Skip to content

Commit

Permalink
Add request.reason.required to role conditions (proto only)
Browse files Browse the repository at this point in the history
This changes the proto type only to declutter the original PR
#49124
  • Loading branch information
kopiczko committed Nov 20, 2024
1 parent c7bb93d commit f85ba50
Show file tree
Hide file tree
Showing 8 changed files with 2,695 additions and 2,266 deletions.
12 changes: 12 additions & 0 deletions api/proto/teleport/legacy/types/types.proto
Original file line number Diff line number Diff line change
Expand Up @@ -3440,6 +3440,18 @@ message AccessRequestConditions {
(gogoproto.nullable) = false,
(gogoproto.jsontag) = "kubernetes_resources,omitempty"
];

// Reason defines settings for the reason for the access provided by the user.
AccessRequestConditionsReason Reason = 9 [(gogoproto.jsontag) = "reason,omitempty"];
}

// AccessRequestConditionsReason defines settings for the reason for the access provided by the
// user.
message AccessRequestConditionsReason {
// Required indicates that reason is required for all Access Requests requesting allowed roles or
// resources searchable with search_as_roles. It applies only to users who have this role
// assigned.
bool Required = 1 [(gogoproto.jsontag) = "required,omitempty"];
}

// AccessReviewConditions is a matcher for allow/deny restrictions on
Expand Down
4,757 changes: 2,491 additions & 2,266 deletions api/types/types.pb.go

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -357,6 +357,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -908,6 +920,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -1738,6 +1762,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -2289,6 +2325,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -360,6 +360,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -911,6 +923,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -360,6 +360,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -911,6 +923,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -357,6 +357,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -908,6 +920,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -1738,6 +1762,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -2289,6 +2325,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -360,6 +360,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -911,6 +923,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -360,6 +360,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down Expand Up @@ -911,6 +923,18 @@ spec:
is used.
format: duration
type: string
reason:
description: Reason defines settings for the reason for the
access provided by the user.
nullable: true
properties:
required:
description: Required indicates that reason is required
for all Access Requests requesting allowed roles or
resources searchable with search_as_roles. It applies
only to users who have this role assigned.
type: boolean
type: object
roles:
description: Roles is the name of roles which will match the
request rule.
Expand Down

0 comments on commit f85ba50

Please sign in to comment.