warrant 4.0.0 → 5.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/warrant/api_operations.rb +9 -7
- data/lib/warrant/models/feature.rb +122 -99
- data/lib/warrant/models/list_response.rb +14 -0
- data/lib/warrant/models/object.rb +230 -0
- data/lib/warrant/models/permission.rb +72 -103
- data/lib/warrant/models/pricing_tier.rb +128 -97
- data/lib/warrant/models/query_result.rb +16 -0
- data/lib/warrant/models/role.rb +72 -97
- data/lib/warrant/models/session.rb +4 -4
- data/lib/warrant/models/tenant.rb +131 -133
- data/lib/warrant/models/user.rb +180 -155
- data/lib/warrant/models/warrant.rb +196 -94
- data/lib/warrant/version.rb +1 -1
- data/lib/warrant.rb +3 -0
- metadata +5 -2
@@ -0,0 +1,230 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Warrant
|
4
|
+
class Object
|
5
|
+
attr_reader :object_type, :object_id, :meta, :created_at
|
6
|
+
|
7
|
+
# @!visibility private
|
8
|
+
def initialize(object_type, object_id, meta = {}, created_at = nil)
|
9
|
+
@object_type = object_type
|
10
|
+
@object_id = object_id
|
11
|
+
@meta = meta
|
12
|
+
@created_at = created_at
|
13
|
+
end
|
14
|
+
|
15
|
+
# Creates an object with the given parameters
|
16
|
+
#
|
17
|
+
# @option params [String] :object_type The type of the object (e.g. user, tenant, role, permission, etc).
|
18
|
+
# @option params [String] :object_id Customer defined string identifier for this object. Can only contain alphanumeric chars and/or '-', '_', '|', '@'. If not provided, Warrant will create a univerally unique identifier (UUID) for the object and return it. If allowing Warrant to generate an id, store the id in your application so you can provide it for authorization requests on that object. (optional)
|
19
|
+
# @option params [Hash] :meta A JSON object containing additional information about this object (e.g. role name/description, user email/name, etc.) to be persisted to Warrant. (optional)
|
20
|
+
#
|
21
|
+
# @return [Object] created object
|
22
|
+
#
|
23
|
+
# @example Create a new Object with the object type "user" and object id "test-customer"
|
24
|
+
# Warrant::Object.create(object_type: "user", object_id: "test-customer")
|
25
|
+
#
|
26
|
+
# @raise [Warrant::DuplicateRecordError]
|
27
|
+
# @raise [Warrant::InternalError]
|
28
|
+
# @raise [Warrant::InvalidParameterError]
|
29
|
+
# @raise [Warrant::InvalidRequestError]
|
30
|
+
# @raise [Warrant::NotFoundError]
|
31
|
+
# @raise [Warrant::UnauthorizedError]
|
32
|
+
def self.create(params = {}, options = {})
|
33
|
+
res = APIOperations.post(URI.parse("#{::Warrant.config.api_base}/v2/objects"), params: Util.normalize_params(params), options: options)
|
34
|
+
|
35
|
+
case res
|
36
|
+
when Net::HTTPSuccess
|
37
|
+
res_json = JSON.parse(res.body, symbolize_names: true)
|
38
|
+
Object.new(res_json[:objectType], res_json[:objectId], res_json[:meta], res_json[:createdAt])
|
39
|
+
else
|
40
|
+
APIOperations.raise_error(res)
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
# Batch creates multiple objects with given parameters
|
45
|
+
#
|
46
|
+
# @param [Array<Hash>] objects Array of objects to create.
|
47
|
+
# @option objects [String] :object_type The type of the object (e.g. user, tenant, role, permission, etc).
|
48
|
+
# @option objects [String] :object_id Customer defined string identifier for this object. Can only contain alphanumeric chars and/or '-', '_', '|', '@'. If not provided, Warrant will create a univerally unique identifier (UUID) for the object and return it. If allowing Warrant to generate an id, store the id in your application so you can provide it for authorization requests on that object. (optional)
|
49
|
+
# @option objects [Hash] :meta A JSON object containing additional information about this object (e.g. role name/description, user email/name, etc.) to be persisted to Warrant. (optional)
|
50
|
+
#
|
51
|
+
# @return [Array<Object>] all created objects
|
52
|
+
#
|
53
|
+
# @example Create two new objects with object type "user" and object ids "test-user-1" and "test-user-2"
|
54
|
+
# Warrant::Object.batch_create([{ object_type: "user", object_id: "test-user-1" }, { object_type: "user", object_id: "test-user-2" }])
|
55
|
+
#
|
56
|
+
# @raise [Warrant::DuplicateRecordError]
|
57
|
+
# @raise [Warrant::InternalError]
|
58
|
+
# @raise [Warrant::InvalidParameterError]
|
59
|
+
# @raise [Warrant::InvalidRequestError]
|
60
|
+
# @raise [Warrant::NotFoundError]
|
61
|
+
# @raise [Warrant::UnauthorizedError]
|
62
|
+
def self.batch_create(objects, options = {})
|
63
|
+
res = APIOperations.post(URI.parse("#{::Warrant.config.api_base}/v2/objects"), params: Util.normalize_params(objects), options: options)
|
64
|
+
|
65
|
+
case res
|
66
|
+
when Net::HTTPSuccess
|
67
|
+
objects = JSON.parse(res.body, symbolize_names: true)
|
68
|
+
objects.map{ |object| Object.new(object[:objectType], object[:objectId], object[:meta], object[:createdAt]) }
|
69
|
+
else
|
70
|
+
APIOperations.raise_error(res)
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
# Deletes a object with given object type and id
|
75
|
+
#
|
76
|
+
# @param object_type [String] The type of the object (e.g. user, tenant, role, permission, etc).
|
77
|
+
# @param object_id [String] User defined string identifier for this object.
|
78
|
+
#
|
79
|
+
# @return [nil] if delete was successful
|
80
|
+
#
|
81
|
+
# @example Delete a Object with the object type "user" and object id "test-customer"
|
82
|
+
# Warrant::Object.delete("user", "test-customer")
|
83
|
+
#
|
84
|
+
# @raise [Warrant::InternalError]
|
85
|
+
# @raise [Warrant::InvalidParameterError]
|
86
|
+
# @raise [Warrant::NotFoundError]
|
87
|
+
# @raise [Warrant::UnauthorizedError]
|
88
|
+
def self.delete(object_type, object_id, options = {})
|
89
|
+
res = APIOperations.delete(URI.parse("#{::Warrant.config.api_base}/v2/objects/#{object_type}/#{object_id}"), options: options)
|
90
|
+
|
91
|
+
case res
|
92
|
+
when Net::HTTPSuccess
|
93
|
+
return res['Warrant-Token']
|
94
|
+
else
|
95
|
+
APIOperations.raise_error(res)
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
# Batch deletes multiple objects with given parameters
|
100
|
+
#
|
101
|
+
# @param [Array<Hash>] objects Array of objects to delete.
|
102
|
+
# @option objects [String] :object_type The type of the object (e.g. user, tenant, role, permission, etc).
|
103
|
+
# @option objects [String] :object_id Customer defined string identifier for this object.
|
104
|
+
#
|
105
|
+
# @return [nil] if delete was successful
|
106
|
+
#
|
107
|
+
# @example Delete two objects with object type "user" and object ids "test-user-1" and "test-user-2"
|
108
|
+
# Warrant::Object.batch_delete([{ object_type: "user", object_id: "test-user-1" }, { object_type: "user", object_id: "test-user-2" }])
|
109
|
+
#
|
110
|
+
# @raise [Warrant::InternalError]
|
111
|
+
# @raise [Warrant::InvalidParameterError]
|
112
|
+
# @raise [Warrant::NotFoundError]
|
113
|
+
# @raise [Warrant::UnauthorizedError]
|
114
|
+
def self.batch_delete(objects, options = {})
|
115
|
+
res = APIOperations.delete(URI.parse("#{::Warrant.config.api_base}/v2/objects"), params: Util.normalize_params(objects), options: options)
|
116
|
+
|
117
|
+
case res
|
118
|
+
when Net::HTTPSuccess
|
119
|
+
return res['Warrant-Token']
|
120
|
+
else
|
121
|
+
APIOperations.raise_error(res)
|
122
|
+
end
|
123
|
+
end
|
124
|
+
|
125
|
+
# Lists all objects for your organization and environment
|
126
|
+
#
|
127
|
+
# @param [Hash] filters Filters to apply to result set
|
128
|
+
# @param [Hash] options Options to apply on a per-request basis
|
129
|
+
# @option filters [String] :object_type Only return objects with an +object_type+ matching this value
|
130
|
+
# @option filters [Integer] :limit A positive integer representing the maximum number of items to return in the response. Must be less than or equal to 1000. Defaults to 25. (optional)
|
131
|
+
# @option filters [String] :prev_cursor A cursor representing your place in a list of results. Requests containing prev_cursor will return the results immediately preceding the cursor. (optional)
|
132
|
+
# @option filters [String] :next_cursor A cursor representing your place in a list of results. Requests containing next_cursor will return the results immediately following the cursor. (optional)
|
133
|
+
# @option filters [String] :sort_by The column to sort the result by. Unless otherwise specified, all list endpoints are sorted by their unique identifier by default. Supported values for objects are +object_type+, +object_id+, and +created_at+ (optional)
|
134
|
+
# @option filters [String] :sort_order The order in which to sort the result by. Valid values are +ASC+ and +DESC+. Defaults to +ASC+. (optional)
|
135
|
+
# @option options [String] :warrant_token A valid warrant token from a previous write operation or latest. Used to specify desired consistency for this read operation. (optional)
|
136
|
+
#
|
137
|
+
# @return [Array<Object>] all objects for your organization and environment
|
138
|
+
#
|
139
|
+
# @example List all objects
|
140
|
+
# Warrant::Object.list()
|
141
|
+
#
|
142
|
+
# @raise [Warrant::InternalError]
|
143
|
+
# @raise [Warrant::InvalidParameterError]
|
144
|
+
# @raise [Warrant::UnauthorizedError]
|
145
|
+
def self.list(filters = {}, options = {})
|
146
|
+
res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v2/objects"), params: Util.normalize_params(filters), options: options)
|
147
|
+
|
148
|
+
case res
|
149
|
+
when Net::HTTPSuccess
|
150
|
+
list_result = JSON.parse(res.body, symbolize_names: true)
|
151
|
+
objects = list_result[:results].map{ |object| Object.new(object[:objectType], object[:objectId], object[:meta], object[:createdAt]) }
|
152
|
+
return ListResponse.new(objects, list_result[:prevCursor], list_result[:nextCursor])
|
153
|
+
else
|
154
|
+
APIOperations.raise_error(res)
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
# Get a object with the given object_type and object_id
|
159
|
+
#
|
160
|
+
# @param object_id [String] Object defined string identifier for this object. If not provided, Warrant will create an id for the object and return it. In this case, you should store the id in your system as you will need to provide it for any authorization requests for that object. Note that objectIds in Warrant must be composed of alphanumeric chars and/or '-', '_', and '@'.
|
161
|
+
#
|
162
|
+
# @return [Object] retrieved object
|
163
|
+
#
|
164
|
+
# @raise [Warrant::InternalError]
|
165
|
+
# @raise [Warrant::InvalidParameterError]
|
166
|
+
# @raise [Warrant::NotFoundError]
|
167
|
+
# @raise [Warrant::UnauthorizedError]
|
168
|
+
def self.get(object_type, object_id, options = {})
|
169
|
+
res = APIOperations.get(URI.parse("#{::Warrant.config.api_base}/v2/objects/#{object_type}/#{object_id}"), options: options)
|
170
|
+
|
171
|
+
case res
|
172
|
+
when Net::HTTPSuccess
|
173
|
+
object = JSON.parse(res.body, symbolize_names: true)
|
174
|
+
Object.new(object[:objectType], object[:objectId], object[:meta], object[:createdAt])
|
175
|
+
else
|
176
|
+
APIOperations.raise_error(res)
|
177
|
+
end
|
178
|
+
end
|
179
|
+
|
180
|
+
# Updates a object with the given object_type and object_id and params
|
181
|
+
#
|
182
|
+
# @param object_type [String] The type of the object (e.g. user, tenant, role, permission, etc).
|
183
|
+
# @param object_id [String] User defined string identifier for this object.
|
184
|
+
# @param meta [Hash] A JSON object containing additional information about this object (e.g. role name/description, user email/name, etc.) to be persisted to Warrant.
|
185
|
+
#
|
186
|
+
# @return [Object] updated object
|
187
|
+
#
|
188
|
+
# @example Update user "test-user"'s email
|
189
|
+
# Warrant::Object.update("user", "test-user", { email: "my-new-email@example.com" })
|
190
|
+
#
|
191
|
+
# @raise [Warrant::InternalError]
|
192
|
+
# @raise [Warrant::InvalidParameterError]
|
193
|
+
# @raise [Warrant::InvalidRequestError]
|
194
|
+
# @raise [Warrant::NotFoundError]
|
195
|
+
# @raise [Warrant::UnauthorizedError]
|
196
|
+
def self.update(object_type, object_id, meta, options = {})
|
197
|
+
params = {
|
198
|
+
meta: meta,
|
199
|
+
}
|
200
|
+
res = APIOperations.put(URI.parse("#{::Warrant.config.api_base}/v2/objects/#{object_type}/#{object_id}"), params: Util.normalize_params(params), options: options)
|
201
|
+
|
202
|
+
case res
|
203
|
+
when Net::HTTPSuccess
|
204
|
+
res_json = JSON.parse(res.body, symbolize_names: true)
|
205
|
+
Object.new(res_json[:objectType], res_json[:objectId], res_json[:meta], res_json[:createdAt])
|
206
|
+
else
|
207
|
+
APIOperations.raise_error(res)
|
208
|
+
end
|
209
|
+
end
|
210
|
+
|
211
|
+
# Updates a object with the given object_type and object_id and params
|
212
|
+
#
|
213
|
+
# @param meta [Hash] A JSON object containing additional information about this object (e.g. role name/description, user email/name, etc.) to be persisted to Warrant.
|
214
|
+
#
|
215
|
+
# @return [Object] updated object
|
216
|
+
#
|
217
|
+
# @example Update user "test-user"'s email
|
218
|
+
# user = Warrant::Object.get("user", "test-user")
|
219
|
+
# user.update({ email: "my-new-email@example.com" })
|
220
|
+
#
|
221
|
+
# @raise [Warrant::InternalError]
|
222
|
+
# @raise [Warrant::InvalidParameterError]
|
223
|
+
# @raise [Warrant::InvalidRequestError]
|
224
|
+
# @raise [Warrant::NotFoundError]
|
225
|
+
# @raise [Warrant::UnauthorizedError]
|
226
|
+
def update(meta, options = {})
|
227
|
+
return Object.update(object_type, object_id, meta, options)
|
228
|
+
end
|
229
|
+
end
|
230
|
+
end
|
@@ -1,23 +1,22 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Warrant
|
4
|
-
class Permission
|
4
|
+
class Permission < Warrant::Object
|
5
5
|
OBJECT_TYPE = "permission"
|
6
6
|
|
7
7
|
include Warrant::WarrantObject
|
8
8
|
|
9
|
-
|
9
|
+
alias :permission_id :object_id
|
10
10
|
|
11
11
|
# @!visibility private
|
12
|
-
def initialize(permission_id,
|
13
|
-
|
14
|
-
@name = name
|
15
|
-
@description = description
|
12
|
+
def initialize(permission_id, meta = {}, created_at = nil)
|
13
|
+
super(OBJECT_TYPE, permission_id, meta, created_at)
|
16
14
|
end
|
17
15
|
|
18
16
|
# Creates a permission with the given parameters
|
19
17
|
#
|
20
|
-
# @option params [String] :
|
18
|
+
# @option params [String] :role_id User defined string identifier for this permission. If not provided, Warrant will create an id for the permission and return it. In this case, you should store the id in your system as you will need to provide it for any authorization requests for that permission. Note that permissionIds in Warrant must be composed of alphanumeric chars, '-', and/or '_'. (optional)
|
19
|
+
# @option params [Hash] :meta A JSON object containing additional information about this permission (e.g. name/description) to be persisted to Warrant. (optional)
|
21
20
|
#
|
22
21
|
# @return [Permission] created permission
|
23
22
|
#
|
@@ -28,16 +27,9 @@ module Warrant
|
|
28
27
|
# @raise [Warrant::InternalError]
|
29
28
|
# @raise [Warrant::InvalidRequestError]
|
30
29
|
# @raise [Warrant::UnauthorizedError]
|
31
|
-
def self.create(params = {})
|
32
|
-
|
33
|
-
|
34
|
-
case res
|
35
|
-
when Net::HTTPSuccess
|
36
|
-
res_json = JSON.parse(res.body)
|
37
|
-
Permission.new(res_json['permissionId'], res_json['name'], res_json['description'])
|
38
|
-
else
|
39
|
-
APIOperations.raise_error(res)
|
40
|
-
end
|
30
|
+
def self.create(params = {}, options = {})
|
31
|
+
object = Object.create({ object_type: OBJECT_TYPE, object_id: params[:permission_id], meta: params[:meta] }, options)
|
32
|
+
return Permission.new(object.object_id, object.meta, object.created_at)
|
41
33
|
end
|
42
34
|
|
43
35
|
# Deletes a permission with given permission id
|
@@ -53,27 +45,20 @@ module Warrant
|
|
53
45
|
# @raise [Warrant::MissingRequiredParameterError]
|
54
46
|
# @raise [Warrant::NotFoundError]
|
55
47
|
# @raise [Warrant::UnauthorizedError]
|
56
|
-
def self.delete(permission_id)
|
57
|
-
|
58
|
-
|
59
|
-
case res
|
60
|
-
when Net::HTTPSuccess
|
61
|
-
return
|
62
|
-
else
|
63
|
-
APIOperations.raise_error(res)
|
64
|
-
end
|
48
|
+
def self.delete(permission_id, options = {})
|
49
|
+
return Object.delete(OBJECT_TYPE, permission_id, options)
|
65
50
|
end
|
66
51
|
|
67
52
|
# Lists all permissions for your organization
|
68
53
|
#
|
69
|
-
# @
|
70
|
-
# @
|
71
|
-
# @option filters [
|
72
|
-
# @option filters [String] :
|
73
|
-
# @option filters [String] :
|
74
|
-
# @option filters [String] :
|
75
|
-
# @option filters [String] :
|
76
|
-
# @option
|
54
|
+
# @param [Hash] filters Filters to apply to result set
|
55
|
+
# @param [Hash] options Options to apply on a per-request basis
|
56
|
+
# @option filters [Integer] :limit A positive integer representing the maximum number of items to return in the response. Must be less than or equal to 1000. Defaults to 25. (optional)
|
57
|
+
# @option filters [String] :prev_cursor A cursor representing your place in a list of results. Requests containing prev_cursor will return the results immediately preceding the cursor. (optional)
|
58
|
+
# @option filters [String] :next_cursor A cursor representing your place in a list of results. Requests containing next_cursor will return the results immediately following the cursor. (optional)
|
59
|
+
# @option filters [String] :sort_by The column to sort the result by. Unless otherwise specified, all list endpoints are sorted by their unique identifier by default. Supported values for objects are +object_type+, +object_id+, and +created_at+ (optional)
|
60
|
+
# @option filters [String] :sort_order The order in which to sort the result by. Valid values are +ASC+ and +DESC+. Defaults to +ASC+. (optional)
|
61
|
+
# @option options [String] :warrant_token A valid warrant token from a previous write operation or latest. Used to specify desired consistency for this read operation. (optional)
|
77
62
|
#
|
78
63
|
# @return [Array<Permission>] all permissions for your organization
|
79
64
|
#
|
@@ -83,16 +68,11 @@ module Warrant
|
|
83
68
|
# @raise [Warrant::InternalError]
|
84
69
|
# @raise [Warrant::InvalidParameterError]
|
85
70
|
# @raise [Warrant::UnauthorizedError]
|
86
|
-
def self.list(filters = {})
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
permissions = JSON.parse(res.body)
|
92
|
-
permissions.map{ |permission| Permission.new(permission['permissionId'], permission['name'], permission['description']) }
|
93
|
-
else
|
94
|
-
APIOperations.raise_error(res)
|
95
|
-
end
|
71
|
+
def self.list(filters = {}, options = {})
|
72
|
+
filters.merge({ object_type: "permission" })
|
73
|
+
list_response = Object.list(filters, options)
|
74
|
+
permissions = list_response.results.map{ |object| Permission.new(object.object_id, object.meta, object.created_at)}
|
75
|
+
return ListResponse.new(permissions, list_response.prev_cursor, list_response.next_cursor)
|
96
76
|
end
|
97
77
|
|
98
78
|
# Get a permission with the given permission_id
|
@@ -105,24 +85,15 @@ module Warrant
|
|
105
85
|
# @raise [Warrant::MissingRequiredParameterError]
|
106
86
|
# @raise [Warrant::NotFoundError]
|
107
87
|
# @raise [Warrant::UnauthorizedError]
|
108
|
-
def self.get(permission_id)
|
109
|
-
|
110
|
-
|
111
|
-
case res
|
112
|
-
when Net::HTTPSuccess
|
113
|
-
permission = JSON.parse(res.body)
|
114
|
-
Permission.new(permission['permissionId'], permission['name'], permission['description'])
|
115
|
-
else
|
116
|
-
APIOperations.raise_error(res)
|
117
|
-
end
|
88
|
+
def self.get(permission_id, options = {})
|
89
|
+
object = Object.get(OBJECT_TYPE, permission_id, options)
|
90
|
+
return Permission.new(object.object_id, object.meta, object.created_at)
|
118
91
|
end
|
119
92
|
|
120
93
|
# Updates a permission with the given role_id and params
|
121
94
|
#
|
122
95
|
# @param permission_id [String] The permission_id of the permission to be updated.
|
123
|
-
# @param [Hash]
|
124
|
-
# @option params [String] :name Name for the permission. Designed to be used as a UI-friendly identifier. (optional)
|
125
|
-
# @option params [String] :description Description of the permission. Designed to be used as a UI-friendly identifier. (optional)
|
96
|
+
# @param meta [Hash] A JSON object containing additional information about this permission (e.g. name/description, etc.) to be persisted to Warrant.
|
126
97
|
#
|
127
98
|
# @return [Permission] updated permission
|
128
99
|
#
|
@@ -134,23 +105,15 @@ module Warrant
|
|
134
105
|
# @raise [Warrant::InvalidRequestError]
|
135
106
|
# @raise [Warrant::NotFoundError]
|
136
107
|
# @raise [Warrant::UnauthorizedError]
|
137
|
-
def self.update(permission_id,
|
138
|
-
|
139
|
-
|
140
|
-
case res
|
141
|
-
when Net::HTTPSuccess
|
142
|
-
res_json = JSON.parse(res.body)
|
143
|
-
Permission.new(res_json['permissionId'], res_json['name'], res_json['description'])
|
144
|
-
else
|
145
|
-
APIOperations.raise_error(res)
|
146
|
-
end
|
108
|
+
def self.update(permission_id, meta, options = {})
|
109
|
+
object = Object.update(OBJECT_TYPE, permission_id, meta, options)
|
110
|
+
return Permission.new(object.object_id, object.meta, object.created_at)
|
147
111
|
end
|
148
112
|
|
149
113
|
# Updates a permission with the given params
|
150
114
|
#
|
151
115
|
# @param [Hash] params attributes to update user with
|
152
|
-
# @
|
153
|
-
# @option params [String] :description Description of the permission. Designed to be used as a UI-friendly identifier. (optional)
|
116
|
+
# @param meta [Hash] A JSON object containing additional information about this permission (e.g. name/description, etc.) to be persisted to Warrant.
|
154
117
|
#
|
155
118
|
# @return [Permission] updated permission
|
156
119
|
#
|
@@ -162,37 +125,39 @@ module Warrant
|
|
162
125
|
# @raise [Warrant::InvalidRequestError]
|
163
126
|
# @raise [Warrant::NotFoundError]
|
164
127
|
# @raise [Warrant::UnauthorizedError]
|
165
|
-
def update(
|
166
|
-
return Permission.update(permission_id,
|
128
|
+
def update(meta, options = {})
|
129
|
+
return Permission.update(permission_id, meta, options)
|
167
130
|
end
|
168
131
|
|
169
132
|
# List permissions for a role
|
170
133
|
#
|
171
134
|
# @param role_id [String] The role_id of the role to list assigned permissions for.
|
172
|
-
# @
|
173
|
-
# @
|
135
|
+
# @param [Hash] filters Filters to apply to result set
|
136
|
+
# @param [Hash] options Options to apply on a per-request basis
|
137
|
+
# @option filters [String] :object_type Only return objects with an `objectType` matching this value
|
138
|
+
# @option filters [Integer] :limit A positive integer representing the maximum number of items to return in the response. Must be less than or equal to 1000. Defaults to 25. (optional)
|
139
|
+
# @option filters [String] :prev_cursor A cursor representing your place in a list of results. Requests containing prev_cursor will return the results immediately preceding the cursor. (optional)
|
140
|
+
# @option filters [String] :next_cursor A cursor representing your place in a list of results. Requests containing next_cursor will return the results immediately following the cursor. (optional)
|
141
|
+
# @option filters [String] :sort_by The column to sort the result by. Unless otherwise specified, all list endpoints are sorted by their unique identifier by default. Supported values for objects are +object_type+, +object_id+, and +created_at+ (optional)
|
142
|
+
# @option filters [String] :sort_order The order in which to sort the result by. Valid values are +ASC+ and +DESC+. Defaults to +ASC+. (optional)
|
143
|
+
# @option options [String] :warrant_token A valid warrant token from a previous write operation or latest. Used to specify desired consistency for this read operation. (optional)
|
174
144
|
#
|
175
145
|
# @return [Array<Permission>] all assigned permissions for the role
|
176
146
|
#
|
177
147
|
# @raise [Warrant::InternalError]
|
178
148
|
# @raise [Warrant::MissingRequiredParameterError]
|
179
149
|
# @raise [Warrant::UnauthorizedError]
|
180
|
-
def self.list_for_role(role_id, filters = {})
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
when Net::HTTPSuccess
|
185
|
-
permissions = JSON.parse(res.body)
|
186
|
-
permissions.map{ |permission| Permission.new(permission['permissionId'], permission['name'], permission['description']) }
|
187
|
-
else
|
188
|
-
APIOperations.raise_error(res)
|
189
|
-
end
|
150
|
+
def self.list_for_role(role_id, filters = {}, options = {})
|
151
|
+
query_response = Warrant.query("select permission where role:#{role_id} is *", filters: filters, options: options)
|
152
|
+
permissions = query_response.results.map{ |result| Permission.new(result.object_id, result.meta) }
|
153
|
+
return ListResponse.new(permissions, query_response.prev_cursor, query_response.next_cursor)
|
190
154
|
end
|
191
155
|
|
192
156
|
# Assign a permission to a role
|
193
157
|
#
|
194
158
|
# @param role_id [String] The role_id of the role you want to assign a permission to.
|
195
159
|
# @param permission_id [String] The permission_id of the permission you want to assign to a role.
|
160
|
+
# @param relation [String] The relation for this permission to role association. The relation must be valid as per the +permission+ object type definition.
|
196
161
|
#
|
197
162
|
# @return [Warrant] warrant assigning permission to role
|
198
163
|
#
|
@@ -202,14 +167,15 @@ module Warrant
|
|
202
167
|
# @raise [Warrant::MissingRequiredParameterError]
|
203
168
|
# @raise [Warrant::NotFoundError]
|
204
169
|
# @raise [Warrant::UnauthorizedError]
|
205
|
-
def self.assign_to_role(role_id, permission_id)
|
206
|
-
Warrant.create({ object_type: Permission::OBJECT_TYPE, object_id: permission_id },
|
170
|
+
def self.assign_to_role(role_id, permission_id, relation: "member", options: {})
|
171
|
+
Warrant.create({ object_type: Permission::OBJECT_TYPE, object_id: permission_id }, relation, { object_type: Role::OBJECT_TYPE, object_id: role_id }, nil, options)
|
207
172
|
end
|
208
173
|
|
209
174
|
# Remove a permission from a role
|
210
175
|
#
|
211
176
|
# @param role_id [String] The role_id of the role you want to remove a permission from.
|
212
177
|
# @param permission_id [String] The permission_id of the permission you want to remove from a role.
|
178
|
+
# @param relation [String] The relation for this permission to role association. The relation must be valid as per the +permission+ object type definition.
|
213
179
|
#
|
214
180
|
# @return [nil] if remove was successful
|
215
181
|
#
|
@@ -218,37 +184,39 @@ module Warrant
|
|
218
184
|
# @raise [Warrant::NotFoundError]
|
219
185
|
# @raise [Warrant::UnauthorizedError]
|
220
186
|
# @raise [Warrant::WarrantError]
|
221
|
-
def self.remove_from_role(role_id, permission_id)
|
222
|
-
Warrant.delete({ object_type: Permission::OBJECT_TYPE, object_id: permission_id },
|
187
|
+
def self.remove_from_role(role_id, permission_id, relation: "member", options: {})
|
188
|
+
Warrant.delete({ object_type: Permission::OBJECT_TYPE, object_id: permission_id }, relation, { object_type: Role::OBJECT_TYPE, object_id: role_id }, nil, options)
|
223
189
|
end
|
224
190
|
|
225
191
|
# List permissions for a user
|
226
192
|
#
|
227
193
|
# @param user_id [String] The user_id of the user to list assigned permissions for.
|
228
|
-
# @
|
229
|
-
# @
|
194
|
+
# @param [Hash] filters Filters to apply to result set
|
195
|
+
# @param [Hash] options Options to apply on a per-request basis
|
196
|
+
# @option filters [String] :object_type Only return objects with an `objectType` matching this value
|
197
|
+
# @option filters [Integer] :limit A positive integer representing the maximum number of items to return in the response. Must be less than or equal to 1000. Defaults to 25. (optional)
|
198
|
+
# @option filters [String] :prev_cursor A cursor representing your place in a list of results. Requests containing prev_cursor will return the results immediately preceding the cursor. (optional)
|
199
|
+
# @option filters [String] :next_cursor A cursor representing your place in a list of results. Requests containing next_cursor will return the results immediately following the cursor. (optional)
|
200
|
+
# @option filters [String] :sort_by The column to sort the result by. Unless otherwise specified, all list endpoints are sorted by their unique identifier by default. Supported values for objects are +object_type+, +object_id+, and +created_at+ (optional)
|
201
|
+
# @option filters [String] :sort_order The order in which to sort the result by. Valid values are +ASC+ and +DESC+. Defaults to +ASC+. (optional)
|
202
|
+
# @option options [String] :warrant_token A valid warrant token from a previous write operation or latest. Used to specify desired consistency for this read operation. (optional)
|
230
203
|
#
|
231
204
|
# @return [Array<Permission>] all assigned permissions for the user
|
232
205
|
#
|
233
206
|
# @raise [Warrant::InternalError]
|
234
207
|
# @raise [Warrant::MissingRequiredParameterError]
|
235
208
|
# @raise [Warrant::UnauthorizedError]
|
236
|
-
def self.list_for_user(user_id, filters = {})
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
when Net::HTTPSuccess
|
241
|
-
permissions = JSON.parse(res.body)
|
242
|
-
permissions.map{ |permission| Permission.new(permission['permissionId'], permission['name'], permission['description']) }
|
243
|
-
else
|
244
|
-
APIOperations.raise_error(res)
|
245
|
-
end
|
209
|
+
def self.list_for_user(user_id, filters = {}, options = {})
|
210
|
+
query_response = Warrant.query("select permission where user:#{user_id} is *", filters: filters, options: options)
|
211
|
+
permissions = query_response.results.map{ |result| Permission.new(result.object_id, result.meta) }
|
212
|
+
return ListResponse.new(permissions, query_response.prev_cursor, query_response.next_cursor)
|
246
213
|
end
|
247
214
|
|
248
215
|
# Assign a permission to a user
|
249
216
|
#
|
250
217
|
# @param user_id [String] The user_id of the user you want to assign a permission to.
|
251
218
|
# @param permission_id [String] The permission_id of the permission you want to assign to a user.
|
219
|
+
# @param relation [String] The relation for this permission to user association. The relation must be valid as per the +permission+ object type definition.
|
252
220
|
#
|
253
221
|
# @return [Warrant] warrant assigning permission to user
|
254
222
|
#
|
@@ -258,14 +226,15 @@ module Warrant
|
|
258
226
|
# @raise [Warrant::MissingRequiredParameterError]
|
259
227
|
# @raise [Warrant::NotFoundError]
|
260
228
|
# @raise [Warrant::UnauthorizedError]
|
261
|
-
def self.assign_to_user(user_id, permission_id)
|
262
|
-
Warrant.create({ object_type: Permission::OBJECT_TYPE, object_id: permission_id },
|
229
|
+
def self.assign_to_user(user_id, permission_id, relation: "member", options: {})
|
230
|
+
Warrant.create({ object_type: Permission::OBJECT_TYPE, object_id: permission_id }, relation, { object_type: User::OBJECT_TYPE, object_id: user_id }, nil, options)
|
263
231
|
end
|
264
232
|
|
265
233
|
# Remove a permission from a user
|
266
234
|
#
|
267
235
|
# @param user_id [String] The user_id of the user you want to remove a permission from.
|
268
236
|
# @param permission_id [String] The permission_id of the permission you want to remove from a user.
|
237
|
+
# @param relation [String] The relation for this permission to user association. The relation must be valid as per the +permission+ object type definition.
|
269
238
|
#
|
270
239
|
# @return [nil] if remove was successful
|
271
240
|
#
|
@@ -274,8 +243,8 @@ module Warrant
|
|
274
243
|
# @raise [Warrant::NotFoundError]
|
275
244
|
# @raise [Warrant::UnauthorizedError]
|
276
245
|
# @raise [Warrant::WarrantError]
|
277
|
-
def self.remove_from_user(user_id, permission_id)
|
278
|
-
Warrant.delete({ object_type: Permission::OBJECT_TYPE, object_id: permission_id },
|
246
|
+
def self.remove_from_user(user_id, permission_id, relation: "member", options: {})
|
247
|
+
Warrant.delete({ object_type: Permission::OBJECT_TYPE, object_id: permission_id }, relation, { object_type: User::OBJECT_TYPE, object_id: user_id }, nil, options)
|
279
248
|
end
|
280
249
|
|
281
250
|
def warrant_object_type
|