spicedb_grpc_tonic/generated/

authzed.api.v1.rs

// This file is @generated by prost-build.
/// Relationship specifies how a resource relates to a subject. Relationships
/// form the data for the graph over which all permissions questions are
/// answered.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct Relationship {
    /// resource is the resource to which the subject is related, in some manner
    #[prost(message, optional, tag = "1")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// relation is how the resource and subject are related.
    #[prost(string, tag = "2")]
    pub relation: ::prost::alloc::string::String,
    /// subject is the subject to which the resource is related, in some manner.
    #[prost(message, optional, tag = "3")]
    pub subject: ::core::option::Option<SubjectReference>,
    /// optional_caveat is a reference to a the caveat that must be enforced over the relationship
    #[prost(message, optional, tag = "4")]
    pub optional_caveat: ::core::option::Option<ContextualizedCaveat>,
    /// optional_expires_at is the time at which the relationship expires, if any.
    #[prost(message, optional, tag = "5")]
    pub optional_expires_at: ::core::option::Option<::prost_types::Timestamp>,
}
/// ContextualizedCaveat represents a reference to a caveat to be used by caveated relationships.
/// The context consists of key-value pairs that will be injected at evaluation time.
/// The keys must match the arguments defined on the caveat in the schema.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ContextualizedCaveat {
    /// caveat_name is the name of the caveat expression to use, as defined in the schema
    #[prost(string, tag = "1")]
    pub caveat_name: ::prost::alloc::string::String,
    /// context consists of any named values that are defined at write time for the caveat expression
    #[prost(message, optional, tag = "2")]
    pub context: ::core::option::Option<::prost_types::Struct>,
}
/// SubjectReference is used for referring to the subject portion of a
/// Relationship. The relation component is optional and is used for defining a
/// sub-relation on the subject, e.g. group:123#members
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct SubjectReference {
    #[prost(message, optional, tag = "1")]
    pub object: ::core::option::Option<ObjectReference>,
    #[prost(string, tag = "2")]
    pub optional_relation: ::prost::alloc::string::String,
}
/// ObjectReference is used to refer to a specific object in the system.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ObjectReference {
    #[prost(string, tag = "1")]
    pub object_type: ::prost::alloc::string::String,
    #[prost(string, tag = "2")]
    pub object_id: ::prost::alloc::string::String,
}
/// ZedToken represents a point in time, or a "revision" in SpiceDB.
/// It is used to provide causality metadata between Write and read requests (Check, ReadRelationships, LookupResources, LookupSubjects)
/// and can also be used to start watching for changes from a specific point in time.
///
/// See the authzed.api.v1.Consistency message for more information.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ZedToken {
    #[prost(string, tag = "1")]
    pub token: ::prost::alloc::string::String,
}
/// Cursor is used to provide resumption of listing between calls to APIs
/// such as LookupResources.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct Cursor {
    #[prost(string, tag = "1")]
    pub token: ::prost::alloc::string::String,
}
/// RelationshipUpdate is used for mutating a single relationship within the
/// service.
///
/// CREATE will create the relationship only if it doesn't exist, and error
/// otherwise.
///
/// TOUCH will upsert the relationship, and will not error if it
/// already exists.
///
/// DELETE will delete the relationship. If the relationship does not exist,
/// this operation will no-op.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct RelationshipUpdate {
    #[prost(enumeration = "relationship_update::Operation", tag = "1")]
    pub operation: i32,
    #[prost(message, optional, tag = "2")]
    pub relationship: ::core::option::Option<Relationship>,
}
/// Nested message and enum types in `RelationshipUpdate`.
pub mod relationship_update {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Operation {
        Unspecified = 0,
        Create = 1,
        Touch = 2,
        Delete = 3,
    }
    impl Operation {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Self::Unspecified => "OPERATION_UNSPECIFIED",
                Self::Create => "OPERATION_CREATE",
                Self::Touch => "OPERATION_TOUCH",
                Self::Delete => "OPERATION_DELETE",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "OPERATION_UNSPECIFIED" => Some(Self::Unspecified),
                "OPERATION_CREATE" => Some(Self::Create),
                "OPERATION_TOUCH" => Some(Self::Touch),
                "OPERATION_DELETE" => Some(Self::Delete),
                _ => None,
            }
        }
    }
}
/// PermissionRelationshipTree is used for representing a tree of a resource and
/// its permission relationships with other objects.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct PermissionRelationshipTree {
    #[prost(message, optional, tag = "3")]
    pub expanded_object: ::core::option::Option<ObjectReference>,
    #[prost(string, tag = "4")]
    pub expanded_relation: ::prost::alloc::string::String,
    #[prost(oneof = "permission_relationship_tree::TreeType", tags = "1, 2")]
    pub tree_type: ::core::option::Option<permission_relationship_tree::TreeType>,
}
/// Nested message and enum types in `PermissionRelationshipTree`.
pub mod permission_relationship_tree {
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum TreeType {
        #[prost(message, tag = "1")]
        Intermediate(super::AlgebraicSubjectSet),
        #[prost(message, tag = "2")]
        Leaf(super::DirectSubjectSet),
    }
}
/// AlgebraicSubjectSet is a subject set which is computed based on applying the
/// specified operation to the operands according to the algebra of sets.
///
/// UNION is a logical set containing the subject members from all operands.
///
/// INTERSECTION is a logical set containing only the subject members which are
/// present in all operands.
///
/// EXCLUSION is a logical set containing only the subject members which are
/// present in the first operand, and none of the other operands.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct AlgebraicSubjectSet {
    #[prost(enumeration = "algebraic_subject_set::Operation", tag = "1")]
    pub operation: i32,
    #[prost(message, repeated, tag = "2")]
    pub children: ::prost::alloc::vec::Vec<PermissionRelationshipTree>,
}
/// Nested message and enum types in `AlgebraicSubjectSet`.
pub mod algebraic_subject_set {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Operation {
        Unspecified = 0,
        Union = 1,
        Intersection = 2,
        Exclusion = 3,
    }
    impl Operation {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Self::Unspecified => "OPERATION_UNSPECIFIED",
                Self::Union => "OPERATION_UNION",
                Self::Intersection => "OPERATION_INTERSECTION",
                Self::Exclusion => "OPERATION_EXCLUSION",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "OPERATION_UNSPECIFIED" => Some(Self::Unspecified),
                "OPERATION_UNION" => Some(Self::Union),
                "OPERATION_INTERSECTION" => Some(Self::Intersection),
                "OPERATION_EXCLUSION" => Some(Self::Exclusion),
                _ => None,
            }
        }
    }
}
/// DirectSubjectSet is a subject set which is simply a collection of subjects.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DirectSubjectSet {
    #[prost(message, repeated, tag = "1")]
    pub subjects: ::prost::alloc::vec::Vec<SubjectReference>,
}
/// PartialCaveatInfo carries information necessary for the client to take action
/// in the event a response contains a partially evaluated caveat
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct PartialCaveatInfo {
    /// missing_required_context is a list of one or more fields that were missing and prevented caveats
    /// from being fully evaluated
    #[prost(string, repeated, tag = "1")]
    pub missing_required_context: ::prost::alloc::vec::Vec<
        ::prost::alloc::string::String,
    >,
}
/// DebugInformation defines debug information returned by an API call in a footer when
/// requested with a specific debugging header.
///
/// The specific debug information returned will depend on the type of the API call made.
///
/// See the github.com/authzed/authzed-go project for the specific header and footer names.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DebugInformation {
    /// check holds debug information about a check request.
    #[prost(message, optional, tag = "1")]
    pub check: ::core::option::Option<CheckDebugTrace>,
    /// schema_used holds the schema used for the request.
    #[prost(string, tag = "2")]
    pub schema_used: ::prost::alloc::string::String,
}
/// CheckDebugTrace is a recursive trace of the requests made for resolving a CheckPermission
/// API call.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckDebugTrace {
    /// resource holds the resource on which the Check was performed.
    /// for batched calls, the object_id field contains a comma-separated list of object IDs
    /// for all the resources checked in the batch.
    #[prost(message, optional, tag = "1")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// permission holds the name of the permission or relation on which the Check was performed.
    #[prost(string, tag = "2")]
    pub permission: ::prost::alloc::string::String,
    /// permission_type holds information indicating whether it was a permission or relation.
    #[prost(enumeration = "check_debug_trace::PermissionType", tag = "3")]
    pub permission_type: i32,
    /// subject holds the subject on which the Check was performed. This will be static across all calls within
    /// the same Check tree.
    #[prost(message, optional, tag = "4")]
    pub subject: ::core::option::Option<SubjectReference>,
    /// result holds the result of the Check call.
    #[prost(enumeration = "check_debug_trace::Permissionship", tag = "5")]
    pub result: i32,
    /// caveat_evaluation_info holds information about the caveat evaluated for this step of the trace.
    #[prost(message, optional, tag = "8")]
    pub caveat_evaluation_info: ::core::option::Option<CaveatEvalInfo>,
    /// duration holds the time spent executing this Check operation.
    #[prost(message, optional, tag = "9")]
    pub duration: ::core::option::Option<::prost_types::Duration>,
    /// optional_expires_at is the time at which at least one of the relationships used to
    /// compute this result, expires (if any). This is *not* related to the caching window.
    #[prost(message, optional, tag = "10")]
    pub optional_expires_at: ::core::option::Option<::prost_types::Timestamp>,
    /// trace_operation_id is a unique identifier for this trace's operation, that will
    /// be shared for all traces created for the same check operation in SpiceDB.
    ///
    /// In cases where SpiceDB performs automatic batching of subproblems, this ID can be used
    /// to correlate work that was shared across multiple traces.
    ///
    /// This identifier is generated by SpiceDB, is to be considered opaque to the caller
    /// and only guaranteed to be unique within the same overall Check or CheckBulk operation.
    #[prost(string, tag = "11")]
    pub trace_operation_id: ::prost::alloc::string::String,
    /// source holds the source of the result. It is of the form:
    /// `<sourcetype>:<sourceid>`, where sourcetype can be, among others:
    /// `spicedb`, `materialize`, etc.
    #[prost(string, tag = "12")]
    pub source: ::prost::alloc::string::String,
    /// resolution holds information about how the problem was resolved.
    #[prost(oneof = "check_debug_trace::Resolution", tags = "6, 7")]
    pub resolution: ::core::option::Option<check_debug_trace::Resolution>,
}
/// Nested message and enum types in `CheckDebugTrace`.
pub mod check_debug_trace {
    #[derive(Clone, PartialEq, ::prost::Message)]
    pub struct SubProblems {
        #[prost(message, repeated, tag = "1")]
        pub traces: ::prost::alloc::vec::Vec<super::CheckDebugTrace>,
    }
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum PermissionType {
        Unspecified = 0,
        Relation = 1,
        Permission = 2,
    }
    impl PermissionType {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Self::Unspecified => "PERMISSION_TYPE_UNSPECIFIED",
                Self::Relation => "PERMISSION_TYPE_RELATION",
                Self::Permission => "PERMISSION_TYPE_PERMISSION",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "PERMISSION_TYPE_UNSPECIFIED" => Some(Self::Unspecified),
                "PERMISSION_TYPE_RELATION" => Some(Self::Relation),
                "PERMISSION_TYPE_PERMISSION" => Some(Self::Permission),
                _ => None,
            }
        }
    }
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Permissionship {
        Unspecified = 0,
        NoPermission = 1,
        HasPermission = 2,
        ConditionalPermission = 3,
    }
    impl Permissionship {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Self::Unspecified => "PERMISSIONSHIP_UNSPECIFIED",
                Self::NoPermission => "PERMISSIONSHIP_NO_PERMISSION",
                Self::HasPermission => "PERMISSIONSHIP_HAS_PERMISSION",
                Self::ConditionalPermission => "PERMISSIONSHIP_CONDITIONAL_PERMISSION",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified),
                "PERMISSIONSHIP_NO_PERMISSION" => Some(Self::NoPermission),
                "PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission),
                "PERMISSIONSHIP_CONDITIONAL_PERMISSION" => {
                    Some(Self::ConditionalPermission)
                }
                _ => None,
            }
        }
    }
    /// resolution holds information about how the problem was resolved.
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum Resolution {
        /// was_cached_result, if true, indicates that the result was found in the cache and returned directly.
        #[prost(bool, tag = "6")]
        WasCachedResult(bool),
        /// sub_problems holds the sub problems that were executed to resolve the answer to this Check. An empty list
        /// and a permissionship of PERMISSIONSHIP_HAS_PERMISSION indicates the subject was found within this relation.
        #[prost(message, tag = "7")]
        SubProblems(SubProblems),
    }
}
/// CaveatEvalInfo holds information about a caveat expression that was evaluated.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CaveatEvalInfo {
    /// expression is the expression that was evaluated.
    #[prost(string, tag = "1")]
    pub expression: ::prost::alloc::string::String,
    /// result is the result of the evaluation.
    #[prost(enumeration = "caveat_eval_info::Result", tag = "2")]
    pub result: i32,
    /// context consists of any named values that were used for evaluating the caveat expression.
    #[prost(message, optional, tag = "3")]
    pub context: ::core::option::Option<::prost_types::Struct>,
    /// partial_caveat_info holds information of a partially-evaluated caveated response, if applicable.
    #[prost(message, optional, tag = "4")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
    /// caveat_name is the name of the caveat that was executed, if applicable.
    #[prost(string, tag = "5")]
    pub caveat_name: ::prost::alloc::string::String,
}
/// Nested message and enum types in `CaveatEvalInfo`.
pub mod caveat_eval_info {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Result {
        Unspecified = 0,
        Unevaluated = 1,
        False = 2,
        True = 3,
        MissingSomeContext = 4,
    }
    impl Result {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Self::Unspecified => "RESULT_UNSPECIFIED",
                Self::Unevaluated => "RESULT_UNEVALUATED",
                Self::False => "RESULT_FALSE",
                Self::True => "RESULT_TRUE",
                Self::MissingSomeContext => "RESULT_MISSING_SOME_CONTEXT",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "RESULT_UNSPECIFIED" => Some(Self::Unspecified),
                "RESULT_UNEVALUATED" => Some(Self::Unevaluated),
                "RESULT_FALSE" => Some(Self::False),
                "RESULT_TRUE" => Some(Self::True),
                "RESULT_MISSING_SOME_CONTEXT" => Some(Self::MissingSomeContext),
                _ => None,
            }
        }
    }
}
/// Consistency will define how a request is handled by the backend.
/// By defining a consistency requirement, and a token at which those
/// requirements should be applied, where applicable.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct Consistency {
    #[prost(oneof = "consistency::Requirement", tags = "1, 2, 3, 4")]
    pub requirement: ::core::option::Option<consistency::Requirement>,
}
/// Nested message and enum types in `Consistency`.
pub mod consistency {
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum Requirement {
        /// minimize_latency indicates that the latency for the call should be
        /// minimized by having the system select the fastest snapshot available.
        #[prost(bool, tag = "1")]
        MinimizeLatency(bool),
        /// at_least_as_fresh indicates that all data used in the API call must be
        /// *at least as fresh* as that found in the ZedToken; more recent data might
        /// be used if available or faster.
        #[prost(message, tag = "2")]
        AtLeastAsFresh(super::ZedToken),
        /// at_exact_snapshot indicates that all data used in the API call must be
        /// *at the given* snapshot in time; if the snapshot is no longer available,
        /// an error will be returned to the caller.
        #[prost(message, tag = "3")]
        AtExactSnapshot(super::ZedToken),
        /// fully_consistent indicates that all data used in the API call *must* be
        /// at the most recent snapshot found.
        ///
        /// NOTE: using this method can be *quite slow*, so unless there is a need to
        /// do so, it is recommended to use `at_least_as_fresh` with a stored
        /// ZedToken.
        #[prost(bool, tag = "4")]
        FullyConsistent(bool),
    }
}
/// RelationshipFilter is a collection of filters which when applied to a
/// relationship will return relationships that have exactly matching fields.
///
/// All fields are optional and if left unspecified will not filter relationships,
/// but at least one field must be specified.
///
/// NOTE: The performance of the API will be affected by the selection of fields
/// on which to filter. If a field is not indexed, the performance of the API
/// can be significantly slower.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct RelationshipFilter {
    /// resource_type is the *optional* resource type of the relationship.
    /// NOTE: It is not prefixed with "optional_" for legacy compatibility.
    #[prost(string, tag = "1")]
    pub resource_type: ::prost::alloc::string::String,
    /// optional_resource_id is the *optional* resource ID of the relationship.
    /// If specified, optional_resource_id_prefix cannot be specified.
    #[prost(string, tag = "2")]
    pub optional_resource_id: ::prost::alloc::string::String,
    /// optional_resource_id_prefix is the *optional* prefix for the resource ID of the relationship.
    /// If specified, optional_resource_id cannot be specified.
    #[prost(string, tag = "5")]
    pub optional_resource_id_prefix: ::prost::alloc::string::String,
    /// relation is the *optional* relation of the relationship.
    #[prost(string, tag = "3")]
    pub optional_relation: ::prost::alloc::string::String,
    /// optional_subject_filter is the optional filter for the subjects of the relationships.
    #[prost(message, optional, tag = "4")]
    pub optional_subject_filter: ::core::option::Option<SubjectFilter>,
}
/// SubjectFilter specifies a filter on the subject of a relationship.
///
/// subject_type is required and all other fields are optional, and will not
/// impose any additional requirements if left unspecified.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct SubjectFilter {
    #[prost(string, tag = "1")]
    pub subject_type: ::prost::alloc::string::String,
    #[prost(string, tag = "2")]
    pub optional_subject_id: ::prost::alloc::string::String,
    #[prost(message, optional, tag = "3")]
    pub optional_relation: ::core::option::Option<subject_filter::RelationFilter>,
}
/// Nested message and enum types in `SubjectFilter`.
pub mod subject_filter {
    #[derive(Clone, PartialEq, ::prost::Message)]
    pub struct RelationFilter {
        #[prost(string, tag = "1")]
        pub relation: ::prost::alloc::string::String,
    }
}
/// ReadRelationshipsRequest specifies one or more filters used to read matching
/// relationships within the system.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReadRelationshipsRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// relationship_filter defines the filter to be applied to the relationships
    /// to be returned.
    #[prost(message, optional, tag = "2")]
    pub relationship_filter: ::core::option::Option<RelationshipFilter>,
    /// optional_limit, if non-zero, specifies the limit on the number of relationships to return
    /// before the stream is closed on the server side. By default, the stream will continue
    /// resolving relationships until exhausted or the stream is closed due to the client or a
    /// network issue.
    #[prost(uint32, tag = "3")]
    pub optional_limit: u32,
    /// optional_cursor, if specified, indicates the cursor after which results should resume being returned.
    /// The cursor can be found on the ReadRelationshipsResponse object.
    #[prost(message, optional, tag = "4")]
    pub optional_cursor: ::core::option::Option<Cursor>,
}
/// ReadRelationshipsResponse contains a Relationship found that matches the
/// specified relationship filter(s). A instance of this response message will
/// be streamed to the client for each relationship found.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReadRelationshipsResponse {
    /// read_at is the ZedToken at which the relationship was found.
    #[prost(message, optional, tag = "1")]
    pub read_at: ::core::option::Option<ZedToken>,
    /// relationship is the found relationship.
    #[prost(message, optional, tag = "2")]
    pub relationship: ::core::option::Option<Relationship>,
    /// after_result_cursor holds a cursor that can be used to resume the ReadRelationships stream after this
    /// result.
    #[prost(message, optional, tag = "3")]
    pub after_result_cursor: ::core::option::Option<Cursor>,
}
/// Precondition specifies how and the existence or absence of certain
/// relationships as expressed through the accompanying filter should affect
/// whether or not the operation proceeds.
///
/// MUST_NOT_MATCH will fail the parent request if any relationships match the
/// relationships filter.
/// MUST_MATCH will fail the parent request if there are no
/// relationships that match the filter.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct Precondition {
    #[prost(enumeration = "precondition::Operation", tag = "1")]
    pub operation: i32,
    #[prost(message, optional, tag = "2")]
    pub filter: ::core::option::Option<RelationshipFilter>,
}
/// Nested message and enum types in `Precondition`.
pub mod precondition {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Operation {
        Unspecified = 0,
        MustNotMatch = 1,
        MustMatch = 2,
    }
    impl Operation {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Self::Unspecified => "OPERATION_UNSPECIFIED",
                Self::MustNotMatch => "OPERATION_MUST_NOT_MATCH",
                Self::MustMatch => "OPERATION_MUST_MATCH",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "OPERATION_UNSPECIFIED" => Some(Self::Unspecified),
                "OPERATION_MUST_NOT_MATCH" => Some(Self::MustNotMatch),
                "OPERATION_MUST_MATCH" => Some(Self::MustMatch),
                _ => None,
            }
        }
    }
}
/// WriteRelationshipsRequest contains a list of Relationship mutations that
/// should be applied to the service. If the optional_preconditions parameter
/// is included, all of the specified preconditions must also be satisfied before
/// the write will be committed. All updates will be applied transactionally,
/// and if any preconditions fail, the entire transaction will be reverted.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WriteRelationshipsRequest {
    #[prost(message, repeated, tag = "1")]
    pub updates: ::prost::alloc::vec::Vec<RelationshipUpdate>,
    /// To be bounded by configuration
    #[prost(message, repeated, tag = "2")]
    pub optional_preconditions: ::prost::alloc::vec::Vec<Precondition>,
    /// optional_transaction_metadata is an optional field that can be used to store metadata about the transaction.
    /// If specified, this metadata will be supplied in the WatchResponse for the updates associated with this
    /// transaction.
    #[prost(message, optional, tag = "3")]
    pub optional_transaction_metadata: ::core::option::Option<::prost_types::Struct>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WriteRelationshipsResponse {
    /// written_at is the revision at which the relationships were written or deleted.
    #[prost(message, optional, tag = "1")]
    pub written_at: ::core::option::Option<ZedToken>,
}
/// DeleteRelationshipsRequest specifies which Relationships should be deleted,
/// requesting the delete of *ALL* relationships that match the specified
/// filters. If the optional_preconditions parameter is included, all of the
/// specified preconditions must also be satisfied before the delete will be
/// executed.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DeleteRelationshipsRequest {
    #[prost(message, optional, tag = "1")]
    pub relationship_filter: ::core::option::Option<RelationshipFilter>,
    /// To be bounded by configuration
    #[prost(message, repeated, tag = "2")]
    pub optional_preconditions: ::prost::alloc::vec::Vec<Precondition>,
    /// optional_limit, if non-zero, specifies the limit on the number of relationships to be deleted.
    /// If there are more matching relationships found to be deleted than the limit specified here,
    /// the deletion call will fail with an error to prevent partial deletion. If partial deletion
    /// is needed, specify below that partial deletion is allowed. Partial deletions can be used
    /// in a loop to delete large amounts of relationships in a *non-transactional* manner.
    #[prost(uint32, tag = "3")]
    pub optional_limit: u32,
    /// optional_allow_partial_deletions, if true and a limit is specified, will delete matching found
    /// relationships up to the count specified in optional_limit, and no more.
    #[prost(bool, tag = "4")]
    pub optional_allow_partial_deletions: bool,
    /// optional_transaction_metadata is an optional field that can be used to store metadata about the transaction.
    /// If specified, this metadata will be supplied in the WatchResponse for the deletions associated with
    /// this transaction.
    #[prost(message, optional, tag = "5")]
    pub optional_transaction_metadata: ::core::option::Option<::prost_types::Struct>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DeleteRelationshipsResponse {
    /// deleted_at is the revision at which the relationships were deleted.
    #[prost(message, optional, tag = "1")]
    pub deleted_at: ::core::option::Option<ZedToken>,
    /// deletion_progress is an enumeration of the possible outcomes that occurred when attempting to delete the specified relationships.
    #[prost(enumeration = "delete_relationships_response::DeletionProgress", tag = "2")]
    pub deletion_progress: i32,
    /// relationships_deleted_count is the number of relationships that were deleted.
    #[prost(uint64, tag = "3")]
    pub relationships_deleted_count: u64,
}
/// Nested message and enum types in `DeleteRelationshipsResponse`.
pub mod delete_relationships_response {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum DeletionProgress {
        Unspecified = 0,
        /// DELETION_PROGRESS_COMPLETE indicates that all remaining relationships matching the filter
        /// were deleted. Will be returned even if no relationships were deleted.
        Complete = 1,
        /// DELETION_PROGRESS_PARTIAL indicates that a subset of the relationships matching the filter
        /// were deleted. Only returned if optional_allow_partial_deletions was true, an optional_limit was
        /// specified, and there existed more relationships matching the filter than optional_limit would allow.
        /// Once all remaining relationships have been deleted, DELETION_PROGRESS_COMPLETE will be returned.
        Partial = 2,
    }
    impl DeletionProgress {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Self::Unspecified => "DELETION_PROGRESS_UNSPECIFIED",
                Self::Complete => "DELETION_PROGRESS_COMPLETE",
                Self::Partial => "DELETION_PROGRESS_PARTIAL",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "DELETION_PROGRESS_UNSPECIFIED" => Some(Self::Unspecified),
                "DELETION_PROGRESS_COMPLETE" => Some(Self::Complete),
                "DELETION_PROGRESS_PARTIAL" => Some(Self::Partial),
                _ => None,
            }
        }
    }
}
/// CheckPermissionRequest issues a check on whether a subject has a permission
/// or is a member of a relation, on a specific resource.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckPermissionRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// resource is the resource on which to check the permission or relation.
    #[prost(message, optional, tag = "2")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// permission is the name of the permission (or relation) on which to execute
    /// the check.
    #[prost(string, tag = "3")]
    pub permission: ::prost::alloc::string::String,
    /// subject is the subject that will be checked for the permission or relation.
    #[prost(message, optional, tag = "4")]
    pub subject: ::core::option::Option<SubjectReference>,
    /// context consists of named values that are injected into the caveat evaluation context
    #[prost(message, optional, tag = "5")]
    pub context: ::core::option::Option<::prost_types::Struct>,
    /// with_tracing, if true, indicates that the response should include a debug trace.
    /// This can be useful for debugging and performance analysis, but adds a small amount
    /// of compute overhead to the request.
    #[prost(bool, tag = "6")]
    pub with_tracing: bool,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckPermissionResponse {
    #[prost(message, optional, tag = "1")]
    pub checked_at: ::core::option::Option<ZedToken>,
    /// Permissionship communicates whether or not the subject has the requested
    /// permission or has a relationship with the given resource, over the given
    /// relation.
    ///
    /// This value will be authzed.api.v1.PERMISSIONSHIP_HAS_PERMISSION if the
    /// requested subject is a member of the computed permission set or there
    /// exists a relationship with the requested relation from the given resource
    /// to the given subject.
    #[prost(enumeration = "check_permission_response::Permissionship", tag = "2")]
    pub permissionship: i32,
    /// partial_caveat_info holds information of a partially-evaluated caveated response
    #[prost(message, optional, tag = "3")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
    /// debug_trace is the debugging trace of this check, if requested.
    #[prost(message, optional, tag = "4")]
    pub debug_trace: ::core::option::Option<DebugInformation>,
    /// optional_expires_at is the time at which at least one of the relationships used to
    /// compute this result, expires (if any). This is *not* related to the caching window.
    #[prost(message, optional, tag = "5")]
    pub optional_expires_at: ::core::option::Option<::prost_types::Timestamp>,
}
/// Nested message and enum types in `CheckPermissionResponse`.
pub mod check_permission_response {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum Permissionship {
        Unspecified = 0,
        NoPermission = 1,
        HasPermission = 2,
        ConditionalPermission = 3,
    }
    impl Permissionship {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Self::Unspecified => "PERMISSIONSHIP_UNSPECIFIED",
                Self::NoPermission => "PERMISSIONSHIP_NO_PERMISSION",
                Self::HasPermission => "PERMISSIONSHIP_HAS_PERMISSION",
                Self::ConditionalPermission => "PERMISSIONSHIP_CONDITIONAL_PERMISSION",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified),
                "PERMISSIONSHIP_NO_PERMISSION" => Some(Self::NoPermission),
                "PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission),
                "PERMISSIONSHIP_CONDITIONAL_PERMISSION" => {
                    Some(Self::ConditionalPermission)
                }
                _ => None,
            }
        }
    }
}
/// CheckBulkPermissionsRequest issues a check on whether a subject has permission
/// or is a member of a relation on a specific resource for each item in the list.
///
/// The ordering of the items in the response is maintained in the response.
/// Checks with the same subject/permission will automatically be batched for performance optimization.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    #[prost(message, repeated, tag = "2")]
    pub items: ::prost::alloc::vec::Vec<CheckBulkPermissionsRequestItem>,
    /// with_tracing, if true, indicates that each response should include a debug trace.
    /// This can be useful for debugging and performance analysis, but adds a small amount
    /// of compute overhead to the request.
    #[prost(bool, tag = "3")]
    pub with_tracing: bool,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsRequestItem {
    #[prost(message, optional, tag = "1")]
    pub resource: ::core::option::Option<ObjectReference>,
    #[prost(string, tag = "2")]
    pub permission: ::prost::alloc::string::String,
    #[prost(message, optional, tag = "3")]
    pub subject: ::core::option::Option<SubjectReference>,
    #[prost(message, optional, tag = "4")]
    pub context: ::core::option::Option<::prost_types::Struct>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsResponse {
    #[prost(message, optional, tag = "1")]
    pub checked_at: ::core::option::Option<ZedToken>,
    #[prost(message, repeated, tag = "2")]
    pub pairs: ::prost::alloc::vec::Vec<CheckBulkPermissionsPair>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsPair {
    #[prost(message, optional, tag = "1")]
    pub request: ::core::option::Option<CheckBulkPermissionsRequestItem>,
    #[prost(oneof = "check_bulk_permissions_pair::Response", tags = "2, 3")]
    pub response: ::core::option::Option<check_bulk_permissions_pair::Response>,
}
/// Nested message and enum types in `CheckBulkPermissionsPair`.
pub mod check_bulk_permissions_pair {
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum Response {
        #[prost(message, tag = "2")]
        Item(super::CheckBulkPermissionsResponseItem),
        #[prost(message, tag = "3")]
        Error(super::super::super::super::google::rpc::Status),
    }
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct CheckBulkPermissionsResponseItem {
    #[prost(enumeration = "check_permission_response::Permissionship", tag = "1")]
    pub permissionship: i32,
    #[prost(message, optional, tag = "2")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
    /// debug_trace is the debugging trace of this check, if requested.
    #[prost(message, optional, tag = "3")]
    pub debug_trace: ::core::option::Option<DebugInformation>,
}
/// ExpandPermissionTreeRequest returns a tree representing the expansion of all
/// relationships found accessible from a permission or relation on a particular
/// resource.
///
/// ExpandPermissionTreeRequest is typically used to determine the full set of
/// subjects with a permission, along with the relationships that grant said
/// access.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ExpandPermissionTreeRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// resource is the resource over which to run the expansion.
    #[prost(message, optional, tag = "2")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// permission is the name of the permission or relation over which to run the
    /// expansion for the resource.
    #[prost(string, tag = "3")]
    pub permission: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ExpandPermissionTreeResponse {
    #[prost(message, optional, tag = "1")]
    pub expanded_at: ::core::option::Option<ZedToken>,
    /// tree_root is a tree structure whose leaf nodes are subjects, and
    /// intermediate nodes represent the various operations (union, intersection,
    /// exclusion) to reach those subjects.
    #[prost(message, optional, tag = "2")]
    pub tree_root: ::core::option::Option<PermissionRelationshipTree>,
}
/// LookupResourcesRequest performs a lookup of all resources of a particular
/// kind on which the subject has the specified permission or the relation in
/// which the subject exists, streaming back the IDs of those resources.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct LookupResourcesRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// resource_object_type is the type of resource object for which the IDs will
    /// be returned.
    #[prost(string, tag = "2")]
    pub resource_object_type: ::prost::alloc::string::String,
    /// permission is the name of the permission or relation for which the subject
    /// must Check.
    #[prost(string, tag = "3")]
    pub permission: ::prost::alloc::string::String,
    /// subject is the subject with access to the resources.
    #[prost(message, optional, tag = "4")]
    pub subject: ::core::option::Option<SubjectReference>,
    /// context consists of named values that are injected into the caveat evaluation context
    #[prost(message, optional, tag = "5")]
    pub context: ::core::option::Option<::prost_types::Struct>,
    /// optional_limit, if non-zero, specifies the limit on the number of resources to return
    /// before the stream is closed on the server side. By default, the stream will continue
    /// resolving resources until exhausted or the stream is closed due to the client or a
    /// network issue.
    #[prost(uint32, tag = "6")]
    pub optional_limit: u32,
    /// optional_cursor, if specified, indicates the cursor after which results should resume being returned.
    /// The cursor can be found on the LookupResourcesResponse object.
    #[prost(message, optional, tag = "7")]
    pub optional_cursor: ::core::option::Option<Cursor>,
}
/// LookupResourcesResponse contains a single matching resource object ID for the
/// requested object type, permission, and subject.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct LookupResourcesResponse {
    /// looked_up_at is the ZedToken at which the resource was found.
    #[prost(message, optional, tag = "1")]
    pub looked_up_at: ::core::option::Option<ZedToken>,
    /// resource_object_id is the object ID of the found resource.
    #[prost(string, tag = "2")]
    pub resource_object_id: ::prost::alloc::string::String,
    /// permissionship indicates whether the response was partially evaluated or not
    #[prost(enumeration = "LookupPermissionship", tag = "3")]
    pub permissionship: i32,
    /// partial_caveat_info holds information of a partially-evaluated caveated response
    #[prost(message, optional, tag = "4")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
    /// after_result_cursor holds a cursor that can be used to resume the LookupResources stream after this
    /// result.
    #[prost(message, optional, tag = "5")]
    pub after_result_cursor: ::core::option::Option<Cursor>,
}
/// LookupSubjectsRequest performs a lookup of all subjects of a particular
/// kind for which the subject has the specified permission or the relation in
/// which the subject exists, streaming back the IDs of those subjects.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct LookupSubjectsRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// resource is the resource for which all matching subjects for the permission
    /// or relation will be returned.
    #[prost(message, optional, tag = "2")]
    pub resource: ::core::option::Option<ObjectReference>,
    /// permission is the name of the permission (or relation) for which to find
    /// the subjects.
    #[prost(string, tag = "3")]
    pub permission: ::prost::alloc::string::String,
    /// subject_object_type is the type of subject object for which the IDs will
    /// be returned.
    #[prost(string, tag = "4")]
    pub subject_object_type: ::prost::alloc::string::String,
    /// optional_subject_relation is the optional relation for the subject.
    #[prost(string, tag = "5")]
    pub optional_subject_relation: ::prost::alloc::string::String,
    /// context consists of named values that are injected into the caveat evaluation context
    #[prost(message, optional, tag = "6")]
    pub context: ::core::option::Option<::prost_types::Struct>,
    /// optional_concrete_limit is currently unimplemented for LookupSubjects
    /// and will return an error as of SpiceDB version 1.40.1. This will
    /// be implemented in a future version of SpiceDB.
    #[prost(uint32, tag = "7")]
    pub optional_concrete_limit: u32,
    /// optional_cursor is currently unimplemented for LookupSubjects
    /// and will be ignored as of SpiceDB version 1.40.1. This will
    /// be implemented in a future version of SpiceDB.
    #[prost(message, optional, tag = "8")]
    pub optional_cursor: ::core::option::Option<Cursor>,
    /// wildcard_option specifies whether wildcards should be returned by LookupSubjects.
    /// For backwards compatibility, defaults to WILDCARD_OPTION_INCLUDE_WILDCARDS if unspecified.
    #[prost(enumeration = "lookup_subjects_request::WildcardOption", tag = "9")]
    pub wildcard_option: i32,
}
/// Nested message and enum types in `LookupSubjectsRequest`.
pub mod lookup_subjects_request {
    #[derive(
        Clone,
        Copy,
        Debug,
        PartialEq,
        Eq,
        Hash,
        PartialOrd,
        Ord,
        ::prost::Enumeration
    )]
    #[repr(i32)]
    pub enum WildcardOption {
        Unspecified = 0,
        IncludeWildcards = 1,
        ExcludeWildcards = 2,
    }
    impl WildcardOption {
        /// String value of the enum field names used in the ProtoBuf definition.
        ///
        /// The values are not transformed in any way and thus are considered stable
        /// (if the ProtoBuf definition does not change) and safe for programmatic use.
        pub fn as_str_name(&self) -> &'static str {
            match self {
                Self::Unspecified => "WILDCARD_OPTION_UNSPECIFIED",
                Self::IncludeWildcards => "WILDCARD_OPTION_INCLUDE_WILDCARDS",
                Self::ExcludeWildcards => "WILDCARD_OPTION_EXCLUDE_WILDCARDS",
            }
        }
        /// Creates an enum from field names used in the ProtoBuf definition.
        pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
            match value {
                "WILDCARD_OPTION_UNSPECIFIED" => Some(Self::Unspecified),
                "WILDCARD_OPTION_INCLUDE_WILDCARDS" => Some(Self::IncludeWildcards),
                "WILDCARD_OPTION_EXCLUDE_WILDCARDS" => Some(Self::ExcludeWildcards),
                _ => None,
            }
        }
    }
}
/// LookupSubjectsResponse contains a single matching subject object ID for the
/// requested subject object type on the permission or relation.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct LookupSubjectsResponse {
    #[prost(message, optional, tag = "1")]
    pub looked_up_at: ::core::option::Option<ZedToken>,
    /// subject_object_id is the Object ID of the subject found. May be a `*` if
    /// a wildcard was found.
    /// deprecated: use `subject`
    #[deprecated]
    #[prost(string, tag = "2")]
    pub subject_object_id: ::prost::alloc::string::String,
    /// excluded_subject_ids are the Object IDs of the subjects excluded. This list
    /// will only contain object IDs if `subject_object_id` is a wildcard (`*`) and
    /// will only be populated if exclusions exist from the wildcard.
    /// deprecated: use `excluded_subjects`
    #[deprecated]
    #[prost(string, repeated, tag = "3")]
    pub excluded_subject_ids: ::prost::alloc::vec::Vec<::prost::alloc::string::String>,
    /// permissionship indicates whether the response was partially evaluated or not
    /// deprecated: use `subject.permissionship`
    #[deprecated]
    #[prost(enumeration = "LookupPermissionship", tag = "4")]
    pub permissionship: i32,
    /// partial_caveat_info holds information of a partially-evaluated caveated response
    /// deprecated: use `subject.partial_caveat_info`
    #[deprecated]
    #[prost(message, optional, tag = "5")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
    /// subject is the subject found, along with its permissionship.
    #[prost(message, optional, tag = "6")]
    pub subject: ::core::option::Option<ResolvedSubject>,
    /// excluded_subjects are the subjects excluded. This list
    /// will only contain subjects if `subject.subject_object_id` is a wildcard (`*`) and
    /// will only be populated if exclusions exist from the wildcard.
    #[prost(message, repeated, tag = "7")]
    pub excluded_subjects: ::prost::alloc::vec::Vec<ResolvedSubject>,
    /// after_result_cursor holds a cursor that can be used to resume the LookupSubjects stream after this
    /// result.
    #[prost(message, optional, tag = "8")]
    pub after_result_cursor: ::core::option::Option<Cursor>,
}
/// ResolvedSubject is a single subject resolved within LookupSubjects.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ResolvedSubject {
    /// subject_object_id is the Object ID of the subject found. May be a `*` if
    /// a wildcard was found.
    #[prost(string, tag = "1")]
    pub subject_object_id: ::prost::alloc::string::String,
    /// permissionship indicates whether the response was partially evaluated or not
    #[prost(enumeration = "LookupPermissionship", tag = "2")]
    pub permissionship: i32,
    /// partial_caveat_info holds information of a partially-evaluated caveated response
    #[prost(message, optional, tag = "3")]
    pub partial_caveat_info: ::core::option::Option<PartialCaveatInfo>,
}
/// ImportBulkRelationshipsRequest represents one batch of the streaming
/// ImportBulkRelationships API. The maximum size is only limited by the backing
/// datastore, and optimal size should be determined by the calling client
/// experimentally. When ImportBulk is invoked and receives its first request message,
/// a transaction is opened to import the relationships. All requests sent to the same
/// invocation are executed under this single transaction. If a relationship already
/// exists within the datastore, the entire transaction will fail with an error.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ImportBulkRelationshipsRequest {
    #[prost(message, repeated, tag = "1")]
    pub relationships: ::prost::alloc::vec::Vec<Relationship>,
}
/// ImportBulkRelationshipsResponse is returned on successful completion of the
/// bulk load stream, and contains the total number of relationships loaded.
#[derive(Clone, Copy, PartialEq, ::prost::Message)]
pub struct ImportBulkRelationshipsResponse {
    #[prost(uint64, tag = "1")]
    pub num_loaded: u64,
}
/// ExportBulkRelationshipsRequest represents a resumable request for
/// all relationships from the server.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ExportBulkRelationshipsRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// optional_limit, if non-zero, specifies the limit on the number of
    /// relationships the server can return in one page. By default, the server
    /// will pick a page size, and the server is free to choose a smaller size
    /// at will.
    #[prost(uint32, tag = "2")]
    pub optional_limit: u32,
    /// optional_cursor, if specified, indicates the cursor after which results
    /// should resume being returned. The cursor can be found on the
    /// BulkExportRelationshipsResponse object.
    #[prost(message, optional, tag = "3")]
    pub optional_cursor: ::core::option::Option<Cursor>,
    /// optional_relationship_filter, if specified, indicates the
    /// filter to apply to each relationship to be exported.
    #[prost(message, optional, tag = "4")]
    pub optional_relationship_filter: ::core::option::Option<RelationshipFilter>,
}
/// ExportBulkRelationshipsResponse is one page in a stream of relationship
/// groups that meet the criteria specified by the originating request. The
/// server will continue to stream back relationship groups as quickly as it can
/// until all relationships have been transmitted back.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ExportBulkRelationshipsResponse {
    #[prost(message, optional, tag = "1")]
    pub after_result_cursor: ::core::option::Option<Cursor>,
    #[prost(message, repeated, tag = "2")]
    pub relationships: ::prost::alloc::vec::Vec<Relationship>,
}
/// LookupPermissionship represents whether a Lookup response was partially evaluated or not
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
#[repr(i32)]
pub enum LookupPermissionship {
    Unspecified = 0,
    HasPermission = 1,
    ConditionalPermission = 2,
}
impl LookupPermissionship {
    /// String value of the enum field names used in the ProtoBuf definition.
    ///
    /// The values are not transformed in any way and thus are considered stable
    /// (if the ProtoBuf definition does not change) and safe for programmatic use.
    pub fn as_str_name(&self) -> &'static str {
        match self {
            Self::Unspecified => "LOOKUP_PERMISSIONSHIP_UNSPECIFIED",
            Self::HasPermission => "LOOKUP_PERMISSIONSHIP_HAS_PERMISSION",
            Self::ConditionalPermission => "LOOKUP_PERMISSIONSHIP_CONDITIONAL_PERMISSION",
        }
    }
    /// Creates an enum from field names used in the ProtoBuf definition.
    pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
        match value {
            "LOOKUP_PERMISSIONSHIP_UNSPECIFIED" => Some(Self::Unspecified),
            "LOOKUP_PERMISSIONSHIP_HAS_PERMISSION" => Some(Self::HasPermission),
            "LOOKUP_PERMISSIONSHIP_CONDITIONAL_PERMISSION" => {
                Some(Self::ConditionalPermission)
            }
            _ => None,
        }
    }
}
/// Generated client implementations.
pub mod permissions_service_client {
    #![allow(
        unused_variables,
        dead_code,
        missing_docs,
        clippy::wildcard_imports,
        clippy::let_unit_value,
    )]
    use tonic::codegen::*;
    use tonic::codegen::http::Uri;
    /// PermissionsService implements a set of RPCs that perform operations on
    /// relationships and permissions.
    #[derive(Debug, Clone)]
    pub struct PermissionsServiceClient<T> {
        inner: tonic::client::Grpc<T>,
    }
    impl PermissionsServiceClient<tonic::transport::Channel> {
        /// Attempt to create a new client by connecting to a given endpoint.
        pub async fn connect<D>(dst: D) -> Result<Self, tonic::transport::Error>
        where
            D: TryInto<tonic::transport::Endpoint>,
            D::Error: Into<StdError>,
        {
            let conn = tonic::transport::Endpoint::new(dst)?.connect().await?;
            Ok(Self::new(conn))
        }
    }
    impl<T> PermissionsServiceClient<T>
    where
        T: tonic::client::GrpcService<tonic::body::BoxBody>,
        T::Error: Into<StdError>,
        T::ResponseBody: Body<Data = Bytes> + std::marker::Send + 'static,
        <T::ResponseBody as Body>::Error: Into<StdError> + std::marker::Send,
    {
        pub fn new(inner: T) -> Self {
            let inner = tonic::client::Grpc::new(inner);
            Self { inner }
        }
        pub fn with_origin(inner: T, origin: Uri) -> Self {
            let inner = tonic::client::Grpc::with_origin(inner, origin);
            Self { inner }
        }
        pub fn with_interceptor<F>(
            inner: T,
            interceptor: F,
        ) -> PermissionsServiceClient<InterceptedService<T, F>>
        where
            F: tonic::service::Interceptor,
            T::ResponseBody: Default,
            T: tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
                Response = http::Response<
                    <T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
                >,
            >,
            <T as tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
            >>::Error: Into<StdError> + std::marker::Send + std::marker::Sync,
        {
            PermissionsServiceClient::new(InterceptedService::new(inner, interceptor))
        }
        /// Compress requests with the given encoding.
        ///
        /// This requires the server to support it otherwise it might respond with an
        /// error.
        #[must_use]
        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.send_compressed(encoding);
            self
        }
        /// Enable decompressing responses.
        #[must_use]
        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.accept_compressed(encoding);
            self
        }
        /// Limits the maximum size of a decoded message.
        ///
        /// Default: `4MB`
        #[must_use]
        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_decoding_message_size(limit);
            self
        }
        /// Limits the maximum size of an encoded message.
        ///
        /// Default: `usize::MAX`
        #[must_use]
        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_encoding_message_size(limit);
            self
        }
        /// ReadRelationships reads a set of the relationships matching one or more
        /// filters.
        pub async fn read_relationships(
            &mut self,
            request: impl tonic::IntoRequest<super::ReadRelationshipsRequest>,
        ) -> std::result::Result<
            tonic::Response<tonic::codec::Streaming<super::ReadRelationshipsResponse>>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/ReadRelationships",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "ReadRelationships",
                    ),
                );
            self.inner.server_streaming(req, path, codec).await
        }
        /// WriteRelationships atomically writes and/or deletes a set of specified
        /// relationships. An optional set of preconditions can be provided that must
        /// be satisfied for the operation to commit.
        pub async fn write_relationships(
            &mut self,
            request: impl tonic::IntoRequest<super::WriteRelationshipsRequest>,
        ) -> std::result::Result<
            tonic::Response<super::WriteRelationshipsResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/WriteRelationships",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "WriteRelationships",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// DeleteRelationships atomically bulk deletes all relationships matching the
        /// provided filter. If no relationships match, none will be deleted and the
        /// operation will succeed. An optional set of preconditions can be provided that must
        /// be satisfied for the operation to commit.
        pub async fn delete_relationships(
            &mut self,
            request: impl tonic::IntoRequest<super::DeleteRelationshipsRequest>,
        ) -> std::result::Result<
            tonic::Response<super::DeleteRelationshipsResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/DeleteRelationships",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "DeleteRelationships",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// CheckPermission determines for a given resource whether a subject computes
        /// to having a permission or is a direct member of a particular relation.
        pub async fn check_permission(
            &mut self,
            request: impl tonic::IntoRequest<super::CheckPermissionRequest>,
        ) -> std::result::Result<
            tonic::Response<super::CheckPermissionResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/CheckPermission",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "CheckPermission",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// CheckBulkPermissions evaluates the given list of permission checks
        /// and returns the list of results.
        pub async fn check_bulk_permissions(
            &mut self,
            request: impl tonic::IntoRequest<super::CheckBulkPermissionsRequest>,
        ) -> std::result::Result<
            tonic::Response<super::CheckBulkPermissionsResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/CheckBulkPermissions",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "CheckBulkPermissions",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// ExpandPermissionTree reveals the graph structure for a resource's
        /// permission or relation. This RPC does not recurse infinitely deep and may
        /// require multiple calls to fully unnest a deeply nested graph.
        pub async fn expand_permission_tree(
            &mut self,
            request: impl tonic::IntoRequest<super::ExpandPermissionTreeRequest>,
        ) -> std::result::Result<
            tonic::Response<super::ExpandPermissionTreeResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/ExpandPermissionTree",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "ExpandPermissionTree",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// LookupResources returns all the resources of a given type that a subject
        /// can access whether via a computed permission or relation membership.
        pub async fn lookup_resources(
            &mut self,
            request: impl tonic::IntoRequest<super::LookupResourcesRequest>,
        ) -> std::result::Result<
            tonic::Response<tonic::codec::Streaming<super::LookupResourcesResponse>>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/LookupResources",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "LookupResources",
                    ),
                );
            self.inner.server_streaming(req, path, codec).await
        }
        /// LookupSubjects returns all the subjects of a given type that
        /// have access whether via a computed permission or relation membership.
        pub async fn lookup_subjects(
            &mut self,
            request: impl tonic::IntoRequest<super::LookupSubjectsRequest>,
        ) -> std::result::Result<
            tonic::Response<tonic::codec::Streaming<super::LookupSubjectsResponse>>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/LookupSubjects",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "LookupSubjects",
                    ),
                );
            self.inner.server_streaming(req, path, codec).await
        }
        /// ImportBulkRelationships is a faster path to writing a large number of
        /// relationships at once. It is both batched and streaming. For maximum
        /// performance, the caller should attempt to write relationships in as close
        /// to relationship sort order as possible: (resource.object_type,
        /// resource.object_id, relation, subject.object.object_type,
        /// subject.object.object_id, subject.optional_relation). All relationships
        /// written are done so under a single transaction.
        pub async fn import_bulk_relationships(
            &mut self,
            request: impl tonic::IntoStreamingRequest<
                Message = super::ImportBulkRelationshipsRequest,
            >,
        ) -> std::result::Result<
            tonic::Response<super::ImportBulkRelationshipsResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/ImportBulkRelationships",
            );
            let mut req = request.into_streaming_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "ImportBulkRelationships",
                    ),
                );
            self.inner.client_streaming(req, path, codec).await
        }
        /// ExportBulkRelationships is the fastest path available to exporting
        /// relationships from the server. It is resumable, and will return results
        /// in an order determined by the server.
        pub async fn export_bulk_relationships(
            &mut self,
            request: impl tonic::IntoRequest<super::ExportBulkRelationshipsRequest>,
        ) -> std::result::Result<
            tonic::Response<
                tonic::codec::Streaming<super::ExportBulkRelationshipsResponse>,
            >,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.PermissionsService/ExportBulkRelationships",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.PermissionsService",
                        "ExportBulkRelationships",
                    ),
                );
            self.inner.server_streaming(req, path, codec).await
        }
    }
}
/// ReadSchemaRequest returns the schema from the database.
#[derive(Clone, Copy, PartialEq, ::prost::Message)]
pub struct ReadSchemaRequest {}
/// ReadSchemaResponse is the resulting data after having read the Object
/// Definitions from a Schema.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReadSchemaResponse {
    /// schema_text is the textual form of the current schema in the system
    #[prost(string, tag = "1")]
    pub schema_text: ::prost::alloc::string::String,
    /// read_at is the ZedToken at which the schema was read.
    #[prost(message, optional, tag = "2")]
    pub read_at: ::core::option::Option<ZedToken>,
}
/// WriteSchemaRequest is the required data used to "upsert" the Schema of a
/// Permissions System.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WriteSchemaRequest {
    /// The Schema containing one or more Object Definitions that will be written
    /// to the Permissions System.
    ///
    /// 4MiB
    #[prost(string, tag = "1")]
    pub schema: ::prost::alloc::string::String,
}
/// WriteSchemaResponse is the resulting data after having written a Schema to
/// a Permissions System.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WriteSchemaResponse {
    /// written_at is the ZedToken at which the schema was written.
    #[prost(message, optional, tag = "1")]
    pub written_at: ::core::option::Option<ZedToken>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectSchemaRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    /// optional_filters defines optional filters that are applied in
    /// an OR fashion to the schema, before being returned
    #[prost(message, repeated, tag = "2")]
    pub optional_filters: ::prost::alloc::vec::Vec<ReflectionSchemaFilter>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectSchemaResponse {
    /// definitions are the definitions defined in the schema.
    #[prost(message, repeated, tag = "1")]
    pub definitions: ::prost::alloc::vec::Vec<ReflectionDefinition>,
    /// caveats are the caveats defined in the schema.
    #[prost(message, repeated, tag = "2")]
    pub caveats: ::prost::alloc::vec::Vec<ReflectionCaveat>,
    /// read_at is the ZedToken at which the schema was read.
    #[prost(message, optional, tag = "3")]
    pub read_at: ::core::option::Option<ZedToken>,
}
/// ReflectionSchemaFilter is a filter that can be applied to the schema on reflection.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionSchemaFilter {
    /// optional_definition_name_filter is a prefix that is matched against the definition name.
    #[prost(string, tag = "1")]
    pub optional_definition_name_filter: ::prost::alloc::string::String,
    /// optional_caveat_name_filter is a prefix that is matched against the caveat name.
    #[prost(string, tag = "2")]
    pub optional_caveat_name_filter: ::prost::alloc::string::String,
    /// optional_relation_name_filter is a prefix that is matched against the relation name.
    #[prost(string, tag = "3")]
    pub optional_relation_name_filter: ::prost::alloc::string::String,
    /// optional_permission_name_filter is a prefix that is matched against the permission name.
    #[prost(string, tag = "4")]
    pub optional_permission_name_filter: ::prost::alloc::string::String,
}
/// ReflectionDefinition is the representation of a definition in the schema.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionDefinition {
    #[prost(string, tag = "1")]
    pub name: ::prost::alloc::string::String,
    /// comment is a human-readable comments on the definition. Will include
    /// delimiter characters.
    #[prost(string, tag = "2")]
    pub comment: ::prost::alloc::string::String,
    #[prost(message, repeated, tag = "3")]
    pub relations: ::prost::alloc::vec::Vec<ReflectionRelation>,
    #[prost(message, repeated, tag = "4")]
    pub permissions: ::prost::alloc::vec::Vec<ReflectionPermission>,
}
/// ReflectionCaveat is the representation of a caveat in the schema.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionCaveat {
    #[prost(string, tag = "1")]
    pub name: ::prost::alloc::string::String,
    /// comment is a human-readable comments on the caveat. Will include
    /// delimiter characters.
    #[prost(string, tag = "2")]
    pub comment: ::prost::alloc::string::String,
    #[prost(message, repeated, tag = "3")]
    pub parameters: ::prost::alloc::vec::Vec<ReflectionCaveatParameter>,
    #[prost(string, tag = "4")]
    pub expression: ::prost::alloc::string::String,
}
/// ReflectionCaveatParameter is the representation of a parameter in a caveat.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionCaveatParameter {
    #[prost(string, tag = "1")]
    pub name: ::prost::alloc::string::String,
    /// type is the type of the parameter. Will be a string representing the
    /// type, e.g. `int` or `list<string>`
    #[prost(string, tag = "2")]
    pub r#type: ::prost::alloc::string::String,
    #[prost(string, tag = "3")]
    pub parent_caveat_name: ::prost::alloc::string::String,
}
/// ReflectionRelation is the representation of a relation in the schema.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionRelation {
    #[prost(string, tag = "1")]
    pub name: ::prost::alloc::string::String,
    #[prost(string, tag = "2")]
    pub comment: ::prost::alloc::string::String,
    #[prost(string, tag = "3")]
    pub parent_definition_name: ::prost::alloc::string::String,
    #[prost(message, repeated, tag = "4")]
    pub subject_types: ::prost::alloc::vec::Vec<ReflectionTypeReference>,
}
/// ReflectionTypeReference is the representation of a type reference in the schema.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionTypeReference {
    /// subject_definition_name is the name of the subject's definition.
    #[prost(string, tag = "1")]
    pub subject_definition_name: ::prost::alloc::string::String,
    /// optional_caveat_name is the name of the caveat that is applied to the subject, if any.
    #[prost(string, tag = "2")]
    pub optional_caveat_name: ::prost::alloc::string::String,
    #[prost(oneof = "reflection_type_reference::Typeref", tags = "3, 4, 5")]
    pub typeref: ::core::option::Option<reflection_type_reference::Typeref>,
}
/// Nested message and enum types in `ReflectionTypeReference`.
pub mod reflection_type_reference {
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum Typeref {
        /// is_terminal_subject is true if the subject is terminal, meaning it is referenced directly vs a sub-relation.
        #[prost(bool, tag = "3")]
        IsTerminalSubject(bool),
        /// optional_relation_name is the name of the relation that is applied to the subject, if any.
        #[prost(string, tag = "4")]
        OptionalRelationName(::prost::alloc::string::String),
        /// is_public_wildcard is true if the subject is a public wildcard.
        #[prost(bool, tag = "5")]
        IsPublicWildcard(bool),
    }
}
/// ReflectionPermission is the representation of a permission in the schema.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionPermission {
    #[prost(string, tag = "1")]
    pub name: ::prost::alloc::string::String,
    /// comment is a human-readable comments on the permission. Will include
    /// delimiter characters.
    #[prost(string, tag = "2")]
    pub comment: ::prost::alloc::string::String,
    #[prost(string, tag = "3")]
    pub parent_definition_name: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ComputablePermissionsRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    #[prost(string, tag = "2")]
    pub definition_name: ::prost::alloc::string::String,
    #[prost(string, tag = "3")]
    pub relation_name: ::prost::alloc::string::String,
    /// optional_definition_name_match is a prefix that is matched against the definition name(s)
    /// for the permissions returned.
    /// If not specified, will be ignored.
    #[prost(string, tag = "4")]
    pub optional_definition_name_filter: ::prost::alloc::string::String,
}
/// ReflectionRelationReference is a reference to a relation or permission in the schema.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionRelationReference {
    #[prost(string, tag = "1")]
    pub definition_name: ::prost::alloc::string::String,
    #[prost(string, tag = "2")]
    pub relation_name: ::prost::alloc::string::String,
    #[prost(bool, tag = "3")]
    pub is_permission: bool,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ComputablePermissionsResponse {
    #[prost(message, repeated, tag = "1")]
    pub permissions: ::prost::alloc::vec::Vec<ReflectionRelationReference>,
    /// read_at is the ZedToken at which the schema was read.
    #[prost(message, optional, tag = "2")]
    pub read_at: ::core::option::Option<ZedToken>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DependentRelationsRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    #[prost(string, tag = "2")]
    pub definition_name: ::prost::alloc::string::String,
    #[prost(string, tag = "3")]
    pub permission_name: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DependentRelationsResponse {
    #[prost(message, repeated, tag = "1")]
    pub relations: ::prost::alloc::vec::Vec<ReflectionRelationReference>,
    /// read_at is the ZedToken at which the schema was read.
    #[prost(message, optional, tag = "2")]
    pub read_at: ::core::option::Option<ZedToken>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DiffSchemaRequest {
    #[prost(message, optional, tag = "1")]
    pub consistency: ::core::option::Option<Consistency>,
    #[prost(string, tag = "2")]
    pub comparison_schema: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DiffSchemaResponse {
    #[prost(message, repeated, tag = "1")]
    pub diffs: ::prost::alloc::vec::Vec<ReflectionSchemaDiff>,
    /// read_at is the ZedToken at which the schema was read.
    #[prost(message, optional, tag = "2")]
    pub read_at: ::core::option::Option<ZedToken>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionRelationSubjectTypeChange {
    #[prost(message, optional, tag = "1")]
    pub relation: ::core::option::Option<ReflectionRelation>,
    #[prost(message, optional, tag = "2")]
    pub changed_subject_type: ::core::option::Option<ReflectionTypeReference>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionCaveatParameterTypeChange {
    #[prost(message, optional, tag = "1")]
    pub parameter: ::core::option::Option<ReflectionCaveatParameter>,
    #[prost(string, tag = "2")]
    pub previous_type: ::prost::alloc::string::String,
}
/// ReflectionSchemaDiff is the representation of a diff between two schemas.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ReflectionSchemaDiff {
    #[prost(
        oneof = "reflection_schema_diff::Diff",
        tags = "1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19"
    )]
    pub diff: ::core::option::Option<reflection_schema_diff::Diff>,
}
/// Nested message and enum types in `ReflectionSchemaDiff`.
pub mod reflection_schema_diff {
    #[derive(Clone, PartialEq, ::prost::Oneof)]
    pub enum Diff {
        #[prost(message, tag = "1")]
        DefinitionAdded(super::ReflectionDefinition),
        #[prost(message, tag = "2")]
        DefinitionRemoved(super::ReflectionDefinition),
        #[prost(message, tag = "3")]
        DefinitionDocCommentChanged(super::ReflectionDefinition),
        #[prost(message, tag = "4")]
        RelationAdded(super::ReflectionRelation),
        #[prost(message, tag = "5")]
        RelationRemoved(super::ReflectionRelation),
        #[prost(message, tag = "6")]
        RelationDocCommentChanged(super::ReflectionRelation),
        #[prost(message, tag = "7")]
        RelationSubjectTypeAdded(super::ReflectionRelationSubjectTypeChange),
        #[prost(message, tag = "8")]
        RelationSubjectTypeRemoved(super::ReflectionRelationSubjectTypeChange),
        #[prost(message, tag = "9")]
        PermissionAdded(super::ReflectionPermission),
        #[prost(message, tag = "10")]
        PermissionRemoved(super::ReflectionPermission),
        #[prost(message, tag = "11")]
        PermissionDocCommentChanged(super::ReflectionPermission),
        #[prost(message, tag = "12")]
        PermissionExprChanged(super::ReflectionPermission),
        #[prost(message, tag = "13")]
        CaveatAdded(super::ReflectionCaveat),
        #[prost(message, tag = "14")]
        CaveatRemoved(super::ReflectionCaveat),
        #[prost(message, tag = "15")]
        CaveatDocCommentChanged(super::ReflectionCaveat),
        #[prost(message, tag = "16")]
        CaveatExprChanged(super::ReflectionCaveat),
        #[prost(message, tag = "17")]
        CaveatParameterAdded(super::ReflectionCaveatParameter),
        #[prost(message, tag = "18")]
        CaveatParameterRemoved(super::ReflectionCaveatParameter),
        #[prost(message, tag = "19")]
        CaveatParameterTypeChanged(super::ReflectionCaveatParameterTypeChange),
    }
}
/// Generated client implementations.
pub mod schema_service_client {
    #![allow(
        unused_variables,
        dead_code,
        missing_docs,
        clippy::wildcard_imports,
        clippy::let_unit_value,
    )]
    use tonic::codegen::*;
    use tonic::codegen::http::Uri;
    /// SchemaService implements operations on a Permissions System's Schema.
    #[derive(Debug, Clone)]
    pub struct SchemaServiceClient<T> {
        inner: tonic::client::Grpc<T>,
    }
    impl SchemaServiceClient<tonic::transport::Channel> {
        /// Attempt to create a new client by connecting to a given endpoint.
        pub async fn connect<D>(dst: D) -> Result<Self, tonic::transport::Error>
        where
            D: TryInto<tonic::transport::Endpoint>,
            D::Error: Into<StdError>,
        {
            let conn = tonic::transport::Endpoint::new(dst)?.connect().await?;
            Ok(Self::new(conn))
        }
    }
    impl<T> SchemaServiceClient<T>
    where
        T: tonic::client::GrpcService<tonic::body::BoxBody>,
        T::Error: Into<StdError>,
        T::ResponseBody: Body<Data = Bytes> + std::marker::Send + 'static,
        <T::ResponseBody as Body>::Error: Into<StdError> + std::marker::Send,
    {
        pub fn new(inner: T) -> Self {
            let inner = tonic::client::Grpc::new(inner);
            Self { inner }
        }
        pub fn with_origin(inner: T, origin: Uri) -> Self {
            let inner = tonic::client::Grpc::with_origin(inner, origin);
            Self { inner }
        }
        pub fn with_interceptor<F>(
            inner: T,
            interceptor: F,
        ) -> SchemaServiceClient<InterceptedService<T, F>>
        where
            F: tonic::service::Interceptor,
            T::ResponseBody: Default,
            T: tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
                Response = http::Response<
                    <T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
                >,
            >,
            <T as tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
            >>::Error: Into<StdError> + std::marker::Send + std::marker::Sync,
        {
            SchemaServiceClient::new(InterceptedService::new(inner, interceptor))
        }
        /// Compress requests with the given encoding.
        ///
        /// This requires the server to support it otherwise it might respond with an
        /// error.
        #[must_use]
        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.send_compressed(encoding);
            self
        }
        /// Enable decompressing responses.
        #[must_use]
        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.accept_compressed(encoding);
            self
        }
        /// Limits the maximum size of a decoded message.
        ///
        /// Default: `4MB`
        #[must_use]
        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_decoding_message_size(limit);
            self
        }
        /// Limits the maximum size of an encoded message.
        ///
        /// Default: `usize::MAX`
        #[must_use]
        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_encoding_message_size(limit);
            self
        }
        /// Read returns the current Object Definitions for a Permissions System.
        ///
        /// Errors include:
        /// - INVALID_ARGUMENT: a provided value has failed to semantically validate
        /// - NOT_FOUND: no schema has been defined
        pub async fn read_schema(
            &mut self,
            request: impl tonic::IntoRequest<super::ReadSchemaRequest>,
        ) -> std::result::Result<
            tonic::Response<super::ReadSchemaResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.SchemaService/ReadSchema",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(GrpcMethod::new("authzed.api.v1.SchemaService", "ReadSchema"));
            self.inner.unary(req, path, codec).await
        }
        /// Write overwrites the current Object Definitions for a Permissions System.
        pub async fn write_schema(
            &mut self,
            request: impl tonic::IntoRequest<super::WriteSchemaRequest>,
        ) -> std::result::Result<
            tonic::Response<super::WriteSchemaResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.SchemaService/WriteSchema",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(GrpcMethod::new("authzed.api.v1.SchemaService", "WriteSchema"));
            self.inner.unary(req, path, codec).await
        }
        /// ReflectSchema reflects the current schema stored in SpiceDB, returning a structural
        /// form of the schema for use by client tooling.
        pub async fn reflect_schema(
            &mut self,
            request: impl tonic::IntoRequest<super::ReflectSchemaRequest>,
        ) -> std::result::Result<
            tonic::Response<super::ReflectSchemaResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.SchemaService/ReflectSchema",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new("authzed.api.v1.SchemaService", "ReflectSchema"),
                );
            self.inner.unary(req, path, codec).await
        }
        /// ComputablePermissions returns the set of permissions that compute based off a relation
        /// in the current schema. For example, if the schema has a relation `viewer` and a permission
        /// `view` defined as `permission view = viewer + editor`, then the
        /// computable permissions for the relation `viewer` will include `view`.
        pub async fn computable_permissions(
            &mut self,
            request: impl tonic::IntoRequest<super::ComputablePermissionsRequest>,
        ) -> std::result::Result<
            tonic::Response<super::ComputablePermissionsResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.SchemaService/ComputablePermissions",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new(
                        "authzed.api.v1.SchemaService",
                        "ComputablePermissions",
                    ),
                );
            self.inner.unary(req, path, codec).await
        }
        /// DependentRelations returns the set of relations and permissions that used
        /// to compute a permission, recursively, in the current schema. It is the
        /// inverse of the ComputablePermissions API.
        pub async fn dependent_relations(
            &mut self,
            request: impl tonic::IntoRequest<super::DependentRelationsRequest>,
        ) -> std::result::Result<
            tonic::Response<super::DependentRelationsResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.SchemaService/DependentRelations",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(
                    GrpcMethod::new("authzed.api.v1.SchemaService", "DependentRelations"),
                );
            self.inner.unary(req, path, codec).await
        }
        /// DiffSchema returns the difference between the specified schema and the current
        /// schema stored in SpiceDB.
        pub async fn diff_schema(
            &mut self,
            request: impl tonic::IntoRequest<super::DiffSchemaRequest>,
        ) -> std::result::Result<
            tonic::Response<super::DiffSchemaResponse>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.SchemaService/DiffSchema",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(GrpcMethod::new("authzed.api.v1.SchemaService", "DiffSchema"));
            self.inner.unary(req, path, codec).await
        }
    }
}
/// WatchRequest specifies what mutations to watch for, and an optional start point for when to start
/// watching.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WatchRequest {
    /// optional_object_types is a filter of resource object types to watch for relationship changes.
    /// If specified, only changes to the specified object types will be returned and
    /// optional_relationship_filters cannot be used.
    #[prost(string, repeated, tag = "1")]
    pub optional_object_types: ::prost::alloc::vec::Vec<::prost::alloc::string::String>,
    /// optional_start_cursor is the ZedToken holding the point-in-time at
    /// which to start watching for changes.
    /// If not specified, the watch will start from the current SpiceDB revision time of the request ("head revision").
    /// Note that if this cursor references a point-in-time containing data
    /// that has been garbage collected, an error will be returned.
    #[prost(message, optional, tag = "2")]
    pub optional_start_cursor: ::core::option::Option<ZedToken>,
    /// optional_relationship_filters, if specified, indicates the
    /// filter(s) to apply to each relationship to be returned by watch.
    /// The relationship will be returned as long as at least one filter matches,
    /// this allows clients to match relationships on multiple filters on a single watch call.
    /// If specified, optional_object_types cannot be used.
    #[prost(message, repeated, tag = "3")]
    pub optional_relationship_filters: ::prost::alloc::vec::Vec<RelationshipFilter>,
    /// optional_update_kinds, if specified, indicates what kinds of mutations to include.
    /// If your SpiceDB instance is running behind a proxy that aborts idle connections,
    /// we recommend including Checkpoints to keep the stream alive even when there are no changes.
    #[prost(enumeration = "WatchKind", repeated, tag = "4")]
    pub optional_update_kinds: ::prost::alloc::vec::Vec<i32>,
}
/// WatchResponse contains all mutation events in ascending timestamp order.
/// This excludes relationships that were deleted because they expired.
/// The response includes a field that can be used to resume
/// watching from that point.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct WatchResponse {
    /// updates are the RelationshipUpdate events that have occurred since the
    /// call was made, or since the point in time specified by changes_through.
    #[prost(message, repeated, tag = "1")]
    pub updates: ::prost::alloc::vec::Vec<RelationshipUpdate>,
    /// changes_through is the ZedToken that represents the point in time
    /// that the watch response is current through. This token can be used
    /// in a subsequent WatchRequest to resume watching from this point.
    #[prost(message, optional, tag = "2")]
    pub changes_through: ::core::option::Option<ZedToken>,
    /// optional_transaction_metadata is an optional field that returns the transaction metadata
    /// given to SpiceDB during the transaction that produced the changes in this response.
    /// This field may not exist if no transaction metadata was provided, or if multiple pieces
    /// of metadata were found during the transaction (in which case it is ambiguous which to return).
    #[prost(message, optional, tag = "3")]
    pub optional_transaction_metadata: ::core::option::Option<::prost_types::Struct>,
    /// schema_updated, if true, indicates that the schema was changed in this revision.
    #[prost(bool, tag = "4")]
    pub schema_updated: bool,
    /// is_checkpoint, if true, indicates that a checkpoint was reached.
    /// A checkpoint indicates that the server guarantees that the client
    /// will not observe any changes at a revision below or equal to the revision in this response.
    #[prost(bool, tag = "5")]
    pub is_checkpoint: bool,
    /// full_revision_metadata contains all transaction metadata given to SpiceDB during the
    /// revision that produced the changes in this response. Some datastores (such as CockroachDB)
    /// can "merge" multiple transactions into a single revision (if the changes occurred concurrently),
    /// so this field is a list of all transaction metadata seen during the revision.
    #[prost(message, repeated, tag = "6")]
    pub full_revision_metadata: ::prost::alloc::vec::Vec<::prost_types::Struct>,
}
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
#[repr(i32)]
pub enum WatchKind {
    /// Default, just relationship updates (for backwards compatibility)
    Unspecified = 0,
    IncludeRelationshipUpdates = 1,
    IncludeSchemaUpdates = 2,
    IncludeCheckpoints = 3,
}
impl WatchKind {
    /// String value of the enum field names used in the ProtoBuf definition.
    ///
    /// The values are not transformed in any way and thus are considered stable
    /// (if the ProtoBuf definition does not change) and safe for programmatic use.
    pub fn as_str_name(&self) -> &'static str {
        match self {
            Self::Unspecified => "WATCH_KIND_UNSPECIFIED",
            Self::IncludeRelationshipUpdates => "WATCH_KIND_INCLUDE_RELATIONSHIP_UPDATES",
            Self::IncludeSchemaUpdates => "WATCH_KIND_INCLUDE_SCHEMA_UPDATES",
            Self::IncludeCheckpoints => "WATCH_KIND_INCLUDE_CHECKPOINTS",
        }
    }
    /// Creates an enum from field names used in the ProtoBuf definition.
    pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
        match value {
            "WATCH_KIND_UNSPECIFIED" => Some(Self::Unspecified),
            "WATCH_KIND_INCLUDE_RELATIONSHIP_UPDATES" => {
                Some(Self::IncludeRelationshipUpdates)
            }
            "WATCH_KIND_INCLUDE_SCHEMA_UPDATES" => Some(Self::IncludeSchemaUpdates),
            "WATCH_KIND_INCLUDE_CHECKPOINTS" => Some(Self::IncludeCheckpoints),
            _ => None,
        }
    }
}
/// Generated client implementations.
pub mod watch_service_client {
    #![allow(
        unused_variables,
        dead_code,
        missing_docs,
        clippy::wildcard_imports,
        clippy::let_unit_value,
    )]
    use tonic::codegen::*;
    use tonic::codegen::http::Uri;
    #[derive(Debug, Clone)]
    pub struct WatchServiceClient<T> {
        inner: tonic::client::Grpc<T>,
    }
    impl WatchServiceClient<tonic::transport::Channel> {
        /// Attempt to create a new client by connecting to a given endpoint.
        pub async fn connect<D>(dst: D) -> Result<Self, tonic::transport::Error>
        where
            D: TryInto<tonic::transport::Endpoint>,
            D::Error: Into<StdError>,
        {
            let conn = tonic::transport::Endpoint::new(dst)?.connect().await?;
            Ok(Self::new(conn))
        }
    }
    impl<T> WatchServiceClient<T>
    where
        T: tonic::client::GrpcService<tonic::body::BoxBody>,
        T::Error: Into<StdError>,
        T::ResponseBody: Body<Data = Bytes> + std::marker::Send + 'static,
        <T::ResponseBody as Body>::Error: Into<StdError> + std::marker::Send,
    {
        pub fn new(inner: T) -> Self {
            let inner = tonic::client::Grpc::new(inner);
            Self { inner }
        }
        pub fn with_origin(inner: T, origin: Uri) -> Self {
            let inner = tonic::client::Grpc::with_origin(inner, origin);
            Self { inner }
        }
        pub fn with_interceptor<F>(
            inner: T,
            interceptor: F,
        ) -> WatchServiceClient<InterceptedService<T, F>>
        where
            F: tonic::service::Interceptor,
            T::ResponseBody: Default,
            T: tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
                Response = http::Response<
                    <T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
                >,
            >,
            <T as tonic::codegen::Service<
                http::Request<tonic::body::BoxBody>,
            >>::Error: Into<StdError> + std::marker::Send + std::marker::Sync,
        {
            WatchServiceClient::new(InterceptedService::new(inner, interceptor))
        }
        /// Compress requests with the given encoding.
        ///
        /// This requires the server to support it otherwise it might respond with an
        /// error.
        #[must_use]
        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.send_compressed(encoding);
            self
        }
        /// Enable decompressing responses.
        #[must_use]
        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
            self.inner = self.inner.accept_compressed(encoding);
            self
        }
        /// Limits the maximum size of a decoded message.
        ///
        /// Default: `4MB`
        #[must_use]
        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_decoding_message_size(limit);
            self
        }
        /// Limits the maximum size of an encoded message.
        ///
        /// Default: `usize::MAX`
        #[must_use]
        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
            self.inner = self.inner.max_encoding_message_size(limit);
            self
        }
        /// Watch returns a stream of events that occurred in the datastore in ascending timestamp order.
        /// The events can be relationship updates, schema updates, or checkpoints.
        pub async fn watch(
            &mut self,
            request: impl tonic::IntoRequest<super::WatchRequest>,
        ) -> std::result::Result<
            tonic::Response<tonic::codec::Streaming<super::WatchResponse>>,
            tonic::Status,
        > {
            self.inner
                .ready()
                .await
                .map_err(|e| {
                    tonic::Status::unknown(
                        format!("Service was not ready: {}", e.into()),
                    )
                })?;
            let codec = tonic::codec::ProstCodec::default();
            let path = http::uri::PathAndQuery::from_static(
                "/authzed.api.v1.WatchService/Watch",
            );
            let mut req = request.into_request();
            req.extensions_mut()
                .insert(GrpcMethod::new("authzed.api.v1.WatchService", "Watch"));
            self.inner.server_streaming(req, path, codec).await
        }
    }
}