authzed 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d9075c7150852dae34510b7e08f6000b5fef15c53908d68e48eb30a38952ca66
-  data.tar.gz: a08da7d303c4d43441cb45cca1bc15a21fd4945425d0067203f7082a502c73ba
+  metadata.gz: e1495a99e8306e5ccba16daa977fa824fced295ee98913e36c73617c18def744
+  data.tar.gz: 74763f19757bce03b40e4362f89c0499f1a55661324701ad387b1a61453d0f96
 SHA512:
-  metadata.gz: c2d302f5c93cd931b68af5945c9b8211bf086c2e5f8a833ca091e2d5c76ffbc23be3882263a3ada9111bad41aa02051e086b2af68a81c2d7e1bc757974a05a1a
-  data.tar.gz: 002ae50d35ffc1ee1e60aa9959d05e2a680b30ad968966478756964d94b4f680dabe54fffeba3ec42c37b01cd2c76cd00c1047f206058fd46d1a62efc9c2145f
+  metadata.gz: 859a8f38ab1ce0cf71c06f827333facf4701520341e2d3fe50a174b7639a9c7843d93f46cfacd623eb086d28f3ec66e9cbf96a3bf977bdb914fb73d136ae4a46
+  data.tar.gz: 7147f721b18f217dcb3dbf00f6d3ba96e87d1f21ccd4c6f5b9880f23c032bc08d89aef319800fd289b74f694872c597eaa1b94b20a547eb4f49aa675ca766016

data/README.md

@@ -58,11 +58,29 @@ In order to successfully connect, you will have to provide a [Bearer Token] with
 [Authzed Dashboard]: https://app.authzed.com
 
 ```rb
-TODO
+require 'authzed'
+
+
+client = Authzed::Api::V0::Client.new(
+    target: 'grpc.authzed.com:443',
+    interceptors: [Authzed::GrpcUtil::BearerToken.new(token: 't_your_token_here_1234567deadbeef')],
+)
 ```
 
 ### Performing an API call
 
 ```rb
-TODO
+require 'authzed'
+
+emilia = Authzed::Api::V0::User.new(namespace: 'blog/user', object_id: 'emilia')
+read_first_post = Authzed::Api::V0::ObjectAndRelation.new(
+    namespace: 'blog/post',
+    object_id: '1',
+    relation: 'read'
+)
+
+# Is Emilia in the set of users that can read post #1?
+resp = client.acl_service.check(
+  Authzed::Api::V0::CheckRequest.new(test_userset: read_first_post, user: emilia)
+)
 ```

data/lib/authzed/api/v0/client.rb

@@ -0,0 +1,61 @@
+require 'grpc'
+
+module Authzed
+  module Api
+    module V0
+      class Client
+        attr_reader :acl_service, :developer_service, :namespace_service, :watch_service
+
+        def initialize(target:, credentials: nil, interceptors: [], options: {}, timeout: nil)
+          creds = credentials || GRPC::Core::ChannelCredentials.new
+
+          @acl_service = ACLService::Stub.new(
+            target,
+            creds,
+            timeout: timeout,
+            interceptors: interceptors,
+            channel_args: options,
+          )
+          @developer_service = DeveloperService::Stub.new(
+            target,
+            creds,
+            timeout: timeout,
+            interceptors: interceptors,
+            channel_args: options,
+          )
+          @namespace_service = NamespaceService::Stub.new(
+            target,
+            creds,
+            timeout: timeout,
+            interceptors: interceptors,
+            channel_args: options,
+          )
+          @watch_service = WatchService::Stub.new(
+            target,
+            creds,
+            timeout: timeout,
+            interceptors: interceptors,
+            channel_args: options,
+          )
+        end
+      end
+
+      # Utility method for creating usersets
+      module UserPatch
+        def self.included(base)
+          def base.for(namespace:, object_id:)
+            Authzed::Api::V0::User.new(
+              userset: Authzed::Api::V0::ObjectAndRelation.new(
+                namespace: namespace,
+                object_id: object_id,
+                relation: '...',
+              )
+            )
+          end
+        end
+      end
+
+      User.include(UserPatch)
+    end
+  end
+end

data/lib/authzed/api/v1alpha1/client.rb

@@ -0,0 +1,25 @@
+require 'grpc'
+
+module Authzed
+  module Api
+    module V1alpha1
+      class Client
+
+        attr_reader :schema_service
+
+        def initialize(target:, credentials: nil, interceptors: [], options: {}, timeout: nil)
+          creds = credentials || GRPC::Core::ChannelCredentials.new
+
+          @schema_service = Authzed::Api::V1alpha1::SchemaService::Stub.new(
+            target,
+            creds,
+            timeout: timeout,
+            interceptors: interceptors,
+            channel_args: options,
+          )
+        end
+      end
+    end
+  end
+end
+

data/lib/authzed.rb

@@ -8,7 +8,11 @@ require 'authzed/api/v0/namespace_service_pb'
 require 'authzed/api/v0/namespace_service_services_pb'
 require 'authzed/api/v0/watch_service_pb'
 require 'authzed/api/v0/watch_service_services_pb'
+require 'authzed/api/v0/client'
 require 'authzed/api/v1alpha1/schema_pb'
+require 'authzed/api/v1alpha1/schema_services_pb'
+require 'authzed/api/v1alpha1/client'
+require 'grpcutil/bearer_token'
 
 module Authzed
 end

data/lib/grpcutil/bearer_token.rb

@@ -0,0 +1,75 @@
+require 'grpc'
+
+module Authzed
+  module GrpcUtil
+    class BearerToken < GRPC::ClientInterceptor
+
+      AUTHORIZATION_HEADER = 'authorization'
+      SCHEMA = 'Bearer'
+
+      attr_reader :token
+
+      def initialize(token:)
+        @token = token
+      end
+
+      ##
+      # Intercept a unary request response call
+      #
+      # @param [Object] request
+      # @param [GRPC::ActiveCall] call
+      # @param [String] method
+      # @param [Hash] metadata
+      #
+      def request_response(request: nil, call: nil, method: nil, metadata: nil)
+        metadata[AUTHORIZATION_HEADER] = bearer_token_header
+        yield
+      end
+
+      ##
+      # Intercept a client streaming call
+      #
+      # @param [Enumerable] requests
+      # @param [GRPC::ActiveCall] call
+      # @param [String] method
+      # @param [Hash] metadata
+      #
+      def client_streamer(requests: nil, call: nil, method: nil, metadata: nil)
+        metadata[AUTHORIZATION_HEADER] = bearer_token_header
+        yield
+      end
+
+      ##
+      # Intercept a server streaming call
+      #
+      # @param [Object] request
+      # @param [GRPC::ActiveCall] call
+      # @param [String] method
+      # @param [Hash] metadata
+      #
+      def server_streamer(request: nil, call: nil, method: nil, metadata: nil)
+        metadata[AUTHORIZATION_HEADER] = bearer_token_header
+        yield
+      end
+
+      ##
+      # Intercept a BiDi streaming call
+      #
+      # @param [Enumerable] requests
+      # @param [GRPC::ActiveCall] call
+      # @param [String] method
+      # @param [Hash] metadata
+      #
+      def bidi_streamer(requests: nil, call: nil, method: nil, metadata: nil)
+        metadata[AUTHORIZATION_HEADER] = bearer_token_header
+        yield
+      end
+
+      private
+
+      def bearer_token_header
+        "#{SCHEMA} #{token}"
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authzed
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - Authzed
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-08-24 00:00:00.000000000 Z
+date: 2021-08-25 00:00:00.000000000 Z
 dependencies: []
 description: Authzed is the best way to build robust and scalable permissions systems.
   See https://authzed.com for more details.
@@ -22,6 +22,7 @@ files:
 - lib/authzed.rb
 - lib/authzed/api/v0/acl_service_pb.rb
 - lib/authzed/api/v0/acl_service_services_pb.rb
+- lib/authzed/api/v0/client.rb
 - lib/authzed/api/v0/core_pb.rb
 - lib/authzed/api/v0/developer_pb.rb
 - lib/authzed/api/v0/developer_services_pb.rb
@@ -30,8 +31,10 @@ files:
 - lib/authzed/api/v0/namespace_service_services_pb.rb
 - lib/authzed/api/v0/watch_service_pb.rb
 - lib/authzed/api/v0/watch_service_services_pb.rb
+- lib/authzed/api/v1alpha1/client.rb
 - lib/authzed/api/v1alpha1/schema_pb.rb
 - lib/authzed/api/v1alpha1/schema_services_pb.rb
+- lib/grpcutil/bearer_token.rb
 homepage: https://authzed.com
 licenses:
 - Apache-2.0