permit-sdk 0.0.1

data/lib/openapi_client/api/resource_roles_api.rb

@@ -0,0 +1,813 @@
+=begin
+#Permit.io API
+
+# Authorization as a service 
+
+The version of the OpenAPI document: 2.0.0
+
+Generated by: https://openapi-generator.tech
+OpenAPI Generator version: 6.2.1
+
+=end
+
+require 'cgi'
+
+module OpenapiClient
+  class ResourceRolesApi
+    attr_accessor :api_client
+
+    def initialize(api_client = ApiClient.default)
+      @api_client = api_client
+    end
+    # Add Parent Role
+    # This endpoint is part of the role hierarchy feature.  Makes role with id `role_id` extend the role with id `parent_role_id`. In other words, `role_id` will automatically be assigned any permissions that are granted to `parent_role_id`.  We can say the `role_id` **extends** `parent_role_id` or **inherits** from `parent_role_id`.  If `role_id` is already an ancestor of `parent_role_id`, the request will fail with HTTP 400 to prevent a cycle in the role hierarchy.  Both roles must be defined on the same resource, identified by id `resource_id`.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\").
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\").
+    # @param parent_role_id [String] Either the unique id of the parent role, or the URL-friendly key of the parent role (i.e: the \"slug\").
+    # @param [Hash] opts the optional parameters
+    # @return [ResourceRoleRead]
+    def add_parent_resource_role(proj_id, env_id, resource_id, role_id, parent_role_id, opts = {})
+      data, _status_code, _headers = add_parent_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, parent_role_id, opts)
+      data
+    end
+
+    # Add Parent Role
+    # This endpoint is part of the role hierarchy feature.  Makes role with id `role_id` extend the role with id `parent_role_id`. In other words, `role_id` will automatically be assigned any permissions that are granted to `parent_role_id`.  We can say the `role_id` **extends** `parent_role_id` or **inherits** from `parent_role_id`.  If `role_id` is already an ancestor of `parent_role_id`, the request will fail with HTTP 400 to prevent a cycle in the role hierarchy.  Both roles must be defined on the same resource, identified by id `resource_id`.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \"slug\").
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \"slug\").
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \"slug\").
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \"slug\").
+    # @param parent_role_id [String] Either the unique id of the parent role, or the URL-friendly key of the parent role (i.e: the \"slug\").
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(ResourceRoleRead, Integer, Hash)>] ResourceRoleRead data, response status code and response headers
+    def add_parent_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, parent_role_id, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ResourceRolesApi.add_parent_resource_role ...'
+      end
+      # verify the required parameter 'proj_id' is set
+      if @api_client.config.client_side_validation && proj_id.nil?
+        fail ArgumentError, "Missing the required parameter 'proj_id' when calling ResourceRolesApi.add_parent_resource_role"
+      end
+      # verify the required parameter 'env_id' is set
+      if @api_client.config.client_side_validation && env_id.nil?
+        fail ArgumentError, "Missing the required parameter 'env_id' when calling ResourceRolesApi.add_parent_resource_role"
+      end
+      # verify the required parameter 'resource_id' is set
+      if @api_client.config.client_side_validation && resource_id.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_id' when calling ResourceRolesApi.add_parent_resource_role"
+      end
+      # verify the required parameter 'role_id' is set
+      if @api_client.config.client_side_validation && role_id.nil?
+        fail ArgumentError, "Missing the required parameter 'role_id' when calling ResourceRolesApi.add_parent_resource_role"
+      end
+      # verify the required parameter 'parent_role_id' is set
+      if @api_client.config.client_side_validation && parent_role_id.nil?
+        fail ArgumentError, "Missing the required parameter 'parent_role_id' when calling ResourceRolesApi.add_parent_resource_role"
+      end
+      # resource path
+      local_var_path = '/v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/parents/{parent_role_id}'.sub('{' + 'proj_id' + '}', CGI.escape(proj_id.to_s)).sub('{' + 'env_id' + '}', CGI.escape(env_id.to_s)).sub('{' + 'resource_id' + '}', CGI.escape(resource_id.to_s)).sub('{' + 'role_id' + '}', CGI.escape(role_id.to_s)).sub('{' + 'parent_role_id' + '}', CGI.escape(parent_role_id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'ResourceRoleRead'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ResourceRolesApi.add_parent_resource_role",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:PUT, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ResourceRolesApi#add_parent_resource_role\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # Assign Permissions to Role
+    # Assign permissions to role.  If some of the permissions specified are already unassigned, will skip them.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param add_role_permissions [AddRolePermissions] 
+    # @param [Hash] opts the optional parameters
+    # @return [ResourceRoleRead]
+    def assign_permissions_to_resource_role(proj_id, env_id, resource_id, role_id, add_role_permissions, opts = {})
+      data, _status_code, _headers = assign_permissions_to_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, add_role_permissions, opts)
+      data
+    end
+
+    # Assign Permissions to Role
+    # Assign permissions to role.  If some of the permissions specified are already unassigned, will skip them.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param add_role_permissions [AddRolePermissions] 
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(ResourceRoleRead, Integer, Hash)>] ResourceRoleRead data, response status code and response headers
+    def assign_permissions_to_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, add_role_permissions, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ResourceRolesApi.assign_permissions_to_resource_role ...'
+      end
+      # verify the required parameter 'proj_id' is set
+      if @api_client.config.client_side_validation && proj_id.nil?
+        fail ArgumentError, "Missing the required parameter 'proj_id' when calling ResourceRolesApi.assign_permissions_to_resource_role"
+      end
+      # verify the required parameter 'env_id' is set
+      if @api_client.config.client_side_validation && env_id.nil?
+        fail ArgumentError, "Missing the required parameter 'env_id' when calling ResourceRolesApi.assign_permissions_to_resource_role"
+      end
+      # verify the required parameter 'resource_id' is set
+      if @api_client.config.client_side_validation && resource_id.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_id' when calling ResourceRolesApi.assign_permissions_to_resource_role"
+      end
+      # verify the required parameter 'role_id' is set
+      if @api_client.config.client_side_validation && role_id.nil?
+        fail ArgumentError, "Missing the required parameter 'role_id' when calling ResourceRolesApi.assign_permissions_to_resource_role"
+      end
+      # verify the required parameter 'add_role_permissions' is set
+      if @api_client.config.client_side_validation && add_role_permissions.nil?
+        fail ArgumentError, "Missing the required parameter 'add_role_permissions' when calling ResourceRolesApi.assign_permissions_to_resource_role"
+      end
+      # resource path
+      local_var_path = '/v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions'.sub('{' + 'proj_id' + '}', CGI.escape(proj_id.to_s)).sub('{' + 'env_id' + '}', CGI.escape(env_id.to_s)).sub('{' + 'resource_id' + '}', CGI.escape(resource_id.to_s)).sub('{' + 'role_id' + '}', CGI.escape(role_id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+          header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(add_role_permissions)
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'ResourceRoleRead'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ResourceRolesApi.assign_permissions_to_resource_role",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ResourceRolesApi#assign_permissions_to_resource_role\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # Create Resource Role
+    # Creates a new role associated with the resource.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param resource_role_create [ResourceRoleCreate] 
+    # @param [Hash] opts the optional parameters
+    # @return [ResourceRoleRead]
+    def create_resource_role(proj_id, env_id, resource_id, resource_role_create, opts = {})
+      data, _status_code, _headers = create_resource_role_with_http_info(proj_id, env_id, resource_id, resource_role_create, opts)
+      data
+    end
+
+    # Create Resource Role
+    # Creates a new role associated with the resource.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param resource_role_create [ResourceRoleCreate] 
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(ResourceRoleRead, Integer, Hash)>] ResourceRoleRead data, response status code and response headers
+    def create_resource_role_with_http_info(proj_id, env_id, resource_id, resource_role_create, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ResourceRolesApi.create_resource_role ...'
+      end
+      # verify the required parameter 'proj_id' is set
+      if @api_client.config.client_side_validation && proj_id.nil?
+        fail ArgumentError, "Missing the required parameter 'proj_id' when calling ResourceRolesApi.create_resource_role"
+      end
+      # verify the required parameter 'env_id' is set
+      if @api_client.config.client_side_validation && env_id.nil?
+        fail ArgumentError, "Missing the required parameter 'env_id' when calling ResourceRolesApi.create_resource_role"
+      end
+      # verify the required parameter 'resource_id' is set
+      if @api_client.config.client_side_validation && resource_id.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_id' when calling ResourceRolesApi.create_resource_role"
+      end
+      # verify the required parameter 'resource_role_create' is set
+      if @api_client.config.client_side_validation && resource_role_create.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_role_create' when calling ResourceRolesApi.create_resource_role"
+      end
+      # resource path
+      local_var_path = '/v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles'.sub('{' + 'proj_id' + '}', CGI.escape(proj_id.to_s)).sub('{' + 'env_id' + '}', CGI.escape(env_id.to_s)).sub('{' + 'resource_id' + '}', CGI.escape(resource_id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+          header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(resource_role_create)
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'ResourceRoleRead'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ResourceRolesApi.create_resource_role",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ResourceRolesApi#create_resource_role\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # Delete Resource Role
+    # Deletes the role and all its related data. This includes any permissions granted to said role.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param [Hash] opts the optional parameters
+    # @return [nil]
+    def delete_resource_role(proj_id, env_id, resource_id, role_id, opts = {})
+      delete_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, opts)
+      nil
+    end
+
+    # Delete Resource Role
+    # Deletes the role and all its related data. This includes any permissions granted to said role.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers
+    def delete_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ResourceRolesApi.delete_resource_role ...'
+      end
+      # verify the required parameter 'proj_id' is set
+      if @api_client.config.client_side_validation && proj_id.nil?
+        fail ArgumentError, "Missing the required parameter 'proj_id' when calling ResourceRolesApi.delete_resource_role"
+      end
+      # verify the required parameter 'env_id' is set
+      if @api_client.config.client_side_validation && env_id.nil?
+        fail ArgumentError, "Missing the required parameter 'env_id' when calling ResourceRolesApi.delete_resource_role"
+      end
+      # verify the required parameter 'resource_id' is set
+      if @api_client.config.client_side_validation && resource_id.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_id' when calling ResourceRolesApi.delete_resource_role"
+      end
+      # verify the required parameter 'role_id' is set
+      if @api_client.config.client_side_validation && role_id.nil?
+        fail ArgumentError, "Missing the required parameter 'role_id' when calling ResourceRolesApi.delete_resource_role"
+      end
+      # resource path
+      local_var_path = '/v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}'.sub('{' + 'proj_id' + '}', CGI.escape(proj_id.to_s)).sub('{' + 'env_id' + '}', CGI.escape(env_id.to_s)).sub('{' + 'resource_id' + '}', CGI.escape(resource_id.to_s)).sub('{' + 'role_id' + '}', CGI.escape(role_id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type]
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ResourceRolesApi.delete_resource_role",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ResourceRolesApi#delete_resource_role\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # Get Resource Role
+    # Gets a single role defined on the resource, if such role exists.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param [Hash] opts the optional parameters
+    # @return [ResourceRoleRead]
+    def get_resource_role(proj_id, env_id, resource_id, role_id, opts = {})
+      data, _status_code, _headers = get_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, opts)
+      data
+    end
+
+    # Get Resource Role
+    # Gets a single role defined on the resource, if such role exists.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(ResourceRoleRead, Integer, Hash)>] ResourceRoleRead data, response status code and response headers
+    def get_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ResourceRolesApi.get_resource_role ...'
+      end
+      # verify the required parameter 'proj_id' is set
+      if @api_client.config.client_side_validation && proj_id.nil?
+        fail ArgumentError, "Missing the required parameter 'proj_id' when calling ResourceRolesApi.get_resource_role"
+      end
+      # verify the required parameter 'env_id' is set
+      if @api_client.config.client_side_validation && env_id.nil?
+        fail ArgumentError, "Missing the required parameter 'env_id' when calling ResourceRolesApi.get_resource_role"
+      end
+      # verify the required parameter 'resource_id' is set
+      if @api_client.config.client_side_validation && resource_id.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_id' when calling ResourceRolesApi.get_resource_role"
+      end
+      # verify the required parameter 'role_id' is set
+      if @api_client.config.client_side_validation && role_id.nil?
+        fail ArgumentError, "Missing the required parameter 'role_id' when calling ResourceRolesApi.get_resource_role"
+      end
+      # resource path
+      local_var_path = '/v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}'.sub('{' + 'proj_id' + '}', CGI.escape(proj_id.to_s)).sub('{' + 'env_id' + '}', CGI.escape(env_id.to_s)).sub('{' + 'resource_id' + '}', CGI.escape(resource_id.to_s)).sub('{' + 'role_id' + '}', CGI.escape(role_id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'ResourceRoleRead'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ResourceRolesApi.get_resource_role",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ResourceRolesApi#get_resource_role\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # List Resource Roles
+    # Lists all the roles defined on the resource.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param [Hash] opts the optional parameters
+    # @option opts [Integer] :page Page number of the results to fetch, starting at 1. (default to 1)
+    # @option opts [Integer] :per_page The number of results per page (max 100). (default to 30)
+    # @return [Array<ResourceRoleRead>]
+    def list_resource_roles(proj_id, env_id, resource_id, opts = {})
+      data, _status_code, _headers = list_resource_roles_with_http_info(proj_id, env_id, resource_id, opts)
+      data
+    end
+
+    # List Resource Roles
+    # Lists all the roles defined on the resource.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param [Hash] opts the optional parameters
+    # @option opts [Integer] :page Page number of the results to fetch, starting at 1. (default to 1)
+    # @option opts [Integer] :per_page The number of results per page (max 100). (default to 30)
+    # @return [Array<(Array<ResourceRoleRead>, Integer, Hash)>] Array<ResourceRoleRead> data, response status code and response headers
+    def list_resource_roles_with_http_info(proj_id, env_id, resource_id, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ResourceRolesApi.list_resource_roles ...'
+      end
+      # verify the required parameter 'proj_id' is set
+      if @api_client.config.client_side_validation && proj_id.nil?
+        fail ArgumentError, "Missing the required parameter 'proj_id' when calling ResourceRolesApi.list_resource_roles"
+      end
+      # verify the required parameter 'env_id' is set
+      if @api_client.config.client_side_validation && env_id.nil?
+        fail ArgumentError, "Missing the required parameter 'env_id' when calling ResourceRolesApi.list_resource_roles"
+      end
+      # verify the required parameter 'resource_id' is set
+      if @api_client.config.client_side_validation && resource_id.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_id' when calling ResourceRolesApi.list_resource_roles"
+      end
+      if @api_client.config.client_side_validation && !opts[:'page'].nil? && opts[:'page'] < 1
+        fail ArgumentError, 'invalid value for "opts[:"page"]" when calling ResourceRolesApi.list_resource_roles, must be greater than or equal to 1.'
+      end
+
+      if @api_client.config.client_side_validation && !opts[:'per_page'].nil? && opts[:'per_page'] > 100
+        fail ArgumentError, 'invalid value for "opts[:"per_page"]" when calling ResourceRolesApi.list_resource_roles, must be smaller than or equal to 100.'
+      end
+
+      if @api_client.config.client_side_validation && !opts[:'per_page'].nil? && opts[:'per_page'] < 1
+        fail ArgumentError, 'invalid value for "opts[:"per_page"]" when calling ResourceRolesApi.list_resource_roles, must be greater than or equal to 1.'
+      end
+
+      # resource path
+      local_var_path = '/v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles'.sub('{' + 'proj_id' + '}', CGI.escape(proj_id.to_s)).sub('{' + 'env_id' + '}', CGI.escape(env_id.to_s)).sub('{' + 'resource_id' + '}', CGI.escape(resource_id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'page'] = opts[:'page'] if !opts[:'page'].nil?
+      query_params[:'per_page'] = opts[:'per_page'] if !opts[:'per_page'].nil?
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'Array<ResourceRoleRead>'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ResourceRolesApi.list_resource_roles",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ResourceRolesApi#list_resource_roles\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # Remove Parent Role
+    # This endpoint is part of the role hierarchy feature.  Removes `parent_role_id` from the list of parent roles of role with id `role_id`. In other words, `role_id` will no longer be automatically assigned permissions that are granted to `parent_role_id`.  We can say the `role_id` **not longer extends** `parent_role_id` or **no longer inherits** from `parent_role_id`.  Both roles must be defined on the same resource, identified by id `resource_id`.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param parent_role_id [String] Either the unique id of the parent role, or the URL-friendly key of the parent role (i.e: the \&quot;slug\&quot;).
+    # @param [Hash] opts the optional parameters
+    # @return [ResourceRoleRead]
+    def remove_parent_resource_role(proj_id, env_id, resource_id, role_id, parent_role_id, opts = {})
+      data, _status_code, _headers = remove_parent_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, parent_role_id, opts)
+      data
+    end
+
+    # Remove Parent Role
+    # This endpoint is part of the role hierarchy feature.  Removes &#x60;parent_role_id&#x60; from the list of parent roles of role with id &#x60;role_id&#x60;. In other words, &#x60;role_id&#x60; will no longer be automatically assigned permissions that are granted to &#x60;parent_role_id&#x60;.  We can say the &#x60;role_id&#x60; **not longer extends** &#x60;parent_role_id&#x60; or **no longer inherits** from &#x60;parent_role_id&#x60;.  Both roles must be defined on the same resource, identified by id &#x60;resource_id&#x60;.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param parent_role_id [String] Either the unique id of the parent role, or the URL-friendly key of the parent role (i.e: the \&quot;slug\&quot;).
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(ResourceRoleRead, Integer, Hash)>] ResourceRoleRead data, response status code and response headers
+    def remove_parent_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, parent_role_id, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ResourceRolesApi.remove_parent_resource_role ...'
+      end
+      # verify the required parameter 'proj_id' is set
+      if @api_client.config.client_side_validation && proj_id.nil?
+        fail ArgumentError, "Missing the required parameter 'proj_id' when calling ResourceRolesApi.remove_parent_resource_role"
+      end
+      # verify the required parameter 'env_id' is set
+      if @api_client.config.client_side_validation && env_id.nil?
+        fail ArgumentError, "Missing the required parameter 'env_id' when calling ResourceRolesApi.remove_parent_resource_role"
+      end
+      # verify the required parameter 'resource_id' is set
+      if @api_client.config.client_side_validation && resource_id.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_id' when calling ResourceRolesApi.remove_parent_resource_role"
+      end
+      # verify the required parameter 'role_id' is set
+      if @api_client.config.client_side_validation && role_id.nil?
+        fail ArgumentError, "Missing the required parameter 'role_id' when calling ResourceRolesApi.remove_parent_resource_role"
+      end
+      # verify the required parameter 'parent_role_id' is set
+      if @api_client.config.client_side_validation && parent_role_id.nil?
+        fail ArgumentError, "Missing the required parameter 'parent_role_id' when calling ResourceRolesApi.remove_parent_resource_role"
+      end
+      # resource path
+      local_var_path = '/v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/parents/{parent_role_id}'.sub('{' + 'proj_id' + '}', CGI.escape(proj_id.to_s)).sub('{' + 'env_id' + '}', CGI.escape(env_id.to_s)).sub('{' + 'resource_id' + '}', CGI.escape(resource_id.to_s)).sub('{' + 'role_id' + '}', CGI.escape(role_id.to_s)).sub('{' + 'parent_role_id' + '}', CGI.escape(parent_role_id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'ResourceRoleRead'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ResourceRolesApi.remove_parent_resource_role",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ResourceRolesApi#remove_parent_resource_role\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # Remove Permissions from Role
+    # Remove permissions from role.  If some of the permissions specified are already unassigned, will skip them.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param remove_role_permissions [RemoveRolePermissions] 
+    # @param [Hash] opts the optional parameters
+    # @return [ResourceRoleRead]
+    def remove_permissions_from_resource_role(proj_id, env_id, resource_id, role_id, remove_role_permissions, opts = {})
+      data, _status_code, _headers = remove_permissions_from_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, remove_role_permissions, opts)
+      data
+    end
+
+    # Remove Permissions from Role
+    # Remove permissions from role.  If some of the permissions specified are already unassigned, will skip them.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param remove_role_permissions [RemoveRolePermissions] 
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(ResourceRoleRead, Integer, Hash)>] ResourceRoleRead data, response status code and response headers
+    def remove_permissions_from_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, remove_role_permissions, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ResourceRolesApi.remove_permissions_from_resource_role ...'
+      end
+      # verify the required parameter 'proj_id' is set
+      if @api_client.config.client_side_validation && proj_id.nil?
+        fail ArgumentError, "Missing the required parameter 'proj_id' when calling ResourceRolesApi.remove_permissions_from_resource_role"
+      end
+      # verify the required parameter 'env_id' is set
+      if @api_client.config.client_side_validation && env_id.nil?
+        fail ArgumentError, "Missing the required parameter 'env_id' when calling ResourceRolesApi.remove_permissions_from_resource_role"
+      end
+      # verify the required parameter 'resource_id' is set
+      if @api_client.config.client_side_validation && resource_id.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_id' when calling ResourceRolesApi.remove_permissions_from_resource_role"
+      end
+      # verify the required parameter 'role_id' is set
+      if @api_client.config.client_side_validation && role_id.nil?
+        fail ArgumentError, "Missing the required parameter 'role_id' when calling ResourceRolesApi.remove_permissions_from_resource_role"
+      end
+      # verify the required parameter 'remove_role_permissions' is set
+      if @api_client.config.client_side_validation && remove_role_permissions.nil?
+        fail ArgumentError, "Missing the required parameter 'remove_role_permissions' when calling ResourceRolesApi.remove_permissions_from_resource_role"
+      end
+      # resource path
+      local_var_path = '/v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}/permissions'.sub('{' + 'proj_id' + '}', CGI.escape(proj_id.to_s)).sub('{' + 'env_id' + '}', CGI.escape(env_id.to_s)).sub('{' + 'resource_id' + '}', CGI.escape(resource_id.to_s)).sub('{' + 'role_id' + '}', CGI.escape(role_id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+          header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(remove_role_permissions)
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'ResourceRoleRead'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ResourceRolesApi.remove_permissions_from_resource_role",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ResourceRolesApi#remove_permissions_from_resource_role\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # Update Resource Role
+    # Partially updates the role defined on a resource. Fields that will be provided will be completely overwritten.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param resource_role_update [ResourceRoleUpdate] 
+    # @param [Hash] opts the optional parameters
+    # @return [ResourceRoleRead]
+    def update_resource_role(proj_id, env_id, resource_id, role_id, resource_role_update, opts = {})
+      data, _status_code, _headers = update_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, resource_role_update, opts)
+      data
+    end
+
+    # Update Resource Role
+    # Partially updates the role defined on a resource. Fields that will be provided will be completely overwritten.
+    # @param proj_id [String] Either the unique id of the project, or the URL-friendly key of the project (i.e: the \&quot;slug\&quot;).
+    # @param env_id [String] Either the unique id of the environment, or the URL-friendly key of the environment (i.e: the \&quot;slug\&quot;).
+    # @param resource_id [String] Either the unique id of the resource, or the URL-friendly key of the resource (i.e: the \&quot;slug\&quot;).
+    # @param role_id [String] Either the unique id of the role, or the URL-friendly key of the role (i.e: the \&quot;slug\&quot;).
+    # @param resource_role_update [ResourceRoleUpdate] 
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(ResourceRoleRead, Integer, Hash)>] ResourceRoleRead data, response status code and response headers
+    def update_resource_role_with_http_info(proj_id, env_id, resource_id, role_id, resource_role_update, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ResourceRolesApi.update_resource_role ...'
+      end
+      # verify the required parameter 'proj_id' is set
+      if @api_client.config.client_side_validation && proj_id.nil?
+        fail ArgumentError, "Missing the required parameter 'proj_id' when calling ResourceRolesApi.update_resource_role"
+      end
+      # verify the required parameter 'env_id' is set
+      if @api_client.config.client_side_validation && env_id.nil?
+        fail ArgumentError, "Missing the required parameter 'env_id' when calling ResourceRolesApi.update_resource_role"
+      end
+      # verify the required parameter 'resource_id' is set
+      if @api_client.config.client_side_validation && resource_id.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_id' when calling ResourceRolesApi.update_resource_role"
+      end
+      # verify the required parameter 'role_id' is set
+      if @api_client.config.client_side_validation && role_id.nil?
+        fail ArgumentError, "Missing the required parameter 'role_id' when calling ResourceRolesApi.update_resource_role"
+      end
+      # verify the required parameter 'resource_role_update' is set
+      if @api_client.config.client_side_validation && resource_role_update.nil?
+        fail ArgumentError, "Missing the required parameter 'resource_role_update' when calling ResourceRolesApi.update_resource_role"
+      end
+      # resource path
+      local_var_path = '/v2/schema/{proj_id}/{env_id}/resources/{resource_id}/roles/{role_id}'.sub('{' + 'proj_id' + '}', CGI.escape(proj_id.to_s)).sub('{' + 'env_id' + '}', CGI.escape(env_id.to_s)).sub('{' + 'resource_id' + '}', CGI.escape(resource_id.to_s)).sub('{' + 'role_id' + '}', CGI.escape(role_id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+          header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(resource_role_update)
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'ResourceRoleRead'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ResourceRolesApi.update_resource_role",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ResourceRolesApi#update_resource_role\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+  end
+end