Authz/Schema: Remove unused stub cue definitions (#100387)

2025-08-06 15:39:31 +08:00 · 2025-02-11 15:24:11 +03:00
parent 6ee3c71ffe
commit e3cb73301e
22 changed files with 0 additions and 1188 deletions
--- a/kinds/accesspolicy/access_policy_kind.cue
+++ b/kinds/accesspolicy/access_policy_kind.cue
@ -1,51 +0,0 @@
-package kind
-
-name:              "AccessPolicy"
-maturity:          "merged"
-description:       "Access rules for a scope+role.  NOTE there is a unique constraint on role+scope"
-pluralName:        "AccessPolicies"
-machineName:       "accesspolicy"
-pluralMachineName: "accesspolicies"
-
-lineage: schemas: [{
-	version: [0, 0]
-	schema: {
-		spec: {
-			// The scope where these policies should apply
-			scope: #ResourceRef
-
-			// The role that must apply this policy 
-			role: #RoleRef
-
-			// The set of rules to apply.  Note that * is required to modify
-			// access policy rules, and that "none" will reject all actions
-			rules: [...#AccessRule]
-		} @cuetsy(kind="interface")
-
-		#RoleRef: {
-			// Policies can apply to roles, teams, or users
-			// Applying policies to individual users is supported, but discouraged
-			kind:  "Role" | "BuiltinRole" | "Team" | "User"
-			name:  string
-			xname: string // temporary
-		} @cuetsy(kind="interface")
-
-		#ResourceRef: {
-			kind: string // explicit resource or folder will cascade
-			name: string
-		} @cuetsy(kind="interface")
-
-		#AccessRule: {
-			// The kind this rule applies to (dashboards, alert, etc)
-			kind: "*" | string
-
-			// READ, WRITE, CREATE, DELETE, ...
-			// should move to k8s style verbs like: "get", "list", "watch", "create", "update", "patch", "delete" 
-			verb: "*" | "none" | string
-
-			// Specific sub-elements like "alert.rules" or "dashboard.permissions"????
-			target?: string
-		} @cuetsy(kind="interface")
-	}
-},
-]
--- a/kinds/role/role_kind.cue
+++ b/kinds/role/role_kind.cue
@ -1,25 +0,0 @@
-package kind
-
-name:        "Role"
-maturity:    "merged"
-description: "Roles represent a set of users+teams that should share similar access"
-
-lineage: schemas: [{
-	version: [0, 0]
-	schema: {
-		spec: {
-			// The role identifier `managed:builtins:editor:permissions`
-			name: string
-			// Optional display
-			displayName?: string
-			// Name of the team.
-			groupName?: string
-			// Role description
-			description?: string
-
-			// Do not show this role
-			hidden: bool | false
-		} @cuetsy(kind="interface")
-	}
-},
-]
--- a/kinds/rolebinding/role_binding_kind.cue
+++ b/kinds/rolebinding/role_binding_kind.cue
@ -1,36 +0,0 @@
-package kind
-
-name:        "RoleBinding"
-maturity:    "merged"
-description: "Role bindings links a user|team to a configured role"
-
-lineage: schemas: [{
-	version: [0, 0]
-	schema: {
-		spec: {
-			// The role we are discussing
-			role: #BuiltinRoleRef | #CustomRoleRef
-
-			// The team or user that has the specified role
-			subject: #RoleBindingSubject
-		} @cuetsy(kind="interface")
-
-		#CustomRoleRef: {
-			kind: "Role"
-			name: string
-		} @cuetsy(kind="interface")
-
-		#BuiltinRoleRef: {
-			kind: "BuiltinRole"
-			name: "viewer" | "editor" | "admin"
-		} @cuetsy(kind="interface")
-
-		#RoleBindingSubject: {
-			kind: "Team" | "User"
-
-			// The team/user identifier name
-			name: string
-		} @cuetsy(kind="interface")
-	}
-},
-]