@tapis/tapis-typescript-sk 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.openapi-generator/FILES +67 -0
- package/.openapi-generator/VERSION +1 -0
- package/.openapi-generator-ignore +23 -0
- package/README.md +45 -0
- package/dist/apis/GeneralApi.d.ts +45 -0
- package/dist/apis/GeneralApi.js +199 -0
- package/dist/apis/RoleApi.d.ts +205 -0
- package/dist/apis/RoleApi.js +861 -0
- package/dist/apis/UserApi.d.ts +276 -0
- package/dist/apis/UserApi.js +1166 -0
- package/dist/apis/VaultApi.d.ts +195 -0
- package/dist/apis/VaultApi.js +740 -0
- package/dist/apis/index.d.ts +4 -0
- package/dist/apis/index.js +11 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.js +10 -0
- package/dist/models/Options.d.ts +27 -0
- package/dist/models/Options.js +41 -0
- package/dist/models/ReqAddChildRole.d.ts +39 -0
- package/dist/models/ReqAddChildRole.js +45 -0
- package/dist/models/ReqAddRolePermission.d.ts +39 -0
- package/dist/models/ReqAddRolePermission.js +45 -0
- package/dist/models/ReqCreateRole.d.ts +39 -0
- package/dist/models/ReqCreateRole.js +45 -0
- package/dist/models/ReqGrantAdminRole.d.ts +33 -0
- package/dist/models/ReqGrantAdminRole.js +43 -0
- package/dist/models/ReqGrantUserPermission.d.ts +39 -0
- package/dist/models/ReqGrantUserPermission.js +45 -0
- package/dist/models/ReqGrantUserRole.d.ts +39 -0
- package/dist/models/ReqGrantUserRole.js +45 -0
- package/dist/models/ReqGrantUserRoleWithPermission.d.ts +45 -0
- package/dist/models/ReqGrantUserRoleWithPermission.js +47 -0
- package/dist/models/ReqPreviewPathPrefix.d.ts +63 -0
- package/dist/models/ReqPreviewPathPrefix.js +53 -0
- package/dist/models/ReqRemoveChildRole.d.ts +39 -0
- package/dist/models/ReqRemoveChildRole.js +45 -0
- package/dist/models/ReqRemoveRolePermission.d.ts +39 -0
- package/dist/models/ReqRemoveRolePermission.js +45 -0
- package/dist/models/ReqReplacePathPrefix.d.ts +63 -0
- package/dist/models/ReqReplacePathPrefix.js +53 -0
- package/dist/models/ReqRevokeAdminRole.d.ts +33 -0
- package/dist/models/ReqRevokeAdminRole.js +43 -0
- package/dist/models/ReqRevokeUserPermission.d.ts +39 -0
- package/dist/models/ReqRevokeUserPermission.js +45 -0
- package/dist/models/ReqRevokeUserRole.d.ts +39 -0
- package/dist/models/ReqRevokeUserRole.js +45 -0
- package/dist/models/ReqUpdateRoleDescription.d.ts +33 -0
- package/dist/models/ReqUpdateRoleDescription.js +43 -0
- package/dist/models/ReqUpdateRoleName.d.ts +33 -0
- package/dist/models/ReqUpdateRoleName.js +43 -0
- package/dist/models/ReqUpdateRoleOwner.d.ts +39 -0
- package/dist/models/ReqUpdateRoleOwner.js +45 -0
- package/dist/models/ReqUserHasRole.d.ts +45 -0
- package/dist/models/ReqUserHasRole.js +47 -0
- package/dist/models/ReqUserHasRoleMulti.d.ts +45 -0
- package/dist/models/ReqUserHasRoleMulti.js +47 -0
- package/dist/models/ReqUserIsAdmin.d.ts +33 -0
- package/dist/models/ReqUserIsAdmin.js +43 -0
- package/dist/models/ReqUserIsPermitted.d.ts +45 -0
- package/dist/models/ReqUserIsPermitted.js +47 -0
- package/dist/models/ReqUserIsPermittedMulti.d.ts +45 -0
- package/dist/models/ReqUserIsPermittedMulti.js +47 -0
- package/dist/models/ReqValidateServicePwd.d.ts +39 -0
- package/dist/models/ReqValidateServicePwd.js +45 -0
- package/dist/models/ReqVersions.d.ts +39 -0
- package/dist/models/ReqVersions.js +45 -0
- package/dist/models/ReqWriteSecret.d.ts +48 -0
- package/dist/models/ReqWriteSecret.js +48 -0
- package/dist/models/RespAuthorized.d.ts +46 -0
- package/dist/models/RespAuthorized.js +48 -0
- package/dist/models/RespBasic.d.ts +45 -0
- package/dist/models/RespBasic.js +47 -0
- package/dist/models/RespChangeCount.d.ts +46 -0
- package/dist/models/RespChangeCount.js +48 -0
- package/dist/models/RespName.d.ts +46 -0
- package/dist/models/RespName.js +48 -0
- package/dist/models/RespNameArray.d.ts +46 -0
- package/dist/models/RespNameArray.js +48 -0
- package/dist/models/RespPathPrefixes.d.ts +46 -0
- package/dist/models/RespPathPrefixes.js +48 -0
- package/dist/models/RespProbe.d.ts +46 -0
- package/dist/models/RespProbe.js +48 -0
- package/dist/models/RespResourceUrl.d.ts +46 -0
- package/dist/models/RespResourceUrl.js +48 -0
- package/dist/models/RespRole.d.ts +46 -0
- package/dist/models/RespRole.js +48 -0
- package/dist/models/RespSecret.d.ts +46 -0
- package/dist/models/RespSecret.js +48 -0
- package/dist/models/RespSecretList.d.ts +46 -0
- package/dist/models/RespSecretList.js +48 -0
- package/dist/models/RespSecretMeta.d.ts +46 -0
- package/dist/models/RespSecretMeta.js +48 -0
- package/dist/models/RespSecretVersionMetadata.d.ts +46 -0
- package/dist/models/RespSecretVersionMetadata.js +48 -0
- package/dist/models/RespVersions.d.ts +45 -0
- package/dist/models/RespVersions.js +47 -0
- package/dist/models/ResultAuthorized.d.ts +27 -0
- package/dist/models/ResultAuthorized.js +41 -0
- package/dist/models/ResultChangeCount.d.ts +27 -0
- package/dist/models/ResultChangeCount.js +41 -0
- package/dist/models/ResultName.d.ts +27 -0
- package/dist/models/ResultName.js +41 -0
- package/dist/models/ResultNameArray.d.ts +27 -0
- package/dist/models/ResultNameArray.js +41 -0
- package/dist/models/ResultResourceUrl.d.ts +27 -0
- package/dist/models/ResultResourceUrl.js +41 -0
- package/dist/models/SkProbe.d.ts +45 -0
- package/dist/models/SkProbe.js +47 -0
- package/dist/models/SkRole.d.ts +93 -0
- package/dist/models/SkRole.js +63 -0
- package/dist/models/SkSecret.d.ts +36 -0
- package/dist/models/SkSecret.js +44 -0
- package/dist/models/SkSecretList.d.ts +33 -0
- package/dist/models/SkSecretList.js +43 -0
- package/dist/models/SkSecretMetadata.d.ts +45 -0
- package/dist/models/SkSecretMetadata.js +47 -0
- package/dist/models/SkSecretVersion.d.ts +45 -0
- package/dist/models/SkSecretVersion.js +47 -0
- package/dist/models/SkSecretVersionMetadata.d.ts +58 -0
- package/dist/models/SkSecretVersionMetadata.js +52 -0
- package/dist/models/Transformation.d.ts +39 -0
- package/dist/models/Transformation.js +45 -0
- package/dist/models/index.d.ts +53 -0
- package/dist/models/index.js +60 -0
- package/dist/runtime.d.ts +140 -0
- package/dist/runtime.js +420 -0
- package/package.json +15 -0
- package/src/apis/GeneralApi.ts +117 -0
- package/src/apis/RoleApi.ts +782 -0
- package/src/apis/UserApi.ts +1047 -0
- package/src/apis/VaultApi.ts +802 -0
- package/src/apis/index.ts +6 -0
- package/src/index.ts +5 -0
- package/src/models/Options.ts +56 -0
- package/src/models/ReqAddChildRole.ts +72 -0
- package/src/models/ReqAddRolePermission.ts +72 -0
- package/src/models/ReqCreateRole.ts +72 -0
- package/src/models/ReqGrantAdminRole.ts +64 -0
- package/src/models/ReqGrantUserPermission.ts +72 -0
- package/src/models/ReqGrantUserRole.ts +72 -0
- package/src/models/ReqGrantUserRoleWithPermission.ts +80 -0
- package/src/models/ReqPreviewPathPrefix.ts +104 -0
- package/src/models/ReqRemoveChildRole.ts +72 -0
- package/src/models/ReqRemoveRolePermission.ts +72 -0
- package/src/models/ReqReplacePathPrefix.ts +104 -0
- package/src/models/ReqRevokeAdminRole.ts +64 -0
- package/src/models/ReqRevokeUserPermission.ts +72 -0
- package/src/models/ReqRevokeUserRole.ts +72 -0
- package/src/models/ReqUpdateRoleDescription.ts +64 -0
- package/src/models/ReqUpdateRoleName.ts +64 -0
- package/src/models/ReqUpdateRoleOwner.ts +72 -0
- package/src/models/ReqUserHasRole.ts +80 -0
- package/src/models/ReqUserHasRoleMulti.ts +80 -0
- package/src/models/ReqUserIsAdmin.ts +64 -0
- package/src/models/ReqUserIsPermitted.ts +80 -0
- package/src/models/ReqUserIsPermittedMulti.ts +80 -0
- package/src/models/ReqValidateServicePwd.ts +72 -0
- package/src/models/ReqVersions.ts +72 -0
- package/src/models/ReqWriteSecret.ts +87 -0
- package/src/models/RespAuthorized.ts +87 -0
- package/src/models/RespBasic.ts +80 -0
- package/src/models/RespChangeCount.ts +87 -0
- package/src/models/RespName.ts +87 -0
- package/src/models/RespNameArray.ts +87 -0
- package/src/models/RespPathPrefixes.ts +87 -0
- package/src/models/RespProbe.ts +87 -0
- package/src/models/RespResourceUrl.ts +87 -0
- package/src/models/RespRole.ts +87 -0
- package/src/models/RespSecret.ts +87 -0
- package/src/models/RespSecretList.ts +87 -0
- package/src/models/RespSecretMeta.ts +87 -0
- package/src/models/RespSecretVersionMetadata.ts +87 -0
- package/src/models/RespVersions.ts +80 -0
- package/src/models/ResultAuthorized.ts +56 -0
- package/src/models/ResultChangeCount.ts +56 -0
- package/src/models/ResultName.ts +56 -0
- package/src/models/ResultNameArray.ts +56 -0
- package/src/models/ResultResourceUrl.ts +56 -0
- package/src/models/SkProbe.ts +80 -0
- package/src/models/SkRole.ts +144 -0
- package/src/models/SkSecret.ts +71 -0
- package/src/models/SkSecretList.ts +64 -0
- package/src/models/SkSecretMetadata.ts +80 -0
- package/src/models/SkSecretVersion.ts +80 -0
- package/src/models/SkSecretVersionMetadata.ts +103 -0
- package/src/models/Transformation.ts +72 -0
- package/src/models/index.ts +55 -0
- package/src/runtime.ts +320 -0
- package/tsconfig.json +20 -0
|
@@ -0,0 +1,1166 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/* tslint:disable */
|
|
3
|
+
/* eslint-disable */
|
|
4
|
+
/**
|
|
5
|
+
* Tapis Security API
|
|
6
|
+
* The Tapis Security API provides access to the Tapis Security Kernel authorization and secrets facilities.
|
|
7
|
+
*
|
|
8
|
+
* The version of the OpenAPI document: 0.1
|
|
9
|
+
* Contact: cicsupport@tacc.utexas.edu
|
|
10
|
+
*
|
|
11
|
+
* NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
|
|
12
|
+
* https://openapi-generator.tech
|
|
13
|
+
* Do not edit the class manually.
|
|
14
|
+
*/
|
|
15
|
+
var __extends = (this && this.__extends) || (function () {
|
|
16
|
+
var extendStatics = Object.setPrototypeOf ||
|
|
17
|
+
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
|
|
18
|
+
function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
|
|
19
|
+
return function (d, b) {
|
|
20
|
+
extendStatics(d, b);
|
|
21
|
+
function __() { this.constructor = d; }
|
|
22
|
+
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
|
|
23
|
+
};
|
|
24
|
+
})();
|
|
25
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
26
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
27
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
28
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
29
|
+
function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
|
|
30
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
31
|
+
});
|
|
32
|
+
};
|
|
33
|
+
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
34
|
+
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
35
|
+
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
36
|
+
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
37
|
+
function step(op) {
|
|
38
|
+
if (f) throw new TypeError("Generator is already executing.");
|
|
39
|
+
while (_) try {
|
|
40
|
+
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
41
|
+
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
42
|
+
switch (op[0]) {
|
|
43
|
+
case 0: case 1: t = op; break;
|
|
44
|
+
case 4: _.label++; return { value: op[1], done: false };
|
|
45
|
+
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
46
|
+
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
47
|
+
default:
|
|
48
|
+
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
49
|
+
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
50
|
+
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
51
|
+
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
52
|
+
if (t[2]) _.ops.pop();
|
|
53
|
+
_.trys.pop(); continue;
|
|
54
|
+
}
|
|
55
|
+
op = body.call(thisArg, _);
|
|
56
|
+
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
57
|
+
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
58
|
+
}
|
|
59
|
+
};
|
|
60
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
61
|
+
var runtime = require("../runtime");
|
|
62
|
+
var models_1 = require("../models");
|
|
63
|
+
/**
|
|
64
|
+
*
|
|
65
|
+
*/
|
|
66
|
+
var UserApi = /** @class */ (function (_super) {
|
|
67
|
+
__extends(UserApi, _super);
|
|
68
|
+
function UserApi() {
|
|
69
|
+
return _super !== null && _super.apply(this, arguments) || this;
|
|
70
|
+
}
|
|
71
|
+
/**
|
|
72
|
+
* Get all users assigned the tenant administrator role ($!tenant_admin). This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
73
|
+
*/
|
|
74
|
+
UserApi.prototype.getAdminsRaw = function (requestParameters, initOverrides) {
|
|
75
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
76
|
+
var queryParameters, headerParameters, response;
|
|
77
|
+
return __generator(this, function (_a) {
|
|
78
|
+
switch (_a.label) {
|
|
79
|
+
case 0:
|
|
80
|
+
if (requestParameters.tenant === null || requestParameters.tenant === undefined) {
|
|
81
|
+
throw new runtime.RequiredError('tenant', 'Required parameter requestParameters.tenant was null or undefined when calling getAdmins.');
|
|
82
|
+
}
|
|
83
|
+
queryParameters = {};
|
|
84
|
+
if (requestParameters.pretty !== undefined) {
|
|
85
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
86
|
+
}
|
|
87
|
+
headerParameters = {};
|
|
88
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
89
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
90
|
+
}
|
|
91
|
+
return [4 /*yield*/, this.request({
|
|
92
|
+
path: "/security/user/admins/{tenant}".replace("{" + "tenant" + "}", encodeURIComponent(String(requestParameters.tenant))),
|
|
93
|
+
method: 'GET',
|
|
94
|
+
headers: headerParameters,
|
|
95
|
+
query: queryParameters,
|
|
96
|
+
}, initOverrides)];
|
|
97
|
+
case 1:
|
|
98
|
+
response = _a.sent();
|
|
99
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespNameArrayFromJSON(jsonValue); })];
|
|
100
|
+
}
|
|
101
|
+
});
|
|
102
|
+
});
|
|
103
|
+
};
|
|
104
|
+
/**
|
|
105
|
+
* Get all users assigned the tenant administrator role ($!tenant_admin). This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
106
|
+
*/
|
|
107
|
+
UserApi.prototype.getAdmins = function (requestParameters, initOverrides) {
|
|
108
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
109
|
+
var response;
|
|
110
|
+
return __generator(this, function (_a) {
|
|
111
|
+
switch (_a.label) {
|
|
112
|
+
case 0: return [4 /*yield*/, this.getAdminsRaw(requestParameters, initOverrides)];
|
|
113
|
+
case 1:
|
|
114
|
+
response = _a.sent();
|
|
115
|
+
return [4 /*yield*/, response.value()];
|
|
116
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
117
|
+
}
|
|
118
|
+
});
|
|
119
|
+
});
|
|
120
|
+
};
|
|
121
|
+
/**
|
|
122
|
+
* Get a user\'s default role. The default role is implicitly created by the system when needed if it doesn\'t already exist. No authorization required. A user\'s default role is constructed by prepending \'$$\' to the user\'s name. This implies the maximum length of a user name is 58 since role names are limited to 60 characters.
|
|
123
|
+
*/
|
|
124
|
+
UserApi.prototype.getDefaultUserRole1Raw = function (requestParameters, initOverrides) {
|
|
125
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
126
|
+
var queryParameters, headerParameters, response;
|
|
127
|
+
return __generator(this, function (_a) {
|
|
128
|
+
switch (_a.label) {
|
|
129
|
+
case 0:
|
|
130
|
+
if (requestParameters.user === null || requestParameters.user === undefined) {
|
|
131
|
+
throw new runtime.RequiredError('user', 'Required parameter requestParameters.user was null or undefined when calling getDefaultUserRole1.');
|
|
132
|
+
}
|
|
133
|
+
queryParameters = {};
|
|
134
|
+
if (requestParameters.pretty !== undefined) {
|
|
135
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
136
|
+
}
|
|
137
|
+
headerParameters = {};
|
|
138
|
+
return [4 /*yield*/, this.request({
|
|
139
|
+
path: "/security/user/defaultRole/{user}".replace("{" + "user" + "}", encodeURIComponent(String(requestParameters.user))),
|
|
140
|
+
method: 'GET',
|
|
141
|
+
headers: headerParameters,
|
|
142
|
+
query: queryParameters,
|
|
143
|
+
}, initOverrides)];
|
|
144
|
+
case 1:
|
|
145
|
+
response = _a.sent();
|
|
146
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespNameFromJSON(jsonValue); })];
|
|
147
|
+
}
|
|
148
|
+
});
|
|
149
|
+
});
|
|
150
|
+
};
|
|
151
|
+
/**
|
|
152
|
+
* Get a user\'s default role. The default role is implicitly created by the system when needed if it doesn\'t already exist. No authorization required. A user\'s default role is constructed by prepending \'$$\' to the user\'s name. This implies the maximum length of a user name is 58 since role names are limited to 60 characters.
|
|
153
|
+
*/
|
|
154
|
+
UserApi.prototype.getDefaultUserRole1 = function (requestParameters, initOverrides) {
|
|
155
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
156
|
+
var response;
|
|
157
|
+
return __generator(this, function (_a) {
|
|
158
|
+
switch (_a.label) {
|
|
159
|
+
case 0: return [4 /*yield*/, this.getDefaultUserRole1Raw(requestParameters, initOverrides)];
|
|
160
|
+
case 1:
|
|
161
|
+
response = _a.sent();
|
|
162
|
+
return [4 /*yield*/, response.value()];
|
|
163
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
164
|
+
}
|
|
165
|
+
});
|
|
166
|
+
});
|
|
167
|
+
};
|
|
168
|
+
/**
|
|
169
|
+
* Get the names of all users in the tenant that have been granted a role or permission. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
170
|
+
*/
|
|
171
|
+
UserApi.prototype.getUserNamesRaw = function (requestParameters, initOverrides) {
|
|
172
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
173
|
+
var queryParameters, headerParameters, response;
|
|
174
|
+
return __generator(this, function (_a) {
|
|
175
|
+
switch (_a.label) {
|
|
176
|
+
case 0:
|
|
177
|
+
queryParameters = {};
|
|
178
|
+
if (requestParameters.tenant !== undefined) {
|
|
179
|
+
queryParameters['tenant'] = requestParameters.tenant;
|
|
180
|
+
}
|
|
181
|
+
if (requestParameters.pretty !== undefined) {
|
|
182
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
183
|
+
}
|
|
184
|
+
headerParameters = {};
|
|
185
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
186
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
187
|
+
}
|
|
188
|
+
return [4 /*yield*/, this.request({
|
|
189
|
+
path: "/security/user",
|
|
190
|
+
method: 'GET',
|
|
191
|
+
headers: headerParameters,
|
|
192
|
+
query: queryParameters,
|
|
193
|
+
}, initOverrides)];
|
|
194
|
+
case 1:
|
|
195
|
+
response = _a.sent();
|
|
196
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespNameArrayFromJSON(jsonValue); })];
|
|
197
|
+
}
|
|
198
|
+
});
|
|
199
|
+
});
|
|
200
|
+
};
|
|
201
|
+
/**
|
|
202
|
+
* Get the names of all users in the tenant that have been granted a role or permission. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
203
|
+
*/
|
|
204
|
+
UserApi.prototype.getUserNames = function (requestParameters, initOverrides) {
|
|
205
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
206
|
+
var response;
|
|
207
|
+
return __generator(this, function (_a) {
|
|
208
|
+
switch (_a.label) {
|
|
209
|
+
case 0: return [4 /*yield*/, this.getUserNamesRaw(requestParameters, initOverrides)];
|
|
210
|
+
case 1:
|
|
211
|
+
response = _a.sent();
|
|
212
|
+
return [4 /*yield*/, response.value()];
|
|
213
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
214
|
+
}
|
|
215
|
+
});
|
|
216
|
+
});
|
|
217
|
+
};
|
|
218
|
+
/**
|
|
219
|
+
* Get the permissions assigned to a user in a tenant, including those assigned transively. The result list can be optionally filtered by the one or both of the query parameters: implies and impliedBy. The implied parameter removes permissions from the result list that the specified permission do not imply. The impliedBy parameter removes permissions from the result list that the specified permission are not implied by. Below are some examples.Consider a user that is assigned these permissions: stream:dev:read:project1 stream:dev:read,write:project1 stream:dev:read,write,exec:project1 **Using the *implies* Query Parameter** When _implies=stream:dev:*:project1_, this endpoint returns: stream:dev:read:project1 stream:dev:read,write:project1 stream:dev:read,write,exec:project1 When _implies=stream:dev:write:project1_, this endpoint returns an empty list. **Using the *impliedBy* Query Parameter** When _impliedBy=stream:dev:*:project1_, this endpoint returns an empty list. When _impliedBy=stream:dev:write:project1_, this endpoint returns: stream:dev:read,write:project1 stream:dev:read,write,exec:project1 This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
220
|
+
*/
|
|
221
|
+
UserApi.prototype.getUserPermsRaw = function (requestParameters, initOverrides) {
|
|
222
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
223
|
+
var queryParameters, headerParameters, response;
|
|
224
|
+
return __generator(this, function (_a) {
|
|
225
|
+
switch (_a.label) {
|
|
226
|
+
case 0:
|
|
227
|
+
if (requestParameters.user === null || requestParameters.user === undefined) {
|
|
228
|
+
throw new runtime.RequiredError('user', 'Required parameter requestParameters.user was null or undefined when calling getUserPerms.');
|
|
229
|
+
}
|
|
230
|
+
queryParameters = {};
|
|
231
|
+
if (requestParameters.tenant !== undefined) {
|
|
232
|
+
queryParameters['tenant'] = requestParameters.tenant;
|
|
233
|
+
}
|
|
234
|
+
if (requestParameters.implies !== undefined) {
|
|
235
|
+
queryParameters['implies'] = requestParameters.implies;
|
|
236
|
+
}
|
|
237
|
+
if (requestParameters.impliedBy !== undefined) {
|
|
238
|
+
queryParameters['impliedBy'] = requestParameters.impliedBy;
|
|
239
|
+
}
|
|
240
|
+
if (requestParameters.pretty !== undefined) {
|
|
241
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
242
|
+
}
|
|
243
|
+
headerParameters = {};
|
|
244
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
245
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
246
|
+
}
|
|
247
|
+
return [4 /*yield*/, this.request({
|
|
248
|
+
path: "/security/user/perms/{user}".replace("{" + "user" + "}", encodeURIComponent(String(requestParameters.user))),
|
|
249
|
+
method: 'GET',
|
|
250
|
+
headers: headerParameters,
|
|
251
|
+
query: queryParameters,
|
|
252
|
+
}, initOverrides)];
|
|
253
|
+
case 1:
|
|
254
|
+
response = _a.sent();
|
|
255
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespNameArrayFromJSON(jsonValue); })];
|
|
256
|
+
}
|
|
257
|
+
});
|
|
258
|
+
});
|
|
259
|
+
};
|
|
260
|
+
/**
|
|
261
|
+
* Get the permissions assigned to a user in a tenant, including those assigned transively. The result list can be optionally filtered by the one or both of the query parameters: implies and impliedBy. The implied parameter removes permissions from the result list that the specified permission do not imply. The impliedBy parameter removes permissions from the result list that the specified permission are not implied by. Below are some examples.Consider a user that is assigned these permissions: stream:dev:read:project1 stream:dev:read,write:project1 stream:dev:read,write,exec:project1 **Using the *implies* Query Parameter** When _implies=stream:dev:*:project1_, this endpoint returns: stream:dev:read:project1 stream:dev:read,write:project1 stream:dev:read,write,exec:project1 When _implies=stream:dev:write:project1_, this endpoint returns an empty list. **Using the *impliedBy* Query Parameter** When _impliedBy=stream:dev:*:project1_, this endpoint returns an empty list. When _impliedBy=stream:dev:write:project1_, this endpoint returns: stream:dev:read,write:project1 stream:dev:read,write,exec:project1 This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
262
|
+
*/
|
|
263
|
+
UserApi.prototype.getUserPerms = function (requestParameters, initOverrides) {
|
|
264
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
265
|
+
var response;
|
|
266
|
+
return __generator(this, function (_a) {
|
|
267
|
+
switch (_a.label) {
|
|
268
|
+
case 0: return [4 /*yield*/, this.getUserPermsRaw(requestParameters, initOverrides)];
|
|
269
|
+
case 1:
|
|
270
|
+
response = _a.sent();
|
|
271
|
+
return [4 /*yield*/, response.value()];
|
|
272
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
273
|
+
}
|
|
274
|
+
});
|
|
275
|
+
});
|
|
276
|
+
};
|
|
277
|
+
/**
|
|
278
|
+
* Get the roles assigned to a user in the specified tenant, including those assigned transively. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
279
|
+
*/
|
|
280
|
+
UserApi.prototype.getUserRolesRaw = function (requestParameters, initOverrides) {
|
|
281
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
282
|
+
var queryParameters, headerParameters, response;
|
|
283
|
+
return __generator(this, function (_a) {
|
|
284
|
+
switch (_a.label) {
|
|
285
|
+
case 0:
|
|
286
|
+
if (requestParameters.user === null || requestParameters.user === undefined) {
|
|
287
|
+
throw new runtime.RequiredError('user', 'Required parameter requestParameters.user was null or undefined when calling getUserRoles.');
|
|
288
|
+
}
|
|
289
|
+
queryParameters = {};
|
|
290
|
+
if (requestParameters.tenant !== undefined) {
|
|
291
|
+
queryParameters['tenant'] = requestParameters.tenant;
|
|
292
|
+
}
|
|
293
|
+
if (requestParameters.pretty !== undefined) {
|
|
294
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
295
|
+
}
|
|
296
|
+
headerParameters = {};
|
|
297
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
298
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
299
|
+
}
|
|
300
|
+
return [4 /*yield*/, this.request({
|
|
301
|
+
path: "/security/user/roles/{user}".replace("{" + "user" + "}", encodeURIComponent(String(requestParameters.user))),
|
|
302
|
+
method: 'GET',
|
|
303
|
+
headers: headerParameters,
|
|
304
|
+
query: queryParameters,
|
|
305
|
+
}, initOverrides)];
|
|
306
|
+
case 1:
|
|
307
|
+
response = _a.sent();
|
|
308
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespNameArrayFromJSON(jsonValue); })];
|
|
309
|
+
}
|
|
310
|
+
});
|
|
311
|
+
});
|
|
312
|
+
};
|
|
313
|
+
/**
|
|
314
|
+
* Get the roles assigned to a user in the specified tenant, including those assigned transively. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
315
|
+
*/
|
|
316
|
+
UserApi.prototype.getUserRoles = function (requestParameters, initOverrides) {
|
|
317
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
318
|
+
var response;
|
|
319
|
+
return __generator(this, function (_a) {
|
|
320
|
+
switch (_a.label) {
|
|
321
|
+
case 0: return [4 /*yield*/, this.getUserRolesRaw(requestParameters, initOverrides)];
|
|
322
|
+
case 1:
|
|
323
|
+
response = _a.sent();
|
|
324
|
+
return [4 /*yield*/, response.value()];
|
|
325
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
326
|
+
}
|
|
327
|
+
});
|
|
328
|
+
});
|
|
329
|
+
};
|
|
330
|
+
/**
|
|
331
|
+
* Get all users in a tenant assigned a permission. The permSpec parameter is a permission specification that uses colons as separators, the asterisk as a wildcard character and commas to define lists. Here are examples of permission specifications: system:mytenant:read:mysystem system:mytenant:*:mysystem system:mytenant files:mytenant:read,write:mysystems This method recognizes the percent sign (%) as a string wildcard only in the context of database searching. If a percent sign (%) appears in the permSpec it is interpreted as a zero or more character wildcard. For example, the following specification would match the first three of the above example specifications but not the fourth: system:mytenant:% The wildcard character cannot appear as the first character in the permSpec. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
332
|
+
*/
|
|
333
|
+
UserApi.prototype.getUsersWithPermissionRaw = function (requestParameters, initOverrides) {
|
|
334
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
335
|
+
var queryParameters, headerParameters, response;
|
|
336
|
+
return __generator(this, function (_a) {
|
|
337
|
+
switch (_a.label) {
|
|
338
|
+
case 0:
|
|
339
|
+
if (requestParameters.permSpec === null || requestParameters.permSpec === undefined) {
|
|
340
|
+
throw new runtime.RequiredError('permSpec', 'Required parameter requestParameters.permSpec was null or undefined when calling getUsersWithPermission.');
|
|
341
|
+
}
|
|
342
|
+
queryParameters = {};
|
|
343
|
+
if (requestParameters.tenant !== undefined) {
|
|
344
|
+
queryParameters['tenant'] = requestParameters.tenant;
|
|
345
|
+
}
|
|
346
|
+
if (requestParameters.pretty !== undefined) {
|
|
347
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
348
|
+
}
|
|
349
|
+
headerParameters = {};
|
|
350
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
351
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
352
|
+
}
|
|
353
|
+
return [4 /*yield*/, this.request({
|
|
354
|
+
path: "/security/user/withPermission/{permSpec}".replace("{" + "permSpec" + "}", encodeURIComponent(String(requestParameters.permSpec))),
|
|
355
|
+
method: 'GET',
|
|
356
|
+
headers: headerParameters,
|
|
357
|
+
query: queryParameters,
|
|
358
|
+
}, initOverrides)];
|
|
359
|
+
case 1:
|
|
360
|
+
response = _a.sent();
|
|
361
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespNameArrayFromJSON(jsonValue); })];
|
|
362
|
+
}
|
|
363
|
+
});
|
|
364
|
+
});
|
|
365
|
+
};
|
|
366
|
+
/**
|
|
367
|
+
* Get all users in a tenant assigned a permission. The permSpec parameter is a permission specification that uses colons as separators, the asterisk as a wildcard character and commas to define lists. Here are examples of permission specifications: system:mytenant:read:mysystem system:mytenant:*:mysystem system:mytenant files:mytenant:read,write:mysystems This method recognizes the percent sign (%) as a string wildcard only in the context of database searching. If a percent sign (%) appears in the permSpec it is interpreted as a zero or more character wildcard. For example, the following specification would match the first three of the above example specifications but not the fourth: system:mytenant:% The wildcard character cannot appear as the first character in the permSpec. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
368
|
+
*/
|
|
369
|
+
UserApi.prototype.getUsersWithPermission = function (requestParameters, initOverrides) {
|
|
370
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
371
|
+
var response;
|
|
372
|
+
return __generator(this, function (_a) {
|
|
373
|
+
switch (_a.label) {
|
|
374
|
+
case 0: return [4 /*yield*/, this.getUsersWithPermissionRaw(requestParameters, initOverrides)];
|
|
375
|
+
case 1:
|
|
376
|
+
response = _a.sent();
|
|
377
|
+
return [4 /*yield*/, response.value()];
|
|
378
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
379
|
+
}
|
|
380
|
+
});
|
|
381
|
+
});
|
|
382
|
+
};
|
|
383
|
+
/**
|
|
384
|
+
* Get all users assigned a role. The role must exist in the tenant. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
385
|
+
*/
|
|
386
|
+
UserApi.prototype.getUsersWithRoleRaw = function (requestParameters, initOverrides) {
|
|
387
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
388
|
+
var queryParameters, headerParameters, response;
|
|
389
|
+
return __generator(this, function (_a) {
|
|
390
|
+
switch (_a.label) {
|
|
391
|
+
case 0:
|
|
392
|
+
if (requestParameters.roleName === null || requestParameters.roleName === undefined) {
|
|
393
|
+
throw new runtime.RequiredError('roleName', 'Required parameter requestParameters.roleName was null or undefined when calling getUsersWithRole.');
|
|
394
|
+
}
|
|
395
|
+
queryParameters = {};
|
|
396
|
+
if (requestParameters.tenant !== undefined) {
|
|
397
|
+
queryParameters['tenant'] = requestParameters.tenant;
|
|
398
|
+
}
|
|
399
|
+
if (requestParameters.pretty !== undefined) {
|
|
400
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
401
|
+
}
|
|
402
|
+
headerParameters = {};
|
|
403
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
404
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
405
|
+
}
|
|
406
|
+
return [4 /*yield*/, this.request({
|
|
407
|
+
path: "/security/user/withRole/{roleName}".replace("{" + "roleName" + "}", encodeURIComponent(String(requestParameters.roleName))),
|
|
408
|
+
method: 'GET',
|
|
409
|
+
headers: headerParameters,
|
|
410
|
+
query: queryParameters,
|
|
411
|
+
}, initOverrides)];
|
|
412
|
+
case 1:
|
|
413
|
+
response = _a.sent();
|
|
414
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespNameArrayFromJSON(jsonValue); })];
|
|
415
|
+
}
|
|
416
|
+
});
|
|
417
|
+
});
|
|
418
|
+
};
|
|
419
|
+
/**
|
|
420
|
+
* Get all users assigned a role. The role must exist in the tenant. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
421
|
+
*/
|
|
422
|
+
UserApi.prototype.getUsersWithRole = function (requestParameters, initOverrides) {
|
|
423
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
424
|
+
var response;
|
|
425
|
+
return __generator(this, function (_a) {
|
|
426
|
+
switch (_a.label) {
|
|
427
|
+
case 0: return [4 /*yield*/, this.getUsersWithRoleRaw(requestParameters, initOverrides)];
|
|
428
|
+
case 1:
|
|
429
|
+
response = _a.sent();
|
|
430
|
+
return [4 /*yield*/, response.value()];
|
|
431
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
432
|
+
}
|
|
433
|
+
});
|
|
434
|
+
});
|
|
435
|
+
};
|
|
436
|
+
/**
|
|
437
|
+
* Grant a user the tenant administrator role. A valid tenant and user must be specified in the request body. The user specified in the JWT must be an administrator in the tenant specified in the request body.
|
|
438
|
+
*/
|
|
439
|
+
UserApi.prototype.grantAdminRoleRaw = function (requestParameters, initOverrides) {
|
|
440
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
441
|
+
var queryParameters, headerParameters, response;
|
|
442
|
+
return __generator(this, function (_a) {
|
|
443
|
+
switch (_a.label) {
|
|
444
|
+
case 0:
|
|
445
|
+
if (requestParameters.reqGrantAdminRole === null || requestParameters.reqGrantAdminRole === undefined) {
|
|
446
|
+
throw new runtime.RequiredError('reqGrantAdminRole', 'Required parameter requestParameters.reqGrantAdminRole was null or undefined when calling grantAdminRole.');
|
|
447
|
+
}
|
|
448
|
+
queryParameters = {};
|
|
449
|
+
if (requestParameters.pretty !== undefined) {
|
|
450
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
451
|
+
}
|
|
452
|
+
headerParameters = {};
|
|
453
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
454
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
455
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
456
|
+
}
|
|
457
|
+
return [4 /*yield*/, this.request({
|
|
458
|
+
path: "/security/user/grantAdminRole",
|
|
459
|
+
method: 'POST',
|
|
460
|
+
headers: headerParameters,
|
|
461
|
+
query: queryParameters,
|
|
462
|
+
body: models_1.ReqGrantAdminRoleToJSON(requestParameters.reqGrantAdminRole),
|
|
463
|
+
}, initOverrides)];
|
|
464
|
+
case 1:
|
|
465
|
+
response = _a.sent();
|
|
466
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespChangeCountFromJSON(jsonValue); })];
|
|
467
|
+
}
|
|
468
|
+
});
|
|
469
|
+
});
|
|
470
|
+
};
|
|
471
|
+
/**
|
|
472
|
+
* Grant a user the tenant administrator role. A valid tenant and user must be specified in the request body. The user specified in the JWT must be an administrator in the tenant specified in the request body.
|
|
473
|
+
*/
|
|
474
|
+
UserApi.prototype.grantAdminRole = function (requestParameters, initOverrides) {
|
|
475
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
476
|
+
var response;
|
|
477
|
+
return __generator(this, function (_a) {
|
|
478
|
+
switch (_a.label) {
|
|
479
|
+
case 0: return [4 /*yield*/, this.grantAdminRoleRaw(requestParameters, initOverrides)];
|
|
480
|
+
case 1:
|
|
481
|
+
response = _a.sent();
|
|
482
|
+
return [4 /*yield*/, response.value()];
|
|
483
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
484
|
+
}
|
|
485
|
+
});
|
|
486
|
+
});
|
|
487
|
+
};
|
|
488
|
+
/**
|
|
489
|
+
* Grant a user the specified role. A valid tenant and user must be specified in the request body. This request is authorized only if the requestor is the role owner or an administrator. The user and the role must be in the same tenant.
|
|
490
|
+
*/
|
|
491
|
+
UserApi.prototype.grantRoleRaw = function (requestParameters, initOverrides) {
|
|
492
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
493
|
+
var queryParameters, headerParameters, response;
|
|
494
|
+
return __generator(this, function (_a) {
|
|
495
|
+
switch (_a.label) {
|
|
496
|
+
case 0:
|
|
497
|
+
if (requestParameters.reqGrantUserRole === null || requestParameters.reqGrantUserRole === undefined) {
|
|
498
|
+
throw new runtime.RequiredError('reqGrantUserRole', 'Required parameter requestParameters.reqGrantUserRole was null or undefined when calling grantRole.');
|
|
499
|
+
}
|
|
500
|
+
queryParameters = {};
|
|
501
|
+
if (requestParameters.pretty !== undefined) {
|
|
502
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
503
|
+
}
|
|
504
|
+
headerParameters = {};
|
|
505
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
506
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
507
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
508
|
+
}
|
|
509
|
+
return [4 /*yield*/, this.request({
|
|
510
|
+
path: "/security/user/grantRole",
|
|
511
|
+
method: 'POST',
|
|
512
|
+
headers: headerParameters,
|
|
513
|
+
query: queryParameters,
|
|
514
|
+
body: models_1.ReqGrantUserRoleToJSON(requestParameters.reqGrantUserRole),
|
|
515
|
+
}, initOverrides)];
|
|
516
|
+
case 1:
|
|
517
|
+
response = _a.sent();
|
|
518
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespChangeCountFromJSON(jsonValue); })];
|
|
519
|
+
}
|
|
520
|
+
});
|
|
521
|
+
});
|
|
522
|
+
};
|
|
523
|
+
/**
|
|
524
|
+
* Grant a user the specified role. A valid tenant and user must be specified in the request body. This request is authorized only if the requestor is the role owner or an administrator. The user and the role must be in the same tenant.
|
|
525
|
+
*/
|
|
526
|
+
UserApi.prototype.grantRole = function (requestParameters, initOverrides) {
|
|
527
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
528
|
+
var response;
|
|
529
|
+
return __generator(this, function (_a) {
|
|
530
|
+
switch (_a.label) {
|
|
531
|
+
case 0: return [4 /*yield*/, this.grantRoleRaw(requestParameters, initOverrides)];
|
|
532
|
+
case 1:
|
|
533
|
+
response = _a.sent();
|
|
534
|
+
return [4 /*yield*/, response.value()];
|
|
535
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
536
|
+
}
|
|
537
|
+
});
|
|
538
|
+
});
|
|
539
|
+
};
|
|
540
|
+
/**
|
|
541
|
+
* Grant a user the specified role containing the specified permission. This compound request first adds the permission to the role if it is not already a member of the role and then assigns the role to the user. The change count returned can range from zero to two depending on how many insertions were actually required. Only the role owner or an administrator is authorized to make this request. The user and the role must be in the same tenant.
|
|
542
|
+
*/
|
|
543
|
+
UserApi.prototype.grantRoleWithPermissionRaw = function (requestParameters, initOverrides) {
|
|
544
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
545
|
+
var queryParameters, headerParameters, response;
|
|
546
|
+
return __generator(this, function (_a) {
|
|
547
|
+
switch (_a.label) {
|
|
548
|
+
case 0:
|
|
549
|
+
if (requestParameters.reqGrantUserRoleWithPermission === null || requestParameters.reqGrantUserRoleWithPermission === undefined) {
|
|
550
|
+
throw new runtime.RequiredError('reqGrantUserRoleWithPermission', 'Required parameter requestParameters.reqGrantUserRoleWithPermission was null or undefined when calling grantRoleWithPermission.');
|
|
551
|
+
}
|
|
552
|
+
queryParameters = {};
|
|
553
|
+
if (requestParameters.pretty !== undefined) {
|
|
554
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
555
|
+
}
|
|
556
|
+
headerParameters = {};
|
|
557
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
558
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
559
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
560
|
+
}
|
|
561
|
+
return [4 /*yield*/, this.request({
|
|
562
|
+
path: "/security/user/grantRoleWithPerm",
|
|
563
|
+
method: 'POST',
|
|
564
|
+
headers: headerParameters,
|
|
565
|
+
query: queryParameters,
|
|
566
|
+
body: models_1.ReqGrantUserRoleWithPermissionToJSON(requestParameters.reqGrantUserRoleWithPermission),
|
|
567
|
+
}, initOverrides)];
|
|
568
|
+
case 1:
|
|
569
|
+
response = _a.sent();
|
|
570
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespChangeCountFromJSON(jsonValue); })];
|
|
571
|
+
}
|
|
572
|
+
});
|
|
573
|
+
});
|
|
574
|
+
};
|
|
575
|
+
/**
|
|
576
|
+
* Grant a user the specified role containing the specified permission. This compound request first adds the permission to the role if it is not already a member of the role and then assigns the role to the user. The change count returned can range from zero to two depending on how many insertions were actually required. Only the role owner or an administrator is authorized to make this request. The user and the role must be in the same tenant.
|
|
577
|
+
*/
|
|
578
|
+
UserApi.prototype.grantRoleWithPermission = function (requestParameters, initOverrides) {
|
|
579
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
580
|
+
var response;
|
|
581
|
+
return __generator(this, function (_a) {
|
|
582
|
+
switch (_a.label) {
|
|
583
|
+
case 0: return [4 /*yield*/, this.grantRoleWithPermissionRaw(requestParameters, initOverrides)];
|
|
584
|
+
case 1:
|
|
585
|
+
response = _a.sent();
|
|
586
|
+
return [4 /*yield*/, response.value()];
|
|
587
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
588
|
+
}
|
|
589
|
+
});
|
|
590
|
+
});
|
|
591
|
+
};
|
|
592
|
+
/**
|
|
593
|
+
* Grant a user the specified permission by assigning that permission to to the user\'s default role. If the user\'s default role does not exist,this request will create that role and grant it to the user before assigning the permission to the role. A user\'s default role name is discoverable by calling either of the user/defaultRole or role/defaultRole endpoints. The change count returned can range from zero to three depending on how many insertions and updates were actually required The caller must be an administrator or service allowed to perform updates in the user\'s tenant.
|
|
594
|
+
*/
|
|
595
|
+
UserApi.prototype.grantUserPermissionRaw = function (requestParameters, initOverrides) {
|
|
596
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
597
|
+
var queryParameters, headerParameters, response;
|
|
598
|
+
return __generator(this, function (_a) {
|
|
599
|
+
switch (_a.label) {
|
|
600
|
+
case 0:
|
|
601
|
+
if (requestParameters.reqGrantUserPermission === null || requestParameters.reqGrantUserPermission === undefined) {
|
|
602
|
+
throw new runtime.RequiredError('reqGrantUserPermission', 'Required parameter requestParameters.reqGrantUserPermission was null or undefined when calling grantUserPermission.');
|
|
603
|
+
}
|
|
604
|
+
queryParameters = {};
|
|
605
|
+
if (requestParameters.pretty !== undefined) {
|
|
606
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
607
|
+
}
|
|
608
|
+
headerParameters = {};
|
|
609
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
610
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
611
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
612
|
+
}
|
|
613
|
+
return [4 /*yield*/, this.request({
|
|
614
|
+
path: "/security/user/grantUserPermission",
|
|
615
|
+
method: 'POST',
|
|
616
|
+
headers: headerParameters,
|
|
617
|
+
query: queryParameters,
|
|
618
|
+
body: models_1.ReqGrantUserPermissionToJSON(requestParameters.reqGrantUserPermission),
|
|
619
|
+
}, initOverrides)];
|
|
620
|
+
case 1:
|
|
621
|
+
response = _a.sent();
|
|
622
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespChangeCountFromJSON(jsonValue); })];
|
|
623
|
+
}
|
|
624
|
+
});
|
|
625
|
+
});
|
|
626
|
+
};
|
|
627
|
+
/**
|
|
628
|
+
* Grant a user the specified permission by assigning that permission to to the user\'s default role. If the user\'s default role does not exist,this request will create that role and grant it to the user before assigning the permission to the role. A user\'s default role name is discoverable by calling either of the user/defaultRole or role/defaultRole endpoints. The change count returned can range from zero to three depending on how many insertions and updates were actually required The caller must be an administrator or service allowed to perform updates in the user\'s tenant.
|
|
629
|
+
*/
|
|
630
|
+
UserApi.prototype.grantUserPermission = function (requestParameters, initOverrides) {
|
|
631
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
632
|
+
var response;
|
|
633
|
+
return __generator(this, function (_a) {
|
|
634
|
+
switch (_a.label) {
|
|
635
|
+
case 0: return [4 /*yield*/, this.grantUserPermissionRaw(requestParameters, initOverrides)];
|
|
636
|
+
case 1:
|
|
637
|
+
response = _a.sent();
|
|
638
|
+
return [4 /*yield*/, response.value()];
|
|
639
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
640
|
+
}
|
|
641
|
+
});
|
|
642
|
+
});
|
|
643
|
+
};
|
|
644
|
+
/**
|
|
645
|
+
* Check whether a user in a tenant has been assigned the specified role, either directly or transitively. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
646
|
+
*/
|
|
647
|
+
UserApi.prototype.hasRoleRaw = function (requestParameters, initOverrides) {
|
|
648
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
649
|
+
var queryParameters, headerParameters, response;
|
|
650
|
+
return __generator(this, function (_a) {
|
|
651
|
+
switch (_a.label) {
|
|
652
|
+
case 0:
|
|
653
|
+
if (requestParameters.reqUserHasRole === null || requestParameters.reqUserHasRole === undefined) {
|
|
654
|
+
throw new runtime.RequiredError('reqUserHasRole', 'Required parameter requestParameters.reqUserHasRole was null or undefined when calling hasRole.');
|
|
655
|
+
}
|
|
656
|
+
queryParameters = {};
|
|
657
|
+
if (requestParameters.pretty !== undefined) {
|
|
658
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
659
|
+
}
|
|
660
|
+
headerParameters = {};
|
|
661
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
662
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
663
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
664
|
+
}
|
|
665
|
+
return [4 /*yield*/, this.request({
|
|
666
|
+
path: "/security/user/hasRole",
|
|
667
|
+
method: 'POST',
|
|
668
|
+
headers: headerParameters,
|
|
669
|
+
query: queryParameters,
|
|
670
|
+
body: models_1.ReqUserHasRoleToJSON(requestParameters.reqUserHasRole),
|
|
671
|
+
}, initOverrides)];
|
|
672
|
+
case 1:
|
|
673
|
+
response = _a.sent();
|
|
674
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespAuthorizedFromJSON(jsonValue); })];
|
|
675
|
+
}
|
|
676
|
+
});
|
|
677
|
+
});
|
|
678
|
+
};
|
|
679
|
+
/**
|
|
680
|
+
* Check whether a user in a tenant has been assigned the specified role, either directly or transitively. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
681
|
+
*/
|
|
682
|
+
UserApi.prototype.hasRole = function (requestParameters, initOverrides) {
|
|
683
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
684
|
+
var response;
|
|
685
|
+
return __generator(this, function (_a) {
|
|
686
|
+
switch (_a.label) {
|
|
687
|
+
case 0: return [4 /*yield*/, this.hasRoleRaw(requestParameters, initOverrides)];
|
|
688
|
+
case 1:
|
|
689
|
+
response = _a.sent();
|
|
690
|
+
return [4 /*yield*/, response.value()];
|
|
691
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
692
|
+
}
|
|
693
|
+
});
|
|
694
|
+
});
|
|
695
|
+
};
|
|
696
|
+
/**
|
|
697
|
+
* Check whether a user in a tenant has been assigned all of the roles specified in the request body. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
698
|
+
*/
|
|
699
|
+
UserApi.prototype.hasRoleAllRaw = function (requestParameters, initOverrides) {
|
|
700
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
701
|
+
var queryParameters, headerParameters, response;
|
|
702
|
+
return __generator(this, function (_a) {
|
|
703
|
+
switch (_a.label) {
|
|
704
|
+
case 0:
|
|
705
|
+
if (requestParameters.reqUserHasRoleMulti === null || requestParameters.reqUserHasRoleMulti === undefined) {
|
|
706
|
+
throw new runtime.RequiredError('reqUserHasRoleMulti', 'Required parameter requestParameters.reqUserHasRoleMulti was null or undefined when calling hasRoleAll.');
|
|
707
|
+
}
|
|
708
|
+
queryParameters = {};
|
|
709
|
+
if (requestParameters.pretty !== undefined) {
|
|
710
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
711
|
+
}
|
|
712
|
+
headerParameters = {};
|
|
713
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
714
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
715
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
716
|
+
}
|
|
717
|
+
return [4 /*yield*/, this.request({
|
|
718
|
+
path: "/security/user/hasRoleAll",
|
|
719
|
+
method: 'POST',
|
|
720
|
+
headers: headerParameters,
|
|
721
|
+
query: queryParameters,
|
|
722
|
+
body: models_1.ReqUserHasRoleMultiToJSON(requestParameters.reqUserHasRoleMulti),
|
|
723
|
+
}, initOverrides)];
|
|
724
|
+
case 1:
|
|
725
|
+
response = _a.sent();
|
|
726
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespAuthorizedFromJSON(jsonValue); })];
|
|
727
|
+
}
|
|
728
|
+
});
|
|
729
|
+
});
|
|
730
|
+
};
|
|
731
|
+
/**
|
|
732
|
+
* Check whether a user in a tenant has been assigned all of the roles specified in the request body. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
733
|
+
*/
|
|
734
|
+
UserApi.prototype.hasRoleAll = function (requestParameters, initOverrides) {
|
|
735
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
736
|
+
var response;
|
|
737
|
+
return __generator(this, function (_a) {
|
|
738
|
+
switch (_a.label) {
|
|
739
|
+
case 0: return [4 /*yield*/, this.hasRoleAllRaw(requestParameters, initOverrides)];
|
|
740
|
+
case 1:
|
|
741
|
+
response = _a.sent();
|
|
742
|
+
return [4 /*yield*/, response.value()];
|
|
743
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
744
|
+
}
|
|
745
|
+
});
|
|
746
|
+
});
|
|
747
|
+
};
|
|
748
|
+
/**
|
|
749
|
+
* Check whether a user in a tenant has been assigned any of the roles specified in the request body. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
750
|
+
*/
|
|
751
|
+
UserApi.prototype.hasRoleAnyRaw = function (requestParameters, initOverrides) {
|
|
752
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
753
|
+
var queryParameters, headerParameters, response;
|
|
754
|
+
return __generator(this, function (_a) {
|
|
755
|
+
switch (_a.label) {
|
|
756
|
+
case 0:
|
|
757
|
+
if (requestParameters.reqUserHasRoleMulti === null || requestParameters.reqUserHasRoleMulti === undefined) {
|
|
758
|
+
throw new runtime.RequiredError('reqUserHasRoleMulti', 'Required parameter requestParameters.reqUserHasRoleMulti was null or undefined when calling hasRoleAny.');
|
|
759
|
+
}
|
|
760
|
+
queryParameters = {};
|
|
761
|
+
if (requestParameters.pretty !== undefined) {
|
|
762
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
763
|
+
}
|
|
764
|
+
headerParameters = {};
|
|
765
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
766
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
767
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
768
|
+
}
|
|
769
|
+
return [4 /*yield*/, this.request({
|
|
770
|
+
path: "/security/user/hasRoleAny",
|
|
771
|
+
method: 'POST',
|
|
772
|
+
headers: headerParameters,
|
|
773
|
+
query: queryParameters,
|
|
774
|
+
body: models_1.ReqUserHasRoleMultiToJSON(requestParameters.reqUserHasRoleMulti),
|
|
775
|
+
}, initOverrides)];
|
|
776
|
+
case 1:
|
|
777
|
+
response = _a.sent();
|
|
778
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespAuthorizedFromJSON(jsonValue); })];
|
|
779
|
+
}
|
|
780
|
+
});
|
|
781
|
+
});
|
|
782
|
+
};
|
|
783
|
+
/**
|
|
784
|
+
* Check whether a user in a tenant has been assigned any of the roles specified in the request body. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
785
|
+
*/
|
|
786
|
+
UserApi.prototype.hasRoleAny = function (requestParameters, initOverrides) {
|
|
787
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
788
|
+
var response;
|
|
789
|
+
return __generator(this, function (_a) {
|
|
790
|
+
switch (_a.label) {
|
|
791
|
+
case 0: return [4 /*yield*/, this.hasRoleAnyRaw(requestParameters, initOverrides)];
|
|
792
|
+
case 1:
|
|
793
|
+
response = _a.sent();
|
|
794
|
+
return [4 /*yield*/, response.value()];
|
|
795
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
796
|
+
}
|
|
797
|
+
});
|
|
798
|
+
});
|
|
799
|
+
};
|
|
800
|
+
/**
|
|
801
|
+
* Check whether a user in a tenant has been assigned the tenant administrator role, either directly or transitively. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
802
|
+
*/
|
|
803
|
+
UserApi.prototype.isAdminRaw = function (requestParameters, initOverrides) {
|
|
804
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
805
|
+
var queryParameters, headerParameters, response;
|
|
806
|
+
return __generator(this, function (_a) {
|
|
807
|
+
switch (_a.label) {
|
|
808
|
+
case 0:
|
|
809
|
+
if (requestParameters.reqUserIsAdmin === null || requestParameters.reqUserIsAdmin === undefined) {
|
|
810
|
+
throw new runtime.RequiredError('reqUserIsAdmin', 'Required parameter requestParameters.reqUserIsAdmin was null or undefined when calling isAdmin.');
|
|
811
|
+
}
|
|
812
|
+
queryParameters = {};
|
|
813
|
+
if (requestParameters.pretty !== undefined) {
|
|
814
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
815
|
+
}
|
|
816
|
+
headerParameters = {};
|
|
817
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
818
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
819
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
820
|
+
}
|
|
821
|
+
return [4 /*yield*/, this.request({
|
|
822
|
+
path: "/security/user/isAdmin",
|
|
823
|
+
method: 'POST',
|
|
824
|
+
headers: headerParameters,
|
|
825
|
+
query: queryParameters,
|
|
826
|
+
body: models_1.ReqUserIsAdminToJSON(requestParameters.reqUserIsAdmin),
|
|
827
|
+
}, initOverrides)];
|
|
828
|
+
case 1:
|
|
829
|
+
response = _a.sent();
|
|
830
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespAuthorizedFromJSON(jsonValue); })];
|
|
831
|
+
}
|
|
832
|
+
});
|
|
833
|
+
});
|
|
834
|
+
};
|
|
835
|
+
/**
|
|
836
|
+
* Check whether a user in a tenant has been assigned the tenant administrator role, either directly or transitively. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
837
|
+
*/
|
|
838
|
+
UserApi.prototype.isAdmin = function (requestParameters, initOverrides) {
|
|
839
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
840
|
+
var response;
|
|
841
|
+
return __generator(this, function (_a) {
|
|
842
|
+
switch (_a.label) {
|
|
843
|
+
case 0: return [4 /*yield*/, this.isAdminRaw(requestParameters, initOverrides)];
|
|
844
|
+
case 1:
|
|
845
|
+
response = _a.sent();
|
|
846
|
+
return [4 /*yield*/, response.value()];
|
|
847
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
848
|
+
}
|
|
849
|
+
});
|
|
850
|
+
});
|
|
851
|
+
};
|
|
852
|
+
/**
|
|
853
|
+
* Check whether specified permission matches a permission assigned to the user, either directly or transitively. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
854
|
+
*/
|
|
855
|
+
UserApi.prototype.isPermittedRaw = function (requestParameters, initOverrides) {
|
|
856
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
857
|
+
var queryParameters, headerParameters, response;
|
|
858
|
+
return __generator(this, function (_a) {
|
|
859
|
+
switch (_a.label) {
|
|
860
|
+
case 0:
|
|
861
|
+
if (requestParameters.reqUserIsPermitted === null || requestParameters.reqUserIsPermitted === undefined) {
|
|
862
|
+
throw new runtime.RequiredError('reqUserIsPermitted', 'Required parameter requestParameters.reqUserIsPermitted was null or undefined when calling isPermitted.');
|
|
863
|
+
}
|
|
864
|
+
queryParameters = {};
|
|
865
|
+
if (requestParameters.pretty !== undefined) {
|
|
866
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
867
|
+
}
|
|
868
|
+
headerParameters = {};
|
|
869
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
870
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
871
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
872
|
+
}
|
|
873
|
+
return [4 /*yield*/, this.request({
|
|
874
|
+
path: "/security/user/isPermitted",
|
|
875
|
+
method: 'POST',
|
|
876
|
+
headers: headerParameters,
|
|
877
|
+
query: queryParameters,
|
|
878
|
+
body: models_1.ReqUserIsPermittedToJSON(requestParameters.reqUserIsPermitted),
|
|
879
|
+
}, initOverrides)];
|
|
880
|
+
case 1:
|
|
881
|
+
response = _a.sent();
|
|
882
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespAuthorizedFromJSON(jsonValue); })];
|
|
883
|
+
}
|
|
884
|
+
});
|
|
885
|
+
});
|
|
886
|
+
};
|
|
887
|
+
/**
|
|
888
|
+
* Check whether specified permission matches a permission assigned to the user, either directly or transitively. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
889
|
+
*/
|
|
890
|
+
UserApi.prototype.isPermitted = function (requestParameters, initOverrides) {
|
|
891
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
892
|
+
var response;
|
|
893
|
+
return __generator(this, function (_a) {
|
|
894
|
+
switch (_a.label) {
|
|
895
|
+
case 0: return [4 /*yield*/, this.isPermittedRaw(requestParameters, initOverrides)];
|
|
896
|
+
case 1:
|
|
897
|
+
response = _a.sent();
|
|
898
|
+
return [4 /*yield*/, response.value()];
|
|
899
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
900
|
+
}
|
|
901
|
+
});
|
|
902
|
+
});
|
|
903
|
+
};
|
|
904
|
+
/**
|
|
905
|
+
* Check whether a user\'s permissions satisfy all of the permission specifications contained in the request body. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
906
|
+
*/
|
|
907
|
+
UserApi.prototype.isPermittedAllRaw = function (requestParameters, initOverrides) {
|
|
908
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
909
|
+
var queryParameters, headerParameters, response;
|
|
910
|
+
return __generator(this, function (_a) {
|
|
911
|
+
switch (_a.label) {
|
|
912
|
+
case 0:
|
|
913
|
+
if (requestParameters.reqUserIsPermittedMulti === null || requestParameters.reqUserIsPermittedMulti === undefined) {
|
|
914
|
+
throw new runtime.RequiredError('reqUserIsPermittedMulti', 'Required parameter requestParameters.reqUserIsPermittedMulti was null or undefined when calling isPermittedAll.');
|
|
915
|
+
}
|
|
916
|
+
queryParameters = {};
|
|
917
|
+
if (requestParameters.pretty !== undefined) {
|
|
918
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
919
|
+
}
|
|
920
|
+
headerParameters = {};
|
|
921
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
922
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
923
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
924
|
+
}
|
|
925
|
+
return [4 /*yield*/, this.request({
|
|
926
|
+
path: "/security/user/isPermittedAll",
|
|
927
|
+
method: 'POST',
|
|
928
|
+
headers: headerParameters,
|
|
929
|
+
query: queryParameters,
|
|
930
|
+
body: models_1.ReqUserIsPermittedMultiToJSON(requestParameters.reqUserIsPermittedMulti),
|
|
931
|
+
}, initOverrides)];
|
|
932
|
+
case 1:
|
|
933
|
+
response = _a.sent();
|
|
934
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespAuthorizedFromJSON(jsonValue); })];
|
|
935
|
+
}
|
|
936
|
+
});
|
|
937
|
+
});
|
|
938
|
+
};
|
|
939
|
+
/**
|
|
940
|
+
* Check whether a user\'s permissions satisfy all of the permission specifications contained in the request body. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
941
|
+
*/
|
|
942
|
+
UserApi.prototype.isPermittedAll = function (requestParameters, initOverrides) {
|
|
943
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
944
|
+
var response;
|
|
945
|
+
return __generator(this, function (_a) {
|
|
946
|
+
switch (_a.label) {
|
|
947
|
+
case 0: return [4 /*yield*/, this.isPermittedAllRaw(requestParameters, initOverrides)];
|
|
948
|
+
case 1:
|
|
949
|
+
response = _a.sent();
|
|
950
|
+
return [4 /*yield*/, response.value()];
|
|
951
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
952
|
+
}
|
|
953
|
+
});
|
|
954
|
+
});
|
|
955
|
+
};
|
|
956
|
+
/**
|
|
957
|
+
* Check whether a user\'s permissions satisfy any of the permission specifications contained in the request body. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
958
|
+
*/
|
|
959
|
+
UserApi.prototype.isPermittedAnyRaw = function (requestParameters, initOverrides) {
|
|
960
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
961
|
+
var queryParameters, headerParameters, response;
|
|
962
|
+
return __generator(this, function (_a) {
|
|
963
|
+
switch (_a.label) {
|
|
964
|
+
case 0:
|
|
965
|
+
if (requestParameters.reqUserIsPermittedMulti === null || requestParameters.reqUserIsPermittedMulti === undefined) {
|
|
966
|
+
throw new runtime.RequiredError('reqUserIsPermittedMulti', 'Required parameter requestParameters.reqUserIsPermittedMulti was null or undefined when calling isPermittedAny.');
|
|
967
|
+
}
|
|
968
|
+
queryParameters = {};
|
|
969
|
+
if (requestParameters.pretty !== undefined) {
|
|
970
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
971
|
+
}
|
|
972
|
+
headerParameters = {};
|
|
973
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
974
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
975
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
976
|
+
}
|
|
977
|
+
return [4 /*yield*/, this.request({
|
|
978
|
+
path: "/security/user/isPermittedAny",
|
|
979
|
+
method: 'POST',
|
|
980
|
+
headers: headerParameters,
|
|
981
|
+
query: queryParameters,
|
|
982
|
+
body: models_1.ReqUserIsPermittedMultiToJSON(requestParameters.reqUserIsPermittedMulti),
|
|
983
|
+
}, initOverrides)];
|
|
984
|
+
case 1:
|
|
985
|
+
response = _a.sent();
|
|
986
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespAuthorizedFromJSON(jsonValue); })];
|
|
987
|
+
}
|
|
988
|
+
});
|
|
989
|
+
});
|
|
990
|
+
};
|
|
991
|
+
/**
|
|
992
|
+
* Check whether a user\'s permissions satisfy any of the permission specifications contained in the request body. This request is authorized if the requestor is a user that has access to the specified tenant or if the requestor is a service.
|
|
993
|
+
*/
|
|
994
|
+
UserApi.prototype.isPermittedAny = function (requestParameters, initOverrides) {
|
|
995
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
996
|
+
var response;
|
|
997
|
+
return __generator(this, function (_a) {
|
|
998
|
+
switch (_a.label) {
|
|
999
|
+
case 0: return [4 /*yield*/, this.isPermittedAnyRaw(requestParameters, initOverrides)];
|
|
1000
|
+
case 1:
|
|
1001
|
+
response = _a.sent();
|
|
1002
|
+
return [4 /*yield*/, response.value()];
|
|
1003
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
1004
|
+
}
|
|
1005
|
+
});
|
|
1006
|
+
});
|
|
1007
|
+
};
|
|
1008
|
+
/**
|
|
1009
|
+
* Revoke the previously granted tenant administrator role from a user. No action is taken if the user is not currently assigned the role (the request is idempotent). The request will not be honored if revoking the role would leave the tenant with no administrator. The user specified in the JWT must themselves be an administrator and a valid tenant and user must be specified in the request body.
|
|
1010
|
+
*/
|
|
1011
|
+
UserApi.prototype.revokeAdminRoleRaw = function (requestParameters, initOverrides) {
|
|
1012
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1013
|
+
var queryParameters, headerParameters, response;
|
|
1014
|
+
return __generator(this, function (_a) {
|
|
1015
|
+
switch (_a.label) {
|
|
1016
|
+
case 0:
|
|
1017
|
+
if (requestParameters.reqRevokeAdminRole === null || requestParameters.reqRevokeAdminRole === undefined) {
|
|
1018
|
+
throw new runtime.RequiredError('reqRevokeAdminRole', 'Required parameter requestParameters.reqRevokeAdminRole was null or undefined when calling revokeAdminRole.');
|
|
1019
|
+
}
|
|
1020
|
+
queryParameters = {};
|
|
1021
|
+
if (requestParameters.pretty !== undefined) {
|
|
1022
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
1023
|
+
}
|
|
1024
|
+
headerParameters = {};
|
|
1025
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
1026
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
1027
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
1028
|
+
}
|
|
1029
|
+
return [4 /*yield*/, this.request({
|
|
1030
|
+
path: "/security/user/revokeAdminRole",
|
|
1031
|
+
method: 'POST',
|
|
1032
|
+
headers: headerParameters,
|
|
1033
|
+
query: queryParameters,
|
|
1034
|
+
body: models_1.ReqRevokeAdminRoleToJSON(requestParameters.reqRevokeAdminRole),
|
|
1035
|
+
}, initOverrides)];
|
|
1036
|
+
case 1:
|
|
1037
|
+
response = _a.sent();
|
|
1038
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespChangeCountFromJSON(jsonValue); })];
|
|
1039
|
+
}
|
|
1040
|
+
});
|
|
1041
|
+
});
|
|
1042
|
+
};
|
|
1043
|
+
/**
|
|
1044
|
+
* Revoke the previously granted tenant administrator role from a user. No action is taken if the user is not currently assigned the role (the request is idempotent). The request will not be honored if revoking the role would leave the tenant with no administrator. The user specified in the JWT must themselves be an administrator and a valid tenant and user must be specified in the request body.
|
|
1045
|
+
*/
|
|
1046
|
+
UserApi.prototype.revokeAdminRole = function (requestParameters, initOverrides) {
|
|
1047
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1048
|
+
var response;
|
|
1049
|
+
return __generator(this, function (_a) {
|
|
1050
|
+
switch (_a.label) {
|
|
1051
|
+
case 0: return [4 /*yield*/, this.revokeAdminRoleRaw(requestParameters, initOverrides)];
|
|
1052
|
+
case 1:
|
|
1053
|
+
response = _a.sent();
|
|
1054
|
+
return [4 /*yield*/, response.value()];
|
|
1055
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
1056
|
+
}
|
|
1057
|
+
});
|
|
1058
|
+
});
|
|
1059
|
+
};
|
|
1060
|
+
/**
|
|
1061
|
+
* Revoke the specified permission from the user\'s default role. A user\'s default role is constructed by prepending \'$$\' to the user\'s name. Default roles are created on demand. If the role does not exist when this method is called no error is reported and no changes occur. The change count returned can be zero or one depending on how many permissions were revoked. A valid tenant and user must be specified in the request body. The caller must be an administrator, a service or the user themselves.
|
|
1062
|
+
*/
|
|
1063
|
+
UserApi.prototype.revokeUserPermissionRaw = function (requestParameters, initOverrides) {
|
|
1064
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1065
|
+
var queryParameters, headerParameters, response;
|
|
1066
|
+
return __generator(this, function (_a) {
|
|
1067
|
+
switch (_a.label) {
|
|
1068
|
+
case 0:
|
|
1069
|
+
if (requestParameters.reqRevokeUserPermission === null || requestParameters.reqRevokeUserPermission === undefined) {
|
|
1070
|
+
throw new runtime.RequiredError('reqRevokeUserPermission', 'Required parameter requestParameters.reqRevokeUserPermission was null or undefined when calling revokeUserPermission.');
|
|
1071
|
+
}
|
|
1072
|
+
queryParameters = {};
|
|
1073
|
+
if (requestParameters.pretty !== undefined) {
|
|
1074
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
1075
|
+
}
|
|
1076
|
+
headerParameters = {};
|
|
1077
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
1078
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
1079
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
1080
|
+
}
|
|
1081
|
+
return [4 /*yield*/, this.request({
|
|
1082
|
+
path: "/security/user/revokeUserPermission",
|
|
1083
|
+
method: 'POST',
|
|
1084
|
+
headers: headerParameters,
|
|
1085
|
+
query: queryParameters,
|
|
1086
|
+
body: models_1.ReqRevokeUserPermissionToJSON(requestParameters.reqRevokeUserPermission),
|
|
1087
|
+
}, initOverrides)];
|
|
1088
|
+
case 1:
|
|
1089
|
+
response = _a.sent();
|
|
1090
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespChangeCountFromJSON(jsonValue); })];
|
|
1091
|
+
}
|
|
1092
|
+
});
|
|
1093
|
+
});
|
|
1094
|
+
};
|
|
1095
|
+
/**
|
|
1096
|
+
* Revoke the specified permission from the user\'s default role. A user\'s default role is constructed by prepending \'$$\' to the user\'s name. Default roles are created on demand. If the role does not exist when this method is called no error is reported and no changes occur. The change count returned can be zero or one depending on how many permissions were revoked. A valid tenant and user must be specified in the request body. The caller must be an administrator, a service or the user themselves.
|
|
1097
|
+
*/
|
|
1098
|
+
UserApi.prototype.revokeUserPermission = function (requestParameters, initOverrides) {
|
|
1099
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1100
|
+
var response;
|
|
1101
|
+
return __generator(this, function (_a) {
|
|
1102
|
+
switch (_a.label) {
|
|
1103
|
+
case 0: return [4 /*yield*/, this.revokeUserPermissionRaw(requestParameters, initOverrides)];
|
|
1104
|
+
case 1:
|
|
1105
|
+
response = _a.sent();
|
|
1106
|
+
return [4 /*yield*/, response.value()];
|
|
1107
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
1108
|
+
}
|
|
1109
|
+
});
|
|
1110
|
+
});
|
|
1111
|
+
};
|
|
1112
|
+
/**
|
|
1113
|
+
* Revoke a previously granted role from a user. No action is taken if the user is not currently assigned the role. This request is idempotent. This request is authorized only if the requestor is the role owner or an administrator.
|
|
1114
|
+
*/
|
|
1115
|
+
UserApi.prototype.revokeUserRoleRaw = function (requestParameters, initOverrides) {
|
|
1116
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1117
|
+
var queryParameters, headerParameters, response;
|
|
1118
|
+
return __generator(this, function (_a) {
|
|
1119
|
+
switch (_a.label) {
|
|
1120
|
+
case 0:
|
|
1121
|
+
if (requestParameters.reqRevokeUserRole === null || requestParameters.reqRevokeUserRole === undefined) {
|
|
1122
|
+
throw new runtime.RequiredError('reqRevokeUserRole', 'Required parameter requestParameters.reqRevokeUserRole was null or undefined when calling revokeUserRole.');
|
|
1123
|
+
}
|
|
1124
|
+
queryParameters = {};
|
|
1125
|
+
if (requestParameters.pretty !== undefined) {
|
|
1126
|
+
queryParameters['pretty'] = requestParameters.pretty;
|
|
1127
|
+
}
|
|
1128
|
+
headerParameters = {};
|
|
1129
|
+
headerParameters['Content-Type'] = 'application/json';
|
|
1130
|
+
if (this.configuration && this.configuration.apiKey) {
|
|
1131
|
+
headerParameters["X-Tapis-Token"] = this.configuration.apiKey("X-Tapis-Token"); // TapisJWT authentication
|
|
1132
|
+
}
|
|
1133
|
+
return [4 /*yield*/, this.request({
|
|
1134
|
+
path: "/security/user/revokeUserRole",
|
|
1135
|
+
method: 'POST',
|
|
1136
|
+
headers: headerParameters,
|
|
1137
|
+
query: queryParameters,
|
|
1138
|
+
body: models_1.ReqRevokeUserRoleToJSON(requestParameters.reqRevokeUserRole),
|
|
1139
|
+
}, initOverrides)];
|
|
1140
|
+
case 1:
|
|
1141
|
+
response = _a.sent();
|
|
1142
|
+
return [2 /*return*/, new runtime.JSONApiResponse(response, function (jsonValue) { return models_1.RespChangeCountFromJSON(jsonValue); })];
|
|
1143
|
+
}
|
|
1144
|
+
});
|
|
1145
|
+
});
|
|
1146
|
+
};
|
|
1147
|
+
/**
|
|
1148
|
+
* Revoke a previously granted role from a user. No action is taken if the user is not currently assigned the role. This request is idempotent. This request is authorized only if the requestor is the role owner or an administrator.
|
|
1149
|
+
*/
|
|
1150
|
+
UserApi.prototype.revokeUserRole = function (requestParameters, initOverrides) {
|
|
1151
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1152
|
+
var response;
|
|
1153
|
+
return __generator(this, function (_a) {
|
|
1154
|
+
switch (_a.label) {
|
|
1155
|
+
case 0: return [4 /*yield*/, this.revokeUserRoleRaw(requestParameters, initOverrides)];
|
|
1156
|
+
case 1:
|
|
1157
|
+
response = _a.sent();
|
|
1158
|
+
return [4 /*yield*/, response.value()];
|
|
1159
|
+
case 2: return [2 /*return*/, _a.sent()];
|
|
1160
|
+
}
|
|
1161
|
+
});
|
|
1162
|
+
});
|
|
1163
|
+
};
|
|
1164
|
+
return UserApi;
|
|
1165
|
+
}(runtime.BaseAPI));
|
|
1166
|
+
exports.UserApi = UserApi;
|