warrant 0.1.2 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +51 -8
- data/lib/warrant/models/{userset_warrant.rb → warrant.rb} +1 -1
- data/lib/warrant/util.rb +20 -0
- data/lib/warrant/version.rb +1 -1
- data/lib/warrant/warrant_client.rb +76 -25
- data/lib/warrant.rb +3 -3
- metadata +8 -8
- data/lib/warrant/models/user_warrant.rb +0 -15
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7a0016f74f11a01ab6e90a022af7d753cccab0faa147ea7380801e0719ceef9d
|
4
|
+
data.tar.gz: 48d306868975015baf94dbc8f4f10033683eecbb8ee33ce6a60292a9c0e2d462
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 258c374b7ed97c77dc2aaaa65daac9318eff36cde02e7226b88baae155b9dac673407c8a04705ad4d0b0700d343f665596bd47170745e22a79acb6d03a8b12e7
|
7
|
+
data.tar.gz: 30d20c2ecf85cc477c5106565d787a1f58e0cca2a5d130c43633770b9fd2fed441c14132502f9390d3bd6820214c9d87bdf2c6fe082252a8b5a4c5d4de9ecb6b
|
data/README.md
CHANGED
@@ -28,28 +28,43 @@ require 'warrant'
|
|
28
28
|
Warrant.api_key = 'api_test_f5dsKVeYnVSLHGje44zAygqgqXiLJBICbFzCiAg1E='
|
29
29
|
```
|
30
30
|
|
31
|
-
### `
|
31
|
+
### `create_user(email, user_id = '')`
|
32
32
|
|
33
|
-
This method creates a user entity in Warrant with the specified `
|
33
|
+
This method creates a user entity in Warrant with the specified `user_d`. Provide an optional `username` to make it easier to identify users in the Warrant dashboard.
|
34
34
|
|
35
35
|
```ruby
|
36
|
-
# Create user with
|
36
|
+
# Create user with user email and id
|
37
37
|
Warrant::WarrantClient.create_user(user.email, user.id)
|
38
38
|
|
39
39
|
# Create user with generated id
|
40
40
|
Warrant::WarrantClient.create_user()
|
41
41
|
```
|
42
42
|
|
43
|
-
### `
|
43
|
+
### `create_warrant(object_type, object_id, relation, user)`
|
44
|
+
|
45
|
+
#### **User parameters**
|
46
|
+
Can provide either a user id, or a combination of object type, object id, and relation
|
47
|
+
---
|
48
|
+
#### **user_id**
|
49
|
+
Creates a warrant for the user specified by user_id
|
50
|
+
|
51
|
+
#### **object_type**
|
52
|
+
#### **object_id**
|
53
|
+
#### **relation**
|
54
|
+
Creates a warrant for the given userset specified by object type, object id, and relation
|
55
|
+
|
44
56
|
|
45
57
|
This method creates a warrant which specifies that the provided `user` (or userset) has `relation` on the object of type `objectType` with id `objectId`.
|
46
58
|
|
47
59
|
```ruby
|
48
60
|
# Create a warrant allowing user.id to "view" the store with id store.id
|
49
|
-
Warrant::WarrantClient.create_warrant('store', store.id, 'view', {
|
61
|
+
Warrant::WarrantClient.create_warrant('store', store.id, 'view', { user_id: user.id })
|
62
|
+
|
63
|
+
# Create a warrant specifying all members of the manager role to "view" store of id store.id
|
64
|
+
Warrant::WarrantClient.create_warrant('store', store.id, 'view', { object_type: 'role', object_id: 'manager', relation: 'member' })
|
50
65
|
```
|
51
66
|
|
52
|
-
### `
|
67
|
+
### `create_session(userId)`
|
53
68
|
|
54
69
|
This method creates a session in Warrant for the user with the specified `userId` and returns a session token which can be used to make authorized requests to the Warrant API only for the specified user. This session token can safely be used to make requests to the Warrant API's authorization endpoint to determine user access in web and mobile client applications.
|
55
70
|
|
@@ -58,9 +73,9 @@ This method creates a session in Warrant for the user with the specified `userId
|
|
58
73
|
Warrant::WarrantClient.create_session(user.id)
|
59
74
|
```
|
60
75
|
|
61
|
-
### `
|
76
|
+
### `is_authorized(object_type, object_id, relation, user_id)`
|
62
77
|
|
63
|
-
This method returns `true` if the user with the specified `
|
78
|
+
This method returns `true` if the user with the specified `user_id` has the specified `relation` to the object of type `object_type` with id `objectId` and `false` otherwise.
|
64
79
|
|
65
80
|
```ruby
|
66
81
|
# Example: user 123 can only view store 824
|
@@ -68,6 +83,34 @@ Warrant::WarrantClient.is_authorized('store', '824', 'view', '123') # true
|
|
68
83
|
Warrant::WarrantClient.is_authorized('store', '824', 'edit', '123') # false
|
69
84
|
```
|
70
85
|
|
86
|
+
### `list_warrants(filters = {})`
|
87
|
+
This method returns all warrants that match the filters provided, or all warrants for your organization if none are provided.
|
88
|
+
|
89
|
+
#### **Filter Parameters**
|
90
|
+
---
|
91
|
+
#### **object_type**
|
92
|
+
Only return warrants with the given object type.
|
93
|
+
|
94
|
+
#### **object_id**
|
95
|
+
Only return warrants with the given object id.
|
96
|
+
|
97
|
+
#### **relation**
|
98
|
+
Only return warrants with the given relation.
|
99
|
+
|
100
|
+
#### **user_id**
|
101
|
+
Only return warrants with the given user id
|
102
|
+
|
103
|
+
|
104
|
+
```ruby
|
105
|
+
# List all warrants for an organization
|
106
|
+
Warrant::WarrantClient.list_warrants
|
107
|
+
|
108
|
+
# List all warrants with object type of store
|
109
|
+
Warrant::WarrantClient.list_warrants(object_type: 'store')
|
110
|
+
```
|
111
|
+
|
112
|
+
---
|
113
|
+
|
71
114
|
We’ve used a random API key in these code examples. Replace it with your [actual publishable API keys](https://app.warrant.dev) to
|
72
115
|
test this code through your own Warrant account.
|
73
116
|
|
data/lib/warrant/util.rb
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Warrant
|
4
|
+
class Util
|
5
|
+
class << self
|
6
|
+
def camelcase(str)
|
7
|
+
str = str.split('_').collect(&:capitalize).join
|
8
|
+
str.sub(str[0], str[0].downcase)
|
9
|
+
end
|
10
|
+
|
11
|
+
def normalize_options(opts)
|
12
|
+
new_opts = opts.each_with_object({}) do |(k, v), new_opts|
|
13
|
+
new_key = Util.camelcase(k.to_s)
|
14
|
+
|
15
|
+
new_opts[new_key] = v
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
data/lib/warrant/version.rb
CHANGED
@@ -4,7 +4,7 @@ module Warrant
|
|
4
4
|
class WarrantClient
|
5
5
|
class << self
|
6
6
|
def create_tenant(tenant_id = '')
|
7
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/tenants")
|
7
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/tenants")
|
8
8
|
params = {
|
9
9
|
tenantId: tenant_id
|
10
10
|
}
|
@@ -19,10 +19,21 @@ module Warrant
|
|
19
19
|
end
|
20
20
|
end
|
21
21
|
|
22
|
-
def
|
23
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/
|
22
|
+
def delete_tenant(tenant_id)
|
23
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/tenants/#{tenant_id}")
|
24
|
+
res = delete(uri)
|
25
|
+
|
26
|
+
case res
|
27
|
+
when Net::HTTPSuccess
|
28
|
+
return
|
29
|
+
else
|
30
|
+
JSON.parse(res.body)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def create_user(email = '', user_id = '')
|
35
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users")
|
24
36
|
params = {
|
25
|
-
tenantId: tenant_id,
|
26
37
|
userId: user_id,
|
27
38
|
email: email
|
28
39
|
}
|
@@ -37,8 +48,20 @@ module Warrant
|
|
37
48
|
end
|
38
49
|
end
|
39
50
|
|
51
|
+
def delete_user(user_id)
|
52
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}")
|
53
|
+
res = delete(uri)
|
54
|
+
|
55
|
+
case res
|
56
|
+
when Net::HTTPSuccess
|
57
|
+
return
|
58
|
+
else
|
59
|
+
JSON.parse(res.body)
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
40
63
|
def create_role(role_id)
|
41
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/roles")
|
64
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/roles")
|
42
65
|
params = {
|
43
66
|
roleId: role_id
|
44
67
|
}
|
@@ -54,7 +77,7 @@ module Warrant
|
|
54
77
|
end
|
55
78
|
|
56
79
|
def delete_role(role_id)
|
57
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/roles/#{role_id}")
|
80
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/roles/#{role_id}")
|
58
81
|
res = delete(uri)
|
59
82
|
|
60
83
|
case res
|
@@ -66,7 +89,7 @@ module Warrant
|
|
66
89
|
end
|
67
90
|
|
68
91
|
def create_permission(permission_id)
|
69
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/permissions")
|
92
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/permissions")
|
70
93
|
params = {
|
71
94
|
permissionId: permission_id
|
72
95
|
}
|
@@ -82,7 +105,7 @@ module Warrant
|
|
82
105
|
end
|
83
106
|
|
84
107
|
def delete_permission(permission_id)
|
85
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/permissions/#{permission_id}")
|
108
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/permissions/#{permission_id}")
|
86
109
|
res = delete(uri)
|
87
110
|
|
88
111
|
case res
|
@@ -94,30 +117,26 @@ module Warrant
|
|
94
117
|
end
|
95
118
|
|
96
119
|
def create_warrant(object_type, object_id, relation, user)
|
97
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/warrants")
|
120
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/warrants")
|
98
121
|
params = {
|
99
122
|
objectType: object_type,
|
100
123
|
objectId: object_id,
|
101
124
|
relation: relation,
|
102
|
-
user: user
|
125
|
+
user: Util.normalize_options(user)
|
103
126
|
}
|
104
127
|
res = post(uri, params)
|
105
128
|
res_json = JSON.parse(res.body)
|
106
129
|
|
107
130
|
case res
|
108
131
|
when Net::HTTPSuccess
|
109
|
-
|
110
|
-
UserWarrant.new(res_json['id'], res_json['objectType'], res_json['objectId'], res_json['relation'], res_json['user']['userId'])
|
111
|
-
elsif res_json['user']['objectType']
|
112
|
-
UsersetWarrant.new(res_json['id'], res_json['objectType'], res_json['objectId'], res_json['relation'], res_json['user'])
|
113
|
-
end
|
132
|
+
Warrant.new(res_json['id'], res_json['objectType'], res_json['objectId'], res_json['relation'], res_json['user'])
|
114
133
|
else
|
115
134
|
res_json
|
116
135
|
end
|
117
136
|
end
|
118
137
|
|
119
138
|
def delete_warrant(warrant_id)
|
120
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/warrants/#{warrant_id}")
|
139
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/warrants/#{warrant_id}")
|
121
140
|
res = delete(uri)
|
122
141
|
|
123
142
|
case res
|
@@ -128,8 +147,31 @@ module Warrant
|
|
128
147
|
end
|
129
148
|
end
|
130
149
|
|
150
|
+
def list_warrants(filters = {})
|
151
|
+
query_string = ""
|
152
|
+
unless filters.empty?
|
153
|
+
new_filters = Util.normalize_options(filters.compact)
|
154
|
+
|
155
|
+
query_string = URI.encode_www_form(new_filters)
|
156
|
+
end
|
157
|
+
|
158
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/warrants?#{query_string}")
|
159
|
+
|
160
|
+
res = get(uri)
|
161
|
+
res_json = JSON.parse(res.body)
|
162
|
+
|
163
|
+
case res
|
164
|
+
when Net::HTTPSuccess
|
165
|
+
res_json.map do |warrant|
|
166
|
+
Warrant.new(warrant['id'], warrant['objectType'], warrant['objectId'], warrant['relation'], warrant['user'])
|
167
|
+
end
|
168
|
+
else
|
169
|
+
res_json
|
170
|
+
end
|
171
|
+
end
|
172
|
+
|
131
173
|
def assign_role_to_user(user_id, role_id)
|
132
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/users/#{user_id}/roles/#{role_id}")
|
174
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/roles/#{role_id}")
|
133
175
|
res = post(uri)
|
134
176
|
res_json = JSON.parse(res.body)
|
135
177
|
|
@@ -142,7 +184,7 @@ module Warrant
|
|
142
184
|
end
|
143
185
|
|
144
186
|
def remove_role_from_user(user_id, role_id)
|
145
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/users/#{user_id}/roles/#{role_id}")
|
187
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/roles/#{role_id}")
|
146
188
|
res = delete(uri)
|
147
189
|
|
148
190
|
case res
|
@@ -154,7 +196,7 @@ module Warrant
|
|
154
196
|
end
|
155
197
|
|
156
198
|
def assign_permission_to_user(user_id, permission_id)
|
157
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/users/#{user_id}/permissions/#{permission_id}")
|
199
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/permissions/#{permission_id}")
|
158
200
|
res = post(uri)
|
159
201
|
res_json = JSON.parse(res.body)
|
160
202
|
|
@@ -167,7 +209,7 @@ module Warrant
|
|
167
209
|
end
|
168
210
|
|
169
211
|
def remove_permission_from_user(user_id, permission_id)
|
170
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/users/#{user_id}/permissions/#{permission_id}")
|
212
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/permissions/#{permission_id}")
|
171
213
|
res = delete(uri)
|
172
214
|
|
173
215
|
case res
|
@@ -179,7 +221,7 @@ module Warrant
|
|
179
221
|
end
|
180
222
|
|
181
223
|
def create_session(user_id)
|
182
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/users/#{user_id}/sessions")
|
224
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/sessions")
|
183
225
|
res = post(uri)
|
184
226
|
res_json = JSON.parse(res.body)
|
185
227
|
|
@@ -192,7 +234,7 @@ module Warrant
|
|
192
234
|
end
|
193
235
|
|
194
236
|
def create_self_service_session(user_id, redirect_url)
|
195
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/sessions")
|
237
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/sessions")
|
196
238
|
params = {
|
197
239
|
type: "ssdash",
|
198
240
|
userId: user_id,
|
@@ -210,7 +252,7 @@ module Warrant
|
|
210
252
|
end
|
211
253
|
|
212
254
|
def is_authorized(object_type, object_id, relation, user_id)
|
213
|
-
uri = URI.parse("#{Warrant.config.api_base}/v1/authorize")
|
255
|
+
uri = URI.parse("#{::Warrant.config.api_base}/v1/authorize")
|
214
256
|
params = {
|
215
257
|
objectType: object_type,
|
216
258
|
objectId: object_id,
|
@@ -239,7 +281,7 @@ module Warrant
|
|
239
281
|
http = Net::HTTP.new(uri.host, uri.port)
|
240
282
|
http.use_ssl = true
|
241
283
|
headers = {
|
242
|
-
"Authorization": "ApiKey #{Warrant.config.api_key}"
|
284
|
+
"Authorization": "ApiKey #{::Warrant.config.api_key}"
|
243
285
|
}
|
244
286
|
http.post(uri.path, params.to_json, headers)
|
245
287
|
end
|
@@ -248,10 +290,19 @@ module Warrant
|
|
248
290
|
http = Net::HTTP.new(uri.host, uri.port)
|
249
291
|
http.use_ssl = true
|
250
292
|
headers = {
|
251
|
-
"Authorization": "ApiKey #{Warrant.config.api_key}"
|
293
|
+
"Authorization": "ApiKey #{::Warrant.config.api_key}"
|
252
294
|
}
|
253
295
|
http.delete(uri.path, headers)
|
254
296
|
end
|
297
|
+
|
298
|
+
def get(uri, params = {})
|
299
|
+
http = Net::HTTP.new(uri.host, uri.port)
|
300
|
+
http.use_ssl = true
|
301
|
+
headers = {
|
302
|
+
"Authorization": "ApiKey #{::Warrant.config.api_key}"
|
303
|
+
}
|
304
|
+
http.get(uri, headers)
|
305
|
+
end
|
255
306
|
end
|
256
307
|
end
|
257
308
|
end
|
data/lib/warrant.rb
CHANGED
@@ -11,13 +11,13 @@ require "warrant/models/role"
|
|
11
11
|
require "warrant/models/tenant"
|
12
12
|
require "warrant/models/user"
|
13
13
|
require "warrant/models/userset"
|
14
|
-
require "warrant/models/
|
15
|
-
require "warrant/
|
14
|
+
require "warrant/models/warrant"
|
15
|
+
require "warrant/util"
|
16
16
|
require "warrant/warrant_configuration"
|
17
17
|
require "warrant/warrant_client"
|
18
18
|
|
19
19
|
module Warrant
|
20
|
-
@config = Warrant::WarrantConfiguration.new
|
20
|
+
@config = ::Warrant::WarrantConfiguration.new
|
21
21
|
|
22
22
|
class << self
|
23
23
|
extend Forwardable
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warrant
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Warrant
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-06-15 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Ruby library for the Warrant API at https://warrant.dev.
|
14
14
|
email: hello@warrant.dev
|
@@ -30,9 +30,9 @@ files:
|
|
30
30
|
- lib/warrant/models/role.rb
|
31
31
|
- lib/warrant/models/tenant.rb
|
32
32
|
- lib/warrant/models/user.rb
|
33
|
-
- lib/warrant/models/user_warrant.rb
|
34
33
|
- lib/warrant/models/userset.rb
|
35
|
-
- lib/warrant/models/
|
34
|
+
- lib/warrant/models/warrant.rb
|
35
|
+
- lib/warrant/util.rb
|
36
36
|
- lib/warrant/version.rb
|
37
37
|
- lib/warrant/warrant_client.rb
|
38
38
|
- lib/warrant/warrant_configuration.rb
|
@@ -44,7 +44,7 @@ metadata:
|
|
44
44
|
source_code_uri: https://github.com/warrant-dev/warrant-ruby
|
45
45
|
changelog_uri: https://github.com/warrant-dev/warrant-ruby/CHANGELOG.md
|
46
46
|
documentation_uri: https://docs.warrant.dev/
|
47
|
-
post_install_message:
|
47
|
+
post_install_message:
|
48
48
|
rdoc_options: []
|
49
49
|
require_paths:
|
50
50
|
- lib
|
@@ -59,8 +59,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
59
59
|
- !ruby/object:Gem::Version
|
60
60
|
version: '0'
|
61
61
|
requirements: []
|
62
|
-
rubygems_version: 3.
|
63
|
-
signing_key:
|
62
|
+
rubygems_version: 3.3.11
|
63
|
+
signing_key:
|
64
64
|
specification_version: 4
|
65
65
|
summary: Warrant Ruby Library
|
66
66
|
test_files: []
|
@@ -1,15 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Warrant
|
4
|
-
class UserWarrant
|
5
|
-
attr_reader :id, :object_type, :object_id, :relation, :user
|
6
|
-
|
7
|
-
def initialize(id, object_type, object_id, relation, user_id)
|
8
|
-
@id = id
|
9
|
-
@object_type = object_type
|
10
|
-
@object_id = object_id
|
11
|
-
@relation = relation
|
12
|
-
@user = User.new(user_id)
|
13
|
-
end
|
14
|
-
end
|
15
|
-
end
|