@cubist-labs/cubesigner-sdk 0.1.77 → 0.2.2

package/src/org.ts

@@ -1,16 +1,8 @@
-import {
-  CubeSigner,
-  MfaRequestInfo,
-  IdentityProof,
-  PageOpts,
-  Page,
-  PageQueryArgs,
-  Paginator,
-} from ".";
-import { components, paths } from "./client";
-import { assertOk } from "./util";
+import { OrgInfo } from "./schema_types";
+import { CubeSignerClient } from "./client";
 import { KeyType, Key } from "./key";
-import { MfaPolicy, Role, RoleInfo } from "./role";
+import { Role } from "./role";
+import { PageOpts } from "./paginator";
 
 /** Organization id */
 export type OrgId = string;
@@ -54,27 +46,10 @@ export interface MaxDailyUnstakePolicy {
   MaxDailyUnstake: number;
 }
 
-type OrgInfo = components["schemas"]["OrgInfo"];
-type UserIdInfo = components["schemas"]["UserIdInfo"];
-type UpdateOrgRequest =
-  paths["/v0/org/{org_id}"]["patch"]["requestBody"]["content"]["application/json"];
-type UpdateOrgResponse =
-  paths["/v0/org/{org_id}"]["patch"]["responses"]["200"]["content"]["application/json"];
-
-export type OidcIdentity = components["schemas"]["OIDCIdentity"];
-export type MemberRole = components["schemas"]["MemberRole"];
-
-/** Options for a new OIDC user */
-export interface CreateOidcUserOptions {
-  /** The role of an OIDC user, default is "Alien" */
-  memberRole?: MemberRole;
-  /** Optional MFA policy to associate with the user account */
-  mfaPolicy?: MfaPolicy;
-}
-
 /** An organization. */
 export class Org {
-  readonly #cs: CubeSigner;
+  readonly #csc: CubeSignerClient;
+
   /**
    * The ID of the organization.
    * @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
@@ -84,47 +59,48 @@ export class Org {
   /**
    * @description The org id
    * @example Org#c3b9379c-4e8c-4216-bd0a-65ace53cf98f
-   * */
+   */
   get id(): OrgId {
     return this.#id;
   }
 
   /** Human-readable name for the org */
   async name(): Promise<string | undefined> {
-    const data = await this.fetch();
+    const data = await this.#csc.orgGet();
     return data.name ?? undefined;
   }
 
-  /** Set the human-readable name for the org.
+  /**
+   * Set the human-readable name for the org.
    * @param {string} name The new human-readable name for the org (must be alphanumeric).
    * @example my_org_name
-   * */
+   */
   async setName(name: string) {
     if (!/^[a-zA-Z0-9_]{3,30}$/.test(name)) {
       throw new Error("Org name must be alphanumeric and between 3 and 30 characters");
     }
-    await this.update({ name });
+    await this.#csc.orgUpdate({ name });
   }
 
   /** Is the org enabled? */
   async enabled(): Promise<boolean> {
-    const data = await this.fetch();
+    const data = await this.#csc.orgGet();
     return data.enabled;
   }
 
   /** Enable the org. */
   async enable() {
-    await this.update({ enabled: true });
+    await this.#csc.orgUpdate({ enabled: true });
   }
 
   /** Disable the org. */
   async disable() {
-    await this.update({ enabled: false });
+    await this.#csc.orgUpdate({ enabled: false });
   }
 
   /** Get the policy for the org. */
   async policy(): Promise<OrgPolicy[]> {
-    const data = await this.fetch();
+    const data = await this.#csc.orgGet();
     return (data.policy ?? []) as unknown as OrgPolicy[];
   }
 
@@ -133,30 +109,33 @@ export class Org {
    * */
   async setPolicy(policy: OrgPolicy[]) {
     const p = policy as unknown as Record<string, never>[];
-    await this.update({ policy: p });
+    await this.#csc.orgUpdate({ policy: p });
   }
 
-  /** Create a new signing key.
+  /**
+   * Create a new signing key.
    * @param {KeyType} type The type of key to create.
    * @param {string?} ownerId The owner of the key. Defaults to the session's user.
    * @return {Key[]} The new keys.
-   * */
+   */
   async createKey(type: KeyType, ownerId?: string): Promise<Key> {
-    return (await Key.createKeys(this.#cs, this.id, type, 1, ownerId))[0];
+    return (await this.createKeys(type, 1, ownerId))[0];
   }
 
-  /** Create new signing keys.
+  /**
+   * Create new signing keys.
    * @param {KeyType} type The type of key to create.
-   * @param {nummber} count The number of keys to create.
+   * @param {number} count The number of keys to create.
    * @param {string?} ownerId The owner of the keys. Defaults to the session's user.
    * @return {Key[]} The new keys.
-   * */
+   */
   async createKeys(type: KeyType, count: number, ownerId?: string): Promise<Key[]> {
-    return Key.createKeys(this.#cs, this.id, type, count, ownerId);
+    const keys = await this.#csc.keysCreate(type, count, ownerId);
+    return keys.map((k) => new Key(this.#csc, k));
   }
 
   /**
-   * Derives a key of the given type using the given derivation path and mnemonic.
+   * Derive a key of the given type using the given derivation path and mnemonic.
    * The owner of the derived key will be the owner of the mnemonic.
    *
    * @param {KeyType} type Type of key to derive from the mnemonic.
@@ -166,11 +145,11 @@ export class Org {
    * @return {Key} newly derived key.
    */
   async deriveKey(type: KeyType, derivationPath: string, mnemonicId: string): Promise<Key> {
-    return (await Key.deriveKeys(this.#cs, this.id, type, [derivationPath], mnemonicId))[0];
+    return (await this.deriveKeys(type, [derivationPath], mnemonicId))[0];
   }
 
   /**
-   * Derives a set of keys of the given type using the given derivation paths and mnemonic.
+   * Derive a set of keys of the given type using the given derivation paths and mnemonic.
    *
    * The owner of the derived keys will be the owner of the mnemonic.
    *
@@ -181,147 +160,78 @@ export class Org {
    * @return {Key[]} newly derived keys.
    */
   async deriveKeys(type: KeyType, derivationPaths: string[], mnemonicId: string): Promise<Key[]> {
-    return await Key.deriveKeys(this.#cs, this.#id, type, derivationPaths, mnemonicId);
+    const keys = await this.#csc.keysDerive(type, derivationPaths, mnemonicId);
+    return keys.map((k) => new Key(this.#csc, k));
   }
 
-  /**
-   * Create a new user in the organization and sends an invitation to that user
-   * @param {string} email Email of the user
-   * @param {string} name The full name of the user
-   */
-  async createUser(email: string, name: string): Promise<void> {
-    const resp = await (
-      await this.#cs.management()
-    ).post("/v0/org/{org_id}/invite", {
-      params: { path: { org_id: this.id } },
-      body: {
-        email,
-        name,
-        skip_email: false,
-      },
-      parseAs: "json",
-    });
-    assertOk(resp);
+  /** Create a new user in the organization and sends an invitation to that user. */
+  get createUser() {
+    return this.#csc.orgUserInvite.bind(this.#csc);
   }
 
-  /**
-   * Create a new OIDC user
-   * @param {OidcIdentity} identity The identity of the OIDC user
-   * @param {string} email Email of the OIDC user
-   * @param {CreateOidcUserOptions} opts Additional options for new OIDC users
-   * @return {string} User id of the new user
-   */
-  async createOidcUser(
-    identity: OidcIdentity,
-    email: string,
-    opts: CreateOidcUserOptions = {},
-  ): Promise<string> {
-    const resp = await (
-      await this.#cs.management()
-    ).post("/v0/org/{org_id}/users", {
-      params: { path: { org_id: this.id } },
-      body: {
-        identity,
-        role: opts.memberRole ?? "Alien",
-        email: email,
-        mfa_policy: opts.mfaPolicy ?? null,
-      },
-      parseAs: "json",
-    });
-    return assertOk(resp).user_id;
+  /** Create a new OIDC user */
+  get createOidcUser() {
+    return this.#csc.orgUserCreateOidc.bind(this.#csc);
   }
 
-  /**
-   * Delete an existing OIDC user
-   * @param {OidcIdentity} identity The identity of the OIDC user
-   */
-  async deleteOidcUser(identity: OidcIdentity) {
-    const resp = await (
-      await this.#cs.management()
-    ).del("/v0/org/{org_id}/users/oidc", {
-      params: { path: { org_id: this.id } },
-      body: identity,
-      parseAs: "json",
-    });
-    return assertOk(resp);
+  /** Delete an existing OIDC user */
+  get deleteOidcUser() {
+    return this.#csc.orgUserDeleteOidc.bind(this.#csc);
   }
 
-  /**
-   * Checks if a given proof of OIDC authentication is valid.
-   *
-   * @param {IdentityProof} proof The proof of authentication.
-   */
-  async verifyIdentity(proof: IdentityProof) {
-    await this.#cs.verifyIdentity(this.id, proof);
+  /** Checks if a given proof of OIDC authentication is valid. */
+  get verifyIdentity() {
+    return this.#csc.identityVerify.bind(this.#csc);
   }
 
-  /**
-   * List users in the organization
-   * @return {UserIdInfo[]} List of users
-   */
-  async users(): Promise<UserIdInfo[]> {
-    const resp = await (
-      await this.#cs.management()
-    ).get("/v0/org/{org_id}/users", {
-      params: { path: { org_id: this.id } },
-      parseAs: "json",
-    });
-    return assertOk(resp).users;
+  /**  List users in the organization */
+  get users() {
+    return this.#csc.orgUsersList.bind(this.#csc);
   }
 
-  /** Get a key by id.
+  /**
+   * Get a key by id.
    * @param {string} keyId The id of the key to get.
    * @return {Key} The key.
-   * */
+   */
   async getKey(keyId: string): Promise<Key> {
-    return await Key.getKey(this.#cs, this.id, keyId);
+    const keyInfo = await this.#csc.keyGet(keyId);
+    return new Key(this.#csc, keyInfo);
   }
 
-  /** Get all keys in the org.
+  /**
+   * Get all keys in the org.
    * @param {KeyType?} type Optional key type to filter list for.
    * @param {PageOpts} page Pagination options. Defaults to fetching the entire result set.
    * @return {Key} The key.
-   * */
+   */
   async keys(type?: KeyType, page?: PageOpts): Promise<Key[]> {
-    page ??= Page.default();
-    const listFn = async (query: PageQueryArgs) => {
-      const client = await this.#cs.management();
-      const resp = await client.get("/v0/org/{org_id}/keys", {
-        params: {
-          path: { org_id: this.id },
-          query: {
-            key_type: type,
-            ...query,
-          },
-        },
-        parseAs: "json",
-      });
-      return assertOk(resp);
-    };
-    const p = new Paginator(
-      page,
-      listFn,
-      (r) => r.keys,
-      (r) => r.last_evaluated_key,
-    );
-    const keys = await p.fetch();
-    return keys.map((k) => new Key(this.#cs, this.id, k));
+    const paginator = this.#csc.keysList(type, page);
+    const keys = await paginator.fetch();
+    return keys.map((k) => new Key(this.#csc, k));
   }
 
-  /** Create a new role.
+  /**
+   * Create a new role.
+   *
    * @param {string?} name The name of the role.
    * @return {Role} The new role.
-   * */
+   */
   async createRole(name?: string): Promise<Role> {
-    return Role.createRole(this.#cs, this.id, name);
+    const roleId = await this.#csc.roleCreate(name);
+    const roleInfo = await this.#csc.roleGet(roleId);
+    return new Role(this.#csc, roleInfo);
   }
 
-  /** Get a role by id or name.
+  /**
+   * Get a role by id or name.
+   *
    * @param {string} roleId The id or name of the role to get.
    * @return {Role} The role.
-   * */
+   */
   async getRole(roleId: string): Promise<Role> {
-    return Role.getRole(this.#cs, this.id, roleId);
+    const roleInfo = await this.#csc.roleGet(roleId);
+    return new Role(this.#csc, roleInfo);
   }
 
   /**
@@ -329,168 +239,62 @@ export class Org {
    *
    * @param {PageOpts} page Pagination options. Defaults to fetching the entire result set.
    * @return {Role[]} The roles.
-   * */
+   */
   async listRoles(page?: PageOpts): Promise<Role[]> {
-    return Org.roles(this.#cs, this.id, page);
+    const roles = await this.#csc.rolesList(page).fetch();
+    return roles.map((r) => new Role(this.#csc, r));
   }
 
-  /** List all users in the org.
-   * @return {User[]} The users.
-   * */
-  async listUsers(): Promise<UserIdInfo[]> {
-    return Org.users(this.#cs, this.id);
+  /** List all users in the org. */
+  get listUsers() {
+    return this.#csc.orgUsersList.bind(this.#csc);
   }
 
   /**
    * Get a pending MFA request by its id.
-   * @param {string} mfaId The id of the MFA request.
-   * @return {Promise<MfaRequestInfo>} The MFA request.
    *
    * @deprecated Use {@link getMfaInfo()} instead.
    */
-  async mfaGet(mfaId: string): Promise<MfaRequestInfo> {
-    return await this.getMfaInfo(mfaId);
+  get mfaGet() {
+    return this.#csc.mfaGet.bind(this.#csc);
   }
 
   /**
    * Approve a pending MFA request.
    *
-   * @param {string} mfaId The id of the MFA request.
-   * @return {Promise<MfaRequestInfo>} The MFA request.
-   *
    * @deprecated Use {@link approveMfaRequest()} instead.
    */
-  async mfaApprove(mfaId: string): Promise<MfaRequestInfo> {
-    return await this.approveMfaRequest(mfaId);
+  get mfaApprove() {
+    return this.#csc.mfaApprove.bind(this.#csc);
   }
 
-  /**
-   * Get a pending MFA request by its id.
-   * @param {string} mfaId The id of the MFA request.
-   * @return {Promise<MfaRequestInfo>} The MFA request.
-   */
-  async getMfaInfo(mfaId: string): Promise<MfaRequestInfo> {
-    return await this.#cs.mfaGet(this.id, mfaId);
+  /** Get a pending MFA request by its id. */
+  get getMfaInfo() {
+    return this.#csc.mfaGet.bind(this.#csc);
   }
 
-  /**
-   * List pending MFA requests accessible to the current user.
-   * @return {Promise<MfaRequestInfo[]>} The MFA requests.
-   */
-  async listMfaInfos(): Promise<MfaRequestInfo[]> {
-    return await this.#cs.mfaList(this.id);
+  /** List pending MFA requests accessible to the current user. */
+  get listMfaInfos() {
+    return this.#csc.mfaList.bind(this.#csc);
   }
 
-  /**
-   * Approve a pending MFA request.
-   *
-   * @param {string} mfaId The id of the MFA request.
-   * @return {Promise<MfaRequestInfo>} The MFA request.
-   */
-  async approveMfaRequest(mfaId: string): Promise<MfaRequestInfo> {
-    return Org.mfaApprove(this.#cs, this.#id, mfaId);
+  /** Approve a pending MFA request. */
+  get approveMfaRequest() {
+    return this.#csc.mfaApprove.bind(this.#csc);
   }
 
   // --------------------------------------------------------------------------
   // -- INTERNAL --------------------------------------------------------------
   // --------------------------------------------------------------------------
 
-  /** Create a new org.
-   * @param {CubeSigner} cs The CubeSigner instance.
+  /**
+   * Create a new org.
+   * @param {CubeSignerClient} csc The CubeSigner instance.
    * @param {OrgInfo} data The JSON response from the API server.
    * @internal
-   * */
-  constructor(cs: CubeSigner, data: OrgInfo) {
-    this.#cs = cs;
-    this.#id = data.org_id;
-  }
-
-  /**
-   * Approve a pending MFA request.
-   *
-   * @param {CubeSigner} cs The CubeSigner instance to use for requests
-   * @param {string} orgId The org id of the MFA request
-   * @param {string} mfaId The id of the MFA request
-   * @return {Promise<MfaRequestInfo>} The result of the MFA request
    */
-  static async mfaApprove(cs: CubeSigner, orgId: string, mfaId: string): Promise<MfaRequestInfo> {
-    return await cs.mfaApprove(orgId, mfaId);
-  }
-
-  /** Fetch org info.
-   * @return {OrgInfo} The org info.
-   * */
-  private async fetch(): Promise<OrgInfo> {
-    const resp = await (
-      await this.#cs.management()
-    ).get("/v0/org/{org_id}", {
-      params: { path: { org_id: this.id } },
-      parseAs: "json",
-    });
-    const data = assertOk(resp);
-    return data;
-  }
-
-  /** Update the org.
-   * @param {UpdateOrgRequest} request The JSON request to send to the API server.
-   * @return {UpdateOrgResponse} The JSON response from the API server.
-   * */
-  private async update(request: UpdateOrgRequest): Promise<UpdateOrgResponse> {
-    const resp = await (
-      await this.#cs.management()
-    ).patch("/v0/org/{org_id}", {
-      params: { path: { org_id: this.id } },
-      body: request,
-      parseAs: "json",
-    });
-    return assertOk(resp);
-  }
-
-  /** List roles.
-   * @param {CubeSigner} cs The CubeSigner instance to use for signing.
-   * @param {string} orgId The id of the organization to which the role belongs.
-   * @param {PageOpts} page Pagination options. Defaults to fetching the entire result set.
-   * @return {Role[]} Org roles.
-   * @internal
-   * */
-  private static async roles(cs: CubeSigner, orgId: string, page?: PageOpts): Promise<Role[]> {
-    page ??= Page.default();
-    const listFn = async (query: PageQueryArgs) => {
-      const resp = await (
-        await cs.management()
-      ).get("/v0/org/{org_id}/roles", {
-        params: {
-          path: { org_id: orgId },
-          query,
-        },
-        parseAs: "json",
-      });
-      return assertOk(resp);
-    };
-    const p = new Paginator(
-      page,
-      listFn,
-      (u) => u.roles,
-      (u) => u.last_evaluated_key,
-    );
-    const roles = await p.fetch();
-    return roles.map((r: RoleInfo) => new Role(cs, orgId, r));
-  }
-
-  /** List users.
-   * @param {CubeSigner} cs The CubeSigner instance to use for signing.
-   * @param {string} orgId The id of the organization to which the role belongs.
-   * @return {User[]} Org users.
-   * @internal
-   * */
-  private static async users(cs: CubeSigner, orgId: string): Promise<UserIdInfo[]> {
-    const resp = await (
-      await cs.management()
-    ).get("/v0/org/{org_id}/users", {
-      params: { path: { org_id: orgId } },
-      parseAs: "json",
-    });
-    const data = assertOk(resp);
-    return data.users;
+  constructor(csc: CubeSignerClient, data: OrgInfo) {
+    this.#csc = csc.withOrg(data.org_id);
+    this.#id = data.org_id;
   }
 }