strongdm 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (216) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE +201 -0
  3. data/README.md +30 -0
  4. data/doc/Google.html +95 -0
  5. data/doc/Google/Protobuf.html +95 -0
  6. data/doc/LICENSE.html +294 -0
  7. data/doc/Object.html +290 -0
  8. data/doc/README_md.html +128 -0
  9. data/doc/SDM.html +143 -0
  10. data/doc/SDM/AKS.html +347 -0
  11. data/doc/SDM/AKSBasicAuth.html +279 -0
  12. data/doc/SDM/AKSServiceAccount.html +262 -0
  13. data/doc/SDM/AccountAttachment.html +217 -0
  14. data/doc/SDM/AccountAttachmentCreateOptions.html +182 -0
  15. data/doc/SDM/AccountAttachmentCreateResponse.html +216 -0
  16. data/doc/SDM/AccountAttachmentDeleteResponse.html +199 -0
  17. data/doc/SDM/AccountAttachmentGetResponse.html +215 -0
  18. data/doc/SDM/AccountAttachments.html +429 -0
  19. data/doc/SDM/AccountCreateResponse.html +232 -0
  20. data/doc/SDM/AccountDeleteResponse.html +197 -0
  21. data/doc/SDM/AccountGetResponse.html +214 -0
  22. data/doc/SDM/AccountGrant.html +253 -0
  23. data/doc/SDM/AccountGrantCreateResponse.html +215 -0
  24. data/doc/SDM/AccountGrantDeleteResponse.html +198 -0
  25. data/doc/SDM/AccountGrantGetResponse.html +214 -0
  26. data/doc/SDM/AccountGrants.html +425 -0
  27. data/doc/SDM/AccountUpdateResponse.html +214 -0
  28. data/doc/SDM/Accounts.html +492 -0
  29. data/doc/SDM/AlreadyExistsError.html +161 -0
  30. data/doc/SDM/AmazonEKS.html +330 -0
  31. data/doc/SDM/AmazonES.html +296 -0
  32. data/doc/SDM/Athena.html +296 -0
  33. data/doc/SDM/AuroraMysql.html +313 -0
  34. data/doc/SDM/AuroraPostgres.html +330 -0
  35. data/doc/SDM/AuthenticationError.html +161 -0
  36. data/doc/SDM/BadRequestError.html +161 -0
  37. data/doc/SDM/BigQuery.html +296 -0
  38. data/doc/SDM/Cassandra.html +313 -0
  39. data/doc/SDM/Client.html +549 -0
  40. data/doc/SDM/Clustrix.html +313 -0
  41. data/doc/SDM/Cockroach.html +330 -0
  42. data/doc/SDM/CreateResponseMetadata.html +156 -0
  43. data/doc/SDM/DeadlineExceededError.html +161 -0
  44. data/doc/SDM/DeleteResponseMetadata.html +156 -0
  45. data/doc/SDM/Druid.html +296 -0
  46. data/doc/SDM/DynamoDB.html +296 -0
  47. data/doc/SDM/Elastic.html +313 -0
  48. data/doc/SDM/ElasticacheRedis.html +296 -0
  49. data/doc/SDM/Gateway.html +252 -0
  50. data/doc/SDM/GetResponseMetadata.html +156 -0
  51. data/doc/SDM/GoogleGKE.html +296 -0
  52. data/doc/SDM/Greenplum.html +330 -0
  53. data/doc/SDM/HTTPAuth.html +313 -0
  54. data/doc/SDM/HTTPBasicAuth.html +330 -0
  55. data/doc/SDM/HTTPNoAuth.html +296 -0
  56. data/doc/SDM/InternalError.html +161 -0
  57. data/doc/SDM/Kubernetes.html +347 -0
  58. data/doc/SDM/KubernetesBasicAuth.html +279 -0
  59. data/doc/SDM/KubernetesServiceAccount.html +262 -0
  60. data/doc/SDM/Maria.html +313 -0
  61. data/doc/SDM/Memcached.html +262 -0
  62. data/doc/SDM/Memsql.html +313 -0
  63. data/doc/SDM/MongoHost.html +330 -0
  64. data/doc/SDM/MongoLegacyHost.html +347 -0
  65. data/doc/SDM/MongoLegacyReplicaset.html +364 -0
  66. data/doc/SDM/MongoReplicaSet.html +364 -0
  67. data/doc/SDM/Mysql.html +313 -0
  68. data/doc/SDM/NodeCreateResponse.html +232 -0
  69. data/doc/SDM/NodeDeleteResponse.html +197 -0
  70. data/doc/SDM/NodeGetResponse.html +214 -0
  71. data/doc/SDM/NodeUpdateResponse.html +214 -0
  72. data/doc/SDM/Nodes.html +493 -0
  73. data/doc/SDM/NotFoundError.html +161 -0
  74. data/doc/SDM/Oracle.html +330 -0
  75. data/doc/SDM/PermissionError.html +161 -0
  76. data/doc/SDM/Plumbing.html +15821 -0
  77. data/doc/SDM/Postgres.html +330 -0
  78. data/doc/SDM/Presto.html +330 -0
  79. data/doc/SDM/RDP.html +296 -0
  80. data/doc/SDM/RPCError.html +182 -0
  81. data/doc/SDM/RateLimitError.html +183 -0
  82. data/doc/SDM/RateLimitMetadata.html +233 -0
  83. data/doc/SDM/Redis.html +279 -0
  84. data/doc/SDM/Redshift.html +330 -0
  85. data/doc/SDM/Relay.html +216 -0
  86. data/doc/SDM/ResourceCreateResponse.html +214 -0
  87. data/doc/SDM/ResourceDeleteResponse.html +197 -0
  88. data/doc/SDM/ResourceGetResponse.html +214 -0
  89. data/doc/SDM/ResourceUpdateResponse.html +215 -0
  90. data/doc/SDM/Resources.html +482 -0
  91. data/doc/SDM/Role.html +216 -0
  92. data/doc/SDM/RoleAttachment.html +216 -0
  93. data/doc/SDM/RoleAttachmentCreateResponse.html +216 -0
  94. data/doc/SDM/RoleAttachmentDeleteResponse.html +199 -0
  95. data/doc/SDM/RoleAttachmentGetResponse.html +214 -0
  96. data/doc/SDM/RoleAttachments.html +427 -0
  97. data/doc/SDM/RoleCreateResponse.html +215 -0
  98. data/doc/SDM/RoleDeleteResponse.html +197 -0
  99. data/doc/SDM/RoleGetResponse.html +214 -0
  100. data/doc/SDM/RoleGrant.html +214 -0
  101. data/doc/SDM/RoleGrantCreateResponse.html +215 -0
  102. data/doc/SDM/RoleGrantDeleteResponse.html +198 -0
  103. data/doc/SDM/RoleGrantGetResponse.html +214 -0
  104. data/doc/SDM/RoleGrants.html +427 -0
  105. data/doc/SDM/RoleUpdateResponse.html +215 -0
  106. data/doc/SDM/Roles.html +490 -0
  107. data/doc/SDM/SQLServer.html +347 -0
  108. data/doc/SDM/SSH.html +296 -0
  109. data/doc/SDM/Service.html +215 -0
  110. data/doc/SDM/Snowflake.html +313 -0
  111. data/doc/SDM/Sybase.html +296 -0
  112. data/doc/SDM/SybaseIQ.html +296 -0
  113. data/doc/SDM/Teradata.html +296 -0
  114. data/doc/SDM/UpdateResponseMetadata.html +156 -0
  115. data/doc/SDM/User.html +248 -0
  116. data/doc/V1.html +864 -0
  117. data/doc/V1/AccountAttachments.html +109 -0
  118. data/doc/V1/AccountAttachments/Service.html +116 -0
  119. data/doc/V1/AccountGrants.html +109 -0
  120. data/doc/V1/AccountGrants/Service.html +117 -0
  121. data/doc/V1/Accounts.html +109 -0
  122. data/doc/V1/Accounts/Service.html +122 -0
  123. data/doc/V1/Nodes.html +109 -0
  124. data/doc/V1/Nodes/Service.html +124 -0
  125. data/doc/V1/Resources.html +109 -0
  126. data/doc/V1/Resources/Service.html +113 -0
  127. data/doc/V1/RoleAttachments.html +109 -0
  128. data/doc/V1/RoleAttachments/Service.html +119 -0
  129. data/doc/V1/RoleGrants.html +109 -0
  130. data/doc/V1/RoleGrants/Service.html +119 -0
  131. data/doc/V1/Roles.html +109 -0
  132. data/doc/V1/Roles/Service.html +120 -0
  133. data/doc/created.rid +37 -0
  134. data/doc/css/fonts.css +167 -0
  135. data/doc/css/rdoc.css +590 -0
  136. data/doc/examples/Gemfile.html +95 -0
  137. data/doc/examples/Gemfile_lock.html +112 -0
  138. data/doc/examples/README_md.html +95 -0
  139. data/doc/fonts/Lato-Light.ttf +0 -0
  140. data/doc/fonts/Lato-LightItalic.ttf +0 -0
  141. data/doc/fonts/Lato-Regular.ttf +0 -0
  142. data/doc/fonts/Lato-RegularItalic.ttf +0 -0
  143. data/doc/fonts/SourceCodePro-Bold.ttf +0 -0
  144. data/doc/fonts/SourceCodePro-Regular.ttf +0 -0
  145. data/doc/images/add.png +0 -0
  146. data/doc/images/arrow_up.png +0 -0
  147. data/doc/images/brick.png +0 -0
  148. data/doc/images/brick_link.png +0 -0
  149. data/doc/images/bug.png +0 -0
  150. data/doc/images/bullet_black.png +0 -0
  151. data/doc/images/bullet_toggle_minus.png +0 -0
  152. data/doc/images/bullet_toggle_plus.png +0 -0
  153. data/doc/images/date.png +0 -0
  154. data/doc/images/delete.png +0 -0
  155. data/doc/images/find.png +0 -0
  156. data/doc/images/loadingAnimation.gif +0 -0
  157. data/doc/images/macFFBgHack.png +0 -0
  158. data/doc/images/package.png +0 -0
  159. data/doc/images/page_green.png +0 -0
  160. data/doc/images/page_white_text.png +0 -0
  161. data/doc/images/page_white_width.png +0 -0
  162. data/doc/images/plugin.png +0 -0
  163. data/doc/images/ruby.png +0 -0
  164. data/doc/images/tag_blue.png +0 -0
  165. data/doc/images/tag_green.png +0 -0
  166. data/doc/images/transparent.png +0 -0
  167. data/doc/images/wrench.png +0 -0
  168. data/doc/images/wrench_orange.png +0 -0
  169. data/doc/images/zoom.png +0 -0
  170. data/doc/index.html +353 -0
  171. data/doc/js/darkfish.js +161 -0
  172. data/doc/js/jquery.js +4 -0
  173. data/doc/js/navigation.js +142 -0
  174. data/doc/js/navigation.js.gz +0 -0
  175. data/doc/js/search.js +109 -0
  176. data/doc/js/search_index.js +1 -0
  177. data/doc/js/search_index.js.gz +0 -0
  178. data/doc/js/searcher.js +228 -0
  179. data/doc/js/searcher.js.gz +0 -0
  180. data/doc/lib/version.html +98 -0
  181. data/doc/strongdm_gemspec.html +117 -0
  182. data/doc/table_of_contents.html +3002 -0
  183. data/examples/Gemfile +3 -0
  184. data/examples/Gemfile.lock +14 -0
  185. data/examples/README.md +5 -0
  186. data/examples/listUsers.rb +21 -0
  187. data/examples/panicButton.rb +154 -0
  188. data/lib/errors/errors.rb +85 -0
  189. data/lib/grpc/account_attachments_pb.rb +84 -0
  190. data/lib/grpc/account_attachments_services_pb.rb +44 -0
  191. data/lib/grpc/account_grants_pb.rb +82 -0
  192. data/lib/grpc/account_grants_services_pb.rb +44 -0
  193. data/lib/grpc/accounts_pb.rb +107 -0
  194. data/lib/grpc/accounts_services_pb.rb +49 -0
  195. data/lib/grpc/drivers_pb.rb +601 -0
  196. data/lib/grpc/nodes_pb.rb +107 -0
  197. data/lib/grpc/nodes_services_pb.rb +49 -0
  198. data/lib/grpc/options_pb.rb +60 -0
  199. data/lib/grpc/plumbing.rb +4283 -0
  200. data/lib/grpc/protoc-gen-swagger/options/annotations_pb.rb +15 -0
  201. data/lib/grpc/resources_pb.rb +85 -0
  202. data/lib/grpc/resources_services_pb.rb +45 -0
  203. data/lib/grpc/role_attachments_pb.rb +79 -0
  204. data/lib/grpc/role_attachments_services_pb.rb +47 -0
  205. data/lib/grpc/role_grants_pb.rb +79 -0
  206. data/lib/grpc/role_grants_services_pb.rb +47 -0
  207. data/lib/grpc/roles_pb.rb +91 -0
  208. data/lib/grpc/roles_services_pb.rb +50 -0
  209. data/lib/grpc/spec_pb.rb +95 -0
  210. data/lib/models/porcelain.rb +4033 -0
  211. data/lib/strongdm.rb +128 -0
  212. data/lib/svc.rb +1331 -0
  213. data/lib/version +3 -0
  214. data/lib/version.rb +17 -0
  215. data/strongdm.gemspec +23 -0
  216. metadata +318 -0
data/lib/strongdm.rb ADDED
@@ -0,0 +1,128 @@
1
+ # Copyright 2020 StrongDM Inc
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+ #
15
+
16
+ # This file was generated by protogen. DO NOT EDIT.
17
+
18
+ require_relative "./svc"
19
+ require "base64"
20
+ require "openssl"
21
+
22
+ DEFAULT_MAX_RETRIES = 3
23
+ DEFAULT_BASE_RETRY_DELAY = 0.0030 # 30 ms
24
+ DEFAULT_MAX_RETRY_DELAY = 300 # 300 seconds
25
+
26
+ module SDM
27
+
28
+ # Client bundles all the services together and initializes them.
29
+ class Client
30
+ # Creates a new strongDM API client.
31
+ def initialize(api_access_key, api_secret_key, host:"api.strongdm.com:443", insecure:false)
32
+ @api_access_key = api_access_key
33
+ @api_secret_key = Base64.strict_decode64(api_secret_key)
34
+ @max_retries = DEFAULT_MAX_RETRIES
35
+ @base_retry_delay = DEFAULT_BASE_RETRY_DELAY
36
+ @max_retry_delay = DEFAULT_MAX_RETRY_DELAY
37
+ @account_attachments = AccountAttachments.new(host, insecure, self)
38
+ @account_grants = AccountGrants.new(host, insecure, self)
39
+ @accounts = Accounts.new(host, insecure, self)
40
+ @nodes = Nodes.new(host, insecure, self)
41
+ @resources = Resources.new(host, insecure, self)
42
+ @role_attachments = RoleAttachments.new(host, insecure, self)
43
+ @role_grants = RoleGrants.new(host, insecure, self)
44
+ @roles = Roles.new(host, insecure, self)
45
+ @_test_options = Hash.new
46
+ end
47
+
48
+ def get_metadata(method_name, req)
49
+ return { 'x-sdm-authentication': @api_access_key,'x-sdm-signature': self.sign(method_name, req.to_proto)}
50
+ end
51
+
52
+ def sign(method_name, msg_bytes)
53
+ current_utc_date = Time.now.utc
54
+ date = sprintf("%04d-%02d-%02d",current_utc_date.year, current_utc_date.month, current_utc_date.day)
55
+
56
+ signing_key = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, @api_secret_key, date)
57
+ signing_key = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, signing_key, 'sdm_api_v1')
58
+
59
+ sha_req = Digest::SHA256.new
60
+ sha_req << method_name
61
+ sha_req << "\n"
62
+ sha_req << msg_bytes
63
+ request_hash = sha_req.digest
64
+
65
+ return Base64.strict_encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, signing_key, request_hash))
66
+ end
67
+
68
+ def jitterSleep(iter)
69
+ dur_max = @base_retry_delay * 2**iter
70
+ if (dur_max > @max_retry_delay)
71
+ dur_max = @max_retry_delay
72
+ end
73
+ dur = rand() * dur_max
74
+ sleep(dur)
75
+ end
76
+
77
+ def shouldRetry(iter, err)
78
+ if (iter >= @max_retries-1)
79
+ return false
80
+ end
81
+ if not err .is_a? GRPC::BadStatus
82
+ return true
83
+ end
84
+ return err.code() == 13
85
+ end
86
+
87
+ attr_reader :max_retries
88
+ attr_reader :base_retry_delay
89
+ attr_reader :max_retry_delay
90
+
91
+ # API authentication token (read-only).
92
+ attr_reader :api_access_key
93
+ # AccountAttachments assign an account to a role.
94
+ attr_reader :account_attachments
95
+ # AccountGrants connect a resource directly to an account, giving the account the permission to connect to that resource.
96
+ attr_reader :account_grants
97
+ # Accounts are users that have access to strongDM.
98
+ # There are two types of accounts:
99
+ # 1. **Regular users:** humans who are authenticated through username and password or SSO
100
+ # 2. **Service users:** machines that are authneticated using a service token
101
+ attr_reader :accounts
102
+ # Nodes make up the strongDM network, and allow your users to connect securely to your resources.
103
+ # There are two types of nodes:
104
+ # 1. **Relay:** creates connectivity to your datasources, while maintaining the egress-only nature of your firewall
105
+ # 1. **Gateways:** a relay that also listens for connections from strongDM clients
106
+ attr_reader :nodes
107
+
108
+ attr_reader :resources
109
+ # RoleAttachments represent relationships between composite roles and the roles
110
+ # that make up those composite roles. When a composite role is attached to another
111
+ # role, the permissions granted to members of the composite role are augmented to
112
+ # include the permissions granted to members of the attached role.
113
+ attr_reader :role_attachments
114
+ # RoleGrants represent relationships between composite roles and the roles
115
+ # that make up those composite roles. When a composite role is attached to another
116
+ # role, the permissions granted to members of the composite role are augmented to
117
+ # include the permissions granted to members of the attached role.
118
+ attr_reader :role_grants
119
+ # Roles are tools for controlling user access to resources. Each Role holds a
120
+ # list of resources which they grant access to. Composite roles are a special
121
+ # type of Role which have no resource associations of their own, but instead
122
+ # grant access to the combined resources associated with a set of child roles.
123
+ # Each user can be a member of one Role or composite role.
124
+ attr_reader :roles
125
+ attr_reader :_test_options
126
+ end
127
+
128
+ end
data/lib/svc.rb ADDED
@@ -0,0 +1,1331 @@
1
+ # Copyright 2020 StrongDM Inc
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+ #
15
+
16
+ # This file was generated by protogen. DO NOT EDIT.
17
+
18
+ this_dir = File.expand_path(File.dirname(__FILE__))
19
+ lib_dir = File.join(this_dir, 'grpc')
20
+ $LOAD_PATH.unshift(lib_dir) unless $LOAD_PATH.include?(lib_dir)
21
+ require 'grpc'
22
+ require 'enumerator'
23
+ Dir[File.join(__dir__, 'grpc', '*.rb')].each {|file| require file }
24
+ Dir[File.join(__dir__, 'models', '*.rb')].each {|file| require file }
25
+
26
+ module SDM
27
+ # AccountAttachments assign an account to a role.
28
+ class AccountAttachments
29
+ def initialize(host, insecure, parent)
30
+ begin
31
+ if insecure
32
+ @stub = V1::AccountAttachments::Stub.new(host, :this_channel_is_insecure)
33
+ else
34
+ cred = GRPC::Core::ChannelCredentials.new()
35
+ @stub = V1::AccountAttachments::Stub.new(host, cred)
36
+ end
37
+ rescue => exception
38
+ raise Plumbing::error_to_porcelain(exception)
39
+ end
40
+ @parent = parent
41
+ end
42
+ # Create registers a new AccountAttachment.
43
+ def create(
44
+ account_attachment \
45
+ ,
46
+ options:nil,
47
+ deadline:nil)
48
+ req = V1::AccountAttachmentCreateRequest.new()
49
+
50
+ req.account_attachment = Plumbing::account_attachment_to_plumbing(account_attachment)
51
+ req.options = Plumbing::account_attachment_create_options_to_plumbing(options)
52
+ tries = 0
53
+ plumbing_response = nil
54
+ loop do
55
+ begin
56
+ plumbing_response = @stub.create(req, metadata: @parent.get_metadata('AccountAttachments.Create', req), deadline:deadline)
57
+ rescue => exception
58
+ if (@parent.shouldRetry(tries, exception))
59
+ tries++
60
+ @parent.jitterSleep(tries)
61
+ next
62
+ end
63
+ raise Plumbing::error_to_porcelain(exception)
64
+ end
65
+ break
66
+ end
67
+
68
+
69
+ resp = AccountAttachmentCreateResponse.new()
70
+ resp.meta = Plumbing::create_response_metadata_to_porcelain(plumbing_response.meta)
71
+ resp.account_attachment = Plumbing::account_attachment_to_porcelain(plumbing_response.account_attachment)
72
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
73
+ resp
74
+ end
75
+ # Get reads one AccountAttachment by ID.
76
+ def get(
77
+ id \
78
+ ,
79
+ deadline:nil)
80
+ req = V1::AccountAttachmentGetRequest.new()
81
+
82
+ req.id = id
83
+ tries = 0
84
+ plumbing_response = nil
85
+ loop do
86
+ begin
87
+ plumbing_response = @stub.get(req, metadata: @parent.get_metadata('AccountAttachments.Get', req), deadline:deadline)
88
+ rescue => exception
89
+ if (@parent.shouldRetry(tries, exception))
90
+ tries++
91
+ @parent.jitterSleep(tries)
92
+ next
93
+ end
94
+ raise Plumbing::error_to_porcelain(exception)
95
+ end
96
+ break
97
+ end
98
+
99
+
100
+ resp = AccountAttachmentGetResponse.new()
101
+ resp.meta = Plumbing::get_response_metadata_to_porcelain(plumbing_response.meta)
102
+ resp.account_attachment = Plumbing::account_attachment_to_porcelain(plumbing_response.account_attachment)
103
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
104
+ resp
105
+ end
106
+ # Delete removes a AccountAttachment by ID.
107
+ def delete(
108
+ id \
109
+ ,
110
+ deadline:nil)
111
+ req = V1::AccountAttachmentDeleteRequest.new()
112
+
113
+ req.id = id
114
+ tries = 0
115
+ plumbing_response = nil
116
+ loop do
117
+ begin
118
+ plumbing_response = @stub.delete(req, metadata: @parent.get_metadata('AccountAttachments.Delete', req), deadline:deadline)
119
+ rescue => exception
120
+ if (@parent.shouldRetry(tries, exception))
121
+ tries++
122
+ @parent.jitterSleep(tries)
123
+ next
124
+ end
125
+ raise Plumbing::error_to_porcelain(exception)
126
+ end
127
+ break
128
+ end
129
+
130
+
131
+ resp = AccountAttachmentDeleteResponse.new()
132
+ resp.meta = Plumbing::delete_response_metadata_to_porcelain(plumbing_response.meta)
133
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
134
+ resp
135
+ end
136
+ # List gets a list of AccountAttachments matching a given set of criteria.
137
+ def list(
138
+ filter \
139
+ ,
140
+ *args,
141
+ deadline:nil)
142
+ req = V1::AccountAttachmentListRequest.new()
143
+ req.meta = V1::ListRequestMetadata.new()
144
+ page_size_option = @parent._test_options['PageSize']
145
+ if page_size_option.is_a? Integer
146
+ req.meta.limit = page_size_option
147
+ end
148
+
149
+ req.filter = Plumbing::quote_filter_args(filter, *args)
150
+ resp = Enumerator::Generator.new { |g|
151
+ tries = 0
152
+ loop do
153
+ begin
154
+ plumbing_response = @stub.list(req, metadata: @parent.get_metadata('AccountAttachments.List', req), deadline:deadline)
155
+ rescue => exception
156
+ if (@parent.shouldRetry(tries, exception))
157
+ tries++
158
+ @parent.jitterSleep(tries)
159
+ next
160
+ end
161
+ raise Plumbing::error_to_porcelain(exception)
162
+ end
163
+ tries = 0
164
+ plumbing_response.account_attachments.each do |plumbing_item|
165
+ g.yield Plumbing::account_attachment_to_porcelain(plumbing_item)
166
+ end
167
+ break if plumbing_response.meta.next_cursor == ""
168
+ req.meta.cursor = plumbing_response.meta.next_cursor
169
+ end
170
+ }
171
+ resp
172
+ end
173
+ end
174
+ # AccountGrants connect a resource directly to an account, giving the account the permission to connect to that resource.
175
+ class AccountGrants
176
+ def initialize(host, insecure, parent)
177
+ begin
178
+ if insecure
179
+ @stub = V1::AccountGrants::Stub.new(host, :this_channel_is_insecure)
180
+ else
181
+ cred = GRPC::Core::ChannelCredentials.new()
182
+ @stub = V1::AccountGrants::Stub.new(host, cred)
183
+ end
184
+ rescue => exception
185
+ raise Plumbing::error_to_porcelain(exception)
186
+ end
187
+ @parent = parent
188
+ end
189
+ # Create registers a new AccountGrant.
190
+ def create(
191
+ account_grant \
192
+ ,
193
+ deadline:nil)
194
+ req = V1::AccountGrantCreateRequest.new()
195
+
196
+ req.account_grant = Plumbing::account_grant_to_plumbing(account_grant)
197
+ tries = 0
198
+ plumbing_response = nil
199
+ loop do
200
+ begin
201
+ plumbing_response = @stub.create(req, metadata: @parent.get_metadata('AccountGrants.Create', req), deadline:deadline)
202
+ rescue => exception
203
+ if (@parent.shouldRetry(tries, exception))
204
+ tries++
205
+ @parent.jitterSleep(tries)
206
+ next
207
+ end
208
+ raise Plumbing::error_to_porcelain(exception)
209
+ end
210
+ break
211
+ end
212
+
213
+
214
+ resp = AccountGrantCreateResponse.new()
215
+ resp.meta = Plumbing::create_response_metadata_to_porcelain(plumbing_response.meta)
216
+ resp.account_grant = Plumbing::account_grant_to_porcelain(plumbing_response.account_grant)
217
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
218
+ resp
219
+ end
220
+ # Get reads one AccountGrant by ID.
221
+ def get(
222
+ id \
223
+ ,
224
+ deadline:nil)
225
+ req = V1::AccountGrantGetRequest.new()
226
+
227
+ req.id = id
228
+ tries = 0
229
+ plumbing_response = nil
230
+ loop do
231
+ begin
232
+ plumbing_response = @stub.get(req, metadata: @parent.get_metadata('AccountGrants.Get', req), deadline:deadline)
233
+ rescue => exception
234
+ if (@parent.shouldRetry(tries, exception))
235
+ tries++
236
+ @parent.jitterSleep(tries)
237
+ next
238
+ end
239
+ raise Plumbing::error_to_porcelain(exception)
240
+ end
241
+ break
242
+ end
243
+
244
+
245
+ resp = AccountGrantGetResponse.new()
246
+ resp.meta = Plumbing::get_response_metadata_to_porcelain(plumbing_response.meta)
247
+ resp.account_grant = Plumbing::account_grant_to_porcelain(plumbing_response.account_grant)
248
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
249
+ resp
250
+ end
251
+ # Delete removes a AccountGrant by ID.
252
+ def delete(
253
+ id \
254
+ ,
255
+ deadline:nil)
256
+ req = V1::AccountGrantDeleteRequest.new()
257
+
258
+ req.id = id
259
+ tries = 0
260
+ plumbing_response = nil
261
+ loop do
262
+ begin
263
+ plumbing_response = @stub.delete(req, metadata: @parent.get_metadata('AccountGrants.Delete', req), deadline:deadline)
264
+ rescue => exception
265
+ if (@parent.shouldRetry(tries, exception))
266
+ tries++
267
+ @parent.jitterSleep(tries)
268
+ next
269
+ end
270
+ raise Plumbing::error_to_porcelain(exception)
271
+ end
272
+ break
273
+ end
274
+
275
+
276
+ resp = AccountGrantDeleteResponse.new()
277
+ resp.meta = Plumbing::delete_response_metadata_to_porcelain(plumbing_response.meta)
278
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
279
+ resp
280
+ end
281
+ # List gets a list of AccountGrants matching a given set of criteria.
282
+ def list(
283
+ filter \
284
+ ,
285
+ *args,
286
+ deadline:nil)
287
+ req = V1::AccountGrantListRequest.new()
288
+ req.meta = V1::ListRequestMetadata.new()
289
+ page_size_option = @parent._test_options['PageSize']
290
+ if page_size_option.is_a? Integer
291
+ req.meta.limit = page_size_option
292
+ end
293
+
294
+ req.filter = Plumbing::quote_filter_args(filter, *args)
295
+ resp = Enumerator::Generator.new { |g|
296
+ tries = 0
297
+ loop do
298
+ begin
299
+ plumbing_response = @stub.list(req, metadata: @parent.get_metadata('AccountGrants.List', req), deadline:deadline)
300
+ rescue => exception
301
+ if (@parent.shouldRetry(tries, exception))
302
+ tries++
303
+ @parent.jitterSleep(tries)
304
+ next
305
+ end
306
+ raise Plumbing::error_to_porcelain(exception)
307
+ end
308
+ tries = 0
309
+ plumbing_response.account_grants.each do |plumbing_item|
310
+ g.yield Plumbing::account_grant_to_porcelain(plumbing_item)
311
+ end
312
+ break if plumbing_response.meta.next_cursor == ""
313
+ req.meta.cursor = plumbing_response.meta.next_cursor
314
+ end
315
+ }
316
+ resp
317
+ end
318
+ end
319
+ # Accounts are users that have access to strongDM.
320
+ # There are two types of accounts:
321
+ # 1. **Regular users:** humans who are authenticated through username and password or SSO
322
+ # 2. **Service users:** machines that are authneticated using a service token
323
+ class Accounts
324
+ def initialize(host, insecure, parent)
325
+ begin
326
+ if insecure
327
+ @stub = V1::Accounts::Stub.new(host, :this_channel_is_insecure)
328
+ else
329
+ cred = GRPC::Core::ChannelCredentials.new()
330
+ @stub = V1::Accounts::Stub.new(host, cred)
331
+ end
332
+ rescue => exception
333
+ raise Plumbing::error_to_porcelain(exception)
334
+ end
335
+ @parent = parent
336
+ end
337
+ # Create registers a new Account.
338
+ def create(
339
+ account \
340
+ ,
341
+ deadline:nil)
342
+ req = V1::AccountCreateRequest.new()
343
+
344
+ req.account = Plumbing::account_to_plumbing(account)
345
+ tries = 0
346
+ plumbing_response = nil
347
+ loop do
348
+ begin
349
+ plumbing_response = @stub.create(req, metadata: @parent.get_metadata('Accounts.Create', req), deadline:deadline)
350
+ rescue => exception
351
+ if (@parent.shouldRetry(tries, exception))
352
+ tries++
353
+ @parent.jitterSleep(tries)
354
+ next
355
+ end
356
+ raise Plumbing::error_to_porcelain(exception)
357
+ end
358
+ break
359
+ end
360
+
361
+
362
+ resp = AccountCreateResponse.new()
363
+ resp.meta = Plumbing::create_response_metadata_to_porcelain(plumbing_response.meta)
364
+ resp.account = Plumbing::account_to_porcelain(plumbing_response.account)
365
+ resp.token = plumbing_response.token
366
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
367
+ resp
368
+ end
369
+ # Get reads one Account by ID.
370
+ def get(
371
+ id \
372
+ ,
373
+ deadline:nil)
374
+ req = V1::AccountGetRequest.new()
375
+
376
+ req.id = id
377
+ tries = 0
378
+ plumbing_response = nil
379
+ loop do
380
+ begin
381
+ plumbing_response = @stub.get(req, metadata: @parent.get_metadata('Accounts.Get', req), deadline:deadline)
382
+ rescue => exception
383
+ if (@parent.shouldRetry(tries, exception))
384
+ tries++
385
+ @parent.jitterSleep(tries)
386
+ next
387
+ end
388
+ raise Plumbing::error_to_porcelain(exception)
389
+ end
390
+ break
391
+ end
392
+
393
+
394
+ resp = AccountGetResponse.new()
395
+ resp.meta = Plumbing::get_response_metadata_to_porcelain(plumbing_response.meta)
396
+ resp.account = Plumbing::account_to_porcelain(plumbing_response.account)
397
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
398
+ resp
399
+ end
400
+ # Update patches a Account by ID.
401
+ def update(
402
+ account \
403
+ ,
404
+ deadline:nil)
405
+ req = V1::AccountUpdateRequest.new()
406
+
407
+ req.account = Plumbing::account_to_plumbing(account)
408
+ tries = 0
409
+ plumbing_response = nil
410
+ loop do
411
+ begin
412
+ plumbing_response = @stub.update(req, metadata: @parent.get_metadata('Accounts.Update', req), deadline:deadline)
413
+ rescue => exception
414
+ if (@parent.shouldRetry(tries, exception))
415
+ tries++
416
+ @parent.jitterSleep(tries)
417
+ next
418
+ end
419
+ raise Plumbing::error_to_porcelain(exception)
420
+ end
421
+ break
422
+ end
423
+
424
+
425
+ resp = AccountUpdateResponse.new()
426
+ resp.meta = Plumbing::update_response_metadata_to_porcelain(plumbing_response.meta)
427
+ resp.account = Plumbing::account_to_porcelain(plumbing_response.account)
428
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
429
+ resp
430
+ end
431
+ # Delete removes a Account by ID.
432
+ def delete(
433
+ id \
434
+ ,
435
+ deadline:nil)
436
+ req = V1::AccountDeleteRequest.new()
437
+
438
+ req.id = id
439
+ tries = 0
440
+ plumbing_response = nil
441
+ loop do
442
+ begin
443
+ plumbing_response = @stub.delete(req, metadata: @parent.get_metadata('Accounts.Delete', req), deadline:deadline)
444
+ rescue => exception
445
+ if (@parent.shouldRetry(tries, exception))
446
+ tries++
447
+ @parent.jitterSleep(tries)
448
+ next
449
+ end
450
+ raise Plumbing::error_to_porcelain(exception)
451
+ end
452
+ break
453
+ end
454
+
455
+
456
+ resp = AccountDeleteResponse.new()
457
+ resp.meta = Plumbing::delete_response_metadata_to_porcelain(plumbing_response.meta)
458
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
459
+ resp
460
+ end
461
+ # List gets a list of Accounts matching a given set of criteria.
462
+ def list(
463
+ filter \
464
+ ,
465
+ *args,
466
+ deadline:nil)
467
+ req = V1::AccountListRequest.new()
468
+ req.meta = V1::ListRequestMetadata.new()
469
+ page_size_option = @parent._test_options['PageSize']
470
+ if page_size_option.is_a? Integer
471
+ req.meta.limit = page_size_option
472
+ end
473
+
474
+ req.filter = Plumbing::quote_filter_args(filter, *args)
475
+ resp = Enumerator::Generator.new { |g|
476
+ tries = 0
477
+ loop do
478
+ begin
479
+ plumbing_response = @stub.list(req, metadata: @parent.get_metadata('Accounts.List', req), deadline:deadline)
480
+ rescue => exception
481
+ if (@parent.shouldRetry(tries, exception))
482
+ tries++
483
+ @parent.jitterSleep(tries)
484
+ next
485
+ end
486
+ raise Plumbing::error_to_porcelain(exception)
487
+ end
488
+ tries = 0
489
+ plumbing_response.accounts.each do |plumbing_item|
490
+ g.yield Plumbing::account_to_porcelain(plumbing_item)
491
+ end
492
+ break if plumbing_response.meta.next_cursor == ""
493
+ req.meta.cursor = plumbing_response.meta.next_cursor
494
+ end
495
+ }
496
+ resp
497
+ end
498
+ end
499
+ # Nodes make up the strongDM network, and allow your users to connect securely to your resources.
500
+ # There are two types of nodes:
501
+ # 1. **Relay:** creates connectivity to your datasources, while maintaining the egress-only nature of your firewall
502
+ # 1. **Gateways:** a relay that also listens for connections from strongDM clients
503
+ class Nodes
504
+ def initialize(host, insecure, parent)
505
+ begin
506
+ if insecure
507
+ @stub = V1::Nodes::Stub.new(host, :this_channel_is_insecure)
508
+ else
509
+ cred = GRPC::Core::ChannelCredentials.new()
510
+ @stub = V1::Nodes::Stub.new(host, cred)
511
+ end
512
+ rescue => exception
513
+ raise Plumbing::error_to_porcelain(exception)
514
+ end
515
+ @parent = parent
516
+ end
517
+ # Create registers a new Node.
518
+ def create(
519
+ node \
520
+ ,
521
+ deadline:nil)
522
+ req = V1::NodeCreateRequest.new()
523
+
524
+ req.node = Plumbing::node_to_plumbing(node)
525
+ tries = 0
526
+ plumbing_response = nil
527
+ loop do
528
+ begin
529
+ plumbing_response = @stub.create(req, metadata: @parent.get_metadata('Nodes.Create', req), deadline:deadline)
530
+ rescue => exception
531
+ if (@parent.shouldRetry(tries, exception))
532
+ tries++
533
+ @parent.jitterSleep(tries)
534
+ next
535
+ end
536
+ raise Plumbing::error_to_porcelain(exception)
537
+ end
538
+ break
539
+ end
540
+
541
+
542
+ resp = NodeCreateResponse.new()
543
+ resp.meta = Plumbing::create_response_metadata_to_porcelain(plumbing_response.meta)
544
+ resp.node = Plumbing::node_to_porcelain(plumbing_response.node)
545
+ resp.token = plumbing_response.token
546
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
547
+ resp
548
+ end
549
+ # Get reads one Node by ID.
550
+ def get(
551
+ id \
552
+ ,
553
+ deadline:nil)
554
+ req = V1::NodeGetRequest.new()
555
+
556
+ req.id = id
557
+ tries = 0
558
+ plumbing_response = nil
559
+ loop do
560
+ begin
561
+ plumbing_response = @stub.get(req, metadata: @parent.get_metadata('Nodes.Get', req), deadline:deadline)
562
+ rescue => exception
563
+ if (@parent.shouldRetry(tries, exception))
564
+ tries++
565
+ @parent.jitterSleep(tries)
566
+ next
567
+ end
568
+ raise Plumbing::error_to_porcelain(exception)
569
+ end
570
+ break
571
+ end
572
+
573
+
574
+ resp = NodeGetResponse.new()
575
+ resp.meta = Plumbing::get_response_metadata_to_porcelain(plumbing_response.meta)
576
+ resp.node = Plumbing::node_to_porcelain(plumbing_response.node)
577
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
578
+ resp
579
+ end
580
+ # Update patches a Node by ID.
581
+ def update(
582
+ node \
583
+ ,
584
+ deadline:nil)
585
+ req = V1::NodeUpdateRequest.new()
586
+
587
+ req.node = Plumbing::node_to_plumbing(node)
588
+ tries = 0
589
+ plumbing_response = nil
590
+ loop do
591
+ begin
592
+ plumbing_response = @stub.update(req, metadata: @parent.get_metadata('Nodes.Update', req), deadline:deadline)
593
+ rescue => exception
594
+ if (@parent.shouldRetry(tries, exception))
595
+ tries++
596
+ @parent.jitterSleep(tries)
597
+ next
598
+ end
599
+ raise Plumbing::error_to_porcelain(exception)
600
+ end
601
+ break
602
+ end
603
+
604
+
605
+ resp = NodeUpdateResponse.new()
606
+ resp.meta = Plumbing::update_response_metadata_to_porcelain(plumbing_response.meta)
607
+ resp.node = Plumbing::node_to_porcelain(plumbing_response.node)
608
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
609
+ resp
610
+ end
611
+ # Delete removes a Node by ID.
612
+ def delete(
613
+ id \
614
+ ,
615
+ deadline:nil)
616
+ req = V1::NodeDeleteRequest.new()
617
+
618
+ req.id = id
619
+ tries = 0
620
+ plumbing_response = nil
621
+ loop do
622
+ begin
623
+ plumbing_response = @stub.delete(req, metadata: @parent.get_metadata('Nodes.Delete', req), deadline:deadline)
624
+ rescue => exception
625
+ if (@parent.shouldRetry(tries, exception))
626
+ tries++
627
+ @parent.jitterSleep(tries)
628
+ next
629
+ end
630
+ raise Plumbing::error_to_porcelain(exception)
631
+ end
632
+ break
633
+ end
634
+
635
+
636
+ resp = NodeDeleteResponse.new()
637
+ resp.meta = Plumbing::delete_response_metadata_to_porcelain(plumbing_response.meta)
638
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
639
+ resp
640
+ end
641
+ # List gets a list of Nodes matching a given set of criteria.
642
+ def list(
643
+ filter \
644
+ ,
645
+ *args,
646
+ deadline:nil)
647
+ req = V1::NodeListRequest.new()
648
+ req.meta = V1::ListRequestMetadata.new()
649
+ page_size_option = @parent._test_options['PageSize']
650
+ if page_size_option.is_a? Integer
651
+ req.meta.limit = page_size_option
652
+ end
653
+
654
+ req.filter = Plumbing::quote_filter_args(filter, *args)
655
+ resp = Enumerator::Generator.new { |g|
656
+ tries = 0
657
+ loop do
658
+ begin
659
+ plumbing_response = @stub.list(req, metadata: @parent.get_metadata('Nodes.List', req), deadline:deadline)
660
+ rescue => exception
661
+ if (@parent.shouldRetry(tries, exception))
662
+ tries++
663
+ @parent.jitterSleep(tries)
664
+ next
665
+ end
666
+ raise Plumbing::error_to_porcelain(exception)
667
+ end
668
+ tries = 0
669
+ plumbing_response.nodes.each do |plumbing_item|
670
+ g.yield Plumbing::node_to_porcelain(plumbing_item)
671
+ end
672
+ break if plumbing_response.meta.next_cursor == ""
673
+ req.meta.cursor = plumbing_response.meta.next_cursor
674
+ end
675
+ }
676
+ resp
677
+ end
678
+ end
679
+
680
+ class Resources
681
+ def initialize(host, insecure, parent)
682
+ begin
683
+ if insecure
684
+ @stub = V1::Resources::Stub.new(host, :this_channel_is_insecure)
685
+ else
686
+ cred = GRPC::Core::ChannelCredentials.new()
687
+ @stub = V1::Resources::Stub.new(host, cred)
688
+ end
689
+ rescue => exception
690
+ raise Plumbing::error_to_porcelain(exception)
691
+ end
692
+ @parent = parent
693
+ end
694
+ # Create registers a new Resource.
695
+ def create(
696
+ resource \
697
+ ,
698
+ deadline:nil)
699
+ req = V1::ResourceCreateRequest.new()
700
+
701
+ req.resource = Plumbing::resource_to_plumbing(resource)
702
+ tries = 0
703
+ plumbing_response = nil
704
+ loop do
705
+ begin
706
+ plumbing_response = @stub.create(req, metadata: @parent.get_metadata('Resources.Create', req), deadline:deadline)
707
+ rescue => exception
708
+ if (@parent.shouldRetry(tries, exception))
709
+ tries++
710
+ @parent.jitterSleep(tries)
711
+ next
712
+ end
713
+ raise Plumbing::error_to_porcelain(exception)
714
+ end
715
+ break
716
+ end
717
+
718
+
719
+ resp = ResourceCreateResponse.new()
720
+ resp.meta = Plumbing::create_response_metadata_to_porcelain(plumbing_response.meta)
721
+ resp.resource = Plumbing::resource_to_porcelain(plumbing_response.resource)
722
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
723
+ resp
724
+ end
725
+ # Get reads one Resource by ID.
726
+ def get(
727
+ id \
728
+ ,
729
+ deadline:nil)
730
+ req = V1::ResourceGetRequest.new()
731
+
732
+ req.id = id
733
+ tries = 0
734
+ plumbing_response = nil
735
+ loop do
736
+ begin
737
+ plumbing_response = @stub.get(req, metadata: @parent.get_metadata('Resources.Get', req), deadline:deadline)
738
+ rescue => exception
739
+ if (@parent.shouldRetry(tries, exception))
740
+ tries++
741
+ @parent.jitterSleep(tries)
742
+ next
743
+ end
744
+ raise Plumbing::error_to_porcelain(exception)
745
+ end
746
+ break
747
+ end
748
+
749
+
750
+ resp = ResourceGetResponse.new()
751
+ resp.meta = Plumbing::get_response_metadata_to_porcelain(plumbing_response.meta)
752
+ resp.resource = Plumbing::resource_to_porcelain(plumbing_response.resource)
753
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
754
+ resp
755
+ end
756
+ # Update patches a Resource by ID.
757
+ def update(
758
+ resource \
759
+ ,
760
+ deadline:nil)
761
+ req = V1::ResourceUpdateRequest.new()
762
+
763
+ req.resource = Plumbing::resource_to_plumbing(resource)
764
+ tries = 0
765
+ plumbing_response = nil
766
+ loop do
767
+ begin
768
+ plumbing_response = @stub.update(req, metadata: @parent.get_metadata('Resources.Update', req), deadline:deadline)
769
+ rescue => exception
770
+ if (@parent.shouldRetry(tries, exception))
771
+ tries++
772
+ @parent.jitterSleep(tries)
773
+ next
774
+ end
775
+ raise Plumbing::error_to_porcelain(exception)
776
+ end
777
+ break
778
+ end
779
+
780
+
781
+ resp = ResourceUpdateResponse.new()
782
+ resp.meta = Plumbing::update_response_metadata_to_porcelain(plumbing_response.meta)
783
+ resp.resource = Plumbing::resource_to_porcelain(plumbing_response.resource)
784
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
785
+ resp
786
+ end
787
+ # Delete removes a Resource by ID.
788
+ def delete(
789
+ id \
790
+ ,
791
+ deadline:nil)
792
+ req = V1::ResourceDeleteRequest.new()
793
+
794
+ req.id = id
795
+ tries = 0
796
+ plumbing_response = nil
797
+ loop do
798
+ begin
799
+ plumbing_response = @stub.delete(req, metadata: @parent.get_metadata('Resources.Delete', req), deadline:deadline)
800
+ rescue => exception
801
+ if (@parent.shouldRetry(tries, exception))
802
+ tries++
803
+ @parent.jitterSleep(tries)
804
+ next
805
+ end
806
+ raise Plumbing::error_to_porcelain(exception)
807
+ end
808
+ break
809
+ end
810
+
811
+
812
+ resp = ResourceDeleteResponse.new()
813
+ resp.meta = Plumbing::delete_response_metadata_to_porcelain(plumbing_response.meta)
814
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
815
+ resp
816
+ end
817
+ # List gets a list of Resources matching a given set of criteria.
818
+ def list(
819
+ filter \
820
+ ,
821
+ *args,
822
+ deadline:nil)
823
+ req = V1::ResourceListRequest.new()
824
+ req.meta = V1::ListRequestMetadata.new()
825
+ page_size_option = @parent._test_options['PageSize']
826
+ if page_size_option.is_a? Integer
827
+ req.meta.limit = page_size_option
828
+ end
829
+
830
+ req.filter = Plumbing::quote_filter_args(filter, *args)
831
+ resp = Enumerator::Generator.new { |g|
832
+ tries = 0
833
+ loop do
834
+ begin
835
+ plumbing_response = @stub.list(req, metadata: @parent.get_metadata('Resources.List', req), deadline:deadline)
836
+ rescue => exception
837
+ if (@parent.shouldRetry(tries, exception))
838
+ tries++
839
+ @parent.jitterSleep(tries)
840
+ next
841
+ end
842
+ raise Plumbing::error_to_porcelain(exception)
843
+ end
844
+ tries = 0
845
+ plumbing_response.resources.each do |plumbing_item|
846
+ g.yield Plumbing::resource_to_porcelain(plumbing_item)
847
+ end
848
+ break if plumbing_response.meta.next_cursor == ""
849
+ req.meta.cursor = plumbing_response.meta.next_cursor
850
+ end
851
+ }
852
+ resp
853
+ end
854
+ end
855
+ # RoleAttachments represent relationships between composite roles and the roles
856
+ # that make up those composite roles. When a composite role is attached to another
857
+ # role, the permissions granted to members of the composite role are augmented to
858
+ # include the permissions granted to members of the attached role.
859
+ class RoleAttachments
860
+ def initialize(host, insecure, parent)
861
+ begin
862
+ if insecure
863
+ @stub = V1::RoleAttachments::Stub.new(host, :this_channel_is_insecure)
864
+ else
865
+ cred = GRPC::Core::ChannelCredentials.new()
866
+ @stub = V1::RoleAttachments::Stub.new(host, cred)
867
+ end
868
+ rescue => exception
869
+ raise Plumbing::error_to_porcelain(exception)
870
+ end
871
+ @parent = parent
872
+ end
873
+ # Create registers a new RoleAttachment.
874
+ def create(
875
+ role_attachment \
876
+ ,
877
+ deadline:nil)
878
+ req = V1::RoleAttachmentCreateRequest.new()
879
+
880
+ req.role_attachment = Plumbing::role_attachment_to_plumbing(role_attachment)
881
+ tries = 0
882
+ plumbing_response = nil
883
+ loop do
884
+ begin
885
+ plumbing_response = @stub.create(req, metadata: @parent.get_metadata('RoleAttachments.Create', req), deadline:deadline)
886
+ rescue => exception
887
+ if (@parent.shouldRetry(tries, exception))
888
+ tries++
889
+ @parent.jitterSleep(tries)
890
+ next
891
+ end
892
+ raise Plumbing::error_to_porcelain(exception)
893
+ end
894
+ break
895
+ end
896
+
897
+
898
+ resp = RoleAttachmentCreateResponse.new()
899
+ resp.meta = Plumbing::create_response_metadata_to_porcelain(plumbing_response.meta)
900
+ resp.role_attachment = Plumbing::role_attachment_to_porcelain(plumbing_response.role_attachment)
901
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
902
+ resp
903
+ end
904
+ # Get reads one RoleAttachment by ID.
905
+ def get(
906
+ id \
907
+ ,
908
+ deadline:nil)
909
+ req = V1::RoleAttachmentGetRequest.new()
910
+
911
+ req.id = id
912
+ tries = 0
913
+ plumbing_response = nil
914
+ loop do
915
+ begin
916
+ plumbing_response = @stub.get(req, metadata: @parent.get_metadata('RoleAttachments.Get', req), deadline:deadline)
917
+ rescue => exception
918
+ if (@parent.shouldRetry(tries, exception))
919
+ tries++
920
+ @parent.jitterSleep(tries)
921
+ next
922
+ end
923
+ raise Plumbing::error_to_porcelain(exception)
924
+ end
925
+ break
926
+ end
927
+
928
+
929
+ resp = RoleAttachmentGetResponse.new()
930
+ resp.meta = Plumbing::get_response_metadata_to_porcelain(plumbing_response.meta)
931
+ resp.role_attachment = Plumbing::role_attachment_to_porcelain(plumbing_response.role_attachment)
932
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
933
+ resp
934
+ end
935
+ # Delete removes a RoleAttachment by ID.
936
+ def delete(
937
+ id \
938
+ ,
939
+ deadline:nil)
940
+ req = V1::RoleAttachmentDeleteRequest.new()
941
+
942
+ req.id = id
943
+ tries = 0
944
+ plumbing_response = nil
945
+ loop do
946
+ begin
947
+ plumbing_response = @stub.delete(req, metadata: @parent.get_metadata('RoleAttachments.Delete', req), deadline:deadline)
948
+ rescue => exception
949
+ if (@parent.shouldRetry(tries, exception))
950
+ tries++
951
+ @parent.jitterSleep(tries)
952
+ next
953
+ end
954
+ raise Plumbing::error_to_porcelain(exception)
955
+ end
956
+ break
957
+ end
958
+
959
+
960
+ resp = RoleAttachmentDeleteResponse.new()
961
+ resp.meta = Plumbing::delete_response_metadata_to_porcelain(plumbing_response.meta)
962
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
963
+ resp
964
+ end
965
+ # List gets a list of RoleAttachments matching a given set of criteria.
966
+ def list(
967
+ filter \
968
+ ,
969
+ *args,
970
+ deadline:nil)
971
+ req = V1::RoleAttachmentListRequest.new()
972
+ req.meta = V1::ListRequestMetadata.new()
973
+ page_size_option = @parent._test_options['PageSize']
974
+ if page_size_option.is_a? Integer
975
+ req.meta.limit = page_size_option
976
+ end
977
+
978
+ req.filter = Plumbing::quote_filter_args(filter, *args)
979
+ resp = Enumerator::Generator.new { |g|
980
+ tries = 0
981
+ loop do
982
+ begin
983
+ plumbing_response = @stub.list(req, metadata: @parent.get_metadata('RoleAttachments.List', req), deadline:deadline)
984
+ rescue => exception
985
+ if (@parent.shouldRetry(tries, exception))
986
+ tries++
987
+ @parent.jitterSleep(tries)
988
+ next
989
+ end
990
+ raise Plumbing::error_to_porcelain(exception)
991
+ end
992
+ tries = 0
993
+ plumbing_response.role_attachments.each do |plumbing_item|
994
+ g.yield Plumbing::role_attachment_to_porcelain(plumbing_item)
995
+ end
996
+ break if plumbing_response.meta.next_cursor == ""
997
+ req.meta.cursor = plumbing_response.meta.next_cursor
998
+ end
999
+ }
1000
+ resp
1001
+ end
1002
+ end
1003
+ # RoleGrants represent relationships between composite roles and the roles
1004
+ # that make up those composite roles. When a composite role is attached to another
1005
+ # role, the permissions granted to members of the composite role are augmented to
1006
+ # include the permissions granted to members of the attached role.
1007
+ class RoleGrants
1008
+ def initialize(host, insecure, parent)
1009
+ begin
1010
+ if insecure
1011
+ @stub = V1::RoleGrants::Stub.new(host, :this_channel_is_insecure)
1012
+ else
1013
+ cred = GRPC::Core::ChannelCredentials.new()
1014
+ @stub = V1::RoleGrants::Stub.new(host, cred)
1015
+ end
1016
+ rescue => exception
1017
+ raise Plumbing::error_to_porcelain(exception)
1018
+ end
1019
+ @parent = parent
1020
+ end
1021
+ # Create registers a new RoleGrant.
1022
+ def create(
1023
+ role_grant \
1024
+ ,
1025
+ deadline:nil)
1026
+ req = V1::RoleGrantCreateRequest.new()
1027
+
1028
+ req.role_grant = Plumbing::role_grant_to_plumbing(role_grant)
1029
+ tries = 0
1030
+ plumbing_response = nil
1031
+ loop do
1032
+ begin
1033
+ plumbing_response = @stub.create(req, metadata: @parent.get_metadata('RoleGrants.Create', req), deadline:deadline)
1034
+ rescue => exception
1035
+ if (@parent.shouldRetry(tries, exception))
1036
+ tries++
1037
+ @parent.jitterSleep(tries)
1038
+ next
1039
+ end
1040
+ raise Plumbing::error_to_porcelain(exception)
1041
+ end
1042
+ break
1043
+ end
1044
+
1045
+
1046
+ resp = RoleGrantCreateResponse.new()
1047
+ resp.meta = Plumbing::create_response_metadata_to_porcelain(plumbing_response.meta)
1048
+ resp.role_grant = Plumbing::role_grant_to_porcelain(plumbing_response.role_grant)
1049
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
1050
+ resp
1051
+ end
1052
+ # Get reads one RoleGrant by ID.
1053
+ def get(
1054
+ id \
1055
+ ,
1056
+ deadline:nil)
1057
+ req = V1::RoleGrantGetRequest.new()
1058
+
1059
+ req.id = id
1060
+ tries = 0
1061
+ plumbing_response = nil
1062
+ loop do
1063
+ begin
1064
+ plumbing_response = @stub.get(req, metadata: @parent.get_metadata('RoleGrants.Get', req), deadline:deadline)
1065
+ rescue => exception
1066
+ if (@parent.shouldRetry(tries, exception))
1067
+ tries++
1068
+ @parent.jitterSleep(tries)
1069
+ next
1070
+ end
1071
+ raise Plumbing::error_to_porcelain(exception)
1072
+ end
1073
+ break
1074
+ end
1075
+
1076
+
1077
+ resp = RoleGrantGetResponse.new()
1078
+ resp.meta = Plumbing::get_response_metadata_to_porcelain(plumbing_response.meta)
1079
+ resp.role_grant = Plumbing::role_grant_to_porcelain(plumbing_response.role_grant)
1080
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
1081
+ resp
1082
+ end
1083
+ # Delete removes a RoleGrant by ID.
1084
+ def delete(
1085
+ id \
1086
+ ,
1087
+ deadline:nil)
1088
+ req = V1::RoleGrantDeleteRequest.new()
1089
+
1090
+ req.id = id
1091
+ tries = 0
1092
+ plumbing_response = nil
1093
+ loop do
1094
+ begin
1095
+ plumbing_response = @stub.delete(req, metadata: @parent.get_metadata('RoleGrants.Delete', req), deadline:deadline)
1096
+ rescue => exception
1097
+ if (@parent.shouldRetry(tries, exception))
1098
+ tries++
1099
+ @parent.jitterSleep(tries)
1100
+ next
1101
+ end
1102
+ raise Plumbing::error_to_porcelain(exception)
1103
+ end
1104
+ break
1105
+ end
1106
+
1107
+
1108
+ resp = RoleGrantDeleteResponse.new()
1109
+ resp.meta = Plumbing::delete_response_metadata_to_porcelain(plumbing_response.meta)
1110
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
1111
+ resp
1112
+ end
1113
+ # List gets a list of RoleGrants matching a given set of criteria.
1114
+ def list(
1115
+ filter \
1116
+ ,
1117
+ *args,
1118
+ deadline:nil)
1119
+ req = V1::RoleGrantListRequest.new()
1120
+ req.meta = V1::ListRequestMetadata.new()
1121
+ page_size_option = @parent._test_options['PageSize']
1122
+ if page_size_option.is_a? Integer
1123
+ req.meta.limit = page_size_option
1124
+ end
1125
+
1126
+ req.filter = Plumbing::quote_filter_args(filter, *args)
1127
+ resp = Enumerator::Generator.new { |g|
1128
+ tries = 0
1129
+ loop do
1130
+ begin
1131
+ plumbing_response = @stub.list(req, metadata: @parent.get_metadata('RoleGrants.List', req), deadline:deadline)
1132
+ rescue => exception
1133
+ if (@parent.shouldRetry(tries, exception))
1134
+ tries++
1135
+ @parent.jitterSleep(tries)
1136
+ next
1137
+ end
1138
+ raise Plumbing::error_to_porcelain(exception)
1139
+ end
1140
+ tries = 0
1141
+ plumbing_response.role_grants.each do |plumbing_item|
1142
+ g.yield Plumbing::role_grant_to_porcelain(plumbing_item)
1143
+ end
1144
+ break if plumbing_response.meta.next_cursor == ""
1145
+ req.meta.cursor = plumbing_response.meta.next_cursor
1146
+ end
1147
+ }
1148
+ resp
1149
+ end
1150
+ end
1151
+ # Roles are tools for controlling user access to resources. Each Role holds a
1152
+ # list of resources which they grant access to. Composite roles are a special
1153
+ # type of Role which have no resource associations of their own, but instead
1154
+ # grant access to the combined resources associated with a set of child roles.
1155
+ # Each user can be a member of one Role or composite role.
1156
+ class Roles
1157
+ def initialize(host, insecure, parent)
1158
+ begin
1159
+ if insecure
1160
+ @stub = V1::Roles::Stub.new(host, :this_channel_is_insecure)
1161
+ else
1162
+ cred = GRPC::Core::ChannelCredentials.new()
1163
+ @stub = V1::Roles::Stub.new(host, cred)
1164
+ end
1165
+ rescue => exception
1166
+ raise Plumbing::error_to_porcelain(exception)
1167
+ end
1168
+ @parent = parent
1169
+ end
1170
+ # Create registers a new Role.
1171
+ def create(
1172
+ role \
1173
+ ,
1174
+ deadline:nil)
1175
+ req = V1::RoleCreateRequest.new()
1176
+
1177
+ req.role = Plumbing::role_to_plumbing(role)
1178
+ tries = 0
1179
+ plumbing_response = nil
1180
+ loop do
1181
+ begin
1182
+ plumbing_response = @stub.create(req, metadata: @parent.get_metadata('Roles.Create', req), deadline:deadline)
1183
+ rescue => exception
1184
+ if (@parent.shouldRetry(tries, exception))
1185
+ tries++
1186
+ @parent.jitterSleep(tries)
1187
+ next
1188
+ end
1189
+ raise Plumbing::error_to_porcelain(exception)
1190
+ end
1191
+ break
1192
+ end
1193
+
1194
+
1195
+ resp = RoleCreateResponse.new()
1196
+ resp.meta = Plumbing::create_response_metadata_to_porcelain(plumbing_response.meta)
1197
+ resp.role = Plumbing::role_to_porcelain(plumbing_response.role)
1198
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
1199
+ resp
1200
+ end
1201
+ # Get reads one Role by ID.
1202
+ def get(
1203
+ id \
1204
+ ,
1205
+ deadline:nil)
1206
+ req = V1::RoleGetRequest.new()
1207
+
1208
+ req.id = id
1209
+ tries = 0
1210
+ plumbing_response = nil
1211
+ loop do
1212
+ begin
1213
+ plumbing_response = @stub.get(req, metadata: @parent.get_metadata('Roles.Get', req), deadline:deadline)
1214
+ rescue => exception
1215
+ if (@parent.shouldRetry(tries, exception))
1216
+ tries++
1217
+ @parent.jitterSleep(tries)
1218
+ next
1219
+ end
1220
+ raise Plumbing::error_to_porcelain(exception)
1221
+ end
1222
+ break
1223
+ end
1224
+
1225
+
1226
+ resp = RoleGetResponse.new()
1227
+ resp.meta = Plumbing::get_response_metadata_to_porcelain(plumbing_response.meta)
1228
+ resp.role = Plumbing::role_to_porcelain(plumbing_response.role)
1229
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
1230
+ resp
1231
+ end
1232
+ # Update patches a Role by ID.
1233
+ def update(
1234
+ role \
1235
+ ,
1236
+ deadline:nil)
1237
+ req = V1::RoleUpdateRequest.new()
1238
+
1239
+ req.role = Plumbing::role_to_plumbing(role)
1240
+ tries = 0
1241
+ plumbing_response = nil
1242
+ loop do
1243
+ begin
1244
+ plumbing_response = @stub.update(req, metadata: @parent.get_metadata('Roles.Update', req), deadline:deadline)
1245
+ rescue => exception
1246
+ if (@parent.shouldRetry(tries, exception))
1247
+ tries++
1248
+ @parent.jitterSleep(tries)
1249
+ next
1250
+ end
1251
+ raise Plumbing::error_to_porcelain(exception)
1252
+ end
1253
+ break
1254
+ end
1255
+
1256
+
1257
+ resp = RoleUpdateResponse.new()
1258
+ resp.meta = Plumbing::update_response_metadata_to_porcelain(plumbing_response.meta)
1259
+ resp.role = Plumbing::role_to_porcelain(plumbing_response.role)
1260
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
1261
+ resp
1262
+ end
1263
+ # Delete removes a Role by ID.
1264
+ def delete(
1265
+ id \
1266
+ ,
1267
+ deadline:nil)
1268
+ req = V1::RoleDeleteRequest.new()
1269
+
1270
+ req.id = id
1271
+ tries = 0
1272
+ plumbing_response = nil
1273
+ loop do
1274
+ begin
1275
+ plumbing_response = @stub.delete(req, metadata: @parent.get_metadata('Roles.Delete', req), deadline:deadline)
1276
+ rescue => exception
1277
+ if (@parent.shouldRetry(tries, exception))
1278
+ tries++
1279
+ @parent.jitterSleep(tries)
1280
+ next
1281
+ end
1282
+ raise Plumbing::error_to_porcelain(exception)
1283
+ end
1284
+ break
1285
+ end
1286
+
1287
+
1288
+ resp = RoleDeleteResponse.new()
1289
+ resp.meta = Plumbing::delete_response_metadata_to_porcelain(plumbing_response.meta)
1290
+ resp.rate_limit = Plumbing::rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
1291
+ resp
1292
+ end
1293
+ # List gets a list of Roles matching a given set of criteria.
1294
+ def list(
1295
+ filter \
1296
+ ,
1297
+ *args,
1298
+ deadline:nil)
1299
+ req = V1::RoleListRequest.new()
1300
+ req.meta = V1::ListRequestMetadata.new()
1301
+ page_size_option = @parent._test_options['PageSize']
1302
+ if page_size_option.is_a? Integer
1303
+ req.meta.limit = page_size_option
1304
+ end
1305
+
1306
+ req.filter = Plumbing::quote_filter_args(filter, *args)
1307
+ resp = Enumerator::Generator.new { |g|
1308
+ tries = 0
1309
+ loop do
1310
+ begin
1311
+ plumbing_response = @stub.list(req, metadata: @parent.get_metadata('Roles.List', req), deadline:deadline)
1312
+ rescue => exception
1313
+ if (@parent.shouldRetry(tries, exception))
1314
+ tries++
1315
+ @parent.jitterSleep(tries)
1316
+ next
1317
+ end
1318
+ raise Plumbing::error_to_porcelain(exception)
1319
+ end
1320
+ tries = 0
1321
+ plumbing_response.roles.each do |plumbing_item|
1322
+ g.yield Plumbing::role_to_porcelain(plumbing_item)
1323
+ end
1324
+ break if plumbing_response.meta.next_cursor == ""
1325
+ req.meta.cursor = plumbing_response.meta.next_cursor
1326
+ end
1327
+ }
1328
+ resp
1329
+ end
1330
+ end
1331
+ end