| // Copyright 2024 Google LLC | |
| // | |
| // Licensed under the Apache License, Version 2.0 (the "License"); | |
| // you may not use this file except in compliance with the License. | |
| // You may obtain a copy of the License at | |
| // | |
| // http://www.apache.org/licenses/LICENSE-2.0 | |
| // | |
| // Unless required by applicable law or agreed to in writing, software | |
| // distributed under the License is distributed on an "AS IS" BASIS, | |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| // See the License for the specific language governing permissions and | |
| // limitations under the License. | |
| syntax = "proto3"; | |
| package google.api; | |
| import "google/protobuf/descriptor.proto"; | |
| option cc_enable_arenas = true; | |
| option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; | |
| option java_multiple_files = true; | |
| option java_outer_classname = "PolicyProto"; | |
| option java_package = "com.google.api"; | |
| option objc_class_prefix = "GAPI"; | |
| extend google.protobuf.FieldOptions { | |
| // See [FieldPolicy][]. | |
| google.api.FieldPolicy field_policy = 158361448; | |
| } | |
| extend google.protobuf.MethodOptions { | |
| // See [MethodPolicy][]. | |
| google.api.MethodPolicy method_policy = 161893301; | |
| } | |
| // Google API Policy Annotation | |
| // | |
| // This message defines a simple API policy annotation that can be used to | |
| // annotate API request and response message fields with applicable policies. | |
| // One field may have multiple applicable policies that must all be satisfied | |
| // before a request can be processed. This policy annotation is used to | |
| // generate the overall policy that will be used for automatic runtime | |
| // policy enforcement and documentation generation. | |
| message FieldPolicy { | |
| // Selects one or more request or response message fields to apply this | |
| // `FieldPolicy`. | |
| // | |
| // When a `FieldPolicy` is used in proto annotation, the selector must | |
| // be left as empty. The service config generator will automatically fill | |
| // the correct value. | |
| // | |
| // When a `FieldPolicy` is used in service config, the selector must be a | |
| // comma-separated string with valid request or response field paths, | |
| // such as "foo.bar" or "foo.bar,foo.baz". | |
| string selector = 1; | |
| // Specifies the required permission(s) for the resource referred to by the | |
| // field. It requires the field contains a valid resource reference, and | |
| // the request must pass the permission checks to proceed. For example, | |
| // "resourcemanager.projects.get". | |
| string resource_permission = 2; | |
| // Specifies the resource type for the resource referred to by the field. | |
| string resource_type = 3; | |
| } | |
| // Defines policies applying to an RPC method. | |
| message MethodPolicy { | |
| // Selects a method to which these policies should be enforced, for example, | |
| // "google.pubsub.v1.Subscriber.CreateSubscription". | |
| // | |
| // Refer to [selector][google.api.DocumentationRule.selector] for syntax | |
| // details. | |
| // | |
| // NOTE: This field must not be set in the proto annotation. It will be | |
| // automatically filled by the service config compiler . | |
| string selector = 9; | |
| // Policies that are applicable to the request message. | |
| repeated FieldPolicy request_policies = 2; | |
| } | |