package Mpa

Get desktop application:
View/edit binary Protocol Buffers messages

The Mpa service definition

• rpc Store (StoreRequest, StoreResponse)

  mpa.proto:34

  Store a request that we'd like to try running in the future. Requests are stored in-memory and older requests may be cleared automatically. This call is idempotent - requests from the same user with the same contents will return the same id. The user for the request and any justification is implicitly passed in via inspecting the peer of the RPC or via gRPC metadata.

  message StoreRequest

  mpa.proto:74

  • string method = 1

    The GRPC method name, as '/Package.Service/Method'

  • optional google.protobuf.Any message = 2

    The request protocol buffer.

  message StoreResponse

  mpa.proto:81

  • string id = 1

  • optional Action action = 2

  • repeated Principal approver = 3

    All approvers of the request. Storing is idempotent, so approvers may be non-empty if we're storing a previously approved command.

• rpc Approve (ApproveRequest, ApproveResponse)

  mpa.proto:40

  Approve a previously stored request. A request can have multiple approvals and can be approved by anybody but the original user that stored the request. The user for the request is implicitly passed in via inspecting the peer of the RPC or via gRPC metadata.

  message ApproveRequest

  mpa.proto:90

  • optional Action action = 1

    Approve takes an action instead of an ID to improve auditability and allow richer authorization logic.

  message ApproveResponse

  mpa.proto:95

  (message has no fields)

• rpc WaitForApproval (WaitForApprovalRequest, WaitForApprovalResponse)

  mpa.proto:43

  Block until at least one approval has been granted. This is used as an optimization to avoid needing to poll for MPA approval.

  message WaitForApprovalRequest

  mpa.proto:97

  • string id = 1

  message WaitForApprovalResponse

  mpa.proto:98

  (message has no fields)

• rpc List (ListRequest, ListResponse)

  mpa.proto:45

  List available requests.

  message ListRequest

  mpa.proto:100

  (message has no fields)

  message ListResponse

  mpa.proto:101

  • repeated ListResponse.Item item = 1

• rpc Get (GetRequest, GetResponse)

  mpa.proto:47

  Get a request and all approvals associated with it.

  message GetRequest

  mpa.proto:110

  • string id = 1

  message GetResponse

  mpa.proto:112

  • optional Action action = 1

  • repeated Principal approver = 2

    All approvers of the request.

• rpc Clear (ClearRequest, ClearResponse)

  mpa.proto:52

  Clear a stored request. This is typically unnecessary due to how requests are stored in memory and forgotten after a process restart.

  message ClearRequest

  mpa.proto:119

  • optional Action action = 1

  message ClearResponse

  mpa.proto:120

  (message has no fields)

Used in: ApproveRequest, ClearRequest, GetResponse, ListResponse.Item, StoreResponse

• string user = 1

  The user that created the request.

• string justification = 2

  User-supplied information on why the request is being made.

• string method = 3

  The GRPC method name, as '/Package.Service/Method'

• optional google.protobuf.Any message = 4

  The request protocol buffer.

Used in: ListResponse

• optional Action action = 1

• repeated Principal approver = 2

• string id = 3

Used in: GetResponse, ListResponse.Item, StoreResponse

• string id = 1

  The principal identifier (e.g. a username or service role)

• repeated string groups = 2

  Auxiliary groups associated with this principal.