsReaderServiceGetEntitlementRequest_builder{EntitlementId: newExpandableEntId}.Build()) + if err != nil { + if errors.Is(err, sql.ErrNoRows) { + l.Error("found no entitlement with entitlement id generated from external source sync", zap.Any("entitlementId", newExpandableEntId)) + continue + } + return err } - return err + newExpandableEntitlementIDs = append(newExpandableEntitlementIDs, newExpandableEntId) } - newExpandableEntitlementIDs = append(newExpandableEntitlementIDs, newExpandableEntId) - } - newExpandableAnno := v2.GrantExpandable_builder{ - EntitlementIds: newExpandableEntitlementIDs, - Shallow: expandableAnno.GetShallow(), - ResourceTypeIds: expandableAnno.GetResourceTypeIds(), - }.Build() - newGrantAnnos.Update(newExpandableAnno) - newGrant.SetAnnotations(newGrantAnnos) - expandedGrants = append(expandedGrants, newGrant) + newExpandableAnno := v2.GrantExpandable_builder{ + EntitlementIds: newExpandableEntitlementIDs, + Shallow: expandableAnno.GetShallow(), + ResourceTypeIds: expandableAnno.GetResourceTypeIds(), + }.Build() + newGrantAnnos.Update(newExpandableAnno) + newGrant.SetAnnotations(newGrantAnnos) + expandedGrants = append(expandedGrants, newGrant) + } } } + default: + l.Error("unexpected external resource type trait", zap.Any("trait", matchExternalResource.GetResourceType())) } - default: - l.Error("unexpected external resource type trait", zap.Any("trait", matchExternalResource.GetResourceType())) - } - // We still want to delete the grant even if there are no matches - grantsToDelete = append(grantsToDelete, grant.GetId()) + // We still want to delete the grant even if there are no matches + grantsToDelete = append(grantsToDelete, grant.GetId()) + } } } @@ -2417,7 +2597,7 @@ func (s *syncer) processGrantsWithExternalPrincipals(ctx context.Context, princi newGrantIDs.Add(ng.GetId()) } - err = s.store.PutGrants(ctx, expandedGrants...) + err := s.store.PutGrants(ctx, expandedGrants...) if err != nil { return err } @@ -2538,13 +2718,7 @@ func (s *syncer) runGrantExpandActions(ctx context.Context) (bool, error) { for _, sourceGrant := range sourceGrants.GetList() { // Skip this grant if it is not for a resource type we care about if len(action.ResourceTypeIDs) > 0 { - relevantResourceType := false - for _, resourceTypeID := range action.ResourceTypeIDs { - if sourceGrant.GetPrincipal().GetId().GetResourceType() == resourceTypeID { - relevantResourceType = true - break - } - } + relevantResourceType := slices.Contains(action.ResourceTypeIDs, sourceGrant.GetPrincipal().GetId().GetResourceType()) if !relevantResourceType { continue @@ -2688,15 +2862,18 @@ func (s *syncer) expandGrantsForEntitlements(ctx context.Context) error { actionsDone, err := s.runGrantExpandActions(ctx) if err != nil { - // Skip action and delete the edge that caused the error. erroredAction := graph.Actions[0] l.Error("expandGrantsForEntitlements: error running graph action", zap.Error(err), zap.Any("action", erroredAction)) _ = graph.DeleteEdge(ctx, erroredAction.SourceEntitlementID, erroredAction.DescendantEntitlementID) + if !errors.Is(err, sql.ErrNoRows) { + return err + } + // Skip action and delete the edge that caused the error. graph.Actions = graph.Actions[1:] if len(graph.Actions) == 0 { actionsDone = true } - // TODO: return a warning + // TODO: Return a warning? The connector gave a bad entitlement ID to expand. } if !actionsDone { return nil diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/compactor.go b/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/compactor.go index 7dac81f0..aa588251 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/compactor.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/synccompactor/compactor.go @@ -8,6 +8,7 @@ import ( "os" "path" "path/filepath" + "time" reader_v2 "github.com/conductorone/baton-sdk/pb/c1/reader/v2" "github.com/conductorone/baton-sdk/pkg/connectorstore" @@ -35,8 +36,9 @@ type Compactor struct { compactorType CompactorType entries []*CompactableSync - tmpDir string - destDir string + tmpDir string + destDir string + runDuration time.Duration } type CompactableSync struct { @@ -62,6 +64,12 @@ func WithCompactorType(compactorType CompactorType) Option { } } +func WithRunDuration(runDuration time.Duration) Option { + return func(c *Compactor) { + c.runDuration = runDuration + } +} + func NewCompactor(ctx context.Context, outputDir string, compactableSyncs []*CompactableSync, opts ...Option) (*Compactor, func() error, error) { if len(compactableSyncs) < 2 { return nil, nil, ErrNotEnoughFilesToCompact @@ -99,6 +107,7 @@ func NewCompactor(ctx context.Context, outputDir string, compactableSyncs []*Com func (c *Compactor) Compact(ctx context.Context) (*CompactableSync, error) { ctx, span := tracer.Start(ctx, "Compactor.Compact") defer span.End() + now := time.Now() if len(c.entries) < 2 { return nil, nil } @@ -124,13 +133,28 @@ func (c *Compactor) Compact(ctx context.Context) (*CompactableSync, error) { // Use syncer to expand grants. // TODO: Handle external resources. - syncer, err := sync.NewSyncer( - ctx, - emptyConnector, + syncOpts := []sync.SyncOpt{ sync.WithC1ZPath(applied.FilePath), sync.WithTmpDir(c.tmpDir), sync.WithSyncID(applied.SyncID), sync.WithOnlyExpandGrants(), + } + + compactionDuration := time.Since(now) + runDuration := c.runDuration - compactionDuration + l.Debug("finished compaction", zap.Duration("compaction_duration", compactionDuration)) + + switch { + case c.runDuration > 0 && runDuration < 0: + return nil, fmt.Errorf("unable to finish compaction sync in run duration (%s). compactions took %s", c.runDuration, compactionDuration) + case runDuration > 0: + syncOpts = append(syncOpts, sync.WithRunDuration(runDuration)) + } + + syncer, err := sync.NewSyncer( + ctx, + emptyConnector, + syncOpts..., ) if err != nil { l.Error("error creating syncer", zap.Error(err)) diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/types/tasks/tasks.go b/vendor/github.com/conductorone/baton-sdk/pkg/types/tasks/tasks.go index 73071aa4..07e38a89 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/types/tasks/tasks.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/types/tasks/tasks.go @@ -40,12 +40,16 @@ func (tt TaskType) String() string { return "get_resource" case ListEntitlementsType: return "list_entitlements" + case ListStaticEntitlementsType: + return "list_static_entitlements" case ListGrantsType: return "list_grants" case GetMetadataType: return "get_metadata" case ListEventsType: return "list_events" + case ListEventFeedsType: + return "list_event_feeds" case StartDebugging: return "set_log_file_event" case BulkCreateTicketsType: @@ -60,6 +64,8 @@ func (tt TaskType) String() string { return "invoke_action" case ActionStatusType: return "action_status" + case CreateSyncDiff: + return "create_sync_diff" default: return "unknown" } @@ -97,4 +103,5 @@ const ( ActionInvokeType ActionStatusType CreateSyncDiff + ListStaticEntitlementsType ) diff --git a/vendor/modules.txt b/vendor/modules.txt index e33c1e2f..674b5b1e 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -159,7 +159,7 @@ github.com/benbjohnson/clock # github.com/cenkalti/backoff/v4 v4.3.0 ## explicit; go 1.18 github.com/cenkalti/backoff/v4 -# github.com/conductorone/baton-sdk v0.5.5 +# github.com/conductorone/baton-sdk v0.5.21 ## explicit; go 1.25.2 github.com/conductorone/baton-sdk/internal/connector github.com/conductorone/baton-sdk/pb/c1/c1z/v1