warrant 0.1.0 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +34 -6
- data/lib/warrant/models/permission.rb +11 -0
- data/lib/warrant/models/role.rb +11 -0
- data/lib/warrant/models/tenant.rb +11 -0
- data/lib/warrant/models/user.rb +7 -5
- data/lib/warrant/models/{userset_warrant.rb → warrant.rb} +4 -3
- data/lib/warrant/util.rb +20 -0
- data/lib/warrant/version.rb +1 -1
- data/lib/warrant/warrant_client.rb +209 -15
- data/lib/warrant.rb +6 -3
- metadata +11 -8
- data/lib/warrant/models/user_warrant.rb +0 -14
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a62cf14af95db8e5b31f60059a2a826a67c067239edb5f6c63cf02426df3ae21
|
4
|
+
data.tar.gz: bdc8aa083993566c57760d484e043ad3ed64abe2bf1945ebad2428c2eb497551
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 36cf1f6120b776293513e49d5554aa70a8ff22e671105072e2f04115d1e00bc852fd4cc5326672ae9ad246f35f069718272f2abf957ff9abe27ebeed0b564efc
|
7
|
+
data.tar.gz: 4377ab4955b67e922622ef8c10c50c17d3281d097ec62df85ce31779df3554d8326121622024ffde252abf1a3c13655d0e3f6251d898fc78f722a1578b091daa
|
data/README.md
CHANGED
@@ -28,19 +28,19 @@ require 'warrant'
|
|
28
28
|
Warrant.api_key = 'api_test_f5dsKVeYnVSLHGje44zAygqgqXiLJBICbFzCiAg1E='
|
29
29
|
```
|
30
30
|
|
31
|
-
### `
|
31
|
+
### `create_user(email, user_id = '', tenant_id = '')`
|
32
32
|
|
33
33
|
This method creates a user entity in Warrant with the specified `userId`. Provide an optional `username` to make it easier to identify users in the Warrant dashboard.
|
34
34
|
|
35
35
|
```ruby
|
36
|
-
# Create user with
|
37
|
-
Warrant::WarrantClient.create_user(user.
|
36
|
+
# Create user with user email and id
|
37
|
+
Warrant::WarrantClient.create_user(user.email, user.id)
|
38
38
|
|
39
39
|
# Create user with generated id
|
40
40
|
Warrant::WarrantClient.create_user()
|
41
41
|
```
|
42
42
|
|
43
|
-
### `
|
43
|
+
### `create_warrant(objectType, objectId, relation, user)`
|
44
44
|
|
45
45
|
This method creates a warrant which specifies that the provided `user` (or userset) has `relation` on the object of type `objectType` with id `objectId`.
|
46
46
|
|
@@ -49,7 +49,7 @@ This method creates a warrant which specifies that the provided `user` (or users
|
|
49
49
|
Warrant::WarrantClient.create_warrant('store', store.id, 'view', { userId: user.id })
|
50
50
|
```
|
51
51
|
|
52
|
-
### `
|
52
|
+
### `create_session(userId)`
|
53
53
|
|
54
54
|
This method creates a session in Warrant for the user with the specified `userId` and returns a session token which can be used to make authorized requests to the Warrant API only for the specified user. This session token can safely be used to make requests to the Warrant API's authorization endpoint to determine user access in web and mobile client applications.
|
55
55
|
|
@@ -58,7 +58,7 @@ This method creates a session in Warrant for the user with the specified `userId
|
|
58
58
|
Warrant::WarrantClient.create_session(user.id)
|
59
59
|
```
|
60
60
|
|
61
|
-
### `
|
61
|
+
### `is_authorized(objectType, objectId, relation, userId)`
|
62
62
|
|
63
63
|
This method returns `true` if the user with the specified `userId` has the specified `relation` to the object of type `objectType` with id `objectId` and `false` otherwise.
|
64
64
|
|
@@ -68,6 +68,34 @@ Warrant::WarrantClient.is_authorized('store', '824', 'view', '123') # true
|
|
68
68
|
Warrant::WarrantClient.is_authorized('store', '824', 'edit', '123') # false
|
69
69
|
```
|
70
70
|
|
71
|
+
### `list_warrants(filters = {})`
|
72
|
+
This method returns all warrants that match the filters provided, or all warrants for your organization if none are provided.
|
73
|
+
|
74
|
+
#### **Filter Parameters**
|
75
|
+
---
|
76
|
+
#### **objectType**
|
77
|
+
Only return warrants with the given object type.
|
78
|
+
|
79
|
+
#### **objectId**
|
80
|
+
Only return warrants with the given object id.
|
81
|
+
|
82
|
+
#### **relation**
|
83
|
+
Only return warrants with the given relation.
|
84
|
+
|
85
|
+
#### **userId**
|
86
|
+
Only return warrants with the given user id
|
87
|
+
|
88
|
+
|
89
|
+
```ruby
|
90
|
+
# List all warrants for an organization
|
91
|
+
Warrant::WarrantClient.list_warrants
|
92
|
+
|
93
|
+
# List all warrants with object type of store
|
94
|
+
Warrant::WarrantClient.list_warrants(object_type: 'store')
|
95
|
+
```
|
96
|
+
|
97
|
+
---
|
98
|
+
|
71
99
|
We’ve used a random API key in these code examples. Replace it with your [actual publishable API keys](https://app.warrant.dev) to
|
72
100
|
test this code through your own Warrant account.
|
73
101
|
|
data/lib/warrant/models/user.rb
CHANGED
@@ -1,11 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Warrant
|
4
|
-
|
5
|
-
|
4
|
+
class User
|
5
|
+
attr_reader :tenant_id, :user_id, :email
|
6
6
|
|
7
|
-
|
8
|
-
|
7
|
+
def initialize(tenant_id, user_id, email)
|
8
|
+
@tenant_id = tenant_id
|
9
|
+
@user_id = user_id
|
10
|
+
@email = email
|
11
|
+
end
|
9
12
|
end
|
10
|
-
end
|
11
13
|
end
|
@@ -1,10 +1,11 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Warrant
|
4
|
-
class
|
5
|
-
attr_reader :object_type, :object_id, :relation, :user
|
4
|
+
class Warrant
|
5
|
+
attr_reader :id, :object_type, :object_id, :relation, :user
|
6
6
|
|
7
|
-
def initialize(object_type, object_id, relation, user)
|
7
|
+
def initialize(id, object_type, object_id, relation, user)
|
8
|
+
@id = id
|
8
9
|
@object_type = object_type
|
9
10
|
@object_id = object_id
|
10
11
|
@relation = relation
|
data/lib/warrant/util.rb
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Warrant
|
4
|
+
class Util
|
5
|
+
class << self
|
6
|
+
def camelcase(str)
|
7
|
+
str = str.split('_').collect(&:capitalize).join
|
8
|
+
str.sub(str[0], str[0].downcase)
|
9
|
+
end
|
10
|
+
|
11
|
+
def normalize_options(opts)
|
12
|
+
new_opts = opts.each_with_object({}) do |(k, v), new_opts|
|
13
|
+
new_key = Util.camelcase(k.to_s)
|
14
|
+
|
15
|
+
new_opts[new_key] = v
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
data/lib/warrant/version.rb
CHANGED
@@ -3,25 +3,98 @@
|
|
3
3
|
module Warrant
|
4
4
|
class WarrantClient
|
5
5
|
class << self
|
6
|
-
def
|
7
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/
|
6
|
+
def create_tenant(tenant_id = '')
|
7
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/tenants")
|
8
8
|
params = {
|
9
|
+
tenantId: tenant_id
|
10
|
+
}
|
11
|
+
res = post(uri, params)
|
12
|
+
res_json = JSON.parse(res.body)
|
13
|
+
|
14
|
+
case res
|
15
|
+
when Net::HTTPSuccess
|
16
|
+
Tenant.new(res_json['tenantId'])
|
17
|
+
else
|
18
|
+
res_json
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
def create_user(email, user_id = '', tenant_id = '')
|
23
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users")
|
24
|
+
params = {
|
25
|
+
tenantId: tenant_id,
|
9
26
|
userId: user_id,
|
10
|
-
|
27
|
+
email: email
|
11
28
|
}
|
12
29
|
res = post(uri, params)
|
13
30
|
res_json = JSON.parse(res.body)
|
14
|
-
|
31
|
+
|
15
32
|
case res
|
16
33
|
when Net::HTTPSuccess
|
17
|
-
User.new(res_json['userId'])
|
34
|
+
User.new(res_json['tenantId'], res_json['userId'], res_json['email'])
|
35
|
+
else
|
36
|
+
res_json
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def create_role(role_id)
|
41
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/roles")
|
42
|
+
params = {
|
43
|
+
roleId: role_id
|
44
|
+
}
|
45
|
+
res = post(uri, params)
|
46
|
+
res_json = JSON.parse(res.body)
|
47
|
+
|
48
|
+
case res
|
49
|
+
when Net::HTTPSuccess
|
50
|
+
Role.new(res_json['roleId'])
|
51
|
+
else
|
52
|
+
res_json
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
def delete_role(role_id)
|
57
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/roles/#{role_id}")
|
58
|
+
res = delete(uri)
|
59
|
+
|
60
|
+
case res
|
61
|
+
when Net::HTTPSuccess
|
62
|
+
return
|
63
|
+
else
|
64
|
+
res_json
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
def create_permission(permission_id)
|
69
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/permissions")
|
70
|
+
params = {
|
71
|
+
permissionId: permission_id
|
72
|
+
}
|
73
|
+
res = post(uri, params)
|
74
|
+
res_json = JSON.parse(res.body)
|
75
|
+
|
76
|
+
case res
|
77
|
+
when Net::HTTPSuccess
|
78
|
+
Permission.new(res_json['permissionId'])
|
79
|
+
else
|
80
|
+
res_json
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
def delete_permission(permission_id)
|
85
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/permissions/#{permission_id}")
|
86
|
+
res = delete(uri)
|
87
|
+
|
88
|
+
case res
|
89
|
+
when Net::HTTPSuccess
|
90
|
+
return
|
18
91
|
else
|
19
92
|
res_json
|
20
93
|
end
|
21
94
|
end
|
22
95
|
|
23
96
|
def create_warrant(object_type, object_id, relation, user)
|
24
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/warrants")
|
97
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/warrants")
|
25
98
|
params = {
|
26
99
|
objectType: object_type,
|
27
100
|
objectId: object_id,
|
@@ -30,21 +103,102 @@ module Warrant
|
|
30
103
|
}
|
31
104
|
res = post(uri, params)
|
32
105
|
res_json = JSON.parse(res.body)
|
33
|
-
|
106
|
+
|
107
|
+
case res
|
108
|
+
when Net::HTTPSuccess
|
109
|
+
Warrant.new(res_json['id'], res_json['objectType'], res_json['objectId'], res_json['relation'], res_json['user'])
|
110
|
+
else
|
111
|
+
res_json
|
112
|
+
end
|
113
|
+
end
|
114
|
+
|
115
|
+
def delete_warrant(warrant_id)
|
116
|
+
uri = URI.parse("#{Warrant.config.api_base}/v1/warrants/#{warrant_id}")
|
117
|
+
res = delete(uri)
|
118
|
+
|
119
|
+
case res
|
120
|
+
when Net::HTTPSuccess
|
121
|
+
return
|
122
|
+
else
|
123
|
+
res_json
|
124
|
+
end
|
125
|
+
end
|
126
|
+
|
127
|
+
def list_warrants(filters = {})
|
128
|
+
query_string = ""
|
129
|
+
unless filters.empty?
|
130
|
+
new_filters = Util.normalize_options(filters.compact)
|
131
|
+
|
132
|
+
query_string = URI.encode_www_form(new_filters)
|
133
|
+
end
|
134
|
+
|
135
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/warrants?#{query_string}")
|
136
|
+
|
137
|
+
res = get(uri)
|
138
|
+
res_json = JSON.parse(res.body)
|
139
|
+
|
34
140
|
case res
|
35
141
|
when Net::HTTPSuccess
|
36
|
-
|
37
|
-
|
38
|
-
elsif res_json['user']['objectType']
|
39
|
-
UsersetWarrant.new(res_json['objectType'], res_json['objectId'], res_json['relation'], res_json['user'])
|
142
|
+
res_json.map do |warrant|
|
143
|
+
Warrant.new(warrant['id'], warrant['objectType'], warrant['objectId'], warrant['relation'], warrant['user'])
|
40
144
|
end
|
41
145
|
else
|
42
146
|
res_json
|
43
147
|
end
|
44
148
|
end
|
45
149
|
|
150
|
+
def assign_role_to_user(user_id, role_id)
|
151
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/roles/#{role_id}")
|
152
|
+
res = post(uri)
|
153
|
+
res_json = JSON.parse(res.body)
|
154
|
+
|
155
|
+
case res
|
156
|
+
when Net::HTTPSuccess
|
157
|
+
Role.new(res_json['roleId'])
|
158
|
+
else
|
159
|
+
res_json
|
160
|
+
end
|
161
|
+
end
|
162
|
+
|
163
|
+
def remove_role_from_user(user_id, role_id)
|
164
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/roles/#{role_id}")
|
165
|
+
res = delete(uri)
|
166
|
+
|
167
|
+
case res
|
168
|
+
when Net::HTTPSuccess
|
169
|
+
return
|
170
|
+
else
|
171
|
+
res_json
|
172
|
+
end
|
173
|
+
end
|
174
|
+
|
175
|
+
def assign_permission_to_user(user_id, permission_id)
|
176
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/permissions/#{permission_id}")
|
177
|
+
res = post(uri)
|
178
|
+
res_json = JSON.parse(res.body)
|
179
|
+
|
180
|
+
case res
|
181
|
+
when Net::HTTPSuccess
|
182
|
+
Permission.new(res_json['permissionId'])
|
183
|
+
else
|
184
|
+
res_json
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
def remove_permission_from_user(user_id, permission_id)
|
189
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/permissions/#{permission_id}")
|
190
|
+
res = delete(uri)
|
191
|
+
|
192
|
+
case res
|
193
|
+
when Net::HTTPSuccess
|
194
|
+
return
|
195
|
+
else
|
196
|
+
res_json
|
197
|
+
end
|
198
|
+
end
|
199
|
+
|
46
200
|
def create_session(user_id)
|
47
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/users/#{user_id}/sessions")
|
201
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/sessions")
|
48
202
|
res = post(uri)
|
49
203
|
res_json = JSON.parse(res.body)
|
50
204
|
|
@@ -56,8 +210,26 @@ module Warrant
|
|
56
210
|
end
|
57
211
|
end
|
58
212
|
|
213
|
+
def create_self_service_session(user_id, redirect_url)
|
214
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/sessions")
|
215
|
+
params = {
|
216
|
+
type: "ssdash",
|
217
|
+
userId: user_id,
|
218
|
+
redirectUrl: redirect_url
|
219
|
+
}
|
220
|
+
res = post(uri, params)
|
221
|
+
res_json = JSON.parse(res.body)
|
222
|
+
|
223
|
+
case res
|
224
|
+
when Net::HTTPSuccess
|
225
|
+
res_json['url']
|
226
|
+
else
|
227
|
+
res_json
|
228
|
+
end
|
229
|
+
end
|
230
|
+
|
59
231
|
def is_authorized(object_type, object_id, relation, user_id)
|
60
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/authorize")
|
232
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/authorize")
|
61
233
|
params = {
|
62
234
|
objectType: object_type,
|
63
235
|
objectId: object_id,
|
@@ -76,16 +248,38 @@ module Warrant
|
|
76
248
|
end
|
77
249
|
end
|
78
250
|
|
251
|
+
def has_permission(permission_id, user_id)
|
252
|
+
return is_authorized("permission", permission_id, "member", user_id)
|
253
|
+
end
|
254
|
+
|
79
255
|
private
|
80
256
|
|
81
|
-
def post(uri, params = {})
|
257
|
+
def post(uri, params = {})
|
82
258
|
http = Net::HTTP.new(uri.host, uri.port)
|
83
259
|
http.use_ssl = true
|
84
260
|
headers = {
|
85
|
-
"Authorization": "ApiKey #{Warrant.config.api_key}"
|
261
|
+
"Authorization": "ApiKey #{::Warrant.config.api_key}"
|
86
262
|
}
|
87
263
|
http.post(uri.path, params.to_json, headers)
|
88
264
|
end
|
265
|
+
|
266
|
+
def delete(uri)
|
267
|
+
http = Net::HTTP.new(uri.host, uri.port)
|
268
|
+
http.use_ssl = true
|
269
|
+
headers = {
|
270
|
+
"Authorization": "ApiKey #{::Warrant.config.api_key}"
|
271
|
+
}
|
272
|
+
http.delete(uri.path, headers)
|
273
|
+
end
|
274
|
+
|
275
|
+
def get(uri, params = {})
|
276
|
+
http = Net::HTTP.new(uri.host, uri.port)
|
277
|
+
http.use_ssl = true
|
278
|
+
headers = {
|
279
|
+
"Authorization": "ApiKey #{::Warrant.config.api_key}"
|
280
|
+
}
|
281
|
+
http.get(uri, headers)
|
282
|
+
end
|
89
283
|
end
|
90
284
|
end
|
91
285
|
end
|
data/lib/warrant.rb
CHANGED
@@ -6,15 +6,18 @@ require "net/http"
|
|
6
6
|
require "json"
|
7
7
|
require "forwardable"
|
8
8
|
|
9
|
+
require "warrant/models/permission"
|
10
|
+
require "warrant/models/role"
|
11
|
+
require "warrant/models/tenant"
|
9
12
|
require "warrant/models/user"
|
10
13
|
require "warrant/models/userset"
|
11
|
-
require "warrant/models/
|
12
|
-
require "warrant/
|
14
|
+
require "warrant/models/warrant"
|
15
|
+
require "warrant/util"
|
13
16
|
require "warrant/warrant_configuration"
|
14
17
|
require "warrant/warrant_client"
|
15
18
|
|
16
19
|
module Warrant
|
17
|
-
@config = Warrant::WarrantConfiguration.new
|
20
|
+
@config = ::Warrant::WarrantConfiguration.new
|
18
21
|
|
19
22
|
class << self
|
20
23
|
extend Forwardable
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warrant
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Warrant
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-05-09 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Ruby library for the Warrant API at https://warrant.dev.
|
14
14
|
email: hello@warrant.dev
|
@@ -26,10 +26,13 @@ files:
|
|
26
26
|
- bin/console
|
27
27
|
- bin/setup
|
28
28
|
- lib/warrant.rb
|
29
|
+
- lib/warrant/models/permission.rb
|
30
|
+
- lib/warrant/models/role.rb
|
31
|
+
- lib/warrant/models/tenant.rb
|
29
32
|
- lib/warrant/models/user.rb
|
30
|
-
- lib/warrant/models/user_warrant.rb
|
31
33
|
- lib/warrant/models/userset.rb
|
32
|
-
- lib/warrant/models/
|
34
|
+
- lib/warrant/models/warrant.rb
|
35
|
+
- lib/warrant/util.rb
|
33
36
|
- lib/warrant/version.rb
|
34
37
|
- lib/warrant/warrant_client.rb
|
35
38
|
- lib/warrant/warrant_configuration.rb
|
@@ -41,7 +44,7 @@ metadata:
|
|
41
44
|
source_code_uri: https://github.com/warrant-dev/warrant-ruby
|
42
45
|
changelog_uri: https://github.com/warrant-dev/warrant-ruby/CHANGELOG.md
|
43
46
|
documentation_uri: https://docs.warrant.dev/
|
44
|
-
post_install_message:
|
47
|
+
post_install_message:
|
45
48
|
rdoc_options: []
|
46
49
|
require_paths:
|
47
50
|
- lib
|
@@ -56,8 +59,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
56
59
|
- !ruby/object:Gem::Version
|
57
60
|
version: '0'
|
58
61
|
requirements: []
|
59
|
-
rubygems_version: 3.
|
60
|
-
signing_key:
|
62
|
+
rubygems_version: 3.3.11
|
63
|
+
signing_key:
|
61
64
|
specification_version: 4
|
62
65
|
summary: Warrant Ruby Library
|
63
66
|
test_files: []
|
@@ -1,14 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Warrant
|
4
|
-
class UserWarrant
|
5
|
-
attr_reader :object_type, :object_id, :relation, :user
|
6
|
-
|
7
|
-
def initialize(object_type, object_id, relation, user_id)
|
8
|
-
@object_type = object_type
|
9
|
-
@object_id = object_id
|
10
|
-
@relation = relation
|
11
|
-
@user = User.new(user_id)
|
12
|
-
end
|
13
|
-
end
|
14
|
-
end
|