@tapis/tapis-typescript-sk 0.0.2 → 0.0.3

package/dist/apis/ShareApi.d.ts

@@ -0,0 +1,110 @@
+/**
+ * Tapis Security API
+ * The Tapis Security API provides for management of Security Kernel (SK) role-based authorization and secrets resources.
+ *
+ * The version of the OpenAPI document: 1.8.2
+ * Contact: cicsupport@tacc.utexas.edu
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+import * as runtime from '../runtime';
+import type { ReqShareResource, RespBoolean, RespChangeCount, RespResourceUrl, RespShare, RespShareList } from '../models/index';
+export interface DeleteShareRequest {
+    grantor?: string;
+    grantee?: string;
+    tenant?: string;
+    resourceType?: string;
+    resourceId1?: string;
+    resourceId2?: string;
+    privilege?: string;
+}
+export interface DeleteShareByIdRequest {
+    id: number;
+    tenant?: string;
+}
+export interface GetShareRequest {
+    id: number;
+    tenant?: string;
+}
+export interface GetSharesRequest {
+    grantor?: string;
+    grantee?: string;
+    tenant?: string;
+    resourceType?: string;
+    resourceId1?: string;
+    resourceId2?: string;
+    privilege?: string;
+    createdBy?: string;
+    createdByTenant?: string;
+    includePublicGrantees?: boolean;
+    requireNullId2?: boolean;
+    id?: number;
+}
+export interface HasPrivilegeRequest {
+    grantee?: string;
+    tenant?: string;
+    resourceType?: string;
+    resourceId1?: string;
+    resourceId2?: string;
+    privilege?: string;
+    excludePublic?: boolean;
+    excludePublicNoAuthn?: boolean;
+}
+export interface ShareResourceRequest {
+    reqShareResource: ReqShareResource;
+}
+/**
+ *
+ */
+export declare class ShareApi extends runtime.BaseAPI {
+    /**
+     * Delete a single shared resource by unique attribute selection. The *grantor*, *grantee*, *tenant*, *resourceType*, *resourceId1* and *privilege* parameters are mandatory; *resourceId2* is optional and assumed to be NULL if not provided.  The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter. The calling service must also be the same as the orginal service that granted the share.  This call is idempotent. If no share satisfies the above constraints, a success response code is returned and the indicated number of changes is set to zero. When a share is deleted, the indicated number of changes is one.  For the request to be authorized, the requestor must be the Tapis service that originally granted the share.
+     */
+    deleteShareRaw(requestParameters: DeleteShareRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<RespChangeCount>>;
+    /**
+     * Delete a single shared resource by unique attribute selection. The *grantor*, *grantee*, *tenant*, *resourceType*, *resourceId1* and *privilege* parameters are mandatory; *resourceId2* is optional and assumed to be NULL if not provided.  The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter. The calling service must also be the same as the orginal service that granted the share.  This call is idempotent. If no share satisfies the above constraints, a success response code is returned and the indicated number of changes is set to zero. When a share is deleted, the indicated number of changes is one.  For the request to be authorized, the requestor must be the Tapis service that originally granted the share.
+     */
+    deleteShare(requestParameters?: DeleteShareRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<RespChangeCount>;
+    /**
+     * Delete a shared resource by ID. The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter. The calling service must also be the same as the orginal service that created the share.  This call is idempotent. If no share satisfies the above constraints, a success response code is returned and the indicated number of changes is set to zero. When a share is deleted, the indicated number of changes is one.  For the request to be authorized, the requestor must be the Tapis service that originally granted the share.
+     */
+    deleteShareByIdRaw(requestParameters: DeleteShareByIdRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<RespChangeCount>>;
+    /**
+     * Delete a shared resource by ID. The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter. The calling service must also be the same as the orginal service that created the share.  This call is idempotent. If no share satisfies the above constraints, a success response code is returned and the indicated number of changes is set to zero. When a share is deleted, the indicated number of changes is one.  For the request to be authorized, the requestor must be the Tapis service that originally granted the share.
+     */
+    deleteShareById(requestParameters: DeleteShareByIdRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<RespChangeCount>;
+    /**
+     * Get a shared resource by ID. The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    getShareRaw(requestParameters: GetShareRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<RespShare>>;
+    /**
+     * Get a shared resource by ID. The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    getShare(requestParameters: GetShareRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<RespShare>;
+    /**
+     * Get a filtered list of shared resources. Query parameters are used to restrict the returned shares. The *grantor*, *grantee*, *tenant*, *resourceType*, *resourceId1*, *resourceId2*, *privilege*, *createdBy* and *createdByTenant* parameters are used to match values in shared resource objects. Other query parameters are used to control how matching is performed. The *tenant* parameter is required.  If resourceId1 or resourceId2 end with a percent sign (%) wildcard then the search results will include all shares with IDs that begin with the same prefix string. Percent signs embedded elsewhere in the string are *not* recognized as wildcards.  Specifying the *id* parameter causes the other filtering parameters to be ignored. The result list will contain at most one entry.  The *includePublicGrantees* flag, true by default, controls whether resources granted to **~public** and **~public_no_authn** are also considered for inclusion in the result list.  The *requireNullId2* flag, true by default, applies only when no *resourceId2* value is provided. When set, only shared resources that do not specify a *resourceId2* value are considered for inclusion in the result list. By setting this flag to false the caller indicates a \"don\'t care\" designation on the *resourceId2* value, allowing shares with any *resourceId2* value to be considered for inclusion in the result list.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    getSharesRaw(requestParameters: GetSharesRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<RespShareList>>;
+    /**
+     * Get a filtered list of shared resources. Query parameters are used to restrict the returned shares. The *grantor*, *grantee*, *tenant*, *resourceType*, *resourceId1*, *resourceId2*, *privilege*, *createdBy* and *createdByTenant* parameters are used to match values in shared resource objects. Other query parameters are used to control how matching is performed. The *tenant* parameter is required.  If resourceId1 or resourceId2 end with a percent sign (%) wildcard then the search results will include all shares with IDs that begin with the same prefix string. Percent signs embedded elsewhere in the string are *not* recognized as wildcards.  Specifying the *id* parameter causes the other filtering parameters to be ignored. The result list will contain at most one entry.  The *includePublicGrantees* flag, true by default, controls whether resources granted to **~public** and **~public_no_authn** are also considered for inclusion in the result list.  The *requireNullId2* flag, true by default, applies only when no *resourceId2* value is provided. When set, only shared resources that do not specify a *resourceId2* value are considered for inclusion in the result list. By setting this flag to false the caller indicates a \"don\'t care\" designation on the *resourceId2* value, allowing shares with any *resourceId2* value to be considered for inclusion in the result list.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    getShares(requestParameters?: GetSharesRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<RespShareList>;
+    /**
+     * Determine if a user has been granted a specific privilege on a specific resource. The *grantee*, *tenant*, *resourceType*, *resourceId1* and *privilege* parameters are mandatory; *resourceId2* is optional and assumed to be NULL if not provided. Privilege matching is performed for the grantee and tenant specified in the query parameters.  True is returned if the user has been granted the privilege, false otherwise.  By default, both authenticated and unauthenticated public privileges are included in the calculation. For example, if a privilege on a resource has been granted to all authenticated users in a tenant (~public), then true will be returned for all users in the tenant.  The *excludePublic* and *excludePublicNoAuthn* parameters can be used to change the default handling of public grants. Either or both types of public grants can be excluded.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    hasPrivilegeRaw(requestParameters: HasPrivilegeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<RespBoolean>>;
+    /**
+     * Determine if a user has been granted a specific privilege on a specific resource. The *grantee*, *tenant*, *resourceType*, *resourceId1* and *privilege* parameters are mandatory; *resourceId2* is optional and assumed to be NULL if not provided. Privilege matching is performed for the grantee and tenant specified in the query parameters.  True is returned if the user has been granted the privilege, false otherwise.  By default, both authenticated and unauthenticated public privileges are included in the calculation. For example, if a privilege on a resource has been granted to all authenticated users in a tenant (~public), then true will be returned for all users in the tenant.  The *excludePublic* and *excludePublicNoAuthn* parameters can be used to change the default handling of public grants. Either or both types of public grants can be excluded.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    hasPrivilege(requestParameters?: HasPrivilegeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<RespBoolean>;
+    /**
+     * Share a Tapis resource using a request body. Shared resources allow services to indicate that other services should relax their Tapis authorization checking in certain, well-defined contexts.  Grantees can be given shared access to a resource on an individual basis or by using the public granting mechanism. Grants to the distinguished **~public** and **~public_no_authn** pseudo-grantees allow access to a resource to authenticated users or to any user, respectively.  The payload for this request includes these values, with all except *resourceId2* required:     - grantor    - grantee    - tenant    - resourceType    - resourceId1    - resourceId2    - privilege  If the share already exists, then this call has no effect. For the request to be authorized, the requestor must be a Tapis service.
+     */
+    shareResourceRaw(requestParameters: ShareResourceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<RespResourceUrl>>;
+    /**
+     * Share a Tapis resource using a request body. Shared resources allow services to indicate that other services should relax their Tapis authorization checking in certain, well-defined contexts.  Grantees can be given shared access to a resource on an individual basis or by using the public granting mechanism. Grants to the distinguished **~public** and **~public_no_authn** pseudo-grantees allow access to a resource to authenticated users or to any user, respectively.  The payload for this request includes these values, with all except *resourceId2* required:     - grantor    - grantee    - tenant    - resourceType    - resourceId1    - resourceId2    - privilege  If the share already exists, then this call has no effect. For the request to be authorized, the requestor must be a Tapis service.
+     */
+    shareResource(requestParameters: ShareResourceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<RespResourceUrl>;
+}

package/dist/apis/ShareApi.js

@@ -0,0 +1,469 @@
+"use strict";
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Tapis Security API
+ * The Tapis Security API provides for management of Security Kernel (SK) role-based authorization and secrets resources.
+ *
+ * The version of the OpenAPI document: 1.8.2
+ * Contact: cicsupport@tacc.utexas.edu
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        if (typeof b !== "function" && b !== null)
+            throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype);
+    return g.next = verb(0), g["throw"] = verb(1), g["return"] = verb(2), typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (g && (g = 0, op[0] && (_ = 0)), _) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ShareApi = void 0;
+var runtime = require("../runtime");
+var index_1 = require("../models/index");
+/**
+ *
+ */
+var ShareApi = /** @class */ (function (_super) {
+    __extends(ShareApi, _super);
+    function ShareApi() {
+        return _super !== null && _super.apply(this, arguments) || this;
+    }
+    /**
+     * Delete a single shared resource by unique attribute selection. The *grantor*, *grantee*, *tenant*, *resourceType*, *resourceId1* and *privilege* parameters are mandatory; *resourceId2* is optional and assumed to be NULL if not provided.  The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter. The calling service must also be the same as the orginal service that granted the share.  This call is idempotent. If no share satisfies the above constraints, a success response code is returned and the indicated number of changes is set to zero. When a share is deleted, the indicated number of changes is one.  For the request to be authorized, the requestor must be the Tapis service that originally granted the share.
+     */
+    ShareApi.prototype.deleteShareRaw = function (requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function () {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
+                    case 0:
+                        queryParameters = {};
+                        if (requestParameters['grantor'] != null) {
+                            queryParameters['grantor'] = requestParameters['grantor'];
+                        }
+                        if (requestParameters['grantee'] != null) {
+                            queryParameters['grantee'] = requestParameters['grantee'];
+                        }
+                        if (requestParameters['tenant'] != null) {
+                            queryParameters['tenant'] = requestParameters['tenant'];
+                        }
+                        if (requestParameters['resourceType'] != null) {
+                            queryParameters['resourceType'] = requestParameters['resourceType'];
+                        }
+                        if (requestParameters['resourceId1'] != null) {
+                            queryParameters['resourceId1'] = requestParameters['resourceId1'];
+                        }
+                        if (requestParameters['resourceId2'] != null) {
+                            queryParameters['resourceId2'] = requestParameters['resourceId2'];
+                        }
+                        if (requestParameters['privilege'] != null) {
+                            queryParameters['privilege'] = requestParameters['privilege'];
+                        }
+                        headerParameters = {};
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
+                    case 1:
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/security/share",
+                            method: 'DELETE',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespChangeCountFromJSON)(jsonValue); })];
+                }
+            });
+        });
+    };
+    /**
+     * Delete a single shared resource by unique attribute selection. The *grantor*, *grantee*, *tenant*, *resourceType*, *resourceId1* and *privilege* parameters are mandatory; *resourceId2* is optional and assumed to be NULL if not provided.  The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter. The calling service must also be the same as the orginal service that granted the share.  This call is idempotent. If no share satisfies the above constraints, a success response code is returned and the indicated number of changes is set to zero. When a share is deleted, the indicated number of changes is one.  For the request to be authorized, the requestor must be the Tapis service that originally granted the share.
+     */
+    ShareApi.prototype.deleteShare = function () {
+        return __awaiter(this, arguments, void 0, function (requestParameters, initOverrides) {
+            var response;
+            if (requestParameters === void 0) { requestParameters = {}; }
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.deleteShareRaw(requestParameters, initOverrides)];
+                    case 1:
+                        response = _a.sent();
+                        return [4 /*yield*/, response.value()];
+                    case 2: return [2 /*return*/, _a.sent()];
+                }
+            });
+        });
+    };
+    /**
+     * Delete a shared resource by ID. The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter. The calling service must also be the same as the orginal service that created the share.  This call is idempotent. If no share satisfies the above constraints, a success response code is returned and the indicated number of changes is set to zero. When a share is deleted, the indicated number of changes is one.  For the request to be authorized, the requestor must be the Tapis service that originally granted the share.
+     */
+    ShareApi.prototype.deleteShareByIdRaw = function (requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function () {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
+                    case 0:
+                        if (requestParameters['id'] == null) {
+                            throw new runtime.RequiredError('id', 'Required parameter "id" was null or undefined when calling deleteShareById().');
+                        }
+                        queryParameters = {};
+                        if (requestParameters['tenant'] != null) {
+                            queryParameters['tenant'] = requestParameters['tenant'];
+                        }
+                        headerParameters = {};
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
+                    case 1:
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/security/share/{id}".replace("{".concat("id", "}"), encodeURIComponent(String(requestParameters['id']))),
+                            method: 'DELETE',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespChangeCountFromJSON)(jsonValue); })];
+                }
+            });
+        });
+    };
+    /**
+     * Delete a shared resource by ID. The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter. The calling service must also be the same as the orginal service that created the share.  This call is idempotent. If no share satisfies the above constraints, a success response code is returned and the indicated number of changes is set to zero. When a share is deleted, the indicated number of changes is one.  For the request to be authorized, the requestor must be the Tapis service that originally granted the share.
+     */
+    ShareApi.prototype.deleteShareById = function (requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function () {
+            var response;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.deleteShareByIdRaw(requestParameters, initOverrides)];
+                    case 1:
+                        response = _a.sent();
+                        return [4 /*yield*/, response.value()];
+                    case 2: return [2 /*return*/, _a.sent()];
+                }
+            });
+        });
+    };
+    /**
+     * Get a shared resource by ID. The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    ShareApi.prototype.getShareRaw = function (requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function () {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
+                    case 0:
+                        if (requestParameters['id'] == null) {
+                            throw new runtime.RequiredError('id', 'Required parameter "id" was null or undefined when calling getShare().');
+                        }
+                        queryParameters = {};
+                        if (requestParameters['tenant'] != null) {
+                            queryParameters['tenant'] = requestParameters['tenant'];
+                        }
+                        headerParameters = {};
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
+                    case 1:
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/security/share/{id}".replace("{".concat("id", "}"), encodeURIComponent(String(requestParameters['id']))),
+                            method: 'GET',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespShareFromJSON)(jsonValue); })];
+                }
+            });
+        });
+    };
+    /**
+     * Get a shared resource by ID. The shared resource is deleted only if it\'s in the tenant specified in the required *tenant* query parameter.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    ShareApi.prototype.getShare = function (requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function () {
+            var response;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.getShareRaw(requestParameters, initOverrides)];
+                    case 1:
+                        response = _a.sent();
+                        return [4 /*yield*/, response.value()];
+                    case 2: return [2 /*return*/, _a.sent()];
+                }
+            });
+        });
+    };
+    /**
+     * Get a filtered list of shared resources. Query parameters are used to restrict the returned shares. The *grantor*, *grantee*, *tenant*, *resourceType*, *resourceId1*, *resourceId2*, *privilege*, *createdBy* and *createdByTenant* parameters are used to match values in shared resource objects. Other query parameters are used to control how matching is performed. The *tenant* parameter is required.  If resourceId1 or resourceId2 end with a percent sign (%) wildcard then the search results will include all shares with IDs that begin with the same prefix string. Percent signs embedded elsewhere in the string are *not* recognized as wildcards.  Specifying the *id* parameter causes the other filtering parameters to be ignored. The result list will contain at most one entry.  The *includePublicGrantees* flag, true by default, controls whether resources granted to **~public** and **~public_no_authn** are also considered for inclusion in the result list.  The *requireNullId2* flag, true by default, applies only when no *resourceId2* value is provided. When set, only shared resources that do not specify a *resourceId2* value are considered for inclusion in the result list. By setting this flag to false the caller indicates a \"don\'t care\" designation on the *resourceId2* value, allowing shares with any *resourceId2* value to be considered for inclusion in the result list.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    ShareApi.prototype.getSharesRaw = function (requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function () {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
+                    case 0:
+                        queryParameters = {};
+                        if (requestParameters['grantor'] != null) {
+                            queryParameters['grantor'] = requestParameters['grantor'];
+                        }
+                        if (requestParameters['grantee'] != null) {
+                            queryParameters['grantee'] = requestParameters['grantee'];
+                        }
+                        if (requestParameters['tenant'] != null) {
+                            queryParameters['tenant'] = requestParameters['tenant'];
+                        }
+                        if (requestParameters['resourceType'] != null) {
+                            queryParameters['resourceType'] = requestParameters['resourceType'];
+                        }
+                        if (requestParameters['resourceId1'] != null) {
+                            queryParameters['resourceId1'] = requestParameters['resourceId1'];
+                        }
+                        if (requestParameters['resourceId2'] != null) {
+                            queryParameters['resourceId2'] = requestParameters['resourceId2'];
+                        }
+                        if (requestParameters['privilege'] != null) {
+                            queryParameters['privilege'] = requestParameters['privilege'];
+                        }
+                        if (requestParameters['createdBy'] != null) {
+                            queryParameters['createdBy'] = requestParameters['createdBy'];
+                        }
+                        if (requestParameters['createdByTenant'] != null) {
+                            queryParameters['createdByTenant'] = requestParameters['createdByTenant'];
+                        }
+                        if (requestParameters['includePublicGrantees'] != null) {
+                            queryParameters['includePublicGrantees'] = requestParameters['includePublicGrantees'];
+                        }
+                        if (requestParameters['requireNullId2'] != null) {
+                            queryParameters['requireNullId2'] = requestParameters['requireNullId2'];
+                        }
+                        if (requestParameters['id'] != null) {
+                            queryParameters['id'] = requestParameters['id'];
+                        }
+                        headerParameters = {};
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
+                    case 1:
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/security/share",
+                            method: 'GET',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespShareListFromJSON)(jsonValue); })];
+                }
+            });
+        });
+    };
+    /**
+     * Get a filtered list of shared resources. Query parameters are used to restrict the returned shares. The *grantor*, *grantee*, *tenant*, *resourceType*, *resourceId1*, *resourceId2*, *privilege*, *createdBy* and *createdByTenant* parameters are used to match values in shared resource objects. Other query parameters are used to control how matching is performed. The *tenant* parameter is required.  If resourceId1 or resourceId2 end with a percent sign (%) wildcard then the search results will include all shares with IDs that begin with the same prefix string. Percent signs embedded elsewhere in the string are *not* recognized as wildcards.  Specifying the *id* parameter causes the other filtering parameters to be ignored. The result list will contain at most one entry.  The *includePublicGrantees* flag, true by default, controls whether resources granted to **~public** and **~public_no_authn** are also considered for inclusion in the result list.  The *requireNullId2* flag, true by default, applies only when no *resourceId2* value is provided. When set, only shared resources that do not specify a *resourceId2* value are considered for inclusion in the result list. By setting this flag to false the caller indicates a \"don\'t care\" designation on the *resourceId2* value, allowing shares with any *resourceId2* value to be considered for inclusion in the result list.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    ShareApi.prototype.getShares = function () {
+        return __awaiter(this, arguments, void 0, function (requestParameters, initOverrides) {
+            var response;
+            if (requestParameters === void 0) { requestParameters = {}; }
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.getSharesRaw(requestParameters, initOverrides)];
+                    case 1:
+                        response = _a.sent();
+                        return [4 /*yield*/, response.value()];
+                    case 2: return [2 /*return*/, _a.sent()];
+                }
+            });
+        });
+    };
+    /**
+     * Determine if a user has been granted a specific privilege on a specific resource. The *grantee*, *tenant*, *resourceType*, *resourceId1* and *privilege* parameters are mandatory; *resourceId2* is optional and assumed to be NULL if not provided. Privilege matching is performed for the grantee and tenant specified in the query parameters.  True is returned if the user has been granted the privilege, false otherwise.  By default, both authenticated and unauthenticated public privileges are included in the calculation. For example, if a privilege on a resource has been granted to all authenticated users in a tenant (~public), then true will be returned for all users in the tenant.  The *excludePublic* and *excludePublicNoAuthn* parameters can be used to change the default handling of public grants. Either or both types of public grants can be excluded.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    ShareApi.prototype.hasPrivilegeRaw = function (requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function () {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
+                    case 0:
+                        queryParameters = {};
+                        if (requestParameters['grantee'] != null) {
+                            queryParameters['grantee'] = requestParameters['grantee'];
+                        }
+                        if (requestParameters['tenant'] != null) {
+                            queryParameters['tenant'] = requestParameters['tenant'];
+                        }
+                        if (requestParameters['resourceType'] != null) {
+                            queryParameters['resourceType'] = requestParameters['resourceType'];
+                        }
+                        if (requestParameters['resourceId1'] != null) {
+                            queryParameters['resourceId1'] = requestParameters['resourceId1'];
+                        }
+                        if (requestParameters['resourceId2'] != null) {
+                            queryParameters['resourceId2'] = requestParameters['resourceId2'];
+                        }
+                        if (requestParameters['privilege'] != null) {
+                            queryParameters['privilege'] = requestParameters['privilege'];
+                        }
+                        if (requestParameters['excludePublic'] != null) {
+                            queryParameters['excludePublic'] = requestParameters['excludePublic'];
+                        }
+                        if (requestParameters['excludePublicNoAuthn'] != null) {
+                            queryParameters['excludePublicNoAuthn'] = requestParameters['excludePublicNoAuthn'];
+                        }
+                        headerParameters = {};
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
+                    case 1:
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/security/share/hasPrivilege",
+                            method: 'GET',
+                            headers: headerParameters,
+                            query: queryParameters,
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespBooleanFromJSON)(jsonValue); })];
+                }
+            });
+        });
+    };
+    /**
+     * Determine if a user has been granted a specific privilege on a specific resource. The *grantee*, *tenant*, *resourceType*, *resourceId1* and *privilege* parameters are mandatory; *resourceId2* is optional and assumed to be NULL if not provided. Privilege matching is performed for the grantee and tenant specified in the query parameters.  True is returned if the user has been granted the privilege, false otherwise.  By default, both authenticated and unauthenticated public privileges are included in the calculation. For example, if a privilege on a resource has been granted to all authenticated users in a tenant (~public), then true will be returned for all users in the tenant.  The *excludePublic* and *excludePublicNoAuthn* parameters can be used to change the default handling of public grants. Either or both types of public grants can be excluded.  For the request to be authorized, the requestor must be a Tapis service.
+     */
+    ShareApi.prototype.hasPrivilege = function () {
+        return __awaiter(this, arguments, void 0, function (requestParameters, initOverrides) {
+            var response;
+            if (requestParameters === void 0) { requestParameters = {}; }
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.hasPrivilegeRaw(requestParameters, initOverrides)];
+                    case 1:
+                        response = _a.sent();
+                        return [4 /*yield*/, response.value()];
+                    case 2: return [2 /*return*/, _a.sent()];
+                }
+            });
+        });
+    };
+    /**
+     * Share a Tapis resource using a request body. Shared resources allow services to indicate that other services should relax their Tapis authorization checking in certain, well-defined contexts.  Grantees can be given shared access to a resource on an individual basis or by using the public granting mechanism. Grants to the distinguished **~public** and **~public_no_authn** pseudo-grantees allow access to a resource to authenticated users or to any user, respectively.  The payload for this request includes these values, with all except *resourceId2* required:     - grantor    - grantee    - tenant    - resourceType    - resourceId1    - resourceId2    - privilege  If the share already exists, then this call has no effect. For the request to be authorized, the requestor must be a Tapis service.
+     */
+    ShareApi.prototype.shareResourceRaw = function (requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function () {
+            var queryParameters, headerParameters, _a, _b, response;
+            return __generator(this, function (_c) {
+                switch (_c.label) {
+                    case 0:
+                        if (requestParameters['reqShareResource'] == null) {
+                            throw new runtime.RequiredError('reqShareResource', 'Required parameter "reqShareResource" was null or undefined when calling shareResource().');
+                        }
+                        queryParameters = {};
+                        headerParameters = {};
+                        headerParameters['Content-Type'] = 'application/json';
+                        if (!(this.configuration && this.configuration.apiKey)) return [3 /*break*/, 2];
+                        _a = headerParameters;
+                        _b = "X-Tapis-Token";
+                        return [4 /*yield*/, this.configuration.apiKey("X-Tapis-Token")];
+                    case 1:
+                        _a[_b] = _c.sent(); // TapisJWT authentication
+                        _c.label = 2;
+                    case 2: return [4 /*yield*/, this.request({
+                            path: "/security/share",
+                            method: 'POST',
+                            headers: headerParameters,
+                            query: queryParameters,
+                            body: (0, index_1.ReqShareResourceToJSON)(requestParameters['reqShareResource']),
+                        }, initOverrides)];
+                    case 3:
+                        response = _c.sent();
+                        return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return (0, index_1.RespResourceUrlFromJSON)(jsonValue); })];
+                }
+            });
+        });
+    };
+    /**
+     * Share a Tapis resource using a request body. Shared resources allow services to indicate that other services should relax their Tapis authorization checking in certain, well-defined contexts.  Grantees can be given shared access to a resource on an individual basis or by using the public granting mechanism. Grants to the distinguished **~public** and **~public_no_authn** pseudo-grantees allow access to a resource to authenticated users or to any user, respectively.  The payload for this request includes these values, with all except *resourceId2* required:     - grantor    - grantee    - tenant    - resourceType    - resourceId1    - resourceId2    - privilege  If the share already exists, then this call has no effect. For the request to be authorized, the requestor must be a Tapis service.
+     */
+    ShareApi.prototype.shareResource = function (requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function () {
+            var response;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.shareResourceRaw(requestParameters, initOverrides)];
+                    case 1:
+                        response = _a.sent();
+                        return [4 /*yield*/, response.value()];
+                    case 2: return [2 /*return*/, _a.sent()];
+                }
+            });
+        });
+    };
+    return ShareApi;
+}(runtime.BaseAPI));
+exports.ShareApi = ShareApi;