xref: /aosp_15_r20/external/googleapis/google/apps/drive/labels/v2/label_permission.proto (revision d5c09012810ac0c9f33fe448fb6da8260d444cc9) 
1// Copyright 2023 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15syntax = "proto3";
16
17package google.apps.drive.labels.v2;
18
19import "google/api/resource.proto";
20
21option go_package = "google.golang.org/genproto/googleapis/apps/drive/labels/v2;labels";
22option java_multiple_files = true;
23option java_outer_classname = "LabelPermissionProto";
24option java_package = "com.google.apps.drive.labels.v2";
25option objc_class_prefix = "DLBL";
26option (google.api.resource_definition) = {
27  type: "groups.googleapis.com/Group"
28  pattern: "groups/{group}"
29};
30
31// The permission that applies to a principal (user, group, audience) on a
32// label.
33message LabelPermission {
34  option (google.api.resource) = {
35    type: "drivelabels.googleapis.com/LabelPermission"
36    pattern: "labels/{label}/permissions/{permission}"
37  };
38
39  // Roles are concentric with subsequent role.
40  enum LabelRole {
41    // Unknown role.
42    LABEL_ROLE_UNSPECIFIED = 0;
43
44    // A reader can read the label and associated metadata applied to Drive
45    // items.
46    READER = 1;
47
48    // An applier can write associated metadata on Drive items in which they
49    // also have write access to. Implies `READER`.
50    APPLIER = 2;
51
52    // An organizer can pin this label in shared drives they manage
53    // and add new appliers to the label.
54    ORGANIZER = 3;
55
56    // Editors can make any update including deleting the label which
57    // also deletes the associated Drive item metadata. Implies `APPLIER`.
58    EDITOR = 4;
59  }
60
61  // The principal this permission applies to. Must be either an email, user,
62  // group, or audience.
63  // Example:
64  // * people/12345
65  // * groups/45678
66  // * audiences/default
67  oneof principal {
68    // Person resource name.
69    string person = 3 [
70      (google.api.resource_reference) = { type: "people.googleapis.com/Person" }
71    ];
72
73    // Group resource name.
74    string group = 4 [
75      (google.api.resource_reference) = { type: "groups.googleapis.com/Group" }
76    ];
77
78    // Audience to grant a role to. The magic value of `audiences/default` may
79    // be used to apply the role to the default audience in the context of the
80    // organization that owns the Label.
81    string audience = 5;
82  }
83
84  // Resource name of this permission.
85  string name = 1;
86
87  // Specifies the email address for a user or group pricinpal. Not populated
88  // for audience principals. User and Group permissions may only be inserted
89  // using email address. On update requests, if email address is specified,
90  // no principal should be specified.
91  string email = 2;
92
93  // The role the principal should have.
94  LabelRole role = 6;
95}
96