go.temporal.io/server@v1.23.0/common/api/metadata.go

go.temporal.io/server@v1.23.0/common/api/metadata.go (about)

     1  // The MIT License
     2  //
     3  // Copyright (c) 2020 Temporal Technologies Inc.  All rights reserved.
     4  //
     5  // Copyright (c) 2020 Uber Technologies, Inc.
     6  //
     7  // Permission is hereby granted, free of charge, to any person obtaining a copy
     8  // of this software and associated documentation files (the "Software"), to deal
     9  // in the Software without restriction, including without limitation the rights
    10  // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
    11  // copies of the Software, and to permit persons to whom the Software is
    12  // furnished to do so, subject to the following conditions:
    13  //
    14  // The above copyright notice and this permission notice shall be included in
    15  // all copies or substantial portions of the Software.
    16  //
    17  // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    18  // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    19  // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    20  // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    21  // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    22  // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    23  // THE SOFTWARE.
    24  
    25  package api
    26  
    27  import "strings"
    28  
    29  type (
    30  	// Describes the scope of a method (whole cluster or inividual namespace).
    31  	Scope int32
    32  
    33  	// Describes what level of access is needed for a method. Note that this field is
    34  	// completely advisory. Any authorizer implementation may implement whatever logic it
    35  	// chooses, including ignoring this field. It is used by the "default" authorizer to check
    36  	// against roles in claims.
    37  	Access int32
    38  
    39  	MethodMetadata struct {
    40  		// Describes the scope of a method (whole cluster or inividual namespace).
    41  		Scope Scope
    42  		// Describes what level of access is needed for a method (advisory).
    43  		Access Access
    44  	}
    45  )
    46  
    47  const (
    48  	// Represents a missing Scope value.
    49  	ScopeUnknown Scope = iota
    50  	// Method affects a single namespace. The request message must contain a string field named "Namespace".
    51  	ScopeNamespace
    52  	// Method affects the whole cluster. The request message must _not_ contain any field named "Namespace".
    53  	ScopeCluster
    54  )
    55  
    56  const (
    57  	// Represents a missing Access value.
    58  	AccessUnknown Access = iota
    59  	// Method is read-only and should be accessible to readers.
    60  	AccessReadOnly
    61  	// Method is a normal write method.
    62  	AccessWrite
    63  	// Method is an administrative operation.
    64  	AccessAdmin
    65  )
    66  
    67  const (
    68  	WorkflowServicePrefix = "/temporal.api.workflowservice.v1.WorkflowService/"
    69  	OperatorServicePrefix = "/temporal.api.operatorservice.v1.OperatorService/"
    70  	AdminServicePrefix    = "/temporal.server.api.adminservice.v1.AdminService/"
    71  )
    72  
    73  var (
    74  	workflowServiceMetadata = map[string]MethodMetadata{
    75  		"RegisterNamespace":                  MethodMetadata{Scope: ScopeNamespace, Access: AccessAdmin},
    76  		"DescribeNamespace":                  MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
    77  		"ListNamespaces":                     MethodMetadata{Scope: ScopeCluster, Access: AccessReadOnly},
    78  		"UpdateNamespace":                    MethodMetadata{Scope: ScopeNamespace, Access: AccessAdmin},
    79  		"DeprecateNamespace":                 MethodMetadata{Scope: ScopeNamespace, Access: AccessAdmin},
    80  		"StartWorkflowExecution":             MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    81  		"GetWorkflowExecutionHistory":        MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
    82  		"GetWorkflowExecutionHistoryReverse": MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
    83  		"PollWorkflowTaskQueue":              MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    84  		"RespondWorkflowTaskCompleted":       MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    85  		"RespondWorkflowTaskFailed":          MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    86  		"PollActivityTaskQueue":              MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    87  		"RecordActivityTaskHeartbeat":        MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    88  		"RecordActivityTaskHeartbeatById":    MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    89  		"RespondActivityTaskCompleted":       MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    90  		"RespondActivityTaskCompletedById":   MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    91  		"RespondActivityTaskFailed":          MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    92  		"RespondActivityTaskFailedById":      MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    93  		"RespondActivityTaskCanceled":        MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    94  		"RespondActivityTaskCanceledById":    MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    95  		"RequestCancelWorkflowExecution":     MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    96  		"SignalWorkflowExecution":            MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    97  		"SignalWithStartWorkflowExecution":   MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    98  		"ResetWorkflowExecution":             MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
    99  		"TerminateWorkflowExecution":         MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   100  		"DeleteWorkflowExecution":            MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   101  		"ListOpenWorkflowExecutions":         MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   102  		"ListClosedWorkflowExecutions":       MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   103  		"ListWorkflowExecutions":             MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   104  		"ListArchivedWorkflowExecutions":     MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   105  		"ScanWorkflowExecutions":             MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   106  		"CountWorkflowExecutions":            MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   107  		"GetSearchAttributes":                MethodMetadata{Scope: ScopeCluster, Access: AccessReadOnly},
   108  		"RespondQueryTaskCompleted":          MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   109  		"ResetStickyTaskQueue":               MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   110  		"QueryWorkflow":                      MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   111  		"DescribeWorkflowExecution":          MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   112  		"DescribeTaskQueue":                  MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   113  		"GetClusterInfo":                     MethodMetadata{Scope: ScopeCluster, Access: AccessReadOnly},
   114  		"GetSystemInfo":                      MethodMetadata{Scope: ScopeCluster, Access: AccessReadOnly},
   115  		"ListTaskQueuePartitions":            MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   116  		"CreateSchedule":                     MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   117  		"DescribeSchedule":                   MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   118  		"UpdateSchedule":                     MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   119  		"PatchSchedule":                      MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   120  		"ListScheduleMatchingTimes":          MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   121  		"DeleteSchedule":                     MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   122  		"ListSchedules":                      MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   123  		"UpdateWorkerBuildIdCompatibility":   MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   124  		"GetWorkerBuildIdCompatibility":      MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   125  		"GetWorkerTaskReachability":          MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   126  		"UpdateWorkflowExecution":            MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   127  		"PollWorkflowExecutionUpdate":        MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   128  		"StartBatchOperation":                MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   129  		"StopBatchOperation":                 MethodMetadata{Scope: ScopeNamespace, Access: AccessWrite},
   130  		"DescribeBatchOperation":             MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   131  		"ListBatchOperations":                MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   132  		"PollNexusTaskQueue":                 MethodMetadata{Scope: ScopeNamespace, Access: AccessAdmin},
   133  		"RespondNexusTaskCompleted":          MethodMetadata{Scope: ScopeNamespace, Access: AccessAdmin},
   134  		"RespondNexusTaskFailed":             MethodMetadata{Scope: ScopeNamespace, Access: AccessAdmin},
   135  	}
   136  	operatorServiceMetadata = map[string]MethodMetadata{
   137  		"AddSearchAttributes":                MethodMetadata{Scope: ScopeNamespace, Access: AccessAdmin},
   138  		"RemoveSearchAttributes":             MethodMetadata{Scope: ScopeNamespace, Access: AccessAdmin},
   139  		"ListSearchAttributes":               MethodMetadata{Scope: ScopeNamespace, Access: AccessReadOnly},
   140  		"DeleteNamespace":                    MethodMetadata{Scope: ScopeNamespace, Access: AccessAdmin},
   141  		"AddOrUpdateRemoteCluster":           MethodMetadata{Scope: ScopeCluster, Access: AccessAdmin},
   142  		"RemoveRemoteCluster":                MethodMetadata{Scope: ScopeCluster, Access: AccessAdmin},
   143  		"ListClusters":                       MethodMetadata{Scope: ScopeCluster, Access: AccessAdmin},
   144  		"CreateOrUpdateNexusIncomingService": MethodMetadata{Scope: ScopeCluster, Access: AccessAdmin},
   145  		"DeleteNexusIncomingService":         MethodMetadata{Scope: ScopeCluster, Access: AccessAdmin},
   146  		"GetNexusIncomingService":            MethodMetadata{Scope: ScopeCluster, Access: AccessAdmin},
   147  		"ListNexusIncomingServices":          MethodMetadata{Scope: ScopeCluster, Access: AccessAdmin},
   148  	}
   149  )
   150  
   151  // GetMethodMetadata gets metadata for a given API method in one of the services exported by
   152  // frontend (WorkflowService, OperatorService, AdminService).
   153  func GetMethodMetadata(fullApiName string) MethodMetadata {
   154  	switch {
   155  	case strings.HasPrefix(fullApiName, WorkflowServicePrefix):
   156  		return workflowServiceMetadata[MethodName(fullApiName)]
   157  	case strings.HasPrefix(fullApiName, OperatorServicePrefix):
   158  		return operatorServiceMetadata[MethodName(fullApiName)]
   159  	case strings.HasPrefix(fullApiName, AdminServicePrefix):
   160  		return MethodMetadata{Scope: ScopeCluster, Access: AccessAdmin}
   161  	default:
   162  		return MethodMetadata{Scope: ScopeUnknown, Access: AccessUnknown}
   163  	}
   164  }
   165  
   166  // BaseName returns just the method name from a fullly qualified name.
   167  func MethodName(fullApiName string) string {
   168  	index := strings.LastIndex(fullApiName, "/")
   169  	if index > -1 {
   170  		return fullApiName[index+1:]
   171  	}
   172  	return fullApiName
   173  }