feat: Add generic permission API (36 → 4 methods)#71
Merged
vieiralucas merged 1 commit intomainfrom Jan 28, 2026
Merged
Conversation
This PR implements the gRPC API consolidation from the RFC: - Add ResourceType (WORKSPACE, PROJECT, ENVIRONMENT) and ActorType (PRINCIPAL, GROUP, USER) enums - Add ResourceRef and ActorRef message types for flexible targeting - Add 4 new generic methods: SetPermission, GetPermission, ListPermissions, RemovePermission - Mark old 36 permission methods as deprecated (backward compatible) - Remove redundant CountAuditLogs (use ListAuditLogs response.total_count) - Add UpsertOrganizationMember (merges Add + UpdateRole) - Mark AddOrganizationMember and UpdateOrganizationMemberRole as deprecated - New generic_permissions.rs handler with validation and dispatch logic - Updated CLI to use ListAuditLogs for count operations - All 607 server tests pass - E2E tests pass (except those requiring external services) Breaking changes: None - all old methods still work Deprecation path: Old methods will be removed in v1.0
68bd190 to
6bd6fb4
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR implements the gRPC API consolidation from the RFC at
docs/rfcs/grpc-consolidation.md.Primary change: Generic permission methods (36 → 4)
Replace 36 permission methods with 4 generic ones using ResourceType/ActorType enums:
New enums:
ResourceType: WORKSPACE, PROJECT, ENVIRONMENTActorType: PRINCIPAL, GROUP, USERNew message types:
ResourceRef: Identifies a specific resource (workspace/project/environment)ActorRef: Identifies who is being granted permission (principal/group/user)New methods:
SetPermission- Generic permission setterGetPermission- Generic permission getterListPermissions- List all permissions on a resourceRemovePermission- Generic permission removerDeprecated methods (still work, marked for removal in v1.0):
Secondary changes
ListAuditLogsresponse'stotal_countfield insteadAddOrganizationMember+UpdateOrganizationMemberRoleinto one idempotent callAddOrganizationMemberandUpdateOrganizationMemberRoleImplementation details
generic_permissions.rshandler with validation and dispatch logiccmd_audit_countto useListAuditLogswith limit=0ListAuditLogsinstead ofCountAuditLogsTesting
Breaking changes
None - This is fully backward compatible:
Migration path for clients
Before (old API):
After (new API):
Related
/docs/rfcs/grpc-consolidation.mdSummary by cubic
Consolidates the gRPC permission API from 36 specific methods to 4 generic ones using ResourceType/ActorType, and removes the redundant CountAuditLogs in favor of ListAuditLogs total_count. Backward compatible; deprecated endpoints will be removed in v1.0.
New Features
Migration
Written for commit 6bd6fb4. Summary will update on new commits.