authorization_protocol.hpp

/* -*- mode: c++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
 *
 * Copyright (C) 2025 Marco Craveiro <marco.craveiro@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License as published by the Free Software
 * Foundation; either version 3 of the License, or (at your option) any later
 * version.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License along with
 * this program; if not, write to the Free Software Foundation, Inc., 51
 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 *
 */
#ifndef ORES_IAM_MESSAGING_AUTHORIZATION_PROTOCOL_HPP
#define ORES_IAM_MESSAGING_AUTHORIZATION_PROTOCOL_HPP
 
#include <span>
#include <iosfwd>
#include <vector>
#include <optional>
#include <expected>
#include <boost/uuid/uuid.hpp>
#include "ores.comms/messaging/message_types.hpp"
#include "ores.comms/messaging/message_traits.hpp"
#include "ores.iam/domain/role.hpp"
#include "ores.iam/domain/permission.hpp"
 
namespace ores::iam::messaging {
 
// ============================================================================
// List Roles
// ============================================================================
 
struct list_roles_request final {
    std::vector<std::byte> serialize() const;
 
    static std::expected<list_roles_request, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const list_roles_request& v);
 
struct list_roles_response final {
    std::vector<domain::role> roles;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<list_roles_response, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const list_roles_response& v);
 
// ============================================================================
// List Permissions
// ============================================================================
 
struct list_permissions_request final {
    std::vector<std::byte> serialize() const;
 
    static std::expected<list_permissions_request, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const list_permissions_request& v);
 
struct list_permissions_response final {
    std::vector<domain::permission> permissions;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<list_permissions_response, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const list_permissions_response& v);
 
// ============================================================================
// Assign Role
// ============================================================================
 
struct assign_role_request final {
    boost::uuids::uuid account_id;
    boost::uuids::uuid role_id;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<assign_role_request, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const assign_role_request& v);
 
struct assign_role_response final {
    bool success = false;
    std::string error_message;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<assign_role_response, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const assign_role_response& v);
 
// ============================================================================
// Revoke Role
// ============================================================================
 
struct revoke_role_request final {
    boost::uuids::uuid account_id;
    boost::uuids::uuid role_id;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<revoke_role_request, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const revoke_role_request& v);
 
struct revoke_role_response final {
    bool success = false;
    std::string error_message;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<revoke_role_response, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const revoke_role_response& v);
 
// ============================================================================
// Get Account Roles
// ============================================================================
 
struct get_account_roles_request final {
    boost::uuids::uuid account_id;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<get_account_roles_request, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const get_account_roles_request& v);
 
struct get_account_roles_response final {
    std::vector<domain::role> roles;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<get_account_roles_response, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const get_account_roles_response& v);
 
// ============================================================================
// Get Account Permissions
// ============================================================================
 
struct get_account_permissions_request final {
    boost::uuids::uuid account_id;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<get_account_permissions_request, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const get_account_permissions_request& v);
 
struct get_account_permissions_response final {
    std::vector<std::string> permission_codes;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<get_account_permissions_response, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const get_account_permissions_response& v);
 
// ============================================================================
// Get Role
// ============================================================================
 
struct get_role_request final {
    std::string identifier;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<get_role_request, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const get_role_request& v);
 
struct get_role_response final {
    bool found = false;
    std::optional<domain::role> role;
    std::string error_message;
 
    std::vector<std::byte> serialize() const;
 
    static std::expected<get_role_response, ores::utility::serialization::error_code>
    deserialize(std::span<const std::byte> data);
};
 
std::ostream& operator<<(std::ostream& s, const get_role_response& v);
 
}
 
namespace ores::comms::messaging {
 
template<>
struct message_traits<iam::messaging::list_roles_request> {
    using request_type = iam::messaging::list_roles_request;
    using response_type = iam::messaging::list_roles_response;
    static constexpr message_type request_message_type =
        message_type::list_roles_request;
};
 
template<>
struct message_traits<iam::messaging::list_permissions_request> {
    using request_type = iam::messaging::list_permissions_request;
    using response_type = iam::messaging::list_permissions_response;
    static constexpr message_type request_message_type =
        message_type::list_permissions_request;
};
 
template<>
struct message_traits<iam::messaging::assign_role_request> {
    using request_type = iam::messaging::assign_role_request;
    using response_type = iam::messaging::assign_role_response;
    static constexpr message_type request_message_type =
        message_type::assign_role_request;
};
 
template<>
struct message_traits<iam::messaging::revoke_role_request> {
    using request_type = iam::messaging::revoke_role_request;
    using response_type = iam::messaging::revoke_role_response;
    static constexpr message_type request_message_type =
        message_type::revoke_role_request;
};
 
template<>
struct message_traits<iam::messaging::get_account_roles_request> {
    using request_type = iam::messaging::get_account_roles_request;
    using response_type = iam::messaging::get_account_roles_response;
    static constexpr message_type request_message_type =
        message_type::get_account_roles_request;
};
 
template<>
struct message_traits<iam::messaging::get_account_permissions_request> {
    using request_type = iam::messaging::get_account_permissions_request;
    using response_type = iam::messaging::get_account_permissions_response;
    static constexpr message_type request_message_type =
        message_type::get_account_permissions_request;
};
 
template<>
struct message_traits<iam::messaging::get_role_request> {
    using request_type = iam::messaging::get_role_request;
    using response_type = iam::messaging::get_role_response;
    static constexpr message_type request_message_type =
        message_type::get_role_request;
};
 
}
 
#endif