syntax = "proto3";

package yandex.cloud.mdb.sqlserver.v1;

import "google/api/annotations.proto";
import "google/protobuf/field_mask.proto";
import "yandex/cloud/api/operation.proto";
import "yandex/cloud/operation/operation.proto";
import "yandex/cloud/validation.proto";
import "yandex/cloud/mdb/sqlserver/v1/user.proto";

option go_package = "github.com/yandex-cloud/go-genproto/yandex/cloud/mdb/sqlserver/v1;sqlserver";
option java_outer_classname = "PSUS";
option java_package = "yandex.cloud.api.mdb.sqlserver.v1";

// A set of methods for managing SQL Server users.
service UserService {
  // Returns the specified SQL Server user.
  //
  // To get the list of available SQL Server users, make a [List] request.
  rpc Get (GetUserRequest) returns (User) {
    option (google.api.http) = { get: "/mdb/sqlserver/v1/clusters/{cluster_id}/users/{user_name}" };
  }

  // Retrieves a list of SQL Server users in the specified cluster.
  rpc List (ListUsersRequest) returns (ListUsersResponse) {
    option (google.api.http) = { get: "/mdb/sqlserver/v1/clusters/{cluster_id}/users" };
  }

  // Creates an SQL Server user in the specified cluster.
  rpc Create (CreateUserRequest) returns (operation.Operation) {
    option (google.api.http) = { post: "/mdb/sqlserver/v1/clusters/{cluster_id}/users" body: "*" };
    option (yandex.cloud.api.operation) = {
      metadata: "CreateUserMetadata"
      response: "User"
    };
  }

  // Modifies the specified SQL Server user.
  rpc Update (UpdateUserRequest) returns (operation.Operation) {
    option (google.api.http) = { patch: "/mdb/sqlserver/v1/clusters/{cluster_id}/users/{user_name}" body: "*" };
    option (yandex.cloud.api.operation) = {
      metadata: "UpdateUserMetadata"
      response: "User"
    };
  }

  // Deletes the specified SQL Server user.
  rpc Delete (DeleteUserRequest) returns (operation.Operation) {
    option (google.api.http) = { delete: "/mdb/sqlserver/v1/clusters/{cluster_id}/users/{user_name}" };
    option (yandex.cloud.api.operation) = {
      metadata: "DeleteUserMetadata"
      response: "google.protobuf.Empty"
    };
  }

  // Grants a permission to the specified SQL Server user.
  rpc GrantPermission (GrantUserPermissionRequest) returns (operation.Operation) {
    option (google.api.http) = { post: "/mdb/sqlserver/v1/clusters/{cluster_id}/users/{user_name}:grantPermission" body: "*" };
    option (yandex.cloud.api.operation) = {
      metadata: "GrantUserPermissionMetadata"
      response: "User"
    };
  }

  // Revokes a permission from the specified SQL Server user.
  rpc RevokePermission (RevokeUserPermissionRequest) returns (operation.Operation) {
    option (google.api.http) = { post: "/mdb/sqlserver/v1/clusters/{cluster_id}/users/{user_name}:revokePermission" body: "*" };
    option (yandex.cloud.api.operation) = {
      metadata: "RevokeUserPermissionMetadata"
      response: "User"
    };
  }
}

message GetUserRequest {
  // ID of the SQL Server cluster the user belongs to.
  //
  // To get the cluster ID, use a [ClusterService.List] request.
  string cluster_id = 1 [(required) = true, (length) = "<=50"];

  // Name of the SQL Server user to return.
  //
  // To get the name of the user use a [DatabaseService.List] request.
  string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_]*"];
}

message ListUsersRequest {
  // ID of the cluster to list SQL Server users in.
  //
  // To get the cluster ID, use a [ClusterService.List] request.
  string cluster_id = 1 [(required) = true, (length) = "<=50"];

  // The maximum number of results per page to return. If the number of available
  // results is larger than `page_size`, the service returns a [ListUsersResponse.next_page_token]
  // that can be used to get the next page of results in subsequent list requests.
  int64 page_size = 2 [(value) = "0-1000"];

  // Page token. To get the next page of results, set `page_token` to the [ListUsersResponse.next_page_token]
  // returned by a previous list request.
  string page_token = 3 [(length) = "<=100"];
}

message ListUsersResponse {
  // Requested list of SQL Server users.
  repeated User users = 1;

  // Token that allows you to get the next page of results for list requests. If the number of results
  // is larger than [ListUsersRequest.page_size], use the `next_page_token` as the value
  // for the [ListUsersRequest.page_token] parameter in the next list request. Each subsequent
  // list request will have its own `next_page_token` to continue paging through the results.
  string next_page_token = 2;
}

message CreateUserRequest {
  // ID of the SQL Server cluster to create a user for.
  //
  // To get the cluster ID, use a [ClusterService.List] request.
  string cluster_id = 1 [(required) = true, (length) = "<=50"];

  // Properties of the user to be created.
  UserSpec user_spec = 2 [(required) = true];
}

message CreateUserMetadata {
  // ID of the SQL Server cluster the user is being created for.
  string cluster_id = 1;

  // Name of the user being created.
  string user_name = 2;
}

message UpdateUserRequest {
  // ID of the SQL Server cluster the user belongs to.
  //
  // To get the cluster ID, use a [ClusterService.List] request.
  string cluster_id = 1 [(required) = true, (length) = "<=50"];

  // Name of the user to be updated.
  //
  // To get the name of the user use a [UserService.List] request.
  string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_]*"];

  // Field mask that specifies which fields of the SQL Server user should be updated.
  google.protobuf.FieldMask update_mask = 3;

  // New password for the user.
  string password = 4 [(length) = "8-128"];

  // New set of permissions for the user.
  repeated Permission permissions = 5;
}

message UpdateUserMetadata {
  // ID of the SQL Server cluster the user belongs to.
  string cluster_id = 1;

  // Name of the user being updated.
  string user_name = 2;
}

message DeleteUserRequest {
  // ID of the SQL Server cluster the user belongs to.
  //
  // To get the cluster ID, use a [ClusterService.List] request.
  string cluster_id = 1 [(required) = true, (length) = "<=50"];

  // Name of the user to delete.
  //
  // To get the name of the user, use a [UserService.List] request.
  string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_]*"];
}

message DeleteUserMetadata {
  // ID of the SQL Server cluster the user belongs to.
  string cluster_id = 1;

  // Name of the user being deleted.
  string user_name = 2;
}

message GrantUserPermissionRequest {
  // ID of the SQL Server cluster the user belongs to.
  //
  // To get the cluster ID, use a [ClusterService.List] request.
  string cluster_id = 1 [(required) = true, (length) = "<=50"];

  // Name of the user to grant the permission to.
  // To get the name of the user, use a [UserService.List] request.
  string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_]*"];

  // Permission that should be granted to the specified user.
  Permission permission = 3 [(required) = true];
}

message GrantUserPermissionMetadata {
  // ID of the SQL Server cluster the user belongs to.
  //
  // To get the cluster ID, use a [ClusterService.List] request.
  string cluster_id = 1;

  // Name of the user being granted a permission.
  string user_name = 2;
}

message RevokeUserPermissionRequest {
  // ID of the SQL Server cluster the user belongs to.
  //
  // To get the cluster ID, use a [ClusterService.List] request.
  string cluster_id = 1 [(required) = true, (length) = "<=50"];

  // Name of the user to revoke a permission from.
  //
  // To get the name of the user, use a [UserService.List] request.
  string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_]*"];

  // Permission that should be revoked from the specified user.
  Permission permission = 3 [(required) = true];
}

message RevokeUserPermissionMetadata {
  // ID of the SQL Server cluster the user belongs to.
  string cluster_id = 1;

  // Name of the user whose permission is being revoked.
  string user_name = 2;
}
