revoked_users = fields.List(fields.Bytes(required=True))
class UserGetReqSchema(BaseReqSchema):
user_id = UserIDField(required=True)
class UserGetRepSchema(BaseRepSchema):
user_certificate = fields.Bytes(required=True)
revoked_user_certificate = fields.Bytes(required=True, allow_none=True)
device_certificates = fields.List(fields.Bytes(required=True), required=True)
trustchain = fields.Nested(TrustchainSchema, required=True)
user_get_serializer = CmdSerializer(UserGetReqSchema, UserGetRepSchema)
class APIV1_UserFindReqSchema(BaseReqSchema):
query = fields.String(missing=None)
omit_revoked = fields.Boolean(missing=False)
page = fields.Int(missing=1, validate=lambda n: n > 0)
per_page = fields.Integer(missing=100, validate=lambda n: 0 < n <= 100)
class APIV1_UserFindRepSchema(BaseRepSchema):
results = fields.List(UserIDField())
page = fields.Int(validate=lambda n: n > 0)
per_page = fields.Integer(validate=lambda n: 0 < n <= 100)
total = fields.Int(validate=lambda n: n >= 0)
vlob_id = fields.UUID(required=True)
# If blob contains a signed message, it timestamp cannot be directly enforced
# by the backend (given the message is probably also encrypted).
# Hence the timestamp is passed in clear so backend can reject the message
# if it considers the timestamp invalid. On top of that each client asking
# for the message will receive the declared timestamp to check against
# the actual timestamp within the message.
timestamp = fields.DateTime(required=True)
blob = fields.Bytes(required=True)
class VlobCreateRepSchema(BaseRepSchema):
pass
vlob_create_serializer = CmdSerializer(VlobCreateReqSchema, VlobCreateRepSchema)
class VlobReadReqSchema(BaseReqSchema):
encryption_revision = fields.Integer(required=True)
vlob_id = fields.UUID(required=True)
version = fields.Integer(validate=lambda n: n is None or _validate_version(n), missing=None)
timestamp = fields.DateTime(allow_none=True, missing=None)
class VlobReadRepSchema(BaseRepSchema):
version = fields.Integer(required=True, validate=_validate_version)
blob = fields.Bytes(required=True)
author = DeviceIDField(required=True)
timestamp = fields.DateTime(required=True)
# Parsec Cloud (https://parsec.cloud) Copyright (c) AGPLv3 2019 Scille SAS
from guardata.serde import fields
from guardata.api.protocol.base import BaseReqSchema, BaseRepSchema, CmdSerializer
__all__ = ("ping_serializer", )
class PingReqSchema(BaseReqSchema):
ping = fields.String(required=True)
class PingRepSchema(BaseRepSchema):
pong = fields.String(required=True)
ping_serializer = CmdSerializer(PingReqSchema, PingRepSchema)
# Parsec Cloud (https://parsec.cloud) Copyright (c) AGPLv3 2019 Scille SAS
from guardata.serde import BaseSchema, fields
from guardata.api.protocol.base import BaseReqSchema, BaseRepSchema, CmdSerializer
from guardata.api.protocol.types import DeviceIDField
__all__ = ("message_get_serializer", )
class MessageGetReqSchema(BaseReqSchema):
offset = fields.Integer(required=True, validate=lambda n: n >= 0)
class MessageSchema(BaseSchema):
count = fields.Integer(required=True)
sender = DeviceIDField(required=True)
timestamp = fields.DateTime(required=True)
body = fields.Bytes(required=True)
class MessageGetRepSchema(BaseRepSchema):
messages = fields.List(fields.Nested(MessageSchema), required=True)
message_get_serializer = CmdSerializer(MessageGetReqSchema,
MessageGetRepSchema)
from guardata.serde import fields
from guardata.api.protocol.base import BaseReqSchema, BaseRepSchema, CmdSerializer
__all__ = ("block_create_serializer", "block_read_serializer")
class BlockCreateReqSchema(BaseReqSchema):
block_id = fields.UUID(required=True)
realm_id = fields.UUID(required=True)
block = fields.Bytes(required=True)
class BlockCreateRepSchema(BaseRepSchema):
pass
block_create_serializer = CmdSerializer(BlockCreateReqSchema,
BlockCreateRepSchema)
class BlockReadReqSchema(BaseReqSchema):
block_id = fields.UUID(required=True)
class BlockReadRepSchema(BaseRepSchema):
block = fields.Bytes(required=True)
block_read_serializer = CmdSerializer(BlockReadReqSchema, BlockReadRepSchema)
READER = "READER"
RealmRoleField = fields.enum_field_factory(RealmRole)
MaintenanceTypeField = fields.enum_field_factory(MaintenanceType)
class RealmCreateReqSchema(BaseReqSchema):
role_certificate = fields.Bytes(required=True)
class RealmCreateRepSchema(BaseRepSchema):
pass
realm_create_serializer = CmdSerializer(RealmCreateReqSchema,
RealmCreateRepSchema)
class RealmStatusReqSchema(BaseReqSchema):
realm_id = fields.UUID(required=True)
class RealmStatusRepSchema(BaseRepSchema):
in_maintenance = fields.Boolean(required=True)
maintenance_type = MaintenanceTypeField(allow_none=True)
maintenance_started_on = fields.DateTime(required=True, allow_none=True)
maintenance_started_by = DeviceIDField(required=True, allow_none=True)
encryption_revision = fields.Integer(required=True)
realm_status_serializer = CmdSerializer(RealmStatusReqSchema,
APIEvent.INVITE_STATUS_CHANGED:
EventsInviteStatusChangedRepSchema(),
APIEvent.REALM_ROLES_UPDATED:
EventsRealmRolesUpdatedRepSchema(),
APIEvent.REALM_VLOBS_UPDATED:
EventsRealmVlobsUpdatedRepSchema(),
APIEvent.REALM_MAINTENANCE_STARTED:
EventsRealmMaintenanceStartedRepSchema(),
APIEvent.REALM_MAINTENANCE_FINISHED:
EventsRealmMaintenanceFinishedRepSchema(),
}
def get_obj_type(self, obj):
return obj["event"]
events_listen_serializer = CmdSerializer(EventsListenReqSchema,
EventsListenRepSchema)
class EventsSubscribeReqSchema(BaseReqSchema):
pass
class EventsSubscribeRepSchema(BaseRepSchema):
pass
events_subscribe_serializer = CmdSerializer(EventsSubscribeReqSchema,
EventsSubscribeRepSchema)
from guardata.serde import fields, BaseSchema, JSONSerializer
from guardata.api.protocol.base import BaseReqSchema, BaseRepSchema, CmdSerializer
from guardata.api.protocol.types import OrganizationIDField, DeviceIDField
class APIV1_OrganizationCreateReqSchema(BaseReqSchema):
organization_id = OrganizationIDField(required=True)
expiration_date = fields.DateTime(allow_none=True, required=False)
class APIV1_OrganizationCreateRepSchema(BaseRepSchema):
bootstrap_token = fields.String(required=True)
expiration_date = fields.DateTime(allow_none=True, required=False)
apiv1_organization_create_serializer = CmdSerializer(
APIV1_OrganizationCreateReqSchema, APIV1_OrganizationCreateRepSchema)
class APIV1_OrganizationBootstrapReqSchema(BaseReqSchema):
bootstrap_token = fields.String(required=True)
root_verify_key = fields.VerifyKey(required=True)
user_certificate = fields.Bytes(required=True)
device_certificate = fields.Bytes(required=True)
# Same certificates than above, but expurged of human_handle/device_label
# Backward compatibility prevent those field to be required, however
# they should be considered so by recent version of Parsec (hence the
# `allow_none=False`).
# Hence only old version of Parsec will provide a payload with missing
# redacted fields. In such case we consider the non-redacted can also
# be used as redacted given the to-be-redacted fields have been introduce
# in later version of Parsec.
class InviteNewReqSchema(OneOfSchema):
type_field = "type"
type_schemas = {
InvitationType.USER: InviteNewUserReqSchema(),
InvitationType.DEVICE: InviteNewDeviceReqSchema(),
}
def get_obj_type(self, obj):
return obj["type"]
class InviteNewRepSchema(BaseRepSchema):
token = fields.UUID(required=True)
invite_new_serializer = CmdSerializer(InviteNewReqSchema, InviteNewRepSchema)
class InvitationDeletedReason(Enum):
FINISHED = "FINISHED"
CANCELLED = "CANCELLED"
ROTTEN = "ROTTEN"
InvitationDeletedReasonField = fields.enum_field_factory(
InvitationDeletedReason)
class InviteDeleteReqSchema(BaseReqSchema):
token = fields.UUID(required=True)
reason = InvitationDeletedReasonField(required=True)