@flowcore/cli-plugin-iam 1.0.0 → 1.2.1

package/dist/utils/clients/iam/Api.d.ts

@@ -27,6 +27,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         description?: string;
         /** The principal role that can access the resource */
         principal?: string;
+        /** If the policy is managed by flowcore */
+        flowcoreManaged?: boolean;
     } & {
         /** The id of the policy */
         id: string;
@@ -58,6 +60,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         description?: string;
         /** The principal role that can access the resource */
         principal?: string;
+        /** If the policy is managed by flowcore */
+        flowcoreManaged?: boolean;
     }, params?: RequestParams) => Promise<import("./http-client.js").HttpResponse<object, any>>;
     /**
      * @description Get a policy by id
@@ -123,6 +127,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         name: string;
         /** Role description */
         description?: string;
+        /** Flowcore managed role */
+        flowcoreManaged?: boolean;
     } & {
         /** The id of the role */
         id: string;
@@ -142,6 +148,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         name: string;
         /** Role description */
         description?: string;
+        /** Flowcore managed role */
+        flowcoreManaged?: boolean;
     }, params?: RequestParams) => Promise<import("./http-client.js").HttpResponse<object, any>>;
     /**
      * @description Get a role by ID
@@ -158,6 +166,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         name: string;
         /** Role description */
         description?: string;
+        /** Flowcore managed role */
+        flowcoreManaged?: boolean;
     } & {
         /** Role ID */
         id: string;
@@ -213,6 +223,40 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         /** The message of the archive role */
         message: string;
     }, any>>;
+    /**
+     * @description Fetch associations for a policy
+     *
+     * @tags policy-associations
+     * @name GetApiV1PolicyAssociationsByPolicyId
+     * @request GET:/api/v1/policy-associations/{policyId}
+     * @secure
+     */
+    getApiV1PolicyAssociationsByPolicyId: (policyId: string, params?: RequestParams) => Promise<import("./http-client.js").HttpResponse<{
+        keys: {
+            /** The ID of the policy */
+            policyId: string;
+            /** The ID of the organization */
+            organizationId: string;
+            /** The ID of the key */
+            keyId: string;
+        }[];
+        users: {
+            /** The ID of the policy */
+            policyId: string;
+            /** The ID of the organization */
+            organizationId: string;
+            /** The ID of the user */
+            userId: string;
+        }[];
+        roles: {
+            /** The ID of the policy */
+            policyId: string;
+            /** The ID of the organization */
+            organizationId: string;
+            /** The ID of the role */
+            roleId: string;
+        }[];
+    }, any>>;
     /**
      * @description Fetch policies for an organization
      *
@@ -240,6 +284,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         description?: string;
         /** The principal role that can access the resource */
         principal?: string;
+        /** If the policy is managed by flowcore */
+        flowcoreManaged?: boolean;
     } & {
         /** The id of the policy */
         id: string;
@@ -274,6 +320,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         description?: string;
         /** The principal role that can access the resource */
         principal?: string;
+        /** If the policy is managed by flowcore */
+        flowcoreManaged?: boolean;
     } & {
         /** The id of the policy */
         id: string;
@@ -345,6 +393,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         description?: string;
         /** The principal role that can access the resource */
         principal?: string;
+        /** If the policy is managed by flowcore */
+        flowcoreManaged?: boolean;
     } & {
         /** The id of the policy */
         id: string;
@@ -416,6 +466,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         description?: string;
         /** The principal role that can access the resource */
         principal?: string;
+        /** If the policy is managed by flowcore */
+        flowcoreManaged?: boolean;
     } & {
         /** The id of the policy */
         id: string;
@@ -460,6 +512,32 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         /** The ID of the role */
         roleId: string;
     }, any>>;
+    /**
+     * @description Fetch associations for a role
+     *
+     * @tags role-associations
+     * @name GetApiV1RoleAssociationsByRoleId
+     * @request GET:/api/v1/role-associations/{roleId}
+     * @secure
+     */
+    getApiV1RoleAssociationsByRoleId: (roleId: string, params?: RequestParams) => Promise<import("./http-client.js").HttpResponse<{
+        keys: {
+            /** The ID of the role */
+            roleId: string;
+            /** The ID of the organization */
+            organizationId: string;
+            /** The ID of the key */
+            keyId: string;
+        }[];
+        users: {
+            /** The ID of the role */
+            roleId: string;
+            /** The ID of the organization */
+            organizationId: string;
+            /** The ID of the user */
+            userId: string;
+        }[];
+    }, any>>;
     /**
      * @description Fetch roles for an organization
      *
@@ -475,6 +553,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         name: string;
         /** Role description */
         description?: string;
+        /** Flowcore managed role */
+        flowcoreManaged?: boolean;
     } & {
         /** The id of the role */
         id: string;
@@ -497,6 +577,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         name: string;
         /** Role description */
         description?: string;
+        /** Flowcore managed role */
+        flowcoreManaged?: boolean;
     } & {
         /** Role ID */
         id: string;
@@ -556,6 +638,8 @@ export declare class Api<SecurityDataType = unknown> extends HttpClient<Security
         name: string;
         /** Role description */
         description?: string;
+        /** Flowcore managed role */
+        flowcoreManaged?: boolean;
     } & {
         /** Role ID */
         id: string;

package/dist/utils/clients/iam/Api.js

@@ -168,6 +168,21 @@ export class Api extends HttpClient {
         format: "json",
         ...params,
     });
+    /**
+     * @description Fetch associations for a policy
+     *
+     * @tags policy-associations
+     * @name GetApiV1PolicyAssociationsByPolicyId
+     * @request GET:/api/v1/policy-associations/{policyId}
+     * @secure
+     */
+    getApiV1PolicyAssociationsByPolicyId = (policyId, params = {}) => this.request({
+        path: `/api/v1/policy-associations/${policyId}`,
+        method: "GET",
+        secure: true,
+        format: "json",
+        ...params,
+    });
     /**
      * @description Fetch policies for an organization
      *
@@ -331,6 +346,21 @@ export class Api extends HttpClient {
         format: "json",
         ...params,
     });
+    /**
+     * @description Fetch associations for a role
+     *
+     * @tags role-associations
+     * @name GetApiV1RoleAssociationsByRoleId
+     * @request GET:/api/v1/role-associations/{roleId}
+     * @secure
+     */
+    getApiV1RoleAssociationsByRoleId = (roleId, params = {}) => this.request({
+        path: `/api/v1/role-associations/${roleId}`,
+        method: "GET",
+        secure: true,
+        format: "json",
+        ...params,
+    });
     /**
      * @description Fetch roles for an organization
      *

package/dist/utils/clients/iam/http-client.d.ts

@@ -25,11 +25,11 @@ export interface ApiConfig<SecurityDataType = unknown> {
     securityWorker?: (securityData: SecurityDataType | null) => Promise<RequestParams | void> | RequestParams | void;
     customFetch?: typeof fetch;
 }
-export interface HttpResponse<D, E = unknown> extends Response {
+export interface HttpResponse<D extends unknown, E extends unknown = unknown> extends Response {
     data: D;
     error: E;
 }
-type CancelToken = symbol | string | number;
+type CancelToken = Symbol | string | number;
 export declare enum ContentType {
     Json = "application/json",
     FormData = "multipart/form-data",

package/dist/utils/clients/iam/http-client.js

@@ -48,9 +48,7 @@ export class HttpClient {
         const query = rawQuery || {};
         const keys = Object.keys(query).filter((key) => "undefined" !== typeof query[key]);
         return keys
-            .map((key) => Array.isArray(query[key])
-            ? this.addArrayQueryParam(query, key)
-            : this.addQueryParam(query, key))
+            .map((key) => (Array.isArray(query[key]) ? this.addArrayQueryParam(query, key) : this.addQueryParam(query, key)))
             .join("&");
     }
     addQueryParams(rawQuery) {
@@ -58,12 +56,8 @@ export class HttpClient {
         return queryString ? `?${queryString}` : "";
     }
     contentFormatters = {
-        [ContentType.Json]: (input) => input !== null && (typeof input === "object" || typeof input === "string")
-            ? JSON.stringify(input)
-            : input,
-        [ContentType.Text]: (input) => input !== null && typeof input !== "string"
-            ? JSON.stringify(input)
-            : input,
+        [ContentType.Json]: (input) => input !== null && (typeof input === "object" || typeof input === "string") ? JSON.stringify(input) : input,
+        [ContentType.Text]: (input) => (input !== null && typeof input !== "string" ? JSON.stringify(input) : input),
         [ContentType.FormData]: (input) => Object.keys(input || {}).reduce((formData, key) => {
             const property = input[key];
             formData.append(key, property instanceof Blob
@@ -119,16 +113,10 @@ export class HttpClient {
             ...requestParams,
             headers: {
                 ...(requestParams.headers || {}),
-                ...(type && type !== ContentType.FormData
-                    ? { "Content-Type": type }
-                    : {}),
+                ...(type && type !== ContentType.FormData ? { "Content-Type": type } : {}),
             },
-            signal: (cancelToken
-                ? this.createAbortSignal(cancelToken)
-                : requestParams.signal) || null,
-            body: typeof body === "undefined" || body === null
-                ? null
-                : payloadFormatter(body),
+            signal: (cancelToken ? this.createAbortSignal(cancelToken) : requestParams.signal) || null,
+            body: typeof body === "undefined" || body === null ? null : payloadFormatter(body),
         }).then(async (response) => {
             const r = response.clone();
             r.data = null;

package/dist/utils/fetch-manifest.util.js

@@ -9,7 +9,6 @@ export const FetchManifestUtil = {
         const contents = [];
         for (const file of files) {
             if (file === "-") {
-                // eslint-disable-next-line no-await-in-loop
                 contents.push(await readPipe() || "");
             }
             else if (fs.existsSync(file)) {

package/oclif.manifest.json

@@ -1,5 +1,127 @@
 {
   "commands": {
+    "delete:policy": {
+      "aliases": [],
+      "args": {
+        "NAME": {
+          "description": "name",
+          "name": "NAME",
+          "required": true
+        }
+      },
+      "description": "Delete a policy",
+      "examples": [],
+      "flags": {
+        "profile": {
+          "description": "Specify the configuration profile to use",
+          "name": "profile",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "json": {
+          "char": "j",
+          "description": "json output",
+          "name": "json",
+          "required": false,
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "tenant": {
+          "char": "t",
+          "description": "tenant",
+          "name": "tenant",
+          "required": true,
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "yes": {
+          "char": "y",
+          "description": "yes to all",
+          "name": "yes",
+          "required": false,
+          "allowNo": false,
+          "type": "boolean"
+        }
+      },
+      "hasDynamicHelp": false,
+      "hiddenAliases": [],
+      "id": "delete:policy",
+      "pluginAlias": "@flowcore/cli-plugin-iam",
+      "pluginName": "@flowcore/cli-plugin-iam",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": true,
+      "relativePath": [
+        "dist",
+        "commands",
+        "delete",
+        "policy.js"
+      ]
+    },
+    "delete:role": {
+      "aliases": [],
+      "args": {
+        "NAME": {
+          "description": "name",
+          "name": "NAME",
+          "required": true
+        }
+      },
+      "description": "Delete a role",
+      "examples": [],
+      "flags": {
+        "profile": {
+          "description": "Specify the configuration profile to use",
+          "name": "profile",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "json": {
+          "char": "j",
+          "description": "json output",
+          "name": "json",
+          "required": false,
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "tenant": {
+          "char": "t",
+          "description": "tenant",
+          "name": "tenant",
+          "required": true,
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "yes": {
+          "char": "y",
+          "description": "yes to all",
+          "name": "yes",
+          "required": false,
+          "allowNo": false,
+          "type": "boolean"
+        }
+      },
+      "hasDynamicHelp": false,
+      "hiddenAliases": [],
+      "id": "delete:role",
+      "pluginAlias": "@flowcore/cli-plugin-iam",
+      "pluginName": "@flowcore/cli-plugin-iam",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": true,
+      "relativePath": [
+        "dist",
+        "commands",
+        "delete",
+        "role.js"
+      ]
+    },
     "get:policy": {
       "aliases": [],
       "args": {
@@ -123,5 +245,5 @@
       ]
     }
   },
-  "version": "1.0.0"
+  "version": "1.2.1"
 }

package/package.json

@@ -5,19 +5,23 @@
 	},
 	"dependencies": {
 		"@flowcore/cli-plugin-config": "^2.2.1",
-		"@flowcore/cli-plugin-core": "^4.0.3",
+		"@flowcore/cli-plugin-core": "^4.6.0",
 		"@oclif/core": "^4.0.21",
 		"@oclif/plugin-help": "^6",
 		"@oclif/plugin-plugins": "^5.4.7",
+		"@opentf/obj-diff": "^0.12.0",
+		"add": "^2.0.6",
 		"dayjs": "^1.11.10",
 		"deepmerge": "^4.3.1",
 		"enquirer": "^2.4.1",
 		"graphql": "^16.8.1",
 		"graphql-request": "^6.1.0",
 		"js-yaml": "^4.1.0",
+		"json-diff": "^1.0.6",
 		"lodash": "^4.17.21",
 		"radash": "^12.1.0",
 		"uuid": "^9.0.1",
+		"yarn": "^1.22.22",
 		"zod": "^3.22.4"
 	},
 	"description": "Flowcore CLI plugin for managing the IAM of the Flowcore Platform",
@@ -27,6 +31,7 @@
 		"@types/chai": "^4",
 		"@types/deepmerge": "^2.2.0",
 		"@types/js-yaml": "^4.0.9",
+		"@types/json-diff": "^1.0.3",
 		"@types/lodash": "^4.14.202",
 		"@types/mocha": "^10",
 		"@types/node": "^18",
@@ -63,6 +68,9 @@
 			"@oclif/plugin-plugins",
 			"@flowcore/cli-plugin-config"
 		],
+		"hooks": {
+			"register-api": "./dist/hooks/register-apply"
+		},
 		"topicSeparator": " ",
 		"topics": {
 			"iam": {
@@ -82,7 +90,7 @@
 		"version": "oclif readme && git add README.md",
 		"update-schema": "rover graph introspect https://graph.api.flowcore.io/graphql -o schema.gql"
 	},
-	"version": "1.0.0",
+	"version": "1.2.1",
 	"bugs": "https://github.com/flowcore-io/cli-plugin-iam/issues",
 	"keywords": [
 		"oclif"