Skip to content

Commit

Permalink
feat(logic): specify parameters for module logic
Browse files Browse the repository at this point in the history
  • Loading branch information
ccamel committed Jan 2, 2023
1 parent f848961 commit 6297da0
Show file tree
Hide file tree
Showing 2 changed files with 122 additions and 3 deletions.
72 changes: 69 additions & 3 deletions proto/logic/v1beta/params.proto
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,79 @@ syntax = "proto3";
package logic.v1beta;

import "gogoproto/gogo.proto";
import "google/protobuf/duration.proto";
import "logic/v1beta/types.proto";

option go_package = "github.com/okp4/okp4d/x/logic/types";

// Params defines the parameters for the module.
// Params defines all the configuration parameters of the "logic" module.
message Params {
option (gogoproto.goproto_stringer) = false;

// foo represents a metasyntactic variable for testing purposes.
string foo = 1 [(gogoproto.moretags) = "yaml:\"foo\""];
// Specify the parameter for the logic interpreter.
Interpreter interpreter = 1
[(gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"interpreter\""];

// Specify the limits for query executions.
QueryExecutionLimits query_execution_limits = 2
[(gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"query_execution_limits\""];

// Specify the limits for programs.
ProgramLimits program_limits = 3
[(gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"program_limits\""];

// Specify the access control list that applies to the module.
//
// ACLs are expressed as a combination set of tag, qualifier and permission, where:
//
// - `tag` denotes the authorization scheme to use. Possible values are:
// - `address`: authorization is evaluated according to the address wallet of the transaction.
// - `qualifier` denotes the identifier in the tag scope.
// - `permission` denotes a permission, i.e. the operation allowed on the considered domain object. Possible values are:
// - `store`: if authorization is granted to store a program in the module.
// - `remove`: if authorization is granted to remove a program from the module.
//
// It is important to note that if no ACL is configured, all requests are allowed. If an empty ACL set is configured,
// all requests are denied and explicit permissions must be defined.
repeated ACL acls = 4
[(gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"acls\""];
}

// QueryExecutionLimits defines the limits for query executions.
message QueryExecutionLimits {
option (gogoproto.goproto_stringer) = true;

// Specify the maximum amount of computing power allowed to be consumed to execute the request by the interpreter,
// in "gas", the unit of this quantity.
uint32 max_gas = 1
[(gogoproto.moretags) = "yaml:\"max_execution_time\",omitempty"];

// Specify the maximum number of results that can be asked for a query.
uint32 max_result_count = 2
[(gogoproto.moretags) = "yaml:\"max_result_count\""];
}

// ProgramLimits defines the limits for a program.
message ProgramLimits {
option (gogoproto.goproto_stringer) = true;

// Specify the maximum accepted size (in bytes) of a program.
uint32 max_size = 1
[(gogoproto.moretags) = "yaml:\"max_size\""];
}

// Interpreter defines the various parameters for the interpreter.
message Interpreter {
option (gogoproto.goproto_stringer) = true;

// Specify the list of registered predicates/operators, in the form of: "<predicate_name>/<arity>".
// For instance: "findall/3".
// If not specified, the default set of predicates/operators will be registered.
repeated string registered_predicates = 1
[(gogoproto.nullable) = true, (gogoproto.moretags) = "yaml:\"registered_predicates\""];

// Specify the initial program to run when booting the logic interpreter.
// If not specified, the default boot sequence will be executed.
string bootstrap = 2
[(gogoproto.nullable) = true, (gogoproto.moretags) = "yaml:\"bootstrap\""];
}
53 changes: 53 additions & 0 deletions proto/logic/v1beta/types.proto
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
syntax = "proto3";

package logic.v1beta;

import "gogoproto/gogo.proto";

option go_package = "github.com/okp4/okp4d/x/logic/types";

// An ACL specifies the access permissions on the associated resource for an actor, as a combination of actions such as
// read, write or delete. It is quite similar to UNIX file access permissions.
//
// Basically, an ACL is composed of:
// - a tag that denotes the authorization scheme to use, for instance: the wallet address which specifies an authorization scheme based on this address;
// - an optional tag qualifier that denotes the identifier in the tag scope. For instance the okp4 address of an actor for the tag "address";
// - a set of permissions, denoting the combination of actions an actor is allowed to perform on the resource.
//
// ACLs can be expressed in the compact form of a URN:
//
// <tag>:<qualifier>:[<permission>,]*<permission>
//
// Here are some examples of ACLs and a description of their effects:
//
// - `address:okp41jyz4hc5tuweugs2xjn5fxd8rqehv6t3nl6y3le:store,remove` : the actor with the given okp4 address under control is authorized to perform the action "store".
// - `address::query` : any actor (with any address) is authorized to perform the action "query".
message ACL {
// Tag that denotes the authorization scheme to use.
// Several different tags may exist, depending on the domain objects and the services that manages them.
//
// For instance:
// - `address`: the ACL requires a specific wallet address.
string tag = 1
[(gogoproto.moretags) = "yaml:\"tag\""];

// Qualifier that denotes the identifier in the tag scope.
// Several different qualifiers may exist in the system, depending on the tag.
//
// For instance:
// - `address`: for the tag `address`, the identifier represents the unique resource identifier of the user, e.g. `3AW302xlzVugABjjEJ`.
string qualifier = 2
[(gogoproto.nullable) = true, (gogoproto.moretags) = "yaml:\"qualifier\""];

// Set of permissions (at least one).
// Several different permissions may exist depending on the nature of the domain objects and the different operations supported by
// these objects.
//
// - `store`: permission to store a program.
// For instance:
// - `remove`: permission to remove a program.
// - `query`: permission to query a program.
// - ...
repeated string permissions = 3
[(gogoproto.moretags) = "yaml:\"permissions\""];
}

0 comments on commit 6297da0

Please sign in to comment.