spicedb_grpc/gen/

authzed.api.v1.rs

// This file is @generated by prost-build.
/// Relationship specifies how a resource relates to a subject. Relationships
/// form the data for the graph over which all permissions questions are
/// answered.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct Relationship {
    /// resource is the resource to which the subject is related, in some manner
    #[prost(message, optional, tag = "1")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// relation is how the resource and subject are related.
    #[prost(string, tag = "2")]
    pub relation: ::prost::alloc::string::String,
    /// subject is the subject to which the resource is related, in some manner.
    #[prost(message, optional, tag = "3")]
    pub subject: ::core::option::Option<SubjectReference>,
    /// optional_caveat is a reference to a the caveat that must be enforced over the relationship
    #[prost(message, optional, tag = "4")]
    pub optional_caveat: ::core::option::Option<ContextualizedCaveat>,
}
/// ContextualizedCaveat represents a reference to a caveat to be used by caveated relationships.
/// The context consists of key-value pairs that will be injected at evaluation time.
/// The keys must match the arguments defined on the caveat in the schema.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ContextualizedCaveat {
    /// caveat_name is the name of the caveat expression to use, as defined in the schema
    #[prost(string, tag = "1")]
    pub caveat_name: ::prost::alloc::string::String,
    /// context consists of any named values that are defined at write time for the caveat expression
    #[prost(message, optional, tag = "2")]
    pub context: ::core::option::Option<::prost_types::Struct>,
}
/// SubjectReference is used for referring to the subject portion of a
/// Relationship. The relation component is optional and is used for defining a
/// sub-relation on the subject, e.g. group:123#members
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct SubjectReference {
    #[prost(message, optional, tag = "1")]
    pub object: ::core::option::Option<ObjectReference>,
    #[prost(string, tag = "2")]
    pub optional_relation: ::prost::alloc::string::String,
}
/// ObjectReference is used to refer to a specific object in the system.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ObjectReference {
    #[prost(string, tag = "1")]
    pub object_type: ::prost::alloc::string::String,
    #[prost(string, tag = "2")]
    pub object_id: ::prost::alloc::string::String,
}
/// ZedToken is used to provide causality metadata between Write and Check
/// requests.
///
/// See the authzed.api.v1.Consistency message for more information.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ZedToken {
    #[prost(string, tag = "1")]
    pub token: ::prost::alloc::string::String,
}
/// Cursor is used to provide resumption of listing between calls to APIs
/// such as LookupResources.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct Cursor {
    #[prost(string, tag = "1")]
    pub token: ::prost::alloc::string::String,
}
/// RelationshipUpdate is used for mutating a single relationship within the
/// service.
///
/// CREATE will create the relationship only if it doesn't exist, and error
/// otherwise.
///
/// TOUCH will upsert the relationship, and will not error if it
/// already exists.
///
/// DELETE will delete the relationship. If the relationship does not exist,
/// this operation will no-op.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct RelationshipUpdate {
    #[prost(enumeration = "relationship_update::Operation", tag = "1")]
    pub operation: i32,
    #[prost(message, optional, tag = "2")]
    pub relationship: ::core::option::Option<Relationship>,
}
/// Nested message and enum types in `RelationshipUpdate`.
pub mod relationship_update {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Operation {
        Unspecified = 0,
        Create = 1,
        Touch = 2,
        Delete = 3,
    }
    impl Operation {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Operation::Unspecified => "OPERATION_UNSPECIFIED",
                Operation::Create => "OPERATION_CREATE",
                Operation::Touch => "OPERATION_TOUCH",
                Operation::Delete => "OPERATION_DELETE",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "OPERATION_UNSPECIFIED" => Some(Self::Unspecified),
                "OPERATION_CREATE" => Some(Self::Create),
                "OPERATION_TOUCH" => Some(Self::Touch),
                "OPERATION_DELETE" => Some(Self::Delete),
                _ => None,
            }
        }
    }
}
/// PermissionRelationshipTree is used for representing a tree of a resource and
/// its permission relationships with other objects.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct PermissionRelationshipTree {
    #[prost(message, optional, tag = "3")]
    pub expanded_object: ::core::option::Option<ObjectReference>,
    #[prost(string, tag = "4")]
    pub expanded_relation: ::prost::alloc::string::String,
    #[prost(oneof = "permission_relationship_tree::TreeType", tags = "1, 2")]
    pub tree_type: ::core::option::Option<permission_relationship_tree::TreeType>,
}
/// Nested message and enum types in `PermissionRelationshipTree`.
pub mod permission_relationship_tree {
    #[allow(clippy::derive_partial_eq_without_eq)]
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum TreeType {
        #[prost(message, tag = "1")]
        Intermediate(super::AlgebraicSubjectSet),
        #[prost(message, tag = "2")]
        Leaf(super::DirectSubjectSet),
    }
}
/// AlgebraicSubjectSet is a subject set which is computed based on applying the
/// specified operation to the operands according to the algebra of sets.
///
/// UNION is a logical set containing the subject members from all operands.
///
/// INTERSECTION is a logical set containing only the subject members which are
/// present in all operands.
///
/// EXCLUSION is a logical set containing only the subject members which are
/// present in the first operand, and none of the other operands.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct AlgebraicSubjectSet {
    #[prost(enumeration = "algebraic_subject_set::Operation", tag = "1")]
    pub operation: i32,
    #[prost(message, repeated, tag = "2")]
    pub children: ::prost::alloc::vec::Vec<PermissionRelationshipTree>,
}
/// Nested message and enum types in `AlgebraicSubjectSet`.
pub mod algebraic_subject_set {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Operation {
        Unspecified = 0,
        Union = 1,
        Intersection = 2,
        Exclusion = 3,
    }
    impl Operation {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Operation::Unspecified => "OPERATION_UNSPECIFIED",
                Operation::Union => "OPERATION_UNION",
                Operation::Intersection => "OPERATION_INTERSECTION",
                Operation::Exclusion => "OPERATION_EXCLUSION",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "OPERATION_UNSPECIFIED" => Some(Self::Unspecified),
                "OPERATION_UNION" => Some(Self::Union),
                "OPERATION_INTERSECTION" => Some(Self::Intersection),
                "OPERATION_EXCLUSION" => Some(Self::Exclusion),
                _ => None,
            }
        }
    }
}
/// DirectSubjectSet is a subject set which is simply a collection of subjects.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DirectSubjectSet {
    #[prost(message, repeated, tag = "1")]
    pub subjects: ::prost::alloc::vec::Vec<SubjectReference>,
}
/// PartialCaveatInfo carries information necessary for the client to take action
/// in the event a response contains a partially evaluated caveat
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct PartialCaveatInfo {
    /// missing_required_context is a list of one or more fields that were missing and prevented caveats
    /// from being fully evaluated
    #[prost(string, repeated, tag = "1")]
    pub missing_required_context: ::prost::alloc::vec::Vec<
        ::prost::alloc::string::String,
    >,
}
/// DebugInformation defines debug information returned by an API call in a footer when
/// requested with a specific debugging header.
///
/// The specific debug information returned will depend on the type of the API call made.
///
/// See the github.com/authzed/authzed-go project for the specific header and footer names.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DebugInformation {
    /// check holds debug information about a check request.
    #[prost(message, optional, tag = "1")]
    pub check: ::core::option::Option<CheckDebugTrace>,
    /// schema_used holds the schema used for the request.
    #[prost(string, tag = "2")]
    pub schema_used: ::prost::alloc::string::String,
}
/// CheckDebugTrace is a recursive trace of the requests made for resolving a CheckPermission
/// API call.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckDebugTrace {
    /// resource holds the resource on which the Check was performed.
    #[prost(message, optional, tag = "1")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// permission holds the name of the permission or relation on which the Check was performed.
    #[prost(string, tag = "2")]
    pub permission: ::prost::alloc::string::String,
    /// permission_type holds information indicating whether it was a permission or relation.
    #[prost(enumeration = "check_debug_trace::PermissionType", tag = "3")]
    pub permission_type: i32,
    /// subject holds the subject on which the Check was performed. This will be static across all calls within
    /// the same Check tree.
    #[prost(message, optional, tag = "4")]
    pub subject: ::core::option::Option<SubjectReference>,
    /// result holds the result of the Check call.
    #[prost(enumeration = "check_debug_trace::Permissionship", tag = "5")]
    pub result: i32,
    /// caveat_evaluation_info holds information about the caveat evaluated for this step of the trace.
    #[prost(message, optional, tag = "8")]
    pub caveat_evaluation_info: ::core::option::Option<CaveatEvalInfo>,
    /// duration holds the time spent executing this Check operation.
    #[prost(message, optional, tag = "9")]
    pub duration: ::core::option::Option<::prost_types::Duration>,
    /// resolution holds information about how the problem was resolved.
    #[prost(oneof = "check_debug_trace::Resolution", tags = "6, 7")]
    pub resolution: ::core::option::Option<check_debug_trace::Resolution>,
}
/// Nested message and enum types in `CheckDebugTrace`.
pub mod check_debug_trace {
    #[allow(clippy::derive_partial_eq_without_eq)]
    #[derive(Clone, PartialEq, ::prost::Message)]
    pub struct SubProblems {
        #[prost(message, repeated, tag = "1")]
        pub traces: ::prost::alloc::vec::Vec<super::CheckDebugTrace>,
    }
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum PermissionType {
        Unspecified = 0,
        Relation = 1,
        Permission = 2,
    }
    impl PermissionType {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                PermissionType::Unspecified => "PERMISSION_TYPE_UNSPECIFIED",
                PermissionType::Relation => "PERMISSION_TYPE_RELATION",
                PermissionType::Permission => "PERMISSION_TYPE_PERMISSION",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "PERMISSION_TYPE_UNSPECIFIED" => Some(Self::Unspecified),
                "PERMISSION_TYPE_RELATION" => Some(Self::Relation),
                "PERMISSION_TYPE_PERMISSION" => Some(Self::Permission),
                _ => None,
            }
        }
    }
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Permissionship {
        Unspecified = 0,
        NoPermission = 1,
        HasPermission = 2,
        ConditionalPermission = 3,
    }
    impl Permissionship {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Permissionship::Unspecified => "PERMISSIONSHIP_UNSPECIFIED",
                Permissionship::NoPermission => "PERMISSIONSHIP_NO_PERMISSION",
                Permissionship::HasPermission => "PERMISSIONSHIP_HAS_PERMISSION",
                Permissionship::ConditionalPermission => {
                    "PERMISSIONSHIP_CONDITIONAL_PERMISSION"
                }
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified),
                "PERMISSIONSHIP_NO_PERMISSION" => Some(Self::NoPermission),
                "PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission),
                "PERMISSIONSHIP_CONDITIONAL_PERMISSION" => {
                    Some(Self::ConditionalPermission)
                }
                _ => None,
            }
        }
    }
    /// resolution holds information about how the problem was resolved.
    #[allow(clippy::derive_partial_eq_without_eq)]
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum Resolution {
        /// was_cached_result, if true, indicates that the result was found in the cache and returned directly.
        #[prost(bool, tag = "6")]
        WasCachedResult(bool),
        /// sub_problems holds the sub problems that were executed to resolve the answer to this Check. An empty list
        /// and a permissionship of PERMISSIONSHIP_HAS_PERMISSION indicates the subject was found within this relation.
        #[prost(message, tag = "7")]
        SubProblems(SubProblems),
    }
}
/// CaveatEvalInfo holds information about a caveat expression that was evaluated.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CaveatEvalInfo {
    /// expression is the expression that was evaluated.
    #[prost(string, tag = "1")]
    pub expression: ::prost::alloc::string::String,
    /// result is the result of the evaluation.
    #[prost(enumeration = "caveat_eval_info::Result", tag = "2")]
    pub result: i32,
    /// context consists of any named values that were used for evaluating the caveat expression.
    #[prost(message, optional, tag = "3")]
    pub context: ::core::option::Option<::prost_types::Struct>,
    /// partial_caveat_info holds information of a partially-evaluated caveated response, if applicable.
    #[prost(message, optional, tag = "4")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
    /// caveat_name is the name of the caveat that was executed, if applicable.
    #[prost(string, tag = "5")]
    pub caveat_name: ::prost::alloc::string::String,
}
/// Nested message and enum types in `CaveatEvalInfo`.
pub mod caveat_eval_info {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Result {
        Unspecified = 0,
        Unevaluated = 1,
        False = 2,
        True = 3,
        MissingSomeContext = 4,
    }
    impl Result {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Result::Unspecified => "RESULT_UNSPECIFIED",
                Result::Unevaluated => "RESULT_UNEVALUATED",
                Result::False => "RESULT_FALSE",
                Result::True => "RESULT_TRUE",
                Result::MissingSomeContext => "RESULT_MISSING_SOME_CONTEXT",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "RESULT_UNSPECIFIED" => Some(Self::Unspecified),
                "RESULT_UNEVALUATED" => Some(Self::Unevaluated),
                "RESULT_FALSE" => Some(Self::False),
                "RESULT_TRUE" => Some(Self::True),
                "RESULT_MISSING_SOME_CONTEXT" => Some(Self::MissingSomeContext),
                _ => None,
            }
        }
    }
}
/// Consistency will define how a request is handled by the backend.
/// By defining a consistency requirement, and a token at which those
/// requirements should be applied, where applicable.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct Consistency {
    #[prost(oneof = "consistency::Requirement", tags = "1, 2, 3, 4")]
    pub requirement: ::core::option::Option<consistency::Requirement>,
}
/// Nested message and enum types in `Consistency`.
pub mod consistency {
    #[allow(clippy::derive_partial_eq_without_eq)]
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum Requirement {
        /// minimize_latency indicates that the latency for the call should be
        /// minimized by having the system select the fastest snapshot available.
        #[prost(bool, tag = "1")]
        MinimizeLatency(bool),
        /// at_least_as_fresh indicates that all data used in the API call must be
        /// *at least as fresh* as that found in the ZedToken; more recent data might
        /// be used if available or faster.
        #[prost(message, tag = "2")]
        AtLeastAsFresh(super::ZedToken),
        /// at_exact_snapshot indicates that all data used in the API call must be
        /// *at the given* snapshot in time; if the snapshot is no longer available,
        /// an error will be returned to the caller.
        #[prost(message, tag = "3")]
        AtExactSnapshot(super::ZedToken),
        /// fully_consistent indicates that all data used in the API call *must* be
        /// at the most recent snapshot found.
        ///
        /// NOTE: using this method can be *quite slow*, so unless there is a need to
        /// do so, it is recommended to use `at_least_as_fresh` with a stored
        /// ZedToken.
        #[prost(bool, tag = "4")]
        FullyConsistent(bool),
    }
}
/// RelationshipFilter is a collection of filters which when applied to a
/// relationship will return relationships that have exactly matching fields.
///
/// All fields are optional and if left unspecified will not filter relationships,
/// but at least one field must be specified.
///
/// NOTE: The performance of the API will be affected by the selection of fields
/// on which to filter. If a field is not indexed, the performance of the API
/// can be significantly slower.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct RelationshipFilter {
    /// resource_type is the *optional* resource type of the relationship.
    /// NOTE: It is not prefixed with "optional_" for legacy compatibility.
    #[prost(string, tag = "1")]
    pub resource_type: ::prost::alloc::string::String,
    /// optional_resource_id is the *optional* resource ID of the relationship.
    /// If specified, optional_resource_id_prefix cannot be specified.
    #[prost(string, tag = "2")]
    pub optional_resource_id: ::prost::alloc::string::String,
    /// optional_resource_id_prefix is the *optional* prefix for the resource ID of the relationship.
    /// If specified, optional_resource_id cannot be specified.
    #[prost(string, tag = "5")]
    pub optional_resource_id_prefix: ::prost::alloc::string::String,
    /// relation is the *optional* relation of the relationship.
    #[prost(string, tag = "3")]
    pub optional_relation: ::prost::alloc::string::String,
    /// optional_subject_filter is the optional filter for the subjects of the relationships.
    #[prost(message, optional, tag = "4")]
    pub optional_subject_filter: ::core::option::Option<SubjectFilter>,
}
/// SubjectFilter specifies a filter on the subject of a relationship.
///
/// subject_type is required and all other fields are optional, and will not
/// impose any additional requirements if left unspecified.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct SubjectFilter {
    #[prost(string, tag = "1")]
    pub subject_type: ::prost::alloc::string::String,
    #[prost(string, tag = "2")]
    pub optional_subject_id: ::prost::alloc::string::String,
    #[prost(message, optional, tag = "3")]
    pub optional_relation: ::core::option::Option<subject_filter::RelationFilter>,
}
/// Nested message and enum types in `SubjectFilter`.
pub mod subject_filter {
    #[allow(clippy::derive_partial_eq_without_eq)]
    #[derive(Clone, PartialEq, ::prost::Message)]
    pub struct RelationFilter {
        #[prost(string, tag = "1")]
        pub relation: ::prost::alloc::string::String,
    }
}
/// ReadRelationshipsRequest specifies one or more filters used to read matching
/// relationships within the system.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReadRelationshipsRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// relationship_filter defines the filter to be applied to the relationships
    /// to be returned.
    #[prost(message, optional, tag = "2")]
    pub relationship_filter: ::core::option::Option<RelationshipFilter>,
    /// optional_limit, if non-zero, specifies the limit on the number of relationships to return
    /// before the stream is closed on the server side. By default, the stream will continue
    /// resolving relationships until exhausted or the stream is closed due to the client or a
    /// network issue.
    #[prost(uint32, tag = "3")]
    pub optional_limit: u32,
    /// optional_cursor, if specified, indicates the cursor after which results should resume being returned.
    /// The cursor can be found on the ReadRelationshipsResponse object.
    #[prost(message, optional, tag = "4")]
    pub optional_cursor: ::core::option::Option<Cursor>,
}
/// ReadRelationshipsResponse contains a Relationship found that matches the
/// specified relationship filter(s). A instance of this response message will
/// be streamed to the client for each relationship found.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReadRelationshipsResponse {
    /// read_at is the ZedToken at which the relationship was found.
    #[prost(message, optional, tag = "1")]
    pub read_at: ::core::option::Option<ZedToken>,
    /// relationship is the found relationship.
    #[prost(message, optional, tag = "2")]
    pub relationship: ::core::option::Option<Relationship>,
    /// after_result_cursor holds a cursor that can be used to resume the ReadRelationships stream after this
    /// result.
    #[prost(message, optional, tag = "3")]
    pub after_result_cursor: ::core::option::Option<Cursor>,
}
/// Precondition specifies how and the existence or absence of certain
/// relationships as expressed through the accompanying filter should affect
/// whether or not the operation proceeds.
///
/// MUST_NOT_MATCH will fail the parent request if any relationships match the
/// relationships filter.
/// MUST_MATCH will fail the parent request if there are no
/// relationships that match the filter.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct Precondition {
    #[prost(enumeration = "precondition::Operation", tag = "1")]
    pub operation: i32,
    #[prost(message, optional, tag = "2")]
    pub filter: ::core::option::Option<RelationshipFilter>,
}
/// Nested message and enum types in `Precondition`.
pub mod precondition {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Operation {
        Unspecified = 0,
        MustNotMatch = 1,
        MustMatch = 2,
    }
    impl Operation {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Operation::Unspecified => "OPERATION_UNSPECIFIED",
                Operation::MustNotMatch => "OPERATION_MUST_NOT_MATCH",
                Operation::MustMatch => "OPERATION_MUST_MATCH",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "OPERATION_UNSPECIFIED" => Some(Self::Unspecified),
                "OPERATION_MUST_NOT_MATCH" => Some(Self::MustNotMatch),
                "OPERATION_MUST_MATCH" => Some(Self::MustMatch),
                _ => None,
            }
        }
    }
}
/// WriteRelationshipsRequest contains a list of Relationship mutations that
/// should be applied to the service. If the optional_preconditions parameter
/// is included, all of the specified preconditions must also be satisfied before
/// the write will be committed.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WriteRelationshipsRequest {
    #[prost(message, repeated, tag = "1")]
    pub updates: ::prost::alloc::vec::Vec<RelationshipUpdate>,
    /// To be bounded by configuration
    #[prost(message, repeated, tag = "2")]
    pub optional_preconditions: ::prost::alloc::vec::Vec<Precondition>,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WriteRelationshipsResponse {
    #[prost(message, optional, tag = "1")]
    pub written_at: ::core::option::Option<ZedToken>,
}
/// DeleteRelationshipsRequest specifies which Relationships should be deleted,
/// requesting the delete of *ALL* relationships that match the specified
/// filters. If the optional_preconditions parameter is included, all of the
/// specified preconditions must also be satisfied before the delete will be
/// executed.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DeleteRelationshipsRequest {
    #[prost(message, optional, tag = "1")]
    pub relationship_filter: ::core::option::Option<RelationshipFilter>,
    /// To be bounded by configuration
    #[prost(message, repeated, tag = "2")]
    pub optional_preconditions: ::prost::alloc::vec::Vec<Precondition>,
    /// optional_limit, if non-zero, specifies the limit on the number of relationships to be deleted.
    /// If there are more matching relationships found to be deleted than the limit specified here,
    /// the deletion call will fail with an error to prevent partial deletion. If partial deletion
    /// is needed, specify below that partial deletion is allowed. Partial deletions can be used
    /// in a loop to delete large amounts of relationships in a *non-transactional* manner.
    #[prost(uint32, tag = "3")]
    pub optional_limit: u32,
    /// optional_allow_partial_deletions, if true and a limit is specified, will delete matching found
    /// relationships up to the count specified in optional_limit, and no more.
    #[prost(bool, tag = "4")]
    pub optional_allow_partial_deletions: bool,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DeleteRelationshipsResponse {
    /// deleted_at is the revision at which the relationships were deleted.
    #[prost(message, optional, tag = "1")]
    pub deleted_at: ::core::option::Option<ZedToken>,
    /// deletion_progress is an enumeration of the possible outcomes that occurred when attempting to delete the specified relationships.
    #[prost(enumeration = "delete_relationships_response::DeletionProgress", tag = "2")]
    pub deletion_progress: i32,
}
/// Nested message and enum types in `DeleteRelationshipsResponse`.
pub mod delete_relationships_response {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum DeletionProgress {
        Unspecified = 0,
        /// DELETION_PROGRESS_COMPLETE indicates that all remaining relationships matching the filter
        /// were deleted. Will be returned even if no relationships were deleted.
        Complete = 1,
        /// DELETION_PROGRESS_PARTIAL indicates that a subset of the relationships matching the filter
        /// were deleted. Only returned if optional_allow_partial_deletions was true, an optional_limit was
        /// specified, and there existed more relationships matching the filter than optional_limit would allow.
        /// Once all remaining relationships have been deleted, DELETION_PROGRESS_COMPLETE will be returned.
        Partial = 2,
    }
    impl DeletionProgress {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                DeletionProgress::Unspecified => "DELETION_PROGRESS_UNSPECIFIED",
                DeletionProgress::Complete => "DELETION_PROGRESS_COMPLETE",
                DeletionProgress::Partial => "DELETION_PROGRESS_PARTIAL",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "DELETION_PROGRESS_UNSPECIFIED" => Some(Self::Unspecified),
                "DELETION_PROGRESS_COMPLETE" => Some(Self::Complete),
                "DELETION_PROGRESS_PARTIAL" => Some(Self::Partial),
                _ => None,
            }
        }
    }
}
/// CheckPermissionRequest issues a check on whether a subject has a permission
/// or is a member of a relation, on a specific resource.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckPermissionRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// resource is the resource on which to check the permission or relation.
    #[prost(message, optional, tag = "2")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// permission is the name of the permission (or relation) on which to execute
    /// the check.
    #[prost(string, tag = "3")]
    pub permission: ::prost::alloc::string::String,
    /// subject is the subject that will be checked for the permission or relation.
    #[prost(message, optional, tag = "4")]
    pub subject: ::core::option::Option<SubjectReference>,
    /// context consists of named values that are injected into the caveat evaluation context
    #[prost(message, optional, tag = "5")]
    pub context: ::core::option::Option<::prost_types::Struct>,
    /// with_tracing, if true, indicates that the response should include a debug trace.
    /// This can be useful for debugging and performance analysis, but adds a small amount
    /// of compute overhead to the request.
    #[prost(bool, tag = "6")]
    pub with_tracing: bool,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckPermissionResponse {
    #[prost(message, optional, tag = "1")]
    pub checked_at: ::core::option::Option<ZedToken>,
    /// Permissionship communicates whether or not the subject has the requested
    /// permission or has a relationship with the given resource, over the given
    /// relation.
    ///
    /// This value will be authzed.api.v1.PERMISSIONSHIP_HAS_PERMISSION if the
    /// requested subject is a member of the computed permission set or there
    /// exists a relationship with the requested relation from the given resource
    /// to the given subject.
    #[prost(enumeration = "check_permission_response::Permissionship", tag = "2")]
    pub permissionship: i32,
    /// partial_caveat_info holds information of a partially-evaluated caveated response
    #[prost(message, optional, tag = "3")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
    /// debug_trace is the debugging trace of this check, if requested.
    #[prost(message, optional, tag = "4")]
    pub debug_trace: ::core::option::Option<DebugInformation>,
}
/// Nested message and enum types in `CheckPermissionResponse`.
pub mod check_permission_response {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Permissionship {
        Unspecified = 0,
        NoPermission = 1,
        HasPermission = 2,
        ConditionalPermission = 3,
    }
    impl Permissionship {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Permissionship::Unspecified => "PERMISSIONSHIP_UNSPECIFIED",
                Permissionship::NoPermission => "PERMISSIONSHIP_NO_PERMISSION",
                Permissionship::HasPermission => "PERMISSIONSHIP_HAS_PERMISSION",
                Permissionship::ConditionalPermission => {
                    "PERMISSIONSHIP_CONDITIONAL_PERMISSION"
                }
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified),
                "PERMISSIONSHIP_NO_PERMISSION" => Some(Self::NoPermission),
                "PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission),
                "PERMISSIONSHIP_CONDITIONAL_PERMISSION" => {
                    Some(Self::ConditionalPermission)
                }
                _ => None,
            }
        }
    }
}
/// CheckBulkPermissionsRequest issues a check on whether a subject has permission
/// or is a member of a relation on a specific resource for each item in the list.
///
/// The ordering of the items in the response is maintained in the response.
/// Checks with the same subject/permission will automatically be batched for performance optimization.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    #[prost(message, repeated, tag = "2")]
    pub items: ::prost::alloc::vec::Vec<CheckBulkPermissionsRequestItem>,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsRequestItem {
    #[prost(message, optional, tag = "1")]
    pub resource: ::core::option::Option<ObjectReference>,
    #[prost(string, tag = "2")]
    pub permission: ::prost::alloc::string::String,
    #[prost(message, optional, tag = "3")]
    pub subject: ::core::option::Option<SubjectReference>,
    #[prost(message, optional, tag = "4")]
    pub context: ::core::option::Option<::prost_types::Struct>,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsResponse {
    #[prost(message, optional, tag = "1")]
    pub checked_at: ::core::option::Option<ZedToken>,
    #[prost(message, repeated, tag = "2")]
    pub pairs: ::prost::alloc::vec::Vec<CheckBulkPermissionsPair>,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsPair {
    #[prost(message, optional, tag = "1")]
    pub request: ::core::option::Option<CheckBulkPermissionsRequestItem>,
    #[prost(oneof = "check_bulk_permissions_pair::Response", tags = "2, 3")]
    pub response: ::core::option::Option<check_bulk_permissions_pair::Response>,
}
/// Nested message and enum types in `CheckBulkPermissionsPair`.
pub mod check_bulk_permissions_pair {
    #[allow(clippy::derive_partial_eq_without_eq)]
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum Response {
        #[prost(message, tag = "2")]
        Item(super::CheckBulkPermissionsResponseItem),
        #[prost(message, tag = "3")]
        Error(super::super::super::super::google::rpc::Status),
    }
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsResponseItem {
    #[prost(enumeration = "check_permission_response::Permissionship", tag = "1")]
    pub permissionship: i32,
    #[prost(message, optional, tag = "2")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
}
/// ExpandPermissionTreeRequest returns a tree representing the expansion of all
/// relationships found accessible from a permission or relation on a particular
/// resource.
///
/// ExpandPermissionTreeRequest is typically used to determine the full set of
/// subjects with a permission, along with the relationships that grant said
/// access.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ExpandPermissionTreeRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// resource is the resource over which to run the expansion.
    #[prost(message, optional, tag = "2")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// permission is the name of the permission or relation over which to run the
    /// expansion for the resource.
    #[prost(string, tag = "3")]
    pub permission: ::prost::alloc::string::String,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ExpandPermissionTreeResponse {
    #[prost(message, optional, tag = "1")]
    pub expanded_at: ::core::option::Option<ZedToken>,
    /// tree_root is a tree structure whose leaf nodes are subjects, and
    /// intermediate nodes represent the various operations (union, intersection,
    /// exclusion) to reach those subjects.
    #[prost(message, optional, tag = "2")]
    pub tree_root: ::core::option::Option<PermissionRelationshipTree>,
}
/// LookupResourcesRequest performs a lookup of all resources of a particular
/// kind on which the subject has the specified permission or the relation in
/// which the subject exists, streaming back the IDs of those resources.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct LookupResourcesRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// resource_object_type is the type of resource object for which the IDs will
    /// be returned.
    #[prost(string, tag = "2")]
    pub resource_object_type: ::prost::alloc::string::String,
    /// permission is the name of the permission or relation for which the subject
    /// must Check.
    #[prost(string, tag = "3")]
    pub permission: ::prost::alloc::string::String,
    /// subject is the subject with access to the resources.
    #[prost(message, optional, tag = "4")]
    pub subject: ::core::option::Option<SubjectReference>,
    /// context consists of named values that are injected into the caveat evaluation context
    #[prost(message, optional, tag = "5")]
    pub context: ::core::option::Option<::prost_types::Struct>,
    /// optional_limit, if non-zero, specifies the limit on the number of resources to return
    /// before the stream is closed on the server side. By default, the stream will continue
    /// resolving resources until exhausted or the stream is closed due to the client or a
    /// network issue.
    #[prost(uint32, tag = "6")]
    pub optional_limit: u32,
    /// optional_cursor, if specified, indicates the cursor after which results should resume being returned.
    /// The cursor can be found on the LookupResourcesResponse object.
    #[prost(message, optional, tag = "7")]
    pub optional_cursor: ::core::option::Option<Cursor>,
}
/// LookupResourcesResponse contains a single matching resource object ID for the
/// requested object type, permission, and subject.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct LookupResourcesResponse {
    /// looked_up_at is the ZedToken at which the resource was found.
    #[prost(message, optional, tag = "1")]
    pub looked_up_at: ::core::option::Option<ZedToken>,
    /// resource_object_id is the object ID of the found resource.
    #[prost(string, tag = "2")]
    pub resource_object_id: ::prost::alloc::string::String,
    /// permissionship indicates whether the response was partially evaluated or not
    #[prost(enumeration = "LookupPermissionship", tag = "3")]
    pub permissionship: i32,
    /// partial_caveat_info holds information of a partially-evaluated caveated response
    #[prost(message, optional, tag = "4")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
    /// after_result_cursor holds a cursor that can be used to resume the LookupResources stream after this
    /// result.
    #[prost(message, optional, tag = "5")]
    pub after_result_cursor: ::core::option::Option<Cursor>,
}
/// LookupSubjectsRequest performs a lookup of all subjects of a particular
/// kind for which the subject has the specified permission or the relation in
/// which the subject exists, streaming back the IDs of those subjects.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct LookupSubjectsRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// resource is the resource for which all matching subjects for the permission
    /// or relation will be returned.
    #[prost(message, optional, tag = "2")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// permission is the name of the permission (or relation) for which to find
    /// the subjects.
    #[prost(string, tag = "3")]
    pub permission: ::prost::alloc::string::String,
    /// subject_object_type is the type of subject object for which the IDs will
    /// be returned.
    #[prost(string, tag = "4")]
    pub subject_object_type: ::prost::alloc::string::String,
    /// optional_subject_relation is the optional relation for the subject.
    #[prost(string, tag = "5")]
    pub optional_subject_relation: ::prost::alloc::string::String,
    /// context consists of named values that are injected into the caveat evaluation context
    #[prost(message, optional, tag = "6")]
    pub context: ::core::option::Option<::prost_types::Struct>,
    /// optional_concrete_limit, if non-zero, specifies the limit on the number of
    /// *concrete* (non-wildcard) subjects to return before the stream is closed on the
    /// server side. With the default value of zero, the stream will continue resolving
    /// concrete subjects until exhausted or the stream is closed due to the client or
    /// a network issue.
    ///
    /// NOTE: Wildcard subjects ("*") have special treatment when cursors and limits are used. Because
    /// wildcards can apply to *any* concrete subjects, if a wildcard subject is found within the dataset,
    /// a wildcard subject can be returned for *all* LookupSubjects calls, regardless of the cursor or
    /// limit.
    ///
    /// For example, if wildcards are requested, a wildcard subject exists, there is a specified limit
    /// of 10 concrete subjects, and at least 10 concrete subjects exist, the API will return 11 subjects
    /// in total: the 10 concrete + the wildcard
    ///
    /// Furthermore, if a wildcard has a set of exclusions generated by the dataset,
    /// the exclusions *will respect the cursor* and only a *partial* set of exclusions will be returned
    /// for each invocation of the API.
    ///
    /// ***IT IS UP TO THE CALLER IN THIS CASE TO COMBINE THE EXCLUSIONS IF DESIRED***
    #[prost(uint32, tag = "7")]
    pub optional_concrete_limit: u32,
    /// optional_cursor, if specified, indicates the cursor after which results should resume being returned.
    /// The cursor can be found on the LookupSubjectsResponse object.
    ///
    /// NOTE: See above for notes about how cursors interact with wildcard subjects.
    #[prost(message, optional, tag = "8")]
    pub optional_cursor: ::core::option::Option<Cursor>,
    /// wildcard_option specifies whether wildcards should be returned by LookupSubjects.
    /// For backwards compatibility, defaults to WILDCARD_OPTION_INCLUDE_WILDCARDS if unspecified.
    #[prost(enumeration = "lookup_subjects_request::WildcardOption", tag = "9")]
    pub wildcard_option: i32,
}
/// Nested message and enum types in `LookupSubjectsRequest`.
pub mod lookup_subjects_request {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum WildcardOption {
        Unspecified = 0,
        IncludeWildcards = 1,
        ExcludeWildcards = 2,
    }
    impl WildcardOption {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                WildcardOption::Unspecified => "WILDCARD_OPTION_UNSPECIFIED",
                WildcardOption::IncludeWildcards => "WILDCARD_OPTION_INCLUDE_WILDCARDS",
                WildcardOption::ExcludeWildcards => "WILDCARD_OPTION_EXCLUDE_WILDCARDS",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "WILDCARD_OPTION_UNSPECIFIED" => Some(Self::Unspecified),
                "WILDCARD_OPTION_INCLUDE_WILDCARDS" => Some(Self::IncludeWildcards),
                "WILDCARD_OPTION_EXCLUDE_WILDCARDS" => Some(Self::ExcludeWildcards),
                _ => None,
            }
        }
    }
}
/// LookupSubjectsResponse contains a single matching subject object ID for the
/// requested subject object type on the permission or relation.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct LookupSubjectsResponse {
    #[prost(message, optional, tag = "1")]
    pub looked_up_at: ::core::option::Option<ZedToken>,
    /// subject_object_id is the Object ID of the subject found. May be a `*` if
    /// a wildcard was found.
    /// deprecated: use `subject`
    #[deprecated]
    #[prost(string, tag = "2")]
    pub subject_object_id: ::prost::alloc::string::String,
    /// excluded_subject_ids are the Object IDs of the subjects excluded. This list
    /// will only contain object IDs if `subject_object_id` is a wildcard (`*`) and
    /// will only be populated if exclusions exist from the wildcard.
    /// deprecated: use `excluded_subjects`
    #[deprecated]
    #[prost(string, repeated, tag = "3")]
    pub excluded_subject_ids: ::prost::alloc::vec::Vec<::prost::alloc::string::String>,
    /// permissionship indicates whether the response was partially evaluated or not
    /// deprecated: use `subject.permissionship`
    #[deprecated]
    #[prost(enumeration = "LookupPermissionship", tag = "4")]
    pub permissionship: i32,
    /// partial_caveat_info holds information of a partially-evaluated caveated response
    /// deprecated: use `subject.partial_caveat_info`
    #[deprecated]
    #[prost(message, optional, tag = "5")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
    /// subject is the subject found, along with its permissionship.
    #[prost(message, optional, tag = "6")]
    pub subject: ::core::option::Option<ResolvedSubject>,
    /// excluded_subjects are the subjects excluded. This list
    /// will only contain subjects if `subject.subject_object_id` is a wildcard (`*`) and
    /// will only be populated if exclusions exist from the wildcard.
    #[prost(message, repeated, tag = "7")]
    pub excluded_subjects: ::prost::alloc::vec::Vec<ResolvedSubject>,
    /// after_result_cursor holds a cursor that can be used to resume the LookupSubjects stream after this
    /// result.
    #[prost(message, optional, tag = "8")]
    pub after_result_cursor: ::core::option::Option<Cursor>,
}
/// ResolvedSubject is a single subject resolved within LookupSubjects.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ResolvedSubject {
    /// subject_object_id is the Object ID of the subject found. May be a `*` if
    /// a wildcard was found.
    #[prost(string, tag = "1")]
    pub subject_object_id: ::prost::alloc::string::String,
    /// permissionship indicates whether the response was partially evaluated or not
    #[prost(enumeration = "LookupPermissionship", tag = "2")]
    pub permissionship: i32,
    /// partial_caveat_info holds information of a partially-evaluated caveated response
    #[prost(message, optional, tag = "3")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
}
/// LookupPermissionship represents whether a Lookup response was partially evaluated or not
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
#[repr(i32)]
pub enum LookupPermissionship {
    Unspecified = 0,
    HasPermission = 1,
    ConditionalPermission = 2,
}
impl LookupPermissionship {
    /// String value of the enum field names used in the ProtoBuf definition.
    ///
    /// The values are not transformed in any way and thus are considered stable
    /// (if the ProtoBuf definition does not change) and safe for programmatic use.
    pub fn as_str_name(&self) -> &'static str {
        match self {
            LookupPermissionship::Unspecified => "LOOKUP_PERMISSIONSHIP_UNSPECIFIED",
            LookupPermissionship::HasPermission => "LOOKUP_PERMISSIONSHIP_HAS_PERMISSION",
            LookupPermissionship::ConditionalPermission => {
                "LOOKUP_PERMISSIONSHIP_CONDITIONAL_PERMISSION"
            }
        }
    }
    /// Creates an enum from field names used in the ProtoBuf definition.
    pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
        match value {
            "LOOKUP_PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified),
            "LOOKUP_PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission),
            "LOOKUP_PERMISSIONSHIP_CONDITIONAL_PERMISSION" => {
                Some(Self::ConditionalPermission)
            }
            _ => None,
        }
    }
}
/// Generated client implementations.
pub mod permissions_service_client {
    #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)]
    use tonic::codegen::*;
    use tonic::codegen::http::Uri;
    /// PermissionsService implements a set of RPCs that perform operations on
    /// relationships and permissions.
    #[derive(Debug, Clone)]
    pub struct PermissionsServiceClient<T> {
        inner: tonic::client::Grpc<T>,
    }
    impl PermissionsServiceClient<tonic::transport::Channel> {
        /// Attempt to create a new client by connecting to a given endpoint.
        pub async fn connect<D>(dst: D) -> Result<Self, tonic::transport::Error>
        where
            D: TryInto<tonic::transport::Endpoint>,
            D::Error: Into<StdError>,
        {
            let conn = tonic::transport::Endpoint::new(dst)?.connect().await?;
            Ok(Self::new(conn))
        }
    }
    impl<T> PermissionsServiceClient<T>
    where
        T: tonic::client::GrpcService<tonic::body::BoxBody>,
        T::Error: Into<StdError>,
        T::ResponseBody: Body<Data = Bytes> + Send + 'static,
        <T::ResponseBody as Body>::Error: Into<StdError> + Send,
    {
        pub fn new(inner: T) -> Self {
            let inner = tonic::client::Grpc::new(inner);
            Self { inner }
        }
        pub fn with_origin(inner: T, origin: Uri) -> Self {
            let inner = tonic::client::Grpc::with_origin(inner, origin);
            Self { inner }
        }
        pub fn with_interceptor<F>(
            inner: T,
            interceptor: F,
        ) -> PermissionsServiceClient<InterceptedService<T, F>>
        where
            F: tonic::service::Interceptor,
            T::ResponseBody: Default,
            T: tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
                Response = http::Response<
                    <T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
                >,
            >,
            <T as tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
            >>::Error: Into<StdError> + Send + Sync,
        {
            PermissionsServiceClient::new(InterceptedService::new(inner, interceptor))
        }
        /// Compress requests with the given encoding.
        ///
        /// This requires the server to support it otherwise it might respond with an
        /// error.
        #[must_use]
        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.send_compressed(encoding);
            self
        }
        /// Enable decompressing responses.
        #[must_use]
        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.accept_compressed(encoding);
            self
        }
        /// Limits the maximum size of a decoded message.
        ///
        /// Default: `4MB`
        #[must_use]
        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_decoding_message_size(limit);
            self
        }
        /// Limits the maximum size of an encoded message.
        ///
        /// Default: `usize::MAX`
        #[must_use]
        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_encoding_message_size(limit);
            self
        }
        /// ReadRelationships reads a set of the relationships matching one or more
        /// filters.
        pub async fn read_relationships(
            &mut self,
            request: impl tonic::IntoRequest<super::ReadRelationshipsRequest>,
        ) -> std::result::Result<
            tonic::Response<tonic::codec::Streaming<super::ReadRelationshipsResponse>>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/ReadRelationships",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "ReadRelationships",
                    ),
                );
            self.inner.server_streaming(req, path, codec).await
        }
        /// WriteRelationships atomically writes and/or deletes a set of specified
        /// relationships. An optional set of preconditions can be provided that must
        /// be satisfied for the operation to commit.
        pub async fn write_relationships(
            &mut self,
            request: impl tonic::IntoRequest<super::WriteRelationshipsRequest>,
        ) -> std::result::Result<
            tonic::Response<super::WriteRelationshipsResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/WriteRelationships",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "WriteRelationships",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// DeleteRelationships atomically bulk deletes all relationships matching the
        /// provided filter. If no relationships match, none will be deleted and the
        /// operation will succeed. An optional set of preconditions can be provided that must
        /// be satisfied for the operation to commit.
        pub async fn delete_relationships(
            &mut self,
            request: impl tonic::IntoRequest<super::DeleteRelationshipsRequest>,
        ) -> std::result::Result<
            tonic::Response<super::DeleteRelationshipsResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/DeleteRelationships",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "DeleteRelationships",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// CheckPermission determines for a given resource whether a subject computes
        /// to having a permission or is a direct member of a particular relation.
        pub async fn check_permission(
            &mut self,
            request: impl tonic::IntoRequest<super::CheckPermissionRequest>,
        ) -> std::result::Result<
            tonic::Response<super::CheckPermissionResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/CheckPermission",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "CheckPermission",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// CheckBulkPermissions evaluates the given list of permission checks
        /// and returns the list of results.
        pub async fn check_bulk_permissions(
            &mut self,
            request: impl tonic::IntoRequest<super::CheckBulkPermissionsRequest>,
        ) -> std::result::Result<
            tonic::Response<super::CheckBulkPermissionsResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/CheckBulkPermissions",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "CheckBulkPermissions",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// ExpandPermissionTree reveals the graph structure for a resource's
        /// permission or relation. This RPC does not recurse infinitely deep and may
        /// require multiple calls to fully unnest a deeply nested graph.
        pub async fn expand_permission_tree(
            &mut self,
            request: impl tonic::IntoRequest<super::ExpandPermissionTreeRequest>,
        ) -> std::result::Result<
            tonic::Response<super::ExpandPermissionTreeResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/ExpandPermissionTree",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "ExpandPermissionTree",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// LookupResources returns all the resources of a given type that a subject
        /// can access whether via a computed permission or relation membership.
        pub async fn lookup_resources(
            &mut self,
            request: impl tonic::IntoRequest<super::LookupResourcesRequest>,
        ) -> std::result::Result<
            tonic::Response<tonic::codec::Streaming<super::LookupResourcesResponse>>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/LookupResources",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "LookupResources",
                    ),
                );
            self.inner.server_streaming(req, path, codec).await
        }
        /// LookupSubjects returns all the subjects of a given type that
        /// have access whether via a computed permission or relation membership.
        pub async fn lookup_subjects(
            &mut self,
            request: impl tonic::IntoRequest<super::LookupSubjectsRequest>,
        ) -> std::result::Result<
            tonic::Response<tonic::codec::Streaming<super::LookupSubjectsResponse>>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/LookupSubjects",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "LookupSubjects",
                    ),
                );
            self.inner.server_streaming(req, path, codec).await
        }
    }
}
/// ReadSchemaRequest returns the schema from the database.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, Copy, PartialEq, ::prost::Message)]
pub struct ReadSchemaRequest {}
/// ReadSchemaResponse is the resulting data after having read the Object
/// Definitions from a Schema.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReadSchemaResponse {
    /// schema_text is the textual form of the current schema in the system
    #[prost(string, tag = "1")]
    pub schema_text: ::prost::alloc::string::String,
    /// read_at is the ZedToken at which the schema was read.
    #[prost(message, optional, tag = "2")]
    pub read_at: ::core::option::Option<ZedToken>,
}
/// WriteSchemaRequest is the required data used to "upsert" the Schema of a
/// Permissions System.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WriteSchemaRequest {
    /// The Schema containing one or more Object Definitions that will be written
    /// to the Permissions System.
    ///
    /// 4MiB
    #[prost(string, tag = "1")]
    pub schema: ::prost::alloc::string::String,
}
/// WriteSchemaResponse is the resulting data after having written a Schema to
/// a Permissions System.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WriteSchemaResponse {
    /// written_at is the ZedToken at which the schema was written.
    #[prost(message, optional, tag = "1")]
    pub written_at: ::core::option::Option<ZedToken>,
}
/// Generated client implementations.
pub mod schema_service_client {
    #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)]
    use tonic::codegen::*;
    use tonic::codegen::http::Uri;
    /// SchemaService implements operations on a Permissions System's Schema.
    #[derive(Debug, Clone)]
    pub struct SchemaServiceClient<T> {
        inner: tonic::client::Grpc<T>,
    }
    impl SchemaServiceClient<tonic::transport::Channel> {
        /// Attempt to create a new client by connecting to a given endpoint.
        pub async fn connect<D>(dst: D) -> Result<Self, tonic::transport::Error>
        where
            D: TryInto<tonic::transport::Endpoint>,
            D::Error: Into<StdError>,
        {
            let conn = tonic::transport::Endpoint::new(dst)?.connect().await?;
            Ok(Self::new(conn))
        }
    }
    impl<T> SchemaServiceClient<T>
    where
        T: tonic::client::GrpcService<tonic::body::BoxBody>,
        T::Error: Into<StdError>,
        T::ResponseBody: Body<Data = Bytes> + Send + 'static,
        <T::ResponseBody as Body>::Error: Into<StdError> + Send,
    {
        pub fn new(inner: T) -> Self {
            let inner = tonic::client::Grpc::new(inner);
            Self { inner }
        }
        pub fn with_origin(inner: T, origin: Uri) -> Self {
            let inner = tonic::client::Grpc::with_origin(inner, origin);
            Self { inner }
        }
        pub fn with_interceptor<F>(
            inner: T,
            interceptor: F,
        ) -> SchemaServiceClient<InterceptedService<T, F>>
        where
            F: tonic::service::Interceptor,
            T::ResponseBody: Default,
            T: tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
                Response = http::Response<
                    <T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
                >,
            >,
            <T as tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
            >>::Error: Into<StdError> + Send + Sync,
        {
            SchemaServiceClient::new(InterceptedService::new(inner, interceptor))
        }
        /// Compress requests with the given encoding.
        ///
        /// This requires the server to support it otherwise it might respond with an
        /// error.
        #[must_use]
        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.send_compressed(encoding);
            self
        }
        /// Enable decompressing responses.
        #[must_use]
        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.accept_compressed(encoding);
            self
        }
        /// Limits the maximum size of a decoded message.
        ///
        /// Default: `4MB`
        #[must_use]
        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_decoding_message_size(limit);
            self
        }
        /// Limits the maximum size of an encoded message.
        ///
        /// Default: `usize::MAX`
        #[must_use]
        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_encoding_message_size(limit);
            self
        }
        /// Read returns the current Object Definitions for a Permissions System.
        ///
        /// Errors include:
        /// - INVALID_ARGUMENT: a provided value has failed to semantically validate
        /// - NOT_FOUND: no schema has been defined
        pub async fn read_schema(
            &mut self,
            request: impl tonic::IntoRequest<super::ReadSchemaRequest>,
        ) -> std::result::Result<
            tonic::Response<super::ReadSchemaResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.SchemaService/ReadSchema",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(GrpcMethod::new("authzed.api.v1.SchemaService", "ReadSchema"));
            self.inner.unary(req, path, codec).await
        }
        /// Write overwrites the current Object Definitions for a Permissions System.
        pub async fn write_schema(
            &mut self,
            request: impl tonic::IntoRequest<super::WriteSchemaRequest>,
        ) -> std::result::Result<
            tonic::Response<super::WriteSchemaResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.SchemaService/WriteSchema",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(GrpcMethod::new("authzed.api.v1.SchemaService", "WriteSchema"));
            self.inner.unary(req, path, codec).await
        }
    }
}
/// WatchRequest specifies the object definitions for which we want to start
/// watching mutations, and an optional start snapshot for when to start
/// watching.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WatchRequest {
    /// optional_object_types is a filter of resource object types to watch for changes.
    /// If specified, only changes to the specified object types will be returned and
    /// optional_relationship_filters cannot be used.
    #[prost(string, repeated, tag = "1")]
    pub optional_object_types: ::prost::alloc::vec::Vec<::prost::alloc::string::String>,
    /// optional_start_cursor is the ZedToken holding the point-in-time at
    /// which to start watching for changes.
    /// If not specified, the watch will begin at the current head revision
    /// of the datastore, returning any updates that occur after the caller
    /// makes the request.
    /// Note that if this cursor references a point-in-time containing data
    /// that has been garbage collected, an error will be returned.
    #[prost(message, optional, tag = "2")]
    pub optional_start_cursor: ::core::option::Option<ZedToken>,
    /// optional_relationship_filters, if specified, indicates the
    /// filter(s) to apply to each relationship to be returned by watch.
    /// The relationship will be returned as long as at least one filter matches,
    /// this allows clients to match relationships on multiple filters on a single watch call.
    /// If specified, optional_object_types cannot be used.
    #[prost(message, repeated, tag = "3")]
    pub optional_relationship_filters: ::prost::alloc::vec::Vec<RelationshipFilter>,
}
/// WatchResponse contains all tuple modification events in ascending
/// timestamp order, from the requested start snapshot to a snapshot
/// encoded in the watch response. The client can use the snapshot to resume
/// watching where the previous watch response left off.
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WatchResponse {
    #[prost(message, repeated, tag = "1")]
    pub updates: ::prost::alloc::vec::Vec<RelationshipUpdate>,
    #[prost(message, optional, tag = "2")]
    pub changes_through: ::core::option::Option<ZedToken>,
}
/// Generated client implementations.
pub mod watch_service_client {
    #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)]
    use tonic::codegen::*;
    use tonic::codegen::http::Uri;
    #[derive(Debug, Clone)]
    pub struct WatchServiceClient<T> {
        inner: tonic::client::Grpc<T>,
    }
    impl WatchServiceClient<tonic::transport::Channel> {
        /// Attempt to create a new client by connecting to a given endpoint.
        pub async fn connect<D>(dst: D) -> Result<Self, tonic::transport::Error>
        where
            D: TryInto<tonic::transport::Endpoint>,
            D::Error: Into<StdError>,
        {
            let conn = tonic::transport::Endpoint::new(dst)?.connect().await?;
            Ok(Self::new(conn))
        }
    }
    impl<T> WatchServiceClient<T>
    where
        T: tonic::client::GrpcService<tonic::body::BoxBody>,
        T::Error: Into<StdError>,
        T::ResponseBody: Body<Data = Bytes> + Send + 'static,
        <T::ResponseBody as Body>::Error: Into<StdError> + Send,
    {
        pub fn new(inner: T) -> Self {
            let inner = tonic::client::Grpc::new(inner);
            Self { inner }
        }
        pub fn with_origin(inner: T, origin: Uri) -> Self {
            let inner = tonic::client::Grpc::with_origin(inner, origin);
            Self { inner }
        }
        pub fn with_interceptor<F>(
            inner: T,
            interceptor: F,
        ) -> WatchServiceClient<InterceptedService<T, F>>
        where
            F: tonic::service::Interceptor,
            T::ResponseBody: Default,
            T: tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
                Response = http::Response<
                    <T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
                >,
            >,
            <T as tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
            >>::Error: Into<StdError> + Send + Sync,
        {
            WatchServiceClient::new(InterceptedService::new(inner, interceptor))
        }
        /// Compress requests with the given encoding.
        ///
        /// This requires the server to support it otherwise it might respond with an
        /// error.
        #[must_use]
        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.send_compressed(encoding);
            self
        }
        /// Enable decompressing responses.
        #[must_use]
        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.accept_compressed(encoding);
            self
        }
        /// Limits the maximum size of a decoded message.
        ///
        /// Default: `4MB`
        #[must_use]
        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_decoding_message_size(limit);
            self
        }
        /// Limits the maximum size of an encoded message.
        ///
        /// Default: `usize::MAX`
        #[must_use]
        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_encoding_message_size(limit);
            self
        }
        pub async fn watch(
            &mut self,
            request: impl tonic::IntoRequest<super::WatchRequest>,
        ) -> std::result::Result<
            tonic::Response<tonic::codec::Streaming<super::WatchResponse>>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::new(
                        tonic::Code::Unknown,
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.WatchService/Watch",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(GrpcMethod::new("authzed.api.v1.WatchService", "Watch"));
            self.inner.server_streaming(req, path, codec).await
        }
    }
}