All Known Implementing Classes:: UserServiceGrpc.UserServiceImplBase, UserServiceImpl

Enclosing class:: UserServiceGrpc

public static interface UserServiceGrpc.AsyncService

UserService provides user management functionality for the SoulFire system.
All methods require authentication via JWT token in the request metadata.
Most methods require specific global permissions (CREATE_USER, READ_USER, UPDATE_USER,
DELETE_USER, INVALIDATE_SESSIONS, or GENERATE_API_TOKEN).
Admin users automatically have all permissions.
Note: The root user (ID: 00000000-0000-0000-0000-000000000000) cannot be modified or deleted.
Note: Users cannot modify their own account through this service (use self-service endpoints instead).

Method Summary

Modifier and Type

Method

Description

default void

createUser(UserCreateRequest request, io.grpc.stub.StreamObserver<UserCreateResponse> responseObserver)

Creates a new user account in the system.

default void

deleteUser(UserDeleteRequest request, io.grpc.stub.StreamObserver<UserDeleteResponse> responseObserver)

Deletes an existing user from the system.

default void

generateUserAPIToken(GenerateUserAPITokenRequest request, io.grpc.stub.StreamObserver<GenerateUserAPITokenResponse> responseObserver)

Generates a new API token (JWT) for a specific user.

default void

getUserInfo(UserInfoRequest request, io.grpc.stub.StreamObserver<UserInfoResponse> responseObserver)

Retrieves detailed information about a specific user.

default void

invalidateSessions(InvalidateSessionsRequest request, io.grpc.stub.StreamObserver<InvalidateSessionsResponse> responseObserver)

Invalidates all active sessions for a user by updating their min_issued_at timestamp.

default void

listUsers(UserListRequest request, io.grpc.stub.StreamObserver<UserListResponse> responseObserver)

Lists all users in the system.

default void

updateUser(UpdateUserRequest request, io.grpc.stub.StreamObserver<UpdateUserResponse> responseObserver)

Updates an existing user's profile information.

Method Details

createUser

default void createUser(UserCreateRequest request, io.grpc.stub.StreamObserver<UserCreateResponse> responseObserver)

Creates a new user account in the system.
Requires the CREATE_USER global permission.
Returns the UUID of the newly created user.
Error cases:
  - INTERNAL: If username or email already exists, or validation fails
  - PERMISSION_DENIED: If caller lacks CREATE_USER permission

deleteUser

default void deleteUser(UserDeleteRequest request, io.grpc.stub.StreamObserver<UserDeleteResponse> responseObserver)

Deletes an existing user from the system.
Requires the DELETE_USER global permission.
Cascades to delete all owned instances and audit logs.
Also disconnects the user from any active log subscriptions.
Error cases:
  - INTERNAL: If user not found, or attempting to delete self/root user
  - PERMISSION_DENIED: If caller lacks DELETE_USER permission

listUsers

default void listUsers(UserListRequest request, io.grpc.stub.StreamObserver<UserListResponse> responseObserver)

Lists all users in the system.
Requires the READ_USER global permission.
Returns complete information for all users including timestamps.
Error cases:
  - INTERNAL: If database query fails
  - PERMISSION_DENIED: If caller lacks READ_USER permission

getUserInfo

default void getUserInfo(UserInfoRequest request, io.grpc.stub.StreamObserver<UserInfoResponse> responseObserver)

Retrieves detailed information about a specific user.
Requires the READ_USER global permission.
Error cases:
  - INTERNAL: If user not found
  - PERMISSION_DENIED: If caller lacks READ_USER permission

invalidateSessions

default void invalidateSessions(InvalidateSessionsRequest request, io.grpc.stub.StreamObserver<InvalidateSessionsResponse> responseObserver)

Invalidates all active sessions for a user by updating their min_issued_at timestamp.
Requires the INVALIDATE_SESSIONS global permission.
After this call, all previously issued JWT tokens for the user become invalid,
effectively logging them out of all devices.
Error cases:
  - INTERNAL: If user not found, or attempting to invalidate self/root user sessions
  - PERMISSION_DENIED: If caller lacks INVALIDATE_SESSIONS permission

updateUser

default void updateUser(UpdateUserRequest request, io.grpc.stub.StreamObserver<UpdateUserResponse> responseObserver)

Updates an existing user's profile information.
Requires the UPDATE_USER global permission.
All profile fields (username, email, role) are updated to the provided values.
Error cases:
  - INTERNAL: If user not found, attempting to update self/root user, or validation fails
  - PERMISSION_DENIED: If caller lacks UPDATE_USER permission

generateUserAPIToken

default void generateUserAPIToken(GenerateUserAPITokenRequest request, io.grpc.stub.StreamObserver<GenerateUserAPITokenResponse> responseObserver)

Generates a new API token (JWT) for a specific user.
Requires the GENERATE_API_TOKEN global permission.
The generated token has the "api" audience and does not expire.
The token can be invalidated by calling InvalidateSessions for the user.
Error cases:
  - INTERNAL: If user not found, or attempting to generate token for self/root user
  - PERMISSION_DENIED: If caller lacks GENERATE_API_TOKEN permission

Interface UserServiceGrpc.AsyncService

Method Summary