@databricks/sdk-uc-grants 0.0.0-dev → 0.1.0-dev.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,235 @@
1
+ // Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
2
+
3
+ import {z} from 'zod';
4
+
5
+ export interface EffectivePrivilege {
6
+ /** The privilege assigned to the principal. */
7
+ privilege?: string | undefined;
8
+ /**
9
+ * The type of the object that conveys this privilege via inheritance.
10
+ * This field is omitted when privilege is not inherited (it's assigned to the securable itself).
11
+ */
12
+ inheritedFromType?: string | undefined;
13
+ /**
14
+ * The full name of the object that conveys this privilege via inheritance.
15
+ * This field is omitted when privilege is not inherited (it's assigned to the securable itself).
16
+ */
17
+ inheritedFromName?: string | undefined;
18
+ }
19
+
20
+ export interface EffectivePrivilegeAssignment {
21
+ /** The principal (user email address or group name). */
22
+ principal?: string | undefined;
23
+ /** The privileges conveyed to the principal (either directly or via inheritance). */
24
+ privileges?: EffectivePrivilege[] | undefined;
25
+ }
26
+
27
+ export interface GetEffectivePermissionsRequest {
28
+ /** Type of securable. */
29
+ securableType?: string | undefined;
30
+ /** Full name of securable. */
31
+ securableFullName?: string | undefined;
32
+ /** If provided, only the effective permissions for the specified principal (user or group) are returned. */
33
+ principal?: string | undefined;
34
+ /**
35
+ * Specifies the maximum number of privileges to return (page length).
36
+ * Every EffectivePrivilegeAssignment present in a single page response is guaranteed to contain all the effective
37
+ * privileges granted on (or inherited by) the requested Securable for the respective principal.
38
+ *
39
+ * If not set, all the effective permissions are returned.
40
+ * If set to
41
+ * - lesser than 0: invalid parameter error
42
+ * - 0: page length is set to a server configured value
43
+ * - lesser than 150 but greater than 0: invalid parameter error (this is to ensure that server is able to return at
44
+ * least one complete EffectivePrivilegeAssignment in a single page response)
45
+ * - greater than (or equal to) 150: page length is the minimum of this value and a server configured value
46
+ */
47
+ maxResults?: number | undefined;
48
+ /** Opaque token for the next page of results (pagination). */
49
+ pageToken?: string | undefined;
50
+ }
51
+
52
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
53
+ export interface GetEffectivePermissionsRequest_Response {
54
+ /**
55
+ * Opaque token to retrieve the next page of results. Absent if there are no more pages.
56
+ * __page_token__ should be set to this value for the next request (for the next page of results).
57
+ */
58
+ nextPageToken?: string | undefined;
59
+ /** The privileges conveyed to each principal (either directly or via inheritance) */
60
+ privilegeAssignments?: EffectivePrivilegeAssignment[] | undefined;
61
+ }
62
+
63
+ export interface GetPermissionsRequest {
64
+ /** Type of securable. */
65
+ securableType?: string | undefined;
66
+ /** Full name of securable. */
67
+ securableFullName?: string | undefined;
68
+ /** If provided, only the permissions for the specified principal (user or group) are returned. */
69
+ principal?: string | undefined;
70
+ /**
71
+ * Specifies the maximum number of privileges to return (page length).
72
+ * Every PrivilegeAssignment present in a single page response is guaranteed to contain all the privileges granted on
73
+ * the requested Securable for the respective principal.
74
+ *
75
+ * If not set, all the permissions are returned.
76
+ * If set to
77
+ * - lesser than 0: invalid parameter error
78
+ * - 0: page length is set to a server configured value
79
+ * - lesser than 150 but greater than 0: invalid parameter error (this is to ensure that server is able to return at
80
+ * least one complete PrivilegeAssignment in a single page response)
81
+ * - greater than (or equal to) 150: page length is the minimum of this value and a server configured value
82
+ */
83
+ maxResults?: number | undefined;
84
+ /** Opaque pagination token to go to next page based on previous query. */
85
+ pageToken?: string | undefined;
86
+ }
87
+
88
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
89
+ export interface GetPermissionsRequest_Response {
90
+ /**
91
+ * Opaque token to retrieve the next page of results. Absent if there are no more pages.
92
+ * __page_token__ should be set to this value for the next request (for the next page of results).
93
+ */
94
+ nextPageToken?: string | undefined;
95
+ /** The privileges assigned to each principal */
96
+ privilegeAssignments?: PrivilegeAssignment[] | undefined;
97
+ }
98
+
99
+ export interface PermissionsChange {
100
+ /**
101
+ * The principal whose privileges we are changing.
102
+ * Only one of principal or principal_id should be specified, never both at the same time.
103
+ */
104
+ principal?: string | undefined;
105
+ /** The set of privileges to add. */
106
+ add?: string[] | undefined;
107
+ /** The set of privileges to remove. */
108
+ remove?: string[] | undefined;
109
+ }
110
+
111
+ export interface PrivilegeAssignment {
112
+ /**
113
+ * The principal (user email address or group name).
114
+ * For deleted principals, `principal` is empty while `principal_id` is populated.
115
+ */
116
+ principal?: string | undefined;
117
+ /** The privileges assigned to the principal. */
118
+ privileges?: string[] | undefined;
119
+ }
120
+
121
+ export interface UpdatePermissionsRequest {
122
+ /** Type of securable. */
123
+ securableType?: string | undefined;
124
+ /** Full name of securable. */
125
+ securableFullName?: string | undefined;
126
+ /** Array of permissions change objects. */
127
+ changes?: PermissionsChange[] | undefined;
128
+ }
129
+
130
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
131
+ export interface UpdatePermissionsRequest_Response {
132
+ /** The privileges assigned to each principal */
133
+ privilegeAssignments?: PrivilegeAssignment[] | undefined;
134
+ }
135
+
136
+ export const unmarshalEffectivePrivilegeSchema: z.ZodType<EffectivePrivilege> =
137
+ z
138
+ .object({
139
+ privilege: z.string().optional(),
140
+ inherited_from_type: z.string().optional(),
141
+ inherited_from_name: z.string().optional(),
142
+ })
143
+ .transform(d => ({
144
+ privilege: d.privilege,
145
+ inheritedFromType: d.inherited_from_type,
146
+ inheritedFromName: d.inherited_from_name,
147
+ }));
148
+
149
+ export const unmarshalEffectivePrivilegeAssignmentSchema: z.ZodType<EffectivePrivilegeAssignment> =
150
+ z
151
+ .object({
152
+ principal: z.string().optional(),
153
+ privileges: z
154
+ .array(z.lazy(() => unmarshalEffectivePrivilegeSchema))
155
+ .optional(),
156
+ })
157
+ .transform(d => ({
158
+ principal: d.principal,
159
+ privileges: d.privileges,
160
+ }));
161
+
162
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
163
+ export const unmarshalGetEffectivePermissionsRequest_ResponseSchema: z.ZodType<GetEffectivePermissionsRequest_Response> =
164
+ z
165
+ .object({
166
+ next_page_token: z.string().optional(),
167
+ privilege_assignments: z
168
+ .array(z.lazy(() => unmarshalEffectivePrivilegeAssignmentSchema))
169
+ .optional(),
170
+ })
171
+ .transform(d => ({
172
+ nextPageToken: d.next_page_token,
173
+ privilegeAssignments: d.privilege_assignments,
174
+ }));
175
+
176
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
177
+ export const unmarshalGetPermissionsRequest_ResponseSchema: z.ZodType<GetPermissionsRequest_Response> =
178
+ z
179
+ .object({
180
+ next_page_token: z.string().optional(),
181
+ privilege_assignments: z
182
+ .array(z.lazy(() => unmarshalPrivilegeAssignmentSchema))
183
+ .optional(),
184
+ })
185
+ .transform(d => ({
186
+ nextPageToken: d.next_page_token,
187
+ privilegeAssignments: d.privilege_assignments,
188
+ }));
189
+
190
+ export const unmarshalPrivilegeAssignmentSchema: z.ZodType<PrivilegeAssignment> =
191
+ z
192
+ .object({
193
+ principal: z.string().optional(),
194
+ privileges: z.array(z.string()).optional(),
195
+ })
196
+ .transform(d => ({
197
+ principal: d.principal,
198
+ privileges: d.privileges,
199
+ }));
200
+
201
+ // eslint-disable-next-line @typescript-eslint/naming-convention -- Proto-style nested message name.
202
+ export const unmarshalUpdatePermissionsRequest_ResponseSchema: z.ZodType<UpdatePermissionsRequest_Response> =
203
+ z
204
+ .object({
205
+ privilege_assignments: z
206
+ .array(z.lazy(() => unmarshalPrivilegeAssignmentSchema))
207
+ .optional(),
208
+ })
209
+ .transform(d => ({
210
+ privilegeAssignments: d.privilege_assignments,
211
+ }));
212
+
213
+ export const marshalPermissionsChangeSchema: z.ZodType = z
214
+ .object({
215
+ principal: z.string().optional(),
216
+ add: z.array(z.string()).optional(),
217
+ remove: z.array(z.string()).optional(),
218
+ })
219
+ .transform(d => ({
220
+ principal: d.principal,
221
+ add: d.add,
222
+ remove: d.remove,
223
+ }));
224
+
225
+ export const marshalUpdatePermissionsRequestSchema: z.ZodType = z
226
+ .object({
227
+ securableType: z.string().optional(),
228
+ securableFullName: z.string().optional(),
229
+ changes: z.array(z.lazy(() => marshalPermissionsChangeSchema)).optional(),
230
+ })
231
+ .transform(d => ({
232
+ securable_type: d.securableType,
233
+ securable_full_name: d.securableFullName,
234
+ changes: d.changes,
235
+ }));
@@ -0,0 +1,73 @@
1
+ // Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
2
+
3
+ import type {Credentials} from '@databricks/sdk-auth';
4
+ import {defaultCredentials} from '@databricks/sdk-auth/credentials';
5
+ import type {
6
+ HttpClient,
7
+ HttpRequest,
8
+ HttpResponse,
9
+ } from '@databricks/sdk-core/http';
10
+ import {newFetchHttpClient} from '@databricks/sdk-core/http';
11
+ import type {ClientOptions} from '@databricks/sdk-options/client';
12
+
13
+ /** Creates a new HTTP client with the given options. */
14
+ export function newHttpClient(options?: ClientOptions): HttpClient {
15
+ const opts = options ?? {};
16
+
17
+ // If an HTTP client is provided, use it as-is. Throw if other options are
18
+ // also set, since they would be silently ignored.
19
+ if (opts.httpClient !== undefined) {
20
+ if (opts.credentials !== undefined || opts.timeout !== undefined) {
21
+ throw new Error(
22
+ 'httpClient cannot be combined with credentials or timeout'
23
+ );
24
+ }
25
+ return opts.httpClient;
26
+ }
27
+
28
+ const credentials = opts.credentials ?? defaultCredentials();
29
+
30
+ const base = newFetchHttpClient();
31
+ let client: HttpClient = new AuthHttpClient(base, credentials);
32
+
33
+ if (opts.timeout !== undefined) {
34
+ client = new TimeoutHttpClient(client, opts.timeout);
35
+ }
36
+
37
+ return client;
38
+ }
39
+
40
+ /** Wraps an HttpClient and adds authentication headers to requests. */
41
+ class AuthHttpClient implements HttpClient {
42
+ constructor(
43
+ private readonly base: HttpClient,
44
+ private readonly credentials: Credentials
45
+ ) {}
46
+
47
+ async send(request: HttpRequest): Promise<HttpResponse> {
48
+ const authHeaders = await this.credentials.authHeaders();
49
+ // Do not modify the original request.
50
+ const headers = new Headers(request.headers);
51
+ for (const h of authHeaders) {
52
+ headers.set(h.key, h.value);
53
+ }
54
+ return this.base.send({...request, headers});
55
+ }
56
+ }
57
+
58
+ /** Wraps an HttpClient and applies a default timeout to requests. */
59
+ class TimeoutHttpClient implements HttpClient {
60
+ constructor(
61
+ private readonly base: HttpClient,
62
+ private readonly timeout: number
63
+ ) {}
64
+
65
+ async send(request: HttpRequest): Promise<HttpResponse> {
66
+ const timeoutSignal = AbortSignal.timeout(this.timeout);
67
+ const signal =
68
+ request.signal !== undefined
69
+ ? AbortSignal.any([request.signal, timeoutSignal])
70
+ : timeoutSignal;
71
+ return this.base.send({...request, signal});
72
+ }
73
+ }
@@ -0,0 +1,156 @@
1
+ // Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
2
+
3
+ import type {Options} from '@databricks/sdk-core/ops';
4
+ import {execute} from '@databricks/sdk-core/ops';
5
+ import {ApiError} from '@databricks/sdk-core/apierror';
6
+ import type {
7
+ HttpClient,
8
+ HttpRequest,
9
+ HttpResponse,
10
+ } from '@databricks/sdk-core/http';
11
+ import type {Logger} from '@databricks/sdk-core/logger';
12
+ import type {CallOptions} from '@databricks/sdk-options/call';
13
+ import JSONBig from 'json-bigint';
14
+ import type {z} from 'zod';
15
+
16
+ // JSON codec that preserves int64 precision. On the way in, large integer
17
+ // literals come back as bigint instead of being rounded to JS Number. On the
18
+ // way out, bigint values are emitted as raw JSON number digits.
19
+ const jsonBigint = JSONBig({useNativeBigInt: true});
20
+
21
+ export interface HttpCallOptions {
22
+ readonly request: HttpRequest;
23
+ readonly httpClient: HttpClient;
24
+ readonly logger: Logger;
25
+ }
26
+
27
+ /**
28
+ * Translates public CallOptions to the internal Options shape accepted by
29
+ * execute(). Even though the shapes match today, this isolates the public
30
+ * API from the executor's internal type so they can diverge.
31
+ */
32
+ export async function executeCall(
33
+ call: (signal?: AbortSignal) => Promise<void>,
34
+ options?: CallOptions
35
+ ): Promise<void> {
36
+ const opts: Options = {
37
+ ...(options?.retrier !== undefined && {retrier: options.retrier}),
38
+ ...(options?.rateLimiter !== undefined && {
39
+ rateLimiter: options.rateLimiter,
40
+ }),
41
+ ...(options?.timeout !== undefined && {timeout: options.timeout}),
42
+ };
43
+ return execute(options?.signal, call, opts);
44
+ }
45
+
46
+ async function readAll(
47
+ body: ReadableStream<Uint8Array> | null
48
+ ): Promise<Uint8Array> {
49
+ if (body === null) {
50
+ return new Uint8Array(0);
51
+ }
52
+ const reader = body.getReader();
53
+ const chunks: Uint8Array[] = [];
54
+ for (;;) {
55
+ const {done, value} = await reader.read();
56
+ if (done) {
57
+ break;
58
+ }
59
+ chunks.push(value);
60
+ }
61
+ const totalLength = chunks.reduce((acc, chunk) => acc + chunk.length, 0);
62
+ const result = new Uint8Array(totalLength);
63
+ let offset = 0;
64
+ for (const chunk of chunks) {
65
+ result.set(chunk, offset);
66
+ offset += chunk.length;
67
+ }
68
+ return result;
69
+ }
70
+
71
+ export async function executeHttpCall(
72
+ opts: HttpCallOptions
73
+ ): Promise<Uint8Array> {
74
+ opts.logger.debug('HTTP request', {
75
+ method: opts.request.method,
76
+ url: opts.request.url,
77
+ });
78
+
79
+ let resp: HttpResponse;
80
+ try {
81
+ resp = await opts.httpClient.send(opts.request);
82
+ } catch (e: unknown) {
83
+ opts.logger.debug('HTTP request failed');
84
+ throw e;
85
+ }
86
+
87
+ const body = await readAll(resp.body);
88
+
89
+ opts.logger.debug('HTTP response', {
90
+ statusCode: resp.statusCode,
91
+ body: new TextDecoder().decode(body),
92
+ });
93
+
94
+ const apiErr = ApiError.fromHttpError(resp.statusCode, resp.headers, body);
95
+ if (apiErr !== undefined) {
96
+ throw apiErr;
97
+ }
98
+
99
+ return body;
100
+ }
101
+
102
+ export function buildHttpRequest(
103
+ method: string,
104
+ url: string,
105
+ headers: Headers,
106
+ signal?: AbortSignal,
107
+ body?: string | ReadableStream<Uint8Array>
108
+ ): HttpRequest {
109
+ const req: HttpRequest = {url, method, headers};
110
+ if (body !== undefined) {
111
+ req.body = body;
112
+ }
113
+ if (signal !== undefined) {
114
+ req.signal = signal;
115
+ }
116
+ return req;
117
+ }
118
+
119
+ export function parseResponse<T>(body: Uint8Array, schema: z.ZodType<T>): T {
120
+ const text = new TextDecoder().decode(body);
121
+ const parsed: unknown = jsonBigint.parse(text);
122
+ return schema.parse(parsed);
123
+ }
124
+
125
+ export function marshalRequest(data: unknown, schema: z.ZodType): string {
126
+ return jsonBigint.stringify(schema.parse(data));
127
+ }
128
+
129
+ export function flattenQueryParams(
130
+ prefix: string,
131
+ value: unknown,
132
+ params: URLSearchParams
133
+ ): void {
134
+ if (value === null || value === undefined) {
135
+ return;
136
+ }
137
+ if (Array.isArray(value)) {
138
+ // arrays of objects are not yet supported
139
+ for (const item of value) {
140
+ params.append(prefix, String(item));
141
+ }
142
+ } else if (typeof value === 'object') {
143
+ for (const [key, val] of Object.entries(value as Record<string, unknown>)) {
144
+ flattenQueryParams(`${prefix}.${key}`, val, params);
145
+ }
146
+ } else if (
147
+ typeof value === 'string' ||
148
+ typeof value === 'number' ||
149
+ typeof value === 'boolean' ||
150
+ typeof value === 'bigint'
151
+ ) {
152
+ params.append(prefix, String(value));
153
+ } else {
154
+ throw new Error(`Unsupported query parameter type: ${typeof value}`);
155
+ }
156
+ }
package/README.md DELETED
@@ -1 +0,0 @@
1
- This is a placeholder release used to enable OIDC trusted publishing. Real code lands in a later version.
package/index.js DELETED
@@ -1 +0,0 @@
1
- module.exports = {};