Class: AuthressSdk::UserPermissionsApi

Inherits:

Object

• Object
• AuthressSdk::UserPermissionsApi

Defined in:

lib/authress-sdk/api/user_permissions_api.rb

Instance Attribute Summary

• #authress_client ⇒ Object

  Returns the value of attribute authress_client.

Instance Method Summary

• #authorize_user(user_id, resource_uri, permission, opts = {}) ⇒ nil

  Check to see if a user has permissions to a resource.

• #authorize_user_with_http_info(user_id, resource_uri, permission, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Check to see if a user has permissions to a resource.

• #disable_user_token(user_id, token_id, opts = {}) ⇒ nil

  Disable a token.

• #disable_user_token_with_http_info(user_id, token_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Disable a token.

• #get_user_permissions_for_resource(user_id, resource_uri, opts = {}) ⇒ PermissionCollection

  Get the permissions a user has to a resource.

• #get_user_permissions_for_resource_with_http_info(user_id, resource_uri, opts = {}) ⇒ Array<(PermissionCollection, Integer, Hash)>

  Get the permissions a user has to a resource.

• #get_user_resources(user_id, opts = {}) ⇒ UserResources

  Get the resources a user has to permission to.

• #get_user_resources_with_http_info(user_id, opts = {}) ⇒ Array<(UserResources, Integer, Hash)>

  Get the resources a user has to permission to.

• #initialize(authress_client = AuthressClient.default) ⇒ UserPermissionsApi constructor

  A new instance of UserPermissionsApi.

• #request_user_token(body, user_id, opts = {}) ⇒ UserToken

  Request a user token with additional configuration.

• #request_user_token_with_http_info(body, user_id, opts = {}) ⇒ Array<(UserToken, Integer, Hash)>

  Request a user token with additional configuration.

Constructor Details

#initialize(authress_client = AuthressClient.default) ⇒ UserPermissionsApi

Returns a new instance of UserPermissionsApi.

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 9

def initialize(authress_client = AuthressClient.default)
  @authress_client = authress_client
end

Instance Attribute Details

#authress_client ⇒ Object

Returns the value of attribute authress_client.

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 7

def authress_client
  @authress_client
end

Instance Method Details

#authorize_user(user_id, resource_uri, permission, opts = {}) ⇒ nil

Check to see if a user has permissions to a resource. <i class="far fa-money-bill-alt text-primary"></i> <span class="text-primary">Billable</span> Does the user have the specified permissions to the resource?
<span class="badge badge-outline-secondary">READ: Authress:UserPermissions/userId</span>

Parameters:

• user_id —

  The user to check permissions on

• resource_uri —

  The uri path of a resource to validate, must be URL encoded, uri segments are allowed, the resource must be a full path, and permissions are not inherited by sub-resources.

• permission —

  Permission to check, &#x27;*&#x27; and scoped permissions can also be checked here.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (nil)

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 19

def authorize_user(user_id, resource_uri, permission, opts = {})
  authorize_user_with_http_info(user_id, resource_uri, permission, opts)
  nil
end

#authorize_user_with_http_info(user_id, resource_uri, permission, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Check to see if a user has permissions to a resource. &lt;i class&#x3D;&quot;far fa-money-bill-alt text-primary&quot;&gt;&lt;/i&gt; &lt;span class&#x3D;&quot;text-primary&quot;&gt;Billable&lt;/span&gt; Does the user have the specified permissions to the resource? &lt;br&gt;&lt;span class&#x3D;&quot;badge badge-outline-secondary&quot;&gt;READ: Authress:UserPermissions/userId&lt;/span&gt;

Parameters:

• user_id —

  The user to check permissions on

• resource_uri —

  The uri path of a resource to validate, must be URL encoded, uri segments are allowed, the resource must be a full path, and permissions are not inherited by sub-resources.

• permission —

  Permission to check, &#x27;*&#x27; and scoped permissions can also be checked here.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 31

def authorize_user_with_http_info(user_id, resource_uri, permission, opts = {})
  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug 'Calling API: UserPermissionsApi.authorize_user ...'
  end
  # verify the required parameter 'user_id' is set
  if @authress_client.config[:client_side_validation] && user_id.nil?
    fail ArgumentError, "Missing the required parameter 'user_id' when calling UserPermissionsApi.authorize_user"
  end
  # verify the required parameter 'resource_uri' is set
  if @authress_client.config[:client_side_validation] && resource_uri.nil?
    fail ArgumentError, "Missing the required parameter 'resource_uri' when calling UserPermissionsApi.authorize_user"
  end
  # verify the required parameter 'permission' is set
  if @authress_client.config[:client_side_validation] && permission.nil?
    fail ArgumentError, "Missing the required parameter 'permission' when calling UserPermissionsApi.authorize_user"
  end
  # resource path
  local_var_path = '/v1/users/{userId}/resources/{resourceUri}/permissions/{permission}'.sub('{' + 'userId' + '}', user_id.to_s).sub('{' + 'resourceUri' + '}', resource_uri.to_s).sub('{' + 'permission' + '}', permission.to_s)

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:body] 

  return_type = opts[:return_type] 

  auth_names = opts[:auth_names] || ['oauth2']
  data, status_code, headers = @authress_client.call_api(:GET, local_var_path,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type)

  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug "API called: UserPermissionsApi#authorize_user\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#disable_user_token(user_id, token_id, opts = {}) ⇒ nil

Disable a token. <i class="far fa-money-bill-alt text-primary"></i> <span class="text-primary">Billable</span> Permanently disable a token. To be used after the token has completed its use. Should be called on all tokens to ensure they are not active indefinitely.
<span class="badge badge-outline-secondary">CONTACT: AuthressSupport</span>

Parameters:

• user_id —

  The user to create an impersonation token for.

• token_id —

  The relevant token identifier

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (nil)

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 84

def disable_user_token(user_id, token_id, opts = {})
  disable_user_token_with_http_info(user_id, token_id, opts)
  nil
end

#disable_user_token_with_http_info(user_id, token_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Disable a token. &lt;i class&#x3D;&quot;far fa-money-bill-alt text-primary&quot;&gt;&lt;/i&gt; &lt;span class&#x3D;&quot;text-primary&quot;&gt;Billable&lt;/span&gt; Permanently disable a token. To be used after the token has completed its use. Should be called on all tokens to ensure they are not active indefinitely. &lt;br&gt;&lt;span class&#x3D;&quot;badge badge-outline-secondary&quot;&gt;CONTACT: AuthressSupport&lt;/span&gt;

Parameters:

• user_id —

  The user to create an impersonation token for.

• token_id —

  The relevant token identifier

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 95

def disable_user_token_with_http_info(user_id, token_id, opts = {})
  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug 'Calling API: UserPermissionsApi.disable_user_token ...'
  end
  # verify the required parameter 'user_id' is set
  if @authress_client.config[:client_side_validation] && user_id.nil?
    fail ArgumentError, "Missing the required parameter 'user_id' when calling UserPermissionsApi.disable_user_token"
  end
  # verify the required parameter 'token_id' is set
  if @authress_client.config[:client_side_validation] && token_id.nil?
    fail ArgumentError, "Missing the required parameter 'token_id' when calling UserPermissionsApi.disable_user_token"
  end
  # resource path
  local_var_path = '/v1/users/{userId}/tokens/{tokenId}'.sub('{' + 'userId' + '}', user_id.to_s).sub('{' + 'tokenId' + '}', token_id.to_s)

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:body] 

  return_type = opts[:return_type] 

  auth_names = opts[:auth_names] || ['oauth2']
  data, status_code, headers = @authress_client.call_api(:DELETE, local_var_path,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type)

  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug "API called: UserPermissionsApi#disable_user_token\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_user_permissions_for_resource(user_id, resource_uri, opts = {}) ⇒ PermissionCollection

Get the permissions a user has to a resource. <i class="far fa-money-bill-alt text-primary"></i> <span class="text-primary">Billable</span> Get a summary of the permissions a user has to a particular resource.
<span class="badge badge-outline-secondary">READ: Authress:UserPermissions/userId</span>

Parameters:

• user_id —

  The user to check permissions on

• resource_uri —

  The uri path of a resource to validate, must be URL encoded, uri segments are allowed.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (PermissionCollection)

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 144

def get_user_permissions_for_resource(user_id, resource_uri, opts = {})
  data, _status_code, _headers = get_user_permissions_for_resource_with_http_info(user_id, resource_uri, opts)
  data
end

#get_user_permissions_for_resource_with_http_info(user_id, resource_uri, opts = {}) ⇒ Array<(PermissionCollection, Integer, Hash)>

Get the permissions a user has to a resource. &lt;i class&#x3D;&quot;far fa-money-bill-alt text-primary&quot;&gt;&lt;/i&gt; &lt;span class&#x3D;&quot;text-primary&quot;&gt;Billable&lt;/span&gt; Get a summary of the permissions a user has to a particular resource. &lt;br&gt;&lt;span class&#x3D;&quot;badge badge-outline-secondary&quot;&gt;READ: Authress:UserPermissions/userId&lt;/span&gt;

Parameters:

• user_id —

  The user to check permissions on

• resource_uri —

  The uri path of a resource to validate, must be URL encoded, uri segments are allowed.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(PermissionCollection, Integer, Hash)>) —

  PermissionCollection data, response status code and response headers

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 155

def get_user_permissions_for_resource_with_http_info(user_id, resource_uri, opts = {})
  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug 'Calling API: UserPermissionsApi.get_user_permissions_for_resource ...'
  end
  # verify the required parameter 'user_id' is set
  if @authress_client.config[:client_side_validation] && user_id.nil?
    fail ArgumentError, "Missing the required parameter 'user_id' when calling UserPermissionsApi.get_user_permissions_for_resource"
  end
  # verify the required parameter 'resource_uri' is set
  if @authress_client.config[:client_side_validation] && resource_uri.nil?
    fail ArgumentError, "Missing the required parameter 'resource_uri' when calling UserPermissionsApi.get_user_permissions_for_resource"
  end
  # resource path
  local_var_path = '/v1/users/{userId}/resources/{resourceUri}/permissions'.sub('{' + 'userId' + '}', user_id.to_s).sub('{' + 'resourceUri' + '}', resource_uri.to_s)

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @authress_client.select_header_accept(['application/links+json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:body] 

  return_type = opts[:return_type] || 'PermissionCollection' 

  auth_names = opts[:auth_names] || ['oauth2']
  data, status_code, headers = @authress_client.call_api(:GET, local_var_path,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type)

  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug "API called: UserPermissionsApi#get_user_permissions_for_resource\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_user_resources(user_id, opts = {}) ⇒ UserResources

Get the resources a user has to permission to. <i class="far fa-money-bill-alt text-primary"></i> <span class="text-primary">Billable</span> Get the users resources. This result is a list of resource uris that a user has an explicit permission to, a user with * access to all sub resources will return an empty list. To get a user’s list of resources in this cases, it is recommended to also check explicit access to the collection resource, using the <strong>authorizeUser</strong> endpoint. In the case that the user only has access to a subset of resources in a collection, the list will be paginated.
<span class="badge badge-outline-secondary">READ: Authress:UserPermissions/userId</span>

Parameters:

• user_id —

  The user to check permissions on

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :resource_uri (String) —

  The top level uri path of a resource to query for. Will only match explicit or collection resource children. Will not partial match resource names. (default to *)

• :permissions (String) —

  Permission to check, &#x27;*&#x27; and scoped permissions can also be checked here. By default if the user has any permission explicitly to a resource, it will be included in the list.

• :limit (Integer) —

  Max number of results to return (default to 20)

• :cursor (String) —

  Continuation cursor for paging (will automatically be set)

Returns:

• (UserResources)

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 209

def get_user_resources(user_id, opts = {})
  data, _status_code, _headers = get_user_resources_with_http_info(user_id, opts)
  data
end

#get_user_resources_with_http_info(user_id, opts = {}) ⇒ Array<(UserResources, Integer, Hash)>

Get the resources a user has to permission to. &lt;i class&#x3D;&quot;far fa-money-bill-alt text-primary&quot;&gt;&lt;/i&gt; &lt;span class&#x3D;&quot;text-primary&quot;&gt;Billable&lt;/span&gt; Get the users resources. This result is a list of resource uris that a user has an explicit permission to, a user with * access to all sub resources will return an empty list. To get a user&#x27;s list of resources in this cases, it is recommended to also check explicit access to the collection resource, using the &lt;strong&gt;authorizeUser&lt;/strong&gt; endpoint. In the case that the user only has access to a subset of resources in a collection, the list will be paginated. &lt;br&gt;&lt;span class&#x3D;&quot;badge badge-outline-secondary&quot;&gt;READ: Authress:UserPermissions/userId&lt;/span&gt;

Parameters:

• user_id —

  The user to check permissions on

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :resource_uri (String) —

  The top level uri path of a resource to query for. Will only match explicit or collection resource children. Will not partial match resource names.

• :permissions (String) —

  Permission to check, &#x27;*&#x27; and scoped permissions can also be checked here. By default if the user has any permission explicitly to a resource, it will be included in the list.

• :limit (Integer) —

  Max number of results to return

• :cursor (String) —

  Continuation cursor for paging (will automatically be set)

Returns:

• (Array<(UserResources, Integer, Hash)>) —

  UserResources data, response status code and response headers

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 223

def get_user_resources_with_http_info(user_id, opts = {})
  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug 'Calling API: UserPermissionsApi.get_user_resources ...'
  end
  # verify the required parameter 'user_id' is set
  if @authress_client.config[:client_side_validation] && user_id.nil?
    fail ArgumentError, "Missing the required parameter 'user_id' when calling UserPermissionsApi.get_user_resources"
  end
  # resource path
  local_var_path = '/v1/users/{userId}/resources'.sub('{' + 'userId' + '}', user_id.to_s)

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'resourceUri'] = opts[:'resource_uri'] if !opts[:'resource_uri'].nil?
  query_params[:'permissions'] = opts[:'permissions'] if !opts[:'permissions'].nil?
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'cursor'] = opts[:'cursor'] if !opts[:'cursor'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @authress_client.select_header_accept(['application/links+json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:body] 

  return_type = opts[:return_type] || 'UserResources' 

  auth_names = opts[:auth_names] || ['oauth2']
  data, status_code, headers = @authress_client.call_api(:GET, local_var_path,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type)

  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug "API called: UserPermissionsApi#get_user_resources\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#request_user_token(body, user_id, opts = {}) ⇒ UserToken

Request a user token with additional configuration. <i class="far fa-money-bill-alt text-primary"></i> <span class="text-primary">Billable</span> Get an Authress signed JWT access token using with userId as the sub. Additionally, can be configured to limit the permissions for this particular token and the length of time the token is valid. Token validation is real-time, so deleted tokens are restricted from being used as soon as they are deleted. This gives full control to the user and client creating the token. Client must have access to impersonating the user in order to generate tokens on their behalf.
<span class="badge badge-outline-secondary">CONTACT: AuthressSupport</span>

Parameters:

• body —

  The contents of the permission to set on the token. Will be used instead of the users or clients full permissions. Cannot include permissions that the user or client do not have.

• user_id —

  The user to create an impersonation token for.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (UserToken)

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 274

def request_user_token(body, user_id, opts = {})
  data, _status_code, _headers = request_user_token_with_http_info(body, user_id, opts)
  data
end

#request_user_token_with_http_info(body, user_id, opts = {}) ⇒ Array<(UserToken, Integer, Hash)>

Request a user token with additional configuration. &lt;i class&#x3D;&quot;far fa-money-bill-alt text-primary&quot;&gt;&lt;/i&gt; &lt;span class&#x3D;&quot;text-primary&quot;&gt;Billable&lt;/span&gt; Get an Authress signed JWT access token using with userId as the sub. Additionally, can be configured to limit the permissions for this particular token and the length of time the token is valid. Token validation is real-time, so deleted tokens are restricted from being used as soon as they are deleted. This gives full control to the user and client creating the token. Client must have access to impersonating the user in order to generate tokens on their behalf. &lt;br&gt;&lt;span class&#x3D;&quot;badge badge-outline-secondary&quot;&gt;CONTACT: AuthressSupport&lt;/span&gt;

Parameters:

• body —

  The contents of the permission to set on the token. Will be used instead of the users or clients full permissions. Cannot include permissions that the user or client do not have.

• user_id —

  The user to create an impersonation token for.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(UserToken, Integer, Hash)>) —

  UserToken data, response status code and response headers

# File 'lib/authress-sdk/api/user_permissions_api.rb', line 285

def request_user_token_with_http_info(body, user_id, opts = {})
  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug 'Calling API: UserPermissionsApi.request_user_token ...'
  end
  # verify the required parameter 'body' is set
  if @authress_client.config[:client_side_validation] && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling UserPermissionsApi.request_user_token"
  end
  # verify the required parameter 'user_id' is set
  if @authress_client.config[:client_side_validation] && user_id.nil?
    fail ArgumentError, "Missing the required parameter 'user_id' when calling UserPermissionsApi.request_user_token"
  end
  # resource path
  local_var_path = '/v1/users/{userId}/tokens'.sub('{' + 'userId' + '}', user_id.to_s)

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @authress_client.select_header_accept(['application/links+json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @authress_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:body] || @authress_client.object_to_http_body(body) 

  return_type = opts[:return_type] || 'UserToken' 

  auth_names = opts[:auth_names] || ['oauth2']
  data, status_code, headers = @authress_client.call_api(:POST, local_var_path,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type)

  if @authress_client.config[:debugging]
    @authress_client.config[:logger].debug "API called: UserPermissionsApi#request_user_token\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end