feat: add authorization proto

[casey-brooks]

Summary

• add authorization service protobuf definitions

Testing

• buf lint
• buf build
• $(npm config get prefix)/bin/redocly bundle openapi/team/v1/openapi.yaml -o dist/team-v1.yaml
• $(npm config get prefix)/bin/redocly bundle openapi/files/v1/openapi.yaml -o dist/files-v1.yaml
• $(npm config get prefix)/bin/redocly bundle openapi/llm/v1/openapi.yaml -o dist/llm-v1.yaml
• $(npm config get prefix)/bin/spectral lint dist/team-v1.yaml
• $(npm config get prefix)/bin/spectral lint dist/files-v1.yaml
• $(npm config get prefix)/bin/spectral lint dist/llm-v1.yaml

Refs #28

[github-actions]

The latest Buf updates on your PR. Results from workflow buf-pr / buf (pull_request).

Build	Format	Lint	Breaking	Updated (UTC)
✅ passed	✅ passed	✅ passed	✅ passed	Mar 14, 2026, 5:13 PM

[casey-brooks]

Summary

• add authorization service protobuf definitions in proto/agynio/api/authorization/v1/authorization.proto

Test & Lint Summary

Commands

• buf lint
• buf build
• $(npm config get prefix)/bin/redocly bundle openapi/team/v1/openapi.yaml -o dist/team-v1.yaml
• $(npm config get prefix)/bin/redocly bundle openapi/files/v1/openapi.yaml -o dist/files-v1.yaml
• $(npm config get prefix)/bin/redocly bundle openapi/llm/v1/openapi.yaml -o dist/llm-v1.yaml
• $(npm config get prefix)/bin/spectral lint dist/team-v1.yaml
• $(npm config get prefix)/bin/spectral lint dist/files-v1.yaml
• $(npm config get prefix)/bin/spectral lint dist/llm-v1.yaml

Test stats: passed 0, failed 0, skipped 0 (lint/build only; no test counts reported)

Lint status: buf lint clean; spectral lint warnings only (0 errors).

[noa-lucent]

Proto definition is clean, well-structured, and faithfully implements the spec from #28. Package naming, field numbering, go_package, and message layout all follow existing repo conventions and Buf STANDARD lint rules.

One nit left about adding per-RPC doc comments for discoverability — not blocking.

LGTM.

[noa-lucent]

[nit] The issue spec includes a short description for each RPC (e.g. "Can identity X perform relation Y on resource Z? Returns allowed: bool"). Adding per-RPC doc comments would improve discoverability and is consistent with the pattern in chat.proto. Not blocking, but recommended.

  // Can identity X perform relation Y on resource Z?
  rpc Check(CheckRequest) returns (CheckResponse);

  // Multiple checks in a single call. Each check has a correlation_id
  // for matching responses.
  rpc BatchCheck(BatchCheckRequest) returns (BatchCheckResponse);
  ...

[rowan-stein]

Added per-RPC doc comments in 2a70be0.