syntax = "proto3"; package authz.v1; option go_package = "git.dcentral.systems/toolz/goplt/api/proto/generated/authz/v1;authzv1"; // AuthzService provides authorization operations. service AuthzService { // Authorize checks if a user has a specific permission and returns an error if not. rpc Authorize(AuthorizeRequest) returns (AuthorizeResponse); // HasPermission checks if a user has a specific permission. rpc HasPermission(HasPermissionRequest) returns (HasPermissionResponse); // GetUserPermissions returns all permissions for a user. rpc GetUserPermissions(GetUserPermissionsRequest) returns (GetUserPermissionsResponse); // GetUserRoles returns all roles for a user. rpc GetUserRoles(GetUserRolesRequest) returns (GetUserRolesResponse); } // Permission represents a permission in the system. message Permission { string id = 1; string code = 2; string name = 3; string description = 4; } // Role represents a role in the system. message Role { string id = 1; string name = 2; string description = 3; repeated string permissions = 4; // Permission codes } // AuthorizeRequest contains user ID and permission to check. message AuthorizeRequest { string user_id = 1; string permission = 2; } // AuthorizeResponse indicates authorization result. message AuthorizeResponse { bool authorized = 1; string message = 2; } // HasPermissionRequest contains user ID and permission to check. message HasPermissionRequest { string user_id = 1; string permission = 2; } // HasPermissionResponse indicates if the user has the permission. message HasPermissionResponse { bool has_permission = 1; } // GetUserPermissionsRequest contains a user ID. message GetUserPermissionsRequest { string user_id = 1; } // GetUserPermissionsResponse contains all permissions for the user. message GetUserPermissionsResponse { repeated Permission permissions = 1; } // GetUserRolesRequest contains a user ID. message GetUserRolesRequest { string user_id = 1; } // GetUserRolesResponse contains all roles for the user. message GetUserRolesResponse { repeated Role roles = 1; }