warrant 0.1.3 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +20 -68
  3. data/lib/warrant/api_operations.rb +75 -0
  4. data/lib/warrant/errors.rb +47 -0
  5. data/lib/warrant/models/permission.rb +202 -1
  6. data/lib/warrant/models/role.rb +184 -0
  7. data/lib/warrant/models/session.rb +61 -0
  8. data/lib/warrant/models/{userset.rb → subject.rb} +2 -2
  9. data/lib/warrant/models/tenant.rb +160 -3
  10. data/lib/warrant/models/user.rb +313 -3
  11. data/lib/warrant/models/warrant.rb +214 -4
  12. data/lib/warrant/util.rb +22 -0
  13. data/lib/warrant/version.rb +1 -1
  14. data/lib/warrant/warrant_configuration.rb +4 -1
  15. data/lib/warrant.rb +5 -3
  16. metadata +10 -8
  17. data/lib/warrant/warrant_client.rb +0 -285
data/lib/warrant/models/session.rb ADDED
@@ -0,0 +1,61 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Warrant
4
+ class Session
5
+ # Create an Authorization Session for a given user
6
+ #
7
+ # @option params [String] :user_id Id of the user to create a session for.
8
+ # @option params [Integer] :ttl Number of seconds a session should live for. By default session tokens live for 24 hours and self service tokens live for 30 minutes.
9
+ #
10
+ # @return [String] Session token
11
+ #
12
+ # @raise [Warrant::InternalError]
13
+ # @raise [Warrant::InvalidParameterError]
14
+ # @raise [Warrant::InvalidRequestError]
15
+ # @raise [Warrant::MissingRequiredParameterError]
16
+ # @raise [Warrant::NotFoundError]
17
+ # @raise [Warrant::UnauthorizedError]
18
+ # @raise [Warrant::WarrantError]
19
+ def self.create_authorization_session(params = {})
20
+ params = params.merge(type: "sess")
21
+ res = APIOperations.post(URI.parse("#{::Warrant.config.api_base}/v1/sessions"), Util.normalize_params(params))
22
+
23
+ case res
24
+ when Net::HTTPSuccess
25
+ res_json = JSON.parse(res.body)
26
+ res_json['token']
27
+ else
28
+ APIOperations.raise_error(res)
29
+ end
30
+ end
31
+
32
+ # Create a Self-Service Dashboard Session for a given user
33
+ #
34
+ # @param redirect_url [String] URL to redirect to once self-service session is created
35
+ # @option params [String] :user_id Id of the user to create a session for.
36
+ # @option params [String] :tenant_id Id of the tenant to create a session for
37
+ # @option params [Integer] :ttl Number of seconds a session should live for. By default session tokens live for 24 hours and self service tokens live for 30 minutes.
38
+ #
39
+ # @return [String] URL to the self service dashboard
40
+ #
41
+ # @raise [Warrant::InternalError]
42
+ # @raise [Warrant::InvalidParameterError]
43
+ # @raise [Warrant::InvalidRequestError]
44
+ # @raise [Warrant::MissingRequiredParameterError]
45
+ # @raise [Warrant::NotFoundError]
46
+ # @raise [Warrant::UnauthorizedError]
47
+ # @raise [Warrant::WarrantError]
48
+ def self.create_self_service_session(redirect_url, params = {})
49
+ params = params.merge(type: "ssdash")
50
+ res = APIOperations.post(URI.parse("#{::Warrant.config.api_base}/v1/sessions"), Util.normalize_params(params))
51
+
52
+ case res
53
+ when Net::HTTPSuccess
54
+ res_json = JSON.parse(res.body)
55
+ "#{::Warrant.config.self_service_dash_url_base}/#{res_json['token']}?redirectUrl=#{redirect_url}"
56
+ else
57
+ APIOperations.raise_error(res)
58
+ end
59
+ end
60
+ end
61
+ end
data/lib/warrant/models/{userset.rb → subject.rb} RENAMED
@@ -1,10 +1,10 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Warrant
4
- class Userset
4
+ class Subject
5
5
  attr_reader :object_type, :object_id, :relation
6
6
 
7
- def initialize(object_type, object_id, relation)
7
+ def initialize(object_type, object_id, relation = nil)
8
8
  @object_type = object_type
9
9
  @object_id = object_id
10
10
  @relation = relation
data/lib/warrant/models/tenant.rb CHANGED
@@ -2,10 +2,167 @@
2
2
 
3
3
  module Warrant
4
4
  class Tenant
5
- attr_reader :tenant_id
6
-
7
- def initialize(tenant_id)
5
+ attr_reader :tenant_id, :name, :created_at
6
+
7
+ # @!visibility private
8
+ def initialize(tenant_id, name, created_at)
8
9
  @tenant_id = tenant_id
10
+ @name = name
11
+ @created_at = created_at
12
+ end
13
+
14
+ # Creates a tenant with the given parameters
15
+ #
16
+ # @option params [String] :tenant_id User defined string identifier for this tenant. If not provided, Warrant will create an id for the tenant and return it. In this case, you should store the id in your system for future reference. Note that tenantIds in Warrant must be composed of alphanumeric chars and/or '-', '_', and '@'. (optional)
17
+ # @option params [String] :name A displayable name for this tenant. (optional)
18
+ #
19
+ # @return [Tenant] created tenant
20
+ #
21
+ # @example Create a new Tenant with the tenant id "test-customer"
22
+ # Warrant::Tenant.create(tenant_id: "test-customer")
23
+ #
24
+ # @raise [Warrant::DuplicateRecordError]
25
+ # @raise [Warrant::InternalError]
26
+ # @raise [Warrant::InvalidParameterError]
27
+ # @raise [Warrant::InvalidRequestError]
28
+ # @raise [Warrant::MissingRequiredParameterError]
29
+ # @raise [Warrant::NotFoundError]
30
+ # @raise [Warrant::UnauthorizedError]
31
+ # @raise [Warrant::WarrantError]
32
+ def self.create(params = {})
33
+ res = APIOperations.post(URI.parse("#{::Warrant.config.api_base}/v1/tenants"), Util.normalize_params(params))
34
+
35
+ case res
36
+ when Net::HTTPSuccess
37
+ res_json = JSON.parse(res.body)
38
+ Tenant.new(res_json['tenantId'], res_json['name'], res_json['createdAt'])
39
+ else
40
+ APIOperations.raise_error(res)
41
+ end
42
+ end
43
+
44
+ # Deletes a tenant with given tenant id
45
+ #
46
+ # @param tenant_id [String] User defined string identifier for this tenant. If not provided, Warrant will create an id for the tenant and return it. In this case, you should store the id in your system for future reference. Note that tenantIds in Warrant must be composed of alphanumeric chars and/or '-', '_', and '@'.
47
+ #
48
+ # @return [nil] if delete was successful
49
+ #
50
+ # @example Delete a Tenant with the tenant id "test-customer"
51
+ # Warrant::Tenant.delete("test-customer")
52
+ #
53
+ # @raise [Warrant::InternalError]
54
+ # @raise [Warrant::InvalidRequestError]
55
+ # @raise [Warrant::NotFoundError]
56
+ # @raise [Warrant::UnauthorizedError]
57
+ # @raise [Warrant::WarrantError]
58
+ def self.delete(tenant_id)
59
+ res = APIOperations.delete(URI.parse("#{::Warrant.config.api_base}/v1/tenants/#{tenant_id}"))
60
+
61
+ case res
62
+ when Net::HTTPSuccess
63
+ return
64
+ else
65
+ APIOperations.raise_error(res)
66
+ end
67
+ end
68
+
69
+ # Lists all tenants for your organization
70
+ #
71
+ # @return [Array<Tenant>] all tenants for your organization
72
+ #
73
+ # @example List all tenants
74
+ # Warrant::Tenant.list()
75
+ #
76
+ # @raise [Warrant::InternalError]
77
+ # @raise [Warrant::InvalidRequestError]
78
+ # @raise [Warrant::NotFoundError]
79
+ # @raise [Warrant::UnauthorizedError]
80
+ # @raise [Warrant::WarrantError]
81
+ def self.list(filters = {})
82
+ res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v1/tenants"))
83
+
84
+ case res
85
+ when Net::HTTPSuccess
86
+ tenants = JSON.parse(res.body)
87
+ tenants.map{ |tenant| Tenant.new(tenant['tenantId'], tenant['name'], tenant['createdAt']) }
88
+ else
89
+ APIOperations.raise_error(res)
90
+ end
91
+ end
92
+
93
+ # Get a tenant with the given tenant_id
94
+ #
95
+ # @param tenant_id [String] User defined string identifier for this tenant. If not provided, Warrant will create an id for the tenant and return it. In this case, you should store the id in your system for future reference. Note that tenantIds in Warrant must be composed of alphanumeric chars and/or '-', '_', and '@'.
96
+ #
97
+ # @return [Tenant] retrieved tenant
98
+ #
99
+ # @raise [Warrant::InternalError]
100
+ # @raise [Warrant::InvalidParameterError]
101
+ # @raise [Warrant::InvalidRequestError]
102
+ # @raise [Warrant::NotFoundError]
103
+ # @raise [Warrant::UnauthorizedError]
104
+ # @raise [Warrant::WarrantError]
105
+ def self.get(tenant_id)
106
+ res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v1/tenants/#{tenant_id}"))
107
+
108
+ case res
109
+ when Net::HTTPSuccess
110
+ tenant = JSON.parse(res.body)
111
+ Tenant.new(tenant['tenantId'], tenant['name'], tenant['createdAt'])
112
+ else
113
+ APIOperations.raise_error(res)
114
+ end
115
+ end
116
+
117
+ # Updates a tenant with the given tenant_id and params
118
+ #
119
+ # @param tenant_id [String] User defined string identifier for this tenant. If not provided, Warrant will create an id for the tenant and return it. In this case, you should store the id in your system for future reference. Note that tenantIds in Warrant must be composed of alphanumeric chars and/or '-', '_', and '@'.
120
+ # @param [Hash] params attributes to update tenant with
121
+ # @option params [String] :name A displayable name for this tenant. (optional)
122
+ #
123
+ # @return [Tenant] updated tenant
124
+ #
125
+ # @example Update tenant "test-tenant"'s name
126
+ # Warrant::Tenant.update("test-tenant", { name: "my-new-name@example.com" })
127
+ #
128
+ # @raise [Warrant::DuplicateRecordError]
129
+ # @raise [Warrant::InternalError]
130
+ # @raise [Warrant::InvalidParameterError]
131
+ # @raise [Warrant::InvalidRequestError]
132
+ # @raise [Warrant::NotFoundError]
133
+ # @raise [Warrant::UnauthorizedError]
134
+ # @raise [Warrant::WarrantError]
135
+ def self.update(tenant_id, params = {})
136
+ res = APIOperations.put(URI.parse("#{::Warrant.config.api_base}/v1/tenants/#{tenant_id}"), Util.normalize_params(params))
137
+
138
+ case res
139
+ when Net::HTTPSuccess
140
+ res_json = JSON.parse(res.body)
141
+ Tenant.new(res_json['tenantId'], res_json['name'], res_json['createdAt'])
142
+ else
143
+ APIOperations.raise_error(res)
144
+ end
145
+ end
146
+
147
+ # Updates the tenant with the given params
148
+ #
149
+ # @option params [String] :name A displayable name for this tenant. (optional)
150
+ #
151
+ # @return [Tenant] updated tenant
152
+ #
153
+ # @example Update tenant "test-tenant"'s name
154
+ # tenant = Warrant::Tenant.get("test-tenant")
155
+ # tenant.update(name: "my-new-name@example.com")
156
+ #
157
+ # @raise [Warrant::DuplicateRecordError]
158
+ # @raise [Warrant::InternalError]
159
+ # @raise [Warrant::InvalidParameterError]
160
+ # @raise [Warrant::InvalidRequestError]
161
+ # @raise [Warrant::NotFoundError]
162
+ # @raise [Warrant::UnauthorizedError]
163
+ # @raise [Warrant::WarrantError]
164
+ def update(params = {})
165
+ return Tenant.update(tenant_id, params)
9
166
  end
10
167
  end
11
168
  end
data/lib/warrant/models/user.rb CHANGED
@@ -2,12 +2,322 @@
2
2
 
3
3
  module Warrant
4
4
  class User
5
- attr_reader :tenant_id, :user_id, :email
5
+ attr_reader :user_id, :email, :created_at
6
6
 
7
- def initialize(tenant_id, user_id, email)
8
- @tenant_id = tenant_id
7
+ # @!visibility private
8
+ def initialize(user_id, email, created_at)
9
9
  @user_id = user_id
10
10
  @email = email
11
+ @created_at = created_at
12
+ end
13
+
14
+ # Creates a user with the given parameters
15
+ #
16
+ # @option params [String] :user_id User defined string identifier for this user. If not provided, Warrant will create an id for the user and return it. In this case, you should store the id in your system as you will need to provide it for any authorization requests for that user. Note that userIds in Warrant must be composed of alphanumeric chars and/or '-', '_', and '@'. (optional)
17
+ # @option params [String] :email Email address for this user. Designed to be used as a UI-friendly identifier. (optional)
18
+ #
19
+ # @return [User] created user
20
+ #
21
+ # @example Create a new User with the user id "test-customer"
22
+ # Warrant::User.create(user_id: "test-customer")
23
+ #
24
+ # @raise [Warrant::DuplicateRecordError]
25
+ # @raise [Warrant::InternalError]
26
+ # @raise [Warrant::InvalidParameterError]
27
+ # @raise [Warrant::InvalidRequestError]
28
+ # @raise [Warrant::MissingRequiredParameterError]
29
+ # @raise [Warrant::NotFoundError]
30
+ # @raise [Warrant::UnauthorizedError]
31
+ # @raise [Warrant::WarrantError]
32
+ def self.create(params = {})
33
+ res = APIOperations.post(URI.parse("#{::Warrant.config.api_base}/v1/users"), Util.normalize_params(params))
34
+
35
+ case res
36
+ when Net::HTTPSuccess
37
+ res_json = JSON.parse(res.body)
38
+ User.new(res_json['userId'], res_json['email'], res_json['createdAt'])
39
+ else
40
+ APIOperations.raise_error(res)
41
+ end
42
+ end
43
+
44
+ # Deletes a user with given user id
45
+ #
46
+ # @param user_id [String] User defined string identifier for this user. If not provided, Warrant will create an id for the user and return it. In this case, you should store the id in your system as you will need to provide it for any authorization requests for that user. Note that userIds in Warrant must be composed of alphanumeric chars and/or '-', '_', and '@'.
47
+ #
48
+ # @return [nil] if delete was successful
49
+ #
50
+ # @example Delete a User with the user id "test-customer"
51
+ # Warrant::User.delete("test-customer")
52
+ #
53
+ # @raise [Warrant::InternalError]
54
+ # @raise [Warrant::InvalidRequestError]
55
+ # @raise [Warrant::NotFoundError]
56
+ # @raise [Warrant::UnauthorizedError]
57
+ # @raise [Warrant::WarrantError]
58
+ def self.delete(user_id)
59
+ res = APIOperations.delete(URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}"))
60
+
61
+ case res
62
+ when Net::HTTPSuccess
63
+ return
64
+ else
65
+ APIOperations.raise_error(res)
66
+ end
67
+ end
68
+
69
+ # Lists all users for your organization
70
+ #
71
+ # @return [Array<User>] all users for your organization
72
+ #
73
+ # @example List all users
74
+ # Warrant::User.list()
75
+ #
76
+ # @raise [Warrant::InternalError]
77
+ # @raise [Warrant::InvalidRequestError]
78
+ # @raise [Warrant::NotFoundError]
79
+ # @raise [Warrant::UnauthorizedError]
80
+ # @raise [Warrant::WarrantError]
81
+ def self.list(filters = {})
82
+ res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v1/users"))
83
+
84
+ case res
85
+ when Net::HTTPSuccess
86
+ users = JSON.parse(res.body)
87
+ users.map{ |user| User.new(user['userId'], user['email'], user['createdAt']) }
88
+ else
89
+ APIOperations.raise_error(res)
90
+ end
91
+ end
92
+
93
+ # Get a user with the given user_id
94
+ #
95
+ # @param user_id [String] User defined string identifier for this user. If not provided, Warrant will create an id for the user and return it. In this case, you should store the id in your system as you will need to provide it for any authorization requests for that user. Note that userIds in Warrant must be composed of alphanumeric chars and/or '-', '_', and '@'.
96
+ #
97
+ # @return [User] retrieved user
98
+ #
99
+ # @raise [Warrant::InternalError]
100
+ # @raise [Warrant::InvalidParameterError]
101
+ # @raise [Warrant::InvalidRequestError]
102
+ # @raise [Warrant::NotFoundError]
103
+ # @raise [Warrant::UnauthorizedError]
104
+ # @raise [Warrant::WarrantError]
105
+ def self.get(user_id)
106
+ res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}"))
107
+
108
+ case res
109
+ when Net::HTTPSuccess
110
+ user = JSON.parse(res.body)
111
+ User.new(user['userId'], user['email'], user['createdAt'])
112
+ else
113
+ APIOperations.raise_error(res)
114
+ end
115
+ end
116
+
117
+ # Updates a user with the given user_id and params
118
+ #
119
+ # @param user_id [String] User defined string identifier for this user. If not provided, Warrant will create an id for the user and return it. In this case, you should store the id in your system as you will need to provide it for any authorization requests for that user. Note that userIds in Warrant must be composed of alphanumeric chars and/or '-', '_', and '@'.
120
+ # @param [Hash] params attributes to update user with
121
+ # @option params [String] :email Email address for this user. Designed to be used as a UI-friendly identifier. (optional)
122
+ #
123
+ # @return [User] updated user
124
+ #
125
+ # @example Update user "test-user"'s email
126
+ # Warrant::User.update("test-user", { email: "my-new-email@example.com" })
127
+ #
128
+ # @raise [Warrant::DuplicateRecordError]
129
+ # @raise [Warrant::InternalError]
130
+ # @raise [Warrant::InvalidParameterError]
131
+ # @raise [Warrant::InvalidRequestError]
132
+ # @raise [Warrant::NotFoundError]
133
+ # @raise [Warrant::UnauthorizedError]
134
+ # @raise [Warrant::WarrantError]
135
+ def self.update(user_id, params = {})
136
+ res = APIOperations.put(URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}"), Util.normalize_params(params))
137
+
138
+ case res
139
+ when Net::HTTPSuccess
140
+ res_json = JSON.parse(res.body)
141
+ User.new(res_json['userId'], res_json['email'], res_json['createdAt'])
142
+ else
143
+ APIOperations.raise_error(res)
144
+ end
145
+ end
146
+
147
+ # Updates the user with the given params
148
+ #
149
+ # @option params [String] :email Email address for this user. Designed to be used as a UI-friendly identifier. (optional)
150
+ #
151
+ # @return [User] updated user
152
+ #
153
+ # @example Update user "test-user"'s email
154
+ # user = Warrant::User.get("test-user")
155
+ # user.update(email: "my-new-email@example.com")
156
+ #
157
+ # @raise [Warrant::DuplicateRecordError]
158
+ # @raise [Warrant::InternalError]
159
+ # @raise [Warrant::InvalidParameterError]
160
+ # @raise [Warrant::InvalidRequestError]
161
+ # @raise [Warrant::NotFoundError]
162
+ # @raise [Warrant::UnauthorizedError]
163
+ # @raise [Warrant::WarrantError]
164
+ def update(params = {})
165
+ return User.update(user_id, params)
166
+ end
167
+
168
+ # List all roles for a user.
169
+ #
170
+ # @return [Array<Role>] all roles for the user
171
+ #
172
+ # @raise [Warrant::InternalError]
173
+ # @raise [Warrant::InvalidRequestError]
174
+ # @raise [Warrant::UnauthorizedError]
175
+ # @raise [Warrant::WarrantError]
176
+ def list_roles
177
+ res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/roles"))
178
+
179
+ case res
180
+ when Net::HTTPSuccess
181
+ roles = JSON.parse(res.body)
182
+ roles.map{ |role| Role.new(role['roleId']) }
183
+ else
184
+ APIOperations.raise_error(res)
185
+ end
186
+ end
187
+
188
+ # Assign a role to a user
189
+ #
190
+ # @param user_id [String] The user_id of the user you want to assign a role to.
191
+ # @param role_id [String] The role_id of the role you want to assign to a user.
192
+ #
193
+ # @return [Permission] assigned role
194
+ #
195
+ # @raise [Warrant::InternalError]
196
+ # @raise [Warrant::InvalidRequestError]
197
+ # @raise [Warrant::MissingRequiredParameterError]
198
+ # @raise [Warrant::NotFoundError]
199
+ # @raise [Warrant::UnauthorizedError]
200
+ # @raise [Warrant::WarrantError]
201
+ #
202
+ # @example
203
+ # user = Warrant::User.get("fawa324nfa")
204
+ # user.assign_role("admin")
205
+ def assign_role(role_id)
206
+ return Role.assign_to_user(user_id, role_id)
207
+ end
208
+
209
+ # Remove a role from a user
210
+ #
211
+ # @param user_id [String] The user_id of the role you want to assign a role to.
212
+ # @param role_id [String] The role_id of the role you want to assign to a user.
213
+ #
214
+ # @return [nil] if remove was successful
215
+ #
216
+ # @raise [Warrant::InternalError]
217
+ # @raise [Warrant::InvalidRequestError]
218
+ # @raise [Warrant::MissingRequiredParameterError]
219
+ # @raise [Warrant::NotFoundError]
220
+ # @raise [Warrant::UnauthorizedError]
221
+ # @raise [Warrant::WarrantError]
222
+ #
223
+ # @example
224
+ # user = Warrant::User.get("fawa324nfa")
225
+ # user.remove_role("admin")
226
+ def remove_role(role_id)
227
+ return Role.remove_from_user(user_id, role_id)
228
+ end
229
+
230
+ # List all permissions for a user
231
+ #
232
+ # @return [Array<Permission>] all permissions for the user
233
+ #
234
+ # @raise [Warrant::InternalError]
235
+ # @raise [Warrant::InvalidRequestError]
236
+ # @raise [Warrant::UnauthorizedError]
237
+ # @raise [Warrant::WarrantError]
238
+ def list_permissions
239
+ res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/permissions"))
240
+
241
+ case res
242
+ when Net::HTTPSuccess
243
+ permissions = JSON.parse(res.body)
244
+ permissions.map{ |permission| Permission.new(permission['permissionId']) }
245
+ else
246
+ APIOperations.raise_error(res)
247
+ end
248
+ end
249
+
250
+ # Assign a permission to a user
251
+ #
252
+ # @param user_id [String] The user_id of the user you want to assign a permission to.
253
+ # @param permission_id [String] The permission_id of the permission you want to assign to a user.
254
+ #
255
+ # @return [Permission] assigned permission
256
+ #
257
+ # @raise [Warrant::InternalError]
258
+ # @raise [Warrant::InvalidRequestError]
259
+ # @raise [Warrant::MissingRequiredParameterError]
260
+ # @raise [Warrant::NotFoundError]
261
+ # @raise [Warrant::UnauthorizedError]
262
+ # @raise [Warrant::WarrantError]
263
+ #
264
+ # @example
265
+ # user = Warrant::User.get("fawa324nfa")
266
+ # user.assign_permission("edit-report")
267
+ def assign_permission(permission_id)
268
+ return Permission.assign_to_user(user_id, permission_id)
269
+ end
270
+
271
+ # Remove a permission from a user
272
+ #
273
+ # @param user_id [String] The user_id of the user you want to assign a permission to.
274
+ # @param permission_id [String] The permission_id of the permission you want to assign to a user.
275
+ #
276
+ # @return [nil] if remove was successful
277
+ #
278
+ # @raise [Warrant::InternalError]
279
+ # @raise [Warrant::InvalidRequestError]
280
+ # @raise [Warrant::MissingRequiredParameterError]
281
+ # @raise [Warrant::NotFoundError]
282
+ # @raise [Warrant::UnauthorizedError]
283
+ # @raise [Warrant::WarrantError]
284
+ #
285
+ # @example
286
+ # user = Warrant::User.get("fawa324nfa")
287
+ # user.remove_permission("edit-report")
288
+ def remove_permission(permission_id)
289
+ Permission.remove_from_user(user_id, permission_id)
290
+ end
291
+
292
+ # Checks whether a user has a given permission
293
+ #
294
+ # @param permission_id [String] The permission_id of the permission you want to check whether or not it exists on the user.
295
+ #
296
+ # @return [Boolean] whether or not the user has the given permission
297
+ #
298
+ # @example
299
+ # user = Warrant::User.get("fawa324nfa")
300
+ # user.has_permission?("edit-report")
301
+ #
302
+ # @raise [Warrant::InternalError]
303
+ # @raise [Warrant::InvalidParameterError]
304
+ # @raise [Warrant::InvalidRequestError]
305
+ # @raise [Warrant::MissingRequiredParameterError]
306
+ # @raise [Warrant::NotFoundError]
307
+ # @raise [Warrant::UnauthorizedError]
308
+ # @raise [Warrant::WarrantError]
309
+ def has_permission?(permission_id)
310
+ return Warrant.is_authorized?(
311
+ warrants: [{
312
+ object_type: "permission",
313
+ object_id: permission_id,
314
+ relation: "member",
315
+ subject: {
316
+ object_type: "user",
317
+ object_id: user_id
318
+ }
319
+ }]
320
+ )
11
321
  end
12
322
  end
13
323
  end