btps_client 1.0.0

data/lib/btps_client/resources/request.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+module BtpsClient
+  module Resources
+    # Swagger tag: Requests
+    # Endpoints:
+    #   POST /requests                                                       — create release request
+    #   GET  /requests                                                       — list requests
+    #   PUT  /requests/{id}/checkin                                          — check in a request
+    #   PUT  /requests/{id}/rotateoncheckin                                  — set rotate-on-checkin
+    #   PUT  /requests/{id}/approve                                          — approve a request
+    #   PUT  /requests/{id}/deny                                             — deny a request
+    #   POST /managedaccounts/{managedAccountID}/requests/terminate          — terminate by account
+    #   POST /managedsystems/{managedSystemID}/requests/terminate            — terminate by system
+    class Request < ApiResource
+      resource_path 'requests'
+
+      extend ApiOperations::Listable # GET  /requests
+      extend ApiOperations::ScalarCreatable # POST /requests — returns a plain integer (RequestID)
+
+      scalar_create_key 'RequestId'
+
+      # Create schema — maps to RequestAddModel
+      param_schema :create do
+        required 'SystemID',               type: :integer
+        required 'AccountID',              type: :integer
+        required 'DurationMinutes',        type: :integer, minimum: 1, maximum: 525_600
+        optional 'Reason',                 type: :string,  max_length: 1000, nullable: true
+        optional 'RotateOnCheckin',        type: :boolean, nullable: true
+        optional 'AccessType',             type: :string,  values: %w[View RDP SSH App], nullable: true
+        optional 'ConflictOption',         type: :string,  values: %w[reuse renew],      nullable: true
+        optional 'TicketNumber',           type: :string,  max_length: 20, nullable: true
+        optional 'TicketSystemID',         type: :integer, nullable: true
+        optional 'AccessPolicyScheduleID', type: :integer, nullable: true
+        optional 'ApplicationID',          type: :integer, nullable: true
+      end
+
+      # Approve/Deny schemas — map to RequestReasonModel (all optional)
+      param_schema :approve do
+        optional 'Reason', type: :string, max_length: 1000, nullable: true
+      end
+
+      param_schema :deny do
+        optional 'Reason', type: :string, max_length: 1000, nullable: true
+      end
+
+      # ── Request lifecycle methods ──────────────────────────────────────────────
+
+      # PUT /requests/{id}/checkin
+      # Checks in a request, releasing the credential lock.
+      def self.checkin(id, params: {}, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        # API requires a non-empty body — send params or an empty JSON object
+        body      = params.empty? ? {} : params
+        data      = requestor.request(:put, "#{resource_url(id)}/checkin", body: body)
+        data ? new(data) : true
+      end
+
+      # PUT /requests/{id}/rotateoncheckin
+      # Sets or clears the rotate-on-checkin flag for an active request.
+      def self.rotate_on_checkin(id, params: {}, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        body      = params.empty? ? nil : params
+        data      = requestor.request(:put, "#{resource_url(id)}/rotateoncheckin", body: body)
+        data ? new(data) : true
+      end
+
+      # PUT /requests/{id}/approve
+      # Approves a pending request, with an optional reason.
+      def self.approve(id, params = {}, config: BtpsClient.config)
+        Validator.validate!(schema_for(:approve), params)
+        requestor = ApiRequestor.new(config)
+        body      = params.empty? ? nil : params
+        data      = requestor.request(:put, "#{resource_url(id)}/approve", body: body)
+        data ? new(data) : true
+      end
+
+      # PUT /requests/{id}/deny
+      # Denies a pending request, with an optional reason.
+      def self.deny(id, params = {}, config: BtpsClient.config)
+        Validator.validate!(schema_for(:deny), params)
+        requestor = ApiRequestor.new(config)
+        body      = params.empty? ? nil : params
+        data      = requestor.request(:put, "#{resource_url(id)}/deny", body: body)
+        data ? new(data) : true
+      end
+
+      # ── Terminate helpers ────────────────────────────────────────────────────
+
+      # POST /managedaccounts/{managedAccountID}/requests/terminate
+      # Terminates all active requests for a given managed account.
+      def self.terminate_by_account(managed_account_id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        requestor.request(:post, "managedaccounts/#{managed_account_id}/requests/terminate")
+        true
+      end
+
+      # POST /managedsystems/{managedSystemID}/requests/terminate
+      # Terminates all active requests for a given managed system.
+      def self.terminate_by_system(managed_system_id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        requestor.request(:post, "managedsystems/#{managed_system_id}/requests/terminate")
+        true
+      end
+    end
+  end
+end

data/lib/btps_client/resources/safe.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+module BtpsClient
+  module Resources
+    # Swagger tag: Secrets Safe Safes
+    # Endpoints: POST/GET /secrets-safe/safes
+    #            GET/PUT/DELETE /secrets-safe/safes/{id}
+    #            GET /secrets-safe/safes/safe-permissions
+    #            GET/PUT/DELETE /secrets-safe/safes/{id}/safe-permissions
+    class Safe < ApiResource
+      resource_path 'secrets-safe/safes'
+
+      extend ApiOperations::Listable    # GET    /secrets-safe/safes
+      extend ApiOperations::Retrievable # GET    /secrets-safe/safes/{id}
+      extend ApiOperations::Creatable   # POST   /secrets-safe/safes
+      extend ApiOperations::Updatable   # PUT    /secrets-safe/safes/{id}
+      extend ApiOperations::Deletable   # DELETE /secrets-safe/safes/{id}
+
+      param_schema :create do
+        required 'Name',        type: :string, min_length: 1, max_length: 256
+        optional 'Description', type: :string, max_length: 256, nullable: true
+      end
+
+      param_schema :update do
+        required 'Name',        type: :string, min_length: 1, max_length: 256
+        optional 'Description', type: :string, max_length: 256, nullable: true
+      end
+
+      param_schema :assign_permission do
+        required 'PrincipalID',   type: :integer
+        required 'PrincipalType', type: :integer
+        optional 'ExpiresOn',     type: :string, nullable: true
+      end
+
+      param_schema :revoke_permission do
+        required 'PrincipalID',   type: :integer
+        required 'PrincipalType', type: :integer
+      end
+
+      # GET /secrets-safe/safes/safe-permissions
+      # Returns all possible safe permission definitions.
+      # The API returns a plain array of strings, not objects, so items are
+      # returned as-is rather than wrapped in BtpsObject.
+      def self.all_permissions(config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:get, 'secrets-safe/safes/safe-permissions')
+        Array(data).map { |item| item.is_a?(Hash) ? BtpsObject.new(item) : item }
+      end
+
+      # GET /secrets-safe/safes/{id}/safe-permissions
+      # Returns permissions currently assigned to the given safe.
+      def self.permissions(id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:get, "#{resource_url(id)}/safe-permissions")
+        Array(data).map { |item| BtpsObject.new(item) }
+      end
+
+      # PUT /secrets-safe/safes/{id}/safe-permissions
+      # Assigns or updates permissions for a user or group on the safe.
+      def self.update_permissions(id, params, config: BtpsClient.config)
+        Validator.validate!(schema_for(:assign_permission), params)
+        requestor = ApiRequestor.new(config)
+        requestor.request(:put, "#{resource_url(id)}/safe-permissions", body: params)
+        true
+      end
+
+      # DELETE /secrets-safe/safes/{id}/safe-permissions
+      # Revokes permissions for a user or group on the safe.
+      def self.revoke_permissions(id, params, config: BtpsClient.config)
+        Validator.validate!(schema_for(:revoke_permission), params)
+        requestor = ApiRequestor.new(config)
+        requestor.request(:delete, "#{resource_url(id)}/safe-permissions", body: params)
+        true
+      end
+    end
+  end
+end

data/lib/btps_client/resources/secret.rb

@@ -0,0 +1,179 @@
+# frozen_string_literal: true
+
+module BtpsClient
+  module Resources
+    # Swagger tag: Secrets Safe Secrets  (19 endpoints)
+    # Standard operations via mixins + typed create/retrieve/update/share methods.
+    class Secret < ApiResource
+      resource_path 'secrets-safe/secrets'
+
+      extend ApiOperations::Listable      # GET    /secrets-safe/secrets
+      extend ApiOperations::Retrievable   # GET    /secrets-safe/secrets/{secretId}
+      extend ApiOperations::Updatable     # PUT    /secrets-safe/secrets/{secretId}  (credential)
+      extend ApiOperations::Deletable     # DELETE /secrets-safe/secrets/{secretId}
+      extend ApiOperations::Uploadable    # multipart helper used by create_file_in_folder + upload_csv
+
+      param_schema :create_credential do
+        required 'Title',          type: :string, max_length: 256
+        required 'Username',       type: :string, max_length: 256
+        optional 'Password',       type: :string, max_length: 256, nullable: true
+        optional 'PasswordRuleID', type: :integer, minimum: 0, maximum: 32_767, nullable: true
+        optional 'Description',    type: :string, max_length: 256, nullable: true
+        optional 'Notes',          type: :string, max_length: 4_000, nullable: true
+      end
+
+      param_schema :create_text do
+        required 'Title', type: :string, max_length: 256
+        required 'Text',  type: :string, max_length: 4_096
+        optional 'Description', type: :string, max_length: 256, nullable: true
+        optional 'Notes',       type: :string, max_length: 4_000, nullable: true
+      end
+
+      param_schema :update_text do
+        required 'Title', type: :string, max_length: 256
+        required 'Text',  type: :string, max_length: 4_096
+        optional 'Description', type: :string, max_length: 256, nullable: true
+        optional 'Notes',       type: :string, max_length: 4_000, nullable: true
+      end
+
+      param_schema :move do
+        required 'SecretIds',           type: :array
+        required 'ShareIds',            type: :array
+        required 'DestinationFolderId', type: :string, format: :uuid
+        required 'DuplicateNameAction', type: :string, values: %w[Rename Replace Abort]
+      end
+
+      # ── Folder-scoped create methods ─────────────────────────────────────────
+
+      # POST /secrets-safe/folders/{folderId}/secrets
+      # Creates a credential secret inside the given folder.
+      def self.create_in_folder(folder_id, params, config: BtpsClient.config)
+        Validator.validate!(schema_for(:create_credential), params)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:post, "secrets-safe/folders/#{folder_id}/secrets", body: params)
+        new(data)
+      end
+
+      # POST /secrets-safe/folders/{folderId}/secrets/text
+      # Creates a text secret inside the given folder.
+      def self.create_text_in_folder(folder_id, params, config: BtpsClient.config)
+        Validator.validate!(schema_for(:create_text), params)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:post, "secrets-safe/folders/#{folder_id}/secrets/text", body: params)
+        new(data)
+      end
+
+      # POST /secrets-safe/folders/{folderId}/secrets/file  (multipart/form-data)
+      # Creates a file secret inside the given folder.
+      def self.create_file_in_folder(folder_id, file:, metadata: {}, config: BtpsClient.config)
+        upload(folder_id, file: file, metadata: metadata,
+                          base_path: 'secrets-safe/folders', sub_path: 'secrets/file', config: config)
+      end
+
+      # ── Folder-scoped list ────────────────────────────────────────────────────
+
+      # GET /secrets-safe/folders/{folderId}/secrets
+      # Returns all secrets in the given folder.
+      def self.list_in_folder(folder_id, params = {}, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:get, "secrets-safe/folders/#{folder_id}/secrets", params: params)
+        Array(data).map { |item| new(item) }
+      end
+
+      # ── Typed retrieve methods ────────────────────────────────────────────────
+
+      # GET /secrets-safe/secrets/{secretId}/text
+      # Returns text-secret content as a BtpsObject.
+      def self.retrieve_text(id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:get, "#{resource_url(id)}/text")
+        BtpsObject.new(data || {})
+      end
+
+      # GET /secrets-safe/secrets/{secretId}/file
+      # Returns file-secret metadata as a BtpsObject (JSON, not binary).
+      def self.retrieve_file(id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:get, "#{resource_url(id)}/file")
+        BtpsObject.new(data || {})
+      end
+
+      # GET /secrets-safe/secrets/{secretId}/file/download
+      # Returns the raw binary content of the file secret.
+      def self.download_file(id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        requestor.request(:get, "#{resource_url(id)}/file/download")
+      end
+
+      # ── Typed update methods ──────────────────────────────────────────────────
+
+      # PUT /secrets-safe/secrets/{secretId}/text
+      def self.update_text(id, params, config: BtpsClient.config)
+        Validator.validate!(schema_for(:update_text), params)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:put, "#{resource_url(id)}/text", body: params)
+        data ? new(data) : true
+      end
+
+      # PUT /secrets-safe/secrets/{secretId}/file  (multipart/form-data)
+      def self.update_file(id, file:, metadata: {}, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        body      = { file: file }
+        body['secretmetadata'] = metadata.is_a?(String) ? metadata : metadata.to_json unless metadata.empty?
+        data = requestor.request(:put, "#{resource_url(id)}/file", body: body, opts: { multipart: true })
+        data ? new(data) : true
+      end
+
+      # ── Bulk move ─────────────────────────────────────────────────────────────
+
+      # PUT /secrets-safe/secrets/move
+      # Moves one or more secrets/shares to the destination folder.
+      # params: { SecretIds: [...], ShareIds: [...], DestinationFolderId: '...', DuplicateNameAction: '...' }
+      def self.move(params, config: BtpsClient.config)
+        Validator.validate!(schema_for(:move), params)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:put, 'secrets-safe/secrets/move', body: params)
+        data ? BtpsObject.new(data) : true
+      end
+
+      # ── CSV bulk upload ───────────────────────────────────────────────────────
+
+      # POST /secrets-safe/folders/{folderId}/upload
+      # Imports a CSV file of secrets into the given folder.
+      def self.upload_csv(folder_id, file:, config: BtpsClient.config)
+        upload(folder_id, file: file,
+                          base_path: 'secrets-safe/folders', sub_path: 'upload', config: config)
+      end
+
+      # ── Shares sub-resource ───────────────────────────────────────────────────
+
+      # GET /secrets-safe/secrets/{secretId}/shares
+      def self.shares(secret_id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        data      = requestor.request(:get, "#{resource_url(secret_id)}/shares")
+        Array(data).map { |item| BtpsObject.new(item) }
+      end
+
+      # POST /secrets-safe/secrets/{secretId}/shares/{folderId}
+      def self.share_to_folder(secret_id, folder_id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        requestor.request(:post, "#{resource_url(secret_id)}/shares/#{folder_id}")
+        true
+      end
+
+      # DELETE /secrets-safe/secrets/{secretId}/shares/{folderId}
+      def self.unshare_from_folder(secret_id, folder_id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        requestor.request(:delete, "#{resource_url(secret_id)}/shares/#{folder_id}")
+        true
+      end
+
+      # DELETE /secrets-safe/secrets/{secretId}/shares
+      def self.unshare_all(secret_id, config: BtpsClient.config)
+        requestor = ApiRequestor.new(config)
+        requestor.request(:delete, "#{resource_url(secret_id)}/shares")
+        true
+      end
+    end
+  end
+end

data/lib/btps_client/schema_builder.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module BtpsClient
+  # DSL for declaring parameter schemas inline on resource classes.
+  #
+  # Used inside param_schema blocks on ApiResource subclasses:
+  #
+  #   param_schema :create do
+  #     required 'Name',        type: :string, min_length: 1, max_length: 256
+  #     optional 'Description', type: :string, max_length: 256
+  #     optional 'ParentId',    type: :string, format: :uuid
+  #     optional 'Notes',       type: :string, max_length: 4_000, nullable: true
+  #   end
+  #
+  # Produces a plain Hash passed directly to Validator.validate!.
+  #
+  # Supported rules:
+  #   type        — :string, :integer, :array, :boolean
+  #   min_length  — minimum string length (inclusive)
+  #   max_length  — maximum string length (inclusive)
+  #   minimum     — minimum integer value (inclusive)
+  #   maximum     — maximum integer value (inclusive)
+  #   format      — :uuid
+  #   values      — Array of allowed string values (enum)
+  #   nullable    — when true, an explicit nil value is accepted and all
+  #                 other rules (type, length, etc.) are skipped for that field
+  class SchemaBuilder
+    def initialize
+      @required = []
+      @fields   = {}
+    end
+
+    # Declares a required field with optional constraint rules.
+    def required(name, **rules)
+      n = name.to_s
+      @required << n
+      @fields[n] = rules
+    end
+
+    # Declares an optional field with optional constraint rules.
+    def optional(name, **rules)
+      @fields[name.to_s] = rules
+    end
+
+    # Returns the frozen schema hash consumed by Validator.validate!
+    def to_h
+      { required: @required.freeze, fields: @fields.freeze }.freeze
+    end
+  end
+end

data/lib/btps_client/services/auth_service.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require 'uri'
+
+module BtpsClient
+  module Services
+    # Standalone service for Auth endpoints — does not extend ApiResource.
+    # Swagger tag: Auth + Password Safe OAuth Proxy
+    #
+    #   client.auth.sign_in          → POST /auth/signappin
+    #   client.auth.sign_out         → POST /auth/signout
+    #   client.auth.acquire_token    → POST /auth/connect/token  (form-encoded)
+    class AuthService
+      def initialize(config)
+        @config = config
+      end
+
+      # POST /api/public/v3/auth/signappin
+      # Authenticates credentials and creates a session.
+      # Returns a BtpsObject wrapping the AuthUserModel response.
+      def sign_in(params = {})
+        requestor = ApiRequestor.new(@config)
+        data      = requestor.request(:post, 'auth/signappin', body: params)
+        BtpsObject.new(data || {})
+      end
+
+      # POST /api/public/v3/auth/signout
+      # Terminates the current session.
+      # Returns true on success.
+      def sign_out
+        requestor = ApiRequestor.new(@config)
+        requestor.request(:post, 'auth/signout')
+        true
+      end
+
+      # POST /api/public/v3/auth/connect/token
+      # OAuth2 Client Credentials flow — returns AccessTokenResponse as BtpsObject.
+      # Merges client_id/client_secret from config unless overridden in params.
+      # Params keys are normalised to symbols so both string and symbol overrides work.
+      def acquire_token(params = {})
+        requestor = ApiRequestor.new(@config)
+
+        normalised = params.transform_keys(&:to_sym)
+        token_params = {
+          grant_type: 'client_credentials',
+          client_id: @config.client_id,
+          client_secret: @config.client_secret
+        }.merge(normalised)
+
+        form_body = URI.encode_www_form(token_params)
+        data      = requestor.request(:post, 'auth/connect/token',
+                                      body: form_body, opts: { form_encoded: true })
+        BtpsObject.new(data || {})
+      end
+    end
+  end
+end

data/lib/btps_client/services/credentials_service.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module BtpsClient
+  module Services
+    # Thin façade over Resources::Credential.
+    class CredentialsService
+      def initialize(config)
+        @config = config
+      end
+
+      def retrieve_by_request(request_id)
+        Resources::Credential.retrieve_by_request(request_id, config: @config)
+      end
+
+      def update_global(params)
+        Resources::Credential.update_global(params, config: @config)
+      end
+
+      def retrieve_for_account(managed_account_id, params = {})
+        Resources::Credential.retrieve_for_account(managed_account_id, params, config: @config)
+      end
+
+      def update_for_account(managed_account_id, params)
+        Resources::Credential.update_for_account(managed_account_id, params, config: @config)
+      end
+
+      def test_for_account(managed_account_id)
+        Resources::Credential.test_for_account(managed_account_id, config: @config)
+      end
+
+      def change_for_account(managed_account_id, params = {})
+        Resources::Credential.change_for_account(managed_account_id, params, config: @config)
+      end
+    end
+  end
+end

data/lib/btps_client/services/folders_service.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module BtpsClient
+  module Services
+    # Thin façade over Resources::Folder.
+    # All credentials are bound to the config passed at construction time.
+    class FoldersService
+      def initialize(config)
+        @config = config
+      end
+
+      def list(params = {})
+        Resources::Folder.list(params, config: @config)
+      end
+
+      def retrieve(id)
+        Resources::Folder.retrieve(id, config: @config)
+      end
+
+      def create(params)
+        Resources::Folder.create(params, config: @config)
+      end
+
+      def update(id, params)
+        Resources::Folder.update(id, params, config: @config)
+      end
+
+      def delete(id)
+        Resources::Folder.delete(id, config: @config)
+      end
+
+      def move(id, params)
+        Resources::Folder.move(id, params, config: @config)
+      end
+    end
+  end
+end

data/lib/btps_client/services/managed_accounts_service.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module BtpsClient
+  module Services
+    # Thin façade over Resources::ManagedAccount.
+    class ManagedAccountsService
+      def initialize(config)
+        @config = config
+      end
+
+      def list(params = {})
+        Resources::ManagedAccount.list(params, config: @config)
+      end
+
+      def retrieve(id)
+        Resources::ManagedAccount.retrieve(id, config: @config)
+      end
+
+      def update(id, params)
+        Resources::ManagedAccount.update(id, params, config: @config)
+      end
+
+      def delete(id)
+        Resources::ManagedAccount.delete(id, config: @config)
+      end
+
+      def list_by_system(system_id, params = {})
+        Resources::ManagedAccount.list_by_system(system_id, params, config: @config)
+      end
+
+      def create_in_system(system_id, params)
+        Resources::ManagedAccount.create_in_system(system_id, params, config: @config)
+      end
+
+      def delete_all_in_system(system_id)
+        Resources::ManagedAccount.delete_all_in_system(system_id, config: @config)
+      end
+
+      def delete_by_system_and_name(system_id, account_name)
+        Resources::ManagedAccount.delete_by_system_and_name(system_id, account_name, config: @config)
+      end
+
+      def list_by_smart_rule(smart_rule_id, params = {})
+        Resources::ManagedAccount.list_by_smart_rule(smart_rule_id, params, config: @config)
+      end
+    end
+  end
+end

data/lib/btps_client/services/requests_service.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module BtpsClient
+  module Services
+    # Thin façade over Resources::Request.
+    class RequestsService
+      def initialize(config)
+        @config = config
+      end
+
+      def list(params = {})
+        Resources::Request.list(params, config: @config)
+      end
+
+      def create(params)
+        Resources::Request.create(params, config: @config)
+      end
+
+      def checkin(id, params: {})
+        Resources::Request.checkin(id, params: params, config: @config)
+      end
+
+      def rotate_on_checkin(id, params: {})
+        Resources::Request.rotate_on_checkin(id, params: params, config: @config)
+      end
+
+      def approve(id, params = {})
+        Resources::Request.approve(id, params, config: @config)
+      end
+
+      def deny(id, params = {})
+        Resources::Request.deny(id, params, config: @config)
+      end
+
+      def terminate_by_account(managed_account_id)
+        Resources::Request.terminate_by_account(managed_account_id, config: @config)
+      end
+
+      def terminate_by_system(managed_system_id)
+        Resources::Request.terminate_by_system(managed_system_id, config: @config)
+      end
+    end
+  end
+end