From 1c6f5be31e3fc9fd18f48217f466beeb9cf19a02 Mon Sep 17 00:00:00 2001 From: Arches Date: Thu, 9 Jun 2016 16:08:53 +0200 Subject: [PATCH] Update rpc.proto --- proto/rpc.proto | 117 +++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 100 insertions(+), 17 deletions(-) diff --git a/proto/rpc.proto b/proto/rpc.proto index a8c4c9f..4a0616e 100644 --- a/proto/rpc.proto +++ b/proto/rpc.proto @@ -18,6 +18,17 @@ service KV { // A delete request increments the revision of the key-value store // and generates a delete event in the event history for every deleted key. rpc DeleteRange(DeleteRangeRequest) returns (DeleteRangeResponse) {} + + // Txn processes multiple requests in a single transaction. + // A txn request increments the revision of the key-value store + // and generates events with the same revision for every completed request. + // It is not allowed to modify the same key several times within one txn. + rpc Txn(TxnRequest) returns (TxnResponse) {} + + // Compact compacts the event history in the etcd key-value store. The key-value + // store should be periodically compacted or the event history will continue to grow + // indefinitely. + rpc Compact(CompactionRequest) returns (CompactionResponse) {} } service Watch { @@ -102,10 +113,10 @@ service Auth { rpc UserChangePassword(AuthUserChangePasswordRequest) returns (AuthUserChangePasswordResponse) {} // UserGrant grants a role to a specified user. - rpc UserGrant(AuthUserGrantRequest) returns (AuthUserGrantResponse) {} + rpc UserGrantRole(AuthUserGrantRoleRequest) returns (AuthUserGrantRoleResponse) {} - // UserRevoke revokes a role of specified user. - rpc UserRevoke(AuthUserRevokeRequest) returns (AuthUserRevokeResponse) {} + // UserRevokeRole revokes a role of specified user. + rpc UserRevokeRole(AuthUserRevokeRoleRequest) returns (AuthUserRevokeRoleResponse) {} // RoleAdd adds a new role. rpc RoleAdd(AuthRoleAddRequest) returns (AuthRoleAddResponse) {} @@ -116,11 +127,11 @@ service Auth { // RoleDelete deletes a specified role. rpc RoleDelete(AuthRoleDeleteRequest) returns (AuthRoleDeleteResponse) {} - // RoleGrant grants a permission of a specified key or range to a specified role. - rpc RoleGrant(AuthRoleGrantRequest) returns (AuthRoleGrantResponse) {} + // RoleGrantPermission grants a permission of a specified key or range to a specified role. + rpc RoleGrantPermission(AuthRoleGrantPermissionRequest) returns (AuthRoleGrantPermissionResponse) {} - // RoleRevoke revokes a key or range permission of a specified role. - rpc RoleRevoke(AuthRoleRevokeRequest) returns (AuthRoleRevokeResponse) {} + // RoleRevokePermission revokes a key or range permission of a specified role. + rpc RoleRevokePermission(AuthRoleRevokePermissionRequest) returns (AuthRoleRevokePermissionResponse) {} } message ResponseHeader { @@ -215,15 +226,24 @@ message DeleteRangeResponse { int64 deleted = 2; } -message RequestUnion { +message RequestOp { // request is a union of request types accepted by a transaction. - oneof requestXXX { + oneof request { RangeRequest request_range = 1; PutRequest request_put = 2; DeleteRangeRequest request_delete_range = 3; } } +message ResponseOp { + // response is a union of response types returned by a transaction. + oneof response { + RangeResponse response_range = 1; + PutResponse response_put = 2; + DeleteRangeResponse response_delete_range = 3; + } +} + message Compare { enum CompareResult { EQUAL = 0; @@ -254,6 +274,58 @@ message Compare { } } +// From google paxosdb paper: +// Our implementation hinges around a powerful primitive which we call MultiOp. All other database +// operations except for iteration are implemented as a single call to MultiOp. A MultiOp is applied atomically +// and consists of three components: +// 1. A list of tests called guard. Each test in guard checks a single entry in the database. It may check +// for the absence or presence of a value, or compare with a given value. Two different tests in the guard +// may apply to the same or different entries in the database. All tests in the guard are applied and +// MultiOp returns the results. If all tests are true, MultiOp executes t op (see item 2 below), otherwise +// it executes f op (see item 3 below). +// 2. A list of database operations called t op. Each operation in the list is either an insert, delete, or +// lookup operation, and applies to a single database entry. Two different operations in the list may apply +// to the same or different entries in the database. These operations are executed +// if guard evaluates to +// true. +// 3. A list of database operations called f op. Like t op, but executed if guard evaluates to false. +message TxnRequest { + // compare is a list of predicates representing a conjunction of terms. + // If the comparisons succeed, then the success requests will be processed in order, + // and the response will contain their respective responses in order. + // If the comparisons fail, then the failure requests will be processed in order, + // and the response will contain their respective responses in order. + repeated Compare compare = 1; + // success is a list of requests which will be applied when compare evaluates to true. + repeated RequestOp success = 2; + // failure is a list of requests which will be applied when compare evaluates to false. + repeated RequestOp failure = 3; +} + +message TxnResponse { + ResponseHeader header = 1; + // succeeded is set to true if the compare evaluated to true or false otherwise. + bool succeeded = 2; + // responses is a list of responses corresponding to the results from applying + // success if succeeded is true or failure if succeeded is false. + repeated ResponseOp responses = 3; +} + +// CompactionRequest compacts the key-value store up to a given revision. All superseded keys +// with a revision less than the compaction revision will be removed. +message CompactionRequest { + // revision is the key-value store revision for the compaction operation. + int64 revision = 1; + // physical is set so the RPC will wait until the compaction is physically + // applied to the local database such that compacted entries are totally + // removed from the backend database. + bool physical = 2; +} + +message CompactionResponse { + ResponseHeader header = 1; +} + message HashRequest { } @@ -497,6 +569,7 @@ message AuthUserAddRequest { } message AuthUserGetRequest { + string name = 1; } message AuthUserDeleteRequest { @@ -511,14 +584,16 @@ message AuthUserChangePasswordRequest { string password = 2; } -message AuthUserGrantRequest { +message AuthUserGrantRoleRequest { // user is the name of the user which should be granted a given role. string user = 1; // role is the name of the role to grant to the user. string role = 2; } -message AuthUserRevokeRequest { +message AuthUserRevokeRoleRequest { + string name = 1; + string role = 2; } message AuthRoleAddRequest { @@ -527,19 +602,23 @@ message AuthRoleAddRequest { } message AuthRoleGetRequest { + string role = 1; } message AuthRoleDeleteRequest { + string role = 1; } -message AuthRoleGrantRequest { +message AuthRoleGrantPermissionRequest { // name is the name of the role which will be granted the permission. string name = 1; // perm is the permission to grant to the role. authpb.Permission perm = 2; } -message AuthRoleRevokeRequest { +message AuthRoleRevokePermissionRequest { + string role = 1; + string key = 2; } message AuthEnableResponse { @@ -562,6 +641,8 @@ message AuthUserAddResponse { message AuthUserGetResponse { ResponseHeader header = 1; + + repeated string roles = 2; } message AuthUserDeleteResponse { @@ -572,11 +653,11 @@ message AuthUserChangePasswordResponse { ResponseHeader header = 1; } -message AuthUserGrantResponse { +message AuthUserGrantRoleResponse { ResponseHeader header = 1; } -message AuthUserRevokeResponse { +message AuthUserRevokeRoleResponse { ResponseHeader header = 1; } @@ -586,16 +667,18 @@ message AuthRoleAddResponse { message AuthRoleGetResponse { ResponseHeader header = 1; + + repeated authpb.Permission perm = 2; } message AuthRoleDeleteResponse { ResponseHeader header = 1; } -message AuthRoleGrantResponse { +message AuthRoleGrantPermissionResponse { ResponseHeader header = 1; } -message AuthRoleRevokeResponse { +message AuthRoleRevokePermissionResponse { ResponseHeader header = 1; }