warrant 1.0.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/warrant/models/subject.rb +8 -0
- data/lib/warrant/models/tenant.rb +66 -0
- data/lib/warrant/models/user.rb +89 -7
- data/lib/warrant/models/warrant.rb +37 -4
- data/lib/warrant/util.rb +2 -0
- data/lib/warrant/version.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d3ba7f4c3cde89c03aa17c15bfe00fa553172b27365b2e25548e7f349f38d799
|
4
|
+
data.tar.gz: 0fbc797a1768ca2aa47a08a7b2864a4398c25ed3deb2ff26f45e113855961c8c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9240a10a74f6cf277e2a94d392181dbb66f89b5a970b6d4688c3fd6582ecde03fdfdf9dca63294be48f9de48d03d5c2bf0f5b1d5fc9bc689d87876365fde0192
|
7
|
+
data.tar.gz: 5950abb71082b36b859c8679952a1055b6726588353db03df292e036ee11e239c41cdf0abf76995bb1a2c82d34aa21e3bf6643832ba9315e7810a6261c2938c3
|
@@ -9,5 +9,13 @@ module Warrant
|
|
9
9
|
@object_id = object_id
|
10
10
|
@relation = relation
|
11
11
|
end
|
12
|
+
|
13
|
+
def self.new_from_hash(attributes)
|
14
|
+
object_type = attributes.fetch(:object_type)
|
15
|
+
object_id = attributes.fetch(:object_id)
|
16
|
+
relation = attributes.fetch(:relation, nil)
|
17
|
+
|
18
|
+
self.new(object_type, object_id, relation)
|
19
|
+
end
|
12
20
|
end
|
13
21
|
end
|
@@ -164,5 +164,71 @@ module Warrant
|
|
164
164
|
def update(params = {})
|
165
165
|
return Tenant.update(tenant_id, params)
|
166
166
|
end
|
167
|
+
|
168
|
+
# Add a user to a tenant
|
169
|
+
#
|
170
|
+
# @param user_id [String] The user_id of the user you want to add to the tenant.
|
171
|
+
#
|
172
|
+
# @return [Warrant] warrant assigning user to the tenant
|
173
|
+
#
|
174
|
+
# @raise [Warrant::InternalError]
|
175
|
+
# @raise [Warrant::InvalidParameterError]
|
176
|
+
# @raise [Warrant::InvalidRequestError]
|
177
|
+
# @raise [Warrant::NotFoundError]
|
178
|
+
# @raise [Warrant::UnauthorizedError]
|
179
|
+
# @raise [Warrant::WarrantError]
|
180
|
+
def add_user(user_id)
|
181
|
+
return User.add_to_tenant(tenant_id, user_id)
|
182
|
+
end
|
183
|
+
|
184
|
+
# Remove a user from a tenant
|
185
|
+
#
|
186
|
+
# @param user_id [String] The user_id of the user you want to remove from the tenant.
|
187
|
+
#
|
188
|
+
# @return [nil] if remove was successful
|
189
|
+
#
|
190
|
+
# @raise [Warrant::InternalError]
|
191
|
+
# @raise [Warrant::InvalidParameterError]
|
192
|
+
# @raise [Warrant::InvalidRequestError]
|
193
|
+
# @raise [Warrant::NotFoundError]
|
194
|
+
# @raise [Warrant::UnauthorizedError]
|
195
|
+
# @raise [Warrant::WarrantError]
|
196
|
+
def remove_user(user_id)
|
197
|
+
return User.remove_from_tenant(tenant_id, user_id)
|
198
|
+
end
|
199
|
+
|
200
|
+
# List all tenants for a user
|
201
|
+
#
|
202
|
+
# @param user_id [String] The user_id of the user from which to fetch tenants
|
203
|
+
#
|
204
|
+
# @return [Array<Tenant>] all tenants for the user
|
205
|
+
#
|
206
|
+
# @raise [Warrant::InternalError]
|
207
|
+
# @raise [Warrant::InvalidRequestError]
|
208
|
+
# @raise [Warrant::UnauthorizedError]
|
209
|
+
# @raise [Warrant::WarrantError]
|
210
|
+
def self.list_for_user(user_id)
|
211
|
+
res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v1/users/#{user_id}/tenants"))
|
212
|
+
|
213
|
+
case res
|
214
|
+
when Net::HTTPSuccess
|
215
|
+
tenants = JSON.parse(res.body)
|
216
|
+
tenants.map{ |tenant| Tenant.new(tenant['tenantId'], tenant['name'], tenant['createdAt']) }
|
217
|
+
else
|
218
|
+
APIOperations.raise_error(res)
|
219
|
+
end
|
220
|
+
end
|
221
|
+
|
222
|
+
# List all users for a tenant
|
223
|
+
#
|
224
|
+
# @return [Array<User>] all users for the tenant
|
225
|
+
#
|
226
|
+
# @raise [Warrant::InternalError]
|
227
|
+
# @raise [Warrant::InvalidRequestError]
|
228
|
+
# @raise [Warrant::UnauthorizedError]
|
229
|
+
# @raise [Warrant::WarrantError]
|
230
|
+
def list_users
|
231
|
+
return User.list_for_tenant(tenant_id)
|
232
|
+
end
|
167
233
|
end
|
168
234
|
end
|
data/lib/warrant/models/user.rb
CHANGED
@@ -87,7 +87,7 @@ module Warrant
|
|
87
87
|
users.map{ |user| User.new(user['userId'], user['email'], user['createdAt']) }
|
88
88
|
else
|
89
89
|
APIOperations.raise_error(res)
|
90
|
-
end
|
90
|
+
end
|
91
91
|
end
|
92
92
|
|
93
93
|
# Get a user with the given user_id
|
@@ -111,7 +111,7 @@ module Warrant
|
|
111
111
|
User.new(user['userId'], user['email'], user['createdAt'])
|
112
112
|
else
|
113
113
|
APIOperations.raise_error(res)
|
114
|
-
end
|
114
|
+
end
|
115
115
|
end
|
116
116
|
|
117
117
|
# Updates a user with the given user_id and params
|
@@ -182,7 +182,7 @@ module Warrant
|
|
182
182
|
roles.map{ |role| Role.new(role['roleId']) }
|
183
183
|
else
|
184
184
|
APIOperations.raise_error(res)
|
185
|
-
end
|
185
|
+
end
|
186
186
|
end
|
187
187
|
|
188
188
|
# Assign a role to a user
|
@@ -227,7 +227,7 @@ module Warrant
|
|
227
227
|
return Role.remove_from_user(user_id, role_id)
|
228
228
|
end
|
229
229
|
|
230
|
-
# List all permissions for a user
|
230
|
+
# List all permissions for a user
|
231
231
|
#
|
232
232
|
# @return [Array<Permission>] all permissions for the user
|
233
233
|
#
|
@@ -244,12 +244,11 @@ module Warrant
|
|
244
244
|
permissions.map{ |permission| Permission.new(permission['permissionId']) }
|
245
245
|
else
|
246
246
|
APIOperations.raise_error(res)
|
247
|
-
end
|
247
|
+
end
|
248
248
|
end
|
249
249
|
|
250
250
|
# Assign a permission to a user
|
251
251
|
#
|
252
|
-
# @param user_id [String] The user_id of the user you want to assign a permission to.
|
253
252
|
# @param permission_id [String] The permission_id of the permission you want to assign to a user.
|
254
253
|
#
|
255
254
|
# @return [Permission] assigned permission
|
@@ -270,7 +269,6 @@ module Warrant
|
|
270
269
|
|
271
270
|
# Remove a permission from a user
|
272
271
|
#
|
273
|
-
# @param user_id [String] The user_id of the user you want to assign a permission to.
|
274
272
|
# @param permission_id [String] The permission_id of the permission you want to assign to a user.
|
275
273
|
#
|
276
274
|
# @return [nil] if remove was successful
|
@@ -319,5 +317,89 @@ module Warrant
|
|
319
317
|
}]
|
320
318
|
)
|
321
319
|
end
|
320
|
+
|
321
|
+
# Add a user to a tenant
|
322
|
+
#
|
323
|
+
# @param tenant_id [String] The tenant_id of the tenant you want to assign a user to.
|
324
|
+
# @param user_id [String] The user_id of the user you want to add to the tenant.
|
325
|
+
#
|
326
|
+
# @return [Warrant] warrant assigning user to the tenant
|
327
|
+
#
|
328
|
+
# @raise [Warrant::InternalError]
|
329
|
+
# @raise [Warrant::InvalidParameterError]
|
330
|
+
# @raise [Warrant::InvalidRequestError]
|
331
|
+
# @raise [Warrant::NotFoundError]
|
332
|
+
# @raise [Warrant::UnauthorizedError]
|
333
|
+
# @raise [Warrant::WarrantError]
|
334
|
+
def self.add_to_tenant(tenant_id, user_id)
|
335
|
+
res = APIOperations.post(URI.parse("#{::Warrant.config.api_base}/v1/tenants/#{tenant_id}/users/#{user_id}"))
|
336
|
+
|
337
|
+
case res
|
338
|
+
when Net::HTTPSuccess
|
339
|
+
res_json = JSON.parse(res.body)
|
340
|
+
subject = Subject.new(res_json['subject']['objectType'], res_json['subject']['objectId'], res_json['subject']['relation'])
|
341
|
+
Warrant.new(res_json['objectType'], res_json['objectId'], res_json['relation'], subject)
|
342
|
+
else
|
343
|
+
APIOperations.raise_error(res)
|
344
|
+
end
|
345
|
+
end
|
346
|
+
|
347
|
+
# Remove a user from a tenant
|
348
|
+
#
|
349
|
+
# @param tenant_id [String] The tenant_id of the tenant you want to remove the user from.
|
350
|
+
# @param user_id [String] The user_id of the user you want to remove from the tenant.
|
351
|
+
#
|
352
|
+
# @return [nil] if remove was successful
|
353
|
+
#
|
354
|
+
# @raise [Warrant::InternalError]
|
355
|
+
# @raise [Warrant::InvalidParameterError]
|
356
|
+
# @raise [Warrant::InvalidRequestError]
|
357
|
+
# @raise [Warrant::NotFoundError]
|
358
|
+
# @raise [Warrant::UnauthorizedError]
|
359
|
+
# @raise [Warrant::WarrantError]
|
360
|
+
def self.remove_from_tenant(tenant_id, user_id)
|
361
|
+
res = APIOperations.delete(URI.parse("#{::Warrant.config.api_base}/v1/tenants/#{tenant_id}/users/#{user_id}"))
|
362
|
+
|
363
|
+
case res
|
364
|
+
when Net::HTTPSuccess
|
365
|
+
return
|
366
|
+
else
|
367
|
+
APIOperations.raise_error(res)
|
368
|
+
end
|
369
|
+
end
|
370
|
+
|
371
|
+
# List all users for a tenant
|
372
|
+
#
|
373
|
+
# @param tenant_id [String] The tenant_id of the tenant from which to fetch users
|
374
|
+
#
|
375
|
+
# @return [Array<User>] all users for the tenant
|
376
|
+
#
|
377
|
+
# @raise [Warrant::InternalError]
|
378
|
+
# @raise [Warrant::InvalidRequestError]
|
379
|
+
# @raise [Warrant::UnauthorizedError]
|
380
|
+
# @raise [Warrant::WarrantError]
|
381
|
+
def self.list_for_tenant(tenant_id)
|
382
|
+
res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v1/tenants/#{tenant_id}/users"))
|
383
|
+
|
384
|
+
case res
|
385
|
+
when Net::HTTPSuccess
|
386
|
+
users = JSON.parse(res.body)
|
387
|
+
users.map{ |user| User.new(user['userId'], user['email'], user['createdAt']) }
|
388
|
+
else
|
389
|
+
APIOperations.raise_error(res)
|
390
|
+
end
|
391
|
+
end
|
392
|
+
|
393
|
+
# List all tenants for a user
|
394
|
+
#
|
395
|
+
# @return [Array<Tenant>] all tenants for the user
|
396
|
+
#
|
397
|
+
# @raise [Warrant::InternalError]
|
398
|
+
# @raise [Warrant::InvalidRequestError]
|
399
|
+
# @raise [Warrant::UnauthorizedError]
|
400
|
+
# @raise [Warrant::WarrantError]
|
401
|
+
def list_tenants
|
402
|
+
return Tenant.list_for_user(user_id)
|
403
|
+
end
|
322
404
|
end
|
323
405
|
end
|
@@ -2,14 +2,15 @@
|
|
2
2
|
|
3
3
|
module Warrant
|
4
4
|
class Warrant
|
5
|
-
attr_reader :id, :object_type, :object_id, :relation, :subject
|
5
|
+
attr_reader :id, :object_type, :object_id, :relation, :subject, :is_direct_match
|
6
6
|
|
7
7
|
# @!visibility private
|
8
|
-
def initialize(object_type, object_id, relation, subject)
|
8
|
+
def initialize(object_type, object_id, relation, subject, is_direct_match = nil)
|
9
9
|
@object_type = object_type
|
10
10
|
@object_id = object_id
|
11
11
|
@relation = relation
|
12
12
|
@subject = subject
|
13
|
+
@is_direct_match = is_direct_match
|
13
14
|
end
|
14
15
|
|
15
16
|
# Create a new warrant that associates an object (object_type and object_id) to a subject via a relation.
|
@@ -38,7 +39,7 @@ module Warrant
|
|
38
39
|
|
39
40
|
case res
|
40
41
|
when Net::HTTPSuccess
|
41
|
-
subject = Subject.new(res_json['subject']['objectType'], res_json['subject']['objectId'])
|
42
|
+
subject = Subject.new(res_json['subject']['objectType'], res_json['subject']['objectId'], res_json['subject']['relation'])
|
42
43
|
Warrant.new(res_json['objectType'], res_json['objectId'], res_json['relation'], subject)
|
43
44
|
else
|
44
45
|
APIOperations.raise_error(res)
|
@@ -95,7 +96,7 @@ module Warrant
|
|
95
96
|
when Net::HTTPSuccess
|
96
97
|
warrants = JSON.parse(res.body)
|
97
98
|
warrants.map{ |warrant|
|
98
|
-
subject = Subject.new(warrant['subject']['objectType'], warrant['subject']['objectId'])
|
99
|
+
subject = Subject.new(warrant['subject']['objectType'], warrant['subject']['objectId'], warrant['subject']['relation'])
|
99
100
|
Warrant.new(warrant['objectType'], warrant['objectId'], warrant['relation'], subject)
|
100
101
|
}
|
101
102
|
else
|
@@ -103,6 +104,38 @@ module Warrant
|
|
103
104
|
end
|
104
105
|
end
|
105
106
|
|
107
|
+
# Query to find all warrants for a given subject.
|
108
|
+
#
|
109
|
+
# @option params [String] :object_type The type of object. Must be one of your system's existing object types. (optional)
|
110
|
+
# @option params [String] :relation The relation for this object to subject association. The relation must be valid as per the object type definition. (optional)
|
111
|
+
# @option params [String] :subject The subject to query warrants for. This should be in the format `OBJECT_TYPE:OBJECT_ID`, i.e. `user:8`
|
112
|
+
# * subject (Hash) - The specific subject for which warrants will be queried for.
|
113
|
+
# * object_type (String) - The type of object. Must be one of your system's existing object types.
|
114
|
+
# * object_id (String) - The id of the specific object.
|
115
|
+
#
|
116
|
+
# @return [Array<Warrant>] list of all warrants with provided params
|
117
|
+
#
|
118
|
+
# @raise [Warrant::InternalError]
|
119
|
+
# @raise [Warrant::InvalidRequestError]
|
120
|
+
# @raise [Warrant::NotFoundError]
|
121
|
+
# @raise [Warrant::UnauthorizedError]
|
122
|
+
# @raise [Warrant::WarrantError]
|
123
|
+
def self.query(params = {})
|
124
|
+
params[:subject] = Subject.new_from_hash(params[:subject])
|
125
|
+
res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v1/query"), params)
|
126
|
+
|
127
|
+
case res
|
128
|
+
when Net::HTTPSuccess
|
129
|
+
warrants = JSON.parse(res.body)
|
130
|
+
warrants.map{ |warrant|
|
131
|
+
subject = Subject.new(warrant['subject']['objectType'], warrant['subject']['objectId'], warrant['subject']['relation'])
|
132
|
+
Warrant.new(warrant['objectType'], warrant['objectId'], warrant['relation'], subject, warrant['isDirectMatch'])
|
133
|
+
}
|
134
|
+
else
|
135
|
+
APIOperations.raise_error(res)
|
136
|
+
end
|
137
|
+
end
|
138
|
+
|
106
139
|
# Checks whether a specified access check is authorized or not.
|
107
140
|
# If you would like to check only one warrant, then you can exclude the op param and provide an array with one warrant.
|
108
141
|
#
|
data/lib/warrant/util.rb
CHANGED
data/lib/warrant/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warrant
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Warrant
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-12-12 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Ruby library for the Warrant API at https://warrant.dev.
|
14
14
|
email: hello@warrant.dev
|
@@ -46,7 +46,7 @@ metadata:
|
|
46
46
|
source_code_uri: https://github.com/warrant-dev/warrant-ruby
|
47
47
|
changelog_uri: https://github.com/warrant-dev/warrant-ruby/CHANGELOG.md
|
48
48
|
documentation_uri: https://docs.warrant.dev/
|
49
|
-
post_install_message:
|
49
|
+
post_install_message:
|
50
50
|
rdoc_options: []
|
51
51
|
require_paths:
|
52
52
|
- lib
|
@@ -61,8 +61,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
61
61
|
- !ruby/object:Gem::Version
|
62
62
|
version: '0'
|
63
63
|
requirements: []
|
64
|
-
rubygems_version: 3.2.
|
65
|
-
signing_key:
|
64
|
+
rubygems_version: 3.2.32
|
65
|
+
signing_key:
|
66
66
|
specification_version: 4
|
67
67
|
summary: Warrant Ruby Library
|
68
68
|
test_files: []
|