@piiano/vault-client
Version:
Piiano Vault generated typescript client
521 lines • 27.5 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.ObjectsClient = void 0;
class ObjectsClient {
constructor(httpRequest) {
this.httpRequest = httpRequest;
}
/**
* Get object count
* Gets the number of objects in a collection.
*
* The role performing this operation must have at least one allowing policy and no denying policies for the `stats` operation.
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how Vault uses policies to control access to data.
* @returns Count The request is successful.
* @throws ApiError
*/
getObjectsCount({ collection, adhocReason, reason, customAudit, reloadCache, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'GET',
url: '/api/pvlt/1.0/data/collections/{collection}/count/objects',
path: {
'collection': collection,
},
headers: additionalHeaders,
query: {
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
},
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The requested resource is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
/**
* List objects
* Returns a [paginated list](/api/api-pagination) of objects from a collection with all or a subset of object property values. To encrypt object property values, set export to true. Values are encrypted using the key specified in the [PVAULT_KMS_EXPORT_URI or PVAULT_KMS_EXPORT_SEED environment variables](/guides/configure/environment-variables#key-management-service).
*
* The role performing this operation must have both of the following:
* - The `CapDataReader` capability.
* - At least one allowing policy and no denying policies for the `read` operation for each of the properties and the
* collection requested in the call.
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how
* capabilities are used to control access to operations and policies are used to control access to data.
*
* **Warning**: Use of the `unsafe` option, to include all object property values, may expose more private information than is required, use with caution.
* @returns ObjectFieldsPage The request is successful.
* @throws ApiError
*/
listObjects({ collection, adhocReason, reason, customAudit, reloadCache, pageSize, cursor, _export, xTransParam, xTenantId, ids, options, props, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'GET',
url: '/api/pvlt/1.0/data/collections/{collection}/objects',
path: {
'collection': collection,
},
headers: Object.assign(Object.assign({}, additionalHeaders), { 'X-Trans-Param': xTransParam, 'X-Tenant-Id': xTenantId }),
query: {
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
'page_size': pageSize,
'cursor': cursor,
'export': _export,
'ids': ids,
'options': options,
'props': props,
},
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The collection, properties, or object is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
/**
* Add object
* Adds an object to a collection. The request must include all the non-nullable properties, as defined by the [collection schema](/api/operations/list-collection-properties).
*
* By default, accepts the object fields in JSON format. To pass a raw, unformatted value for a single property, set the `Content-Type` header to `application/octet-stream` and the property name in the `prop` query parameter.
*
* When adding an object from an external system that uses UUID IDs, you can include the object ID in the request to set the ID in Vault. For example, `"id","463a83d0-a816-4902-abba-2486e0c0a0bb"`. Vault normalizes the ID to lowercase.
*
* If the object to add is exported from an external system or Vault:
* - set `import` to `true` to import values for the built-in properties `_creation_time`, `_modification_time`, and `_expiration_time`.
* - if the data is encrypted, to decrypt the data provide the encryption key in `export_key`.
*
* The role performing this operation must have both of the following:
* - The `CapDataWriter` or the `CapDataCreator` capability.
* - At least one allowing policy and no denying policies for the `write` operation for each of the collection properties
* provided in the call.
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how
* capabilities are used to control access to operations and policies are used to control access to data.
* @returns ObjectID The request is successful.
* @throws ApiError
*/
addObject({ collection, requestBody, adhocReason, reason, customAudit, reloadCache, xTenantId, expirationSecs, _import = false, exportKey, prop, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'POST',
url: '/api/pvlt/1.0/data/collections/{collection}/objects',
path: {
'collection': collection,
},
headers: Object.assign(Object.assign({}, additionalHeaders), { 'X-Tenant-Id': xTenantId }),
query: {
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
'expiration_secs': expirationSecs,
'import': _import,
'export_key': exportKey,
'prop': prop,
},
body: requestBody,
mediaType: 'application/json',
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The collection or properties is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
/**
* Get object
* Returns an object from a collection with all or a subset of object property values.
*
* By default, returns the properties in JSON format. To get a single property's value without formatting, specify the property name in the `prop` query parameter, and set the `Accept` header to `application/octet-stream`.
*
* The role performing this operation must have both of the following:
* - The `CapDataReader` capability.
* - At least one allowing policy and no denying policies for the `read` operation for each of the properties and the
* collection requested in the call.
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how
* capabilities are used to control access to operations and policies are used to control access to data.
*
* **Warning**: Use of the `unsafe` option, to include all object property values, may expose more private information than is required, use with caution.
* @returns ObjectFields The request is successful.
* @throws ApiError
*/
getObjectById({ collection, id, adhocReason, reason, customAudit, reloadCache, xTransParam, xTenantId, options, props, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'GET',
url: '/api/pvlt/1.0/data/collections/{collection}/objects/{id}',
path: {
'collection': collection,
'id': id,
},
headers: Object.assign(Object.assign({}, additionalHeaders), { 'X-Trans-Param': xTransParam, 'X-Tenant-Id': xTenantId }),
query: {
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
'options': options,
'props': props,
},
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The collection, properties, or object is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
/**
* Update object
* Updates properties of an object in a collection.
*
* By default, accepts the object fields in JSON format. To update a property using a raw, unformatted value, set the `Content-Type` header to `application/octet-stream`, and the a single property name in the `prop` query parameter.
*
* The role performing this operation must have both of the following:
* - The `CapDataWriter` or the `CapDataUpdater` capability.
* - At least one allowing policy and no denying policies for the `write` operation for each of the collection properties
* specified in the call.
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how
* capabilities are used to control access to operations and policies are used to control access to data.
*
* @returns any The request is successful.
* @throws ApiError
*/
updateObjectById({ collection, id, requestBody, adhocReason, reason, customAudit, reloadCache, xTenantId, expirationSecs, options, _import = false, exportKey, prop, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'PATCH',
url: '/api/pvlt/1.0/data/collections/{collection}/objects/{id}',
path: {
'collection': collection,
'id': id,
},
headers: Object.assign(Object.assign({}, additionalHeaders), { 'X-Tenant-Id': xTenantId }),
query: {
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
'expiration_secs': expirationSecs,
'options': options,
'import': _import,
'export_key': exportKey,
'prop': prop,
},
body: requestBody,
mediaType: 'application/json',
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The collection, properties, or object is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
/**
* Delete object
* Deletes an object from a collection. This operation is irreversible.
*
* The role performing this operation must have both of the following:
* - The `CapDataWriter` or the `CapDataDeleter` capability.
* - At least one allowing policy and no denying policies for the `delete` operation for each of the properties defined for
* the collection specified in the call.
*
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how
* capabilities are used to control access to operations and policies are used to control access to data.
* @returns any The request is successful.
* @throws ApiError
*/
deleteObjectById({ collection, id, options, adhocReason, reason, customAudit, reloadCache, xTenantId, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'DELETE',
url: '/api/pvlt/1.0/data/collections/{collection}/objects/{id}',
path: {
'collection': collection,
'id': id,
},
headers: Object.assign(Object.assign({}, additionalHeaders), { 'X-Tenant-Id': xTenantId }),
query: {
'options': options,
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
},
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The collection or object is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
/**
* Add objects (bulk)
* Adds objects to a collection. The request must include all the non-nullable properties for each object, as defined by the collection schema. Use the [list collection properties](/api/operations/list-collection-properties) operation to check the collection schema.
*
* By default, accepts the object fields in JSON format. To pass a raw, unformatted value for a single property, set the `Content-Type` header to `application/octet-stream` and the property name in the `prop` query parameter.
*
* When adding objects from an external system that uses UUID IDs, you can include the object IDs in the request to set the IDs in Vault. For example, `"id","463a83d0-a816-4902-abba-2486e0c0a0bb"`. Vault normalizes the IDs to lowercase.
*
* If the objects to add are exported from an external system or Vault:
* - set `import` to `true` to import values for the built-in properties `_creation_time`, `_modification_time`, and `_expiration_time`.
* - if the data is encrypted, to decrypt the data provide the encryption key in `export_key`.
*
* If any object add fails, the operation fails and no objects are added.
*
* The maximum number of objects that can be added in one operation is determined by the [`PVAULT_SERVICE_MAX_PAGE_SIZE` environment variable](/guides/configure/environment-variables#pvault_service_max_page_size).
*
* See the [add object](/api/operations/add-object) operation to add an object to a collection.
*
* The role performing this operation must have both of the following:
* - The `CapDataWriter` or the `CapDataCreator` capability.
* - For each object in the request, at least one allowing policy and no denying policies for the `write` operation for each object property.
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how capabilities are used to control access to operations and policies are used to control access to data.
*
* @returns BulkObjectResponse The bulk operation is successful.
* This status doesn't indicate that the operation is successful for all objects.
* Check the response body for details of the status of each object.
*
* @throws ApiError
*/
addObjects({ collection, requestBody, adhocReason, reason, customAudit, reloadCache, xTenantId, expirationSecs, _import = false, exportKey, prop, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'POST',
url: '/api/pvlt/1.0/data/collections/{collection}/bulk/objects',
path: {
'collection': collection,
},
headers: Object.assign(Object.assign({}, additionalHeaders), { 'X-Tenant-Id': xTenantId }),
query: {
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
'expiration_secs': expirationSecs,
'import': _import,
'export_key': exportKey,
'prop': prop,
},
body: requestBody,
mediaType: 'application/json',
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The collection or properties is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
/**
* Update objects (bulk)
* Updates properties of objects in a collection.
*
* If any object update fails, the operation fails and no objects are updated.
*
* The maximum number of objects that can be updated in one operation is determined by the [`PVAULT_SERVICE_MAX_PAGE_SIZE` environment variable](/guides/configure/environment-variables#pvault_service_max_page_size).
*
* The role performing this operation must have both of the following:
* - The `CapDataWriter` or the `CapDataUpdater` capability.
* - For each object in the request, at least one allowing policy and no denying policies for the `write` operation for each of the object's properties.
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how
* capabilities are used to control access to operations and policies are used to control access to data.
*
* @returns BulkObjectResponse The bulk operation is successful.
* This status doesn't indicate that the operation is successful for all objects.
* Check the response body for details of the status of each object.
*
* @throws ApiError
*/
updateObjects({ collection, expirationSecs, options, prop, adhocReason, reason, customAudit, reloadCache, _import = false, exportKey, xTenantId, requestBody, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'PATCH',
url: '/api/pvlt/1.0/data/collections/{collection}/bulk/objects',
path: {
'collection': collection,
},
headers: Object.assign(Object.assign({}, additionalHeaders), { 'X-Tenant-Id': xTenantId }),
query: {
'expiration_secs': expirationSecs,
'options': options,
'prop': prop,
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
'import': _import,
'export_key': exportKey,
},
body: requestBody,
mediaType: 'application/json',
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The collection is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
/**
* Delete objects (bulk)
* Deletes objects from a collection. This operation is irreversible.
*
* If any object delete fails, the operation fails and no objects are deleted.
*
* The maximum number of objects that can be deleted in one operation is determined by the [`PVAULT_SERVICE_MAX_PAGE_SIZE` environment variable](/guides/configure/environment-variables#pvault_service_max_page_size).
*
*
* The role performing this operation must have both of the following:
* - The `CapDataWriter` or the `CapDataDeleter` capability.
* - At least one allowing policy and no denying policies for the `delete` operation for each of the properties defined for
* the collection specified in the call.
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how
* capabilities are used to control access to operations and policies are used to control access to data.
*
* @returns BulkObjectResponse The bulk operation is successful.
* This status doesn't indicate that the operation is successful for all objects.
* Check the response body for details of the status of each object.
*
* @throws ApiError
*/
deleteObjects({ collection, options, adhocReason, reason, customAudit, reloadCache, xTenantId, requestBody, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'DELETE',
url: '/api/pvlt/1.0/data/collections/{collection}/bulk/objects',
path: {
'collection': collection,
},
headers: Object.assign(Object.assign({}, additionalHeaders), { 'X-Tenant-Id': xTenantId }),
query: {
'options': options,
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
},
body: requestBody,
mediaType: 'application/json',
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The collection or object is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
/**
* Search objects
* Returns a [paginated list](/api/api-pagination) of objects, with property values, from a collection that satisfies a query.
*
* You can read more about full-match searches in the [Search objects](/guides/write-and-read-personal-data/search-objects/string-search-objects) guide and about substring searches in the [Substring search objects](/guides/write-and-read-personal-data/search-objects/substring-search-objects) guide.
*
* The role performing this operation must have all the following:
* - The `CapDataSearcher` capability.
* - Policies:
* + At least one allowing policy and no denying policies for the `read` operation for each of the collection properties
* specified in the `props` query parameter.
* + At least one allowing policy and no denying policies for the `search` operation for each of the collection
* properties
* specified in the `query` body parameter.
*
* See [identity and access management](/data-security/identity-and-access-management) for more information about how
* capabilities are used to control access to operations and policies are used to control access to data.
*
* **Warning**: Use of the `unsafe` option, to include all object property values, may expose more private information than is required, use with caution..
* @returns ObjectFieldsPage The request is successful.
* @throws ApiError
*/
searchObjects({ collection, requestBody, adhocReason, reason, customAudit, reloadCache, pageSize, cursor, xTransParam, xTenantId, options, props, additionalHeaders = {}, }) {
return this.httpRequest.request({
method: 'POST',
url: '/api/pvlt/1.0/data/collections/{collection}/query/objects',
path: {
'collection': collection,
},
headers: Object.assign(Object.assign({}, additionalHeaders), { 'X-Trans-Param': xTransParam, 'X-Tenant-Id': xTenantId }),
query: {
'adhoc_reason': adhocReason,
'reason': reason,
'custom_audit': customAudit,
'reload_cache': reloadCache,
'page_size': pageSize,
'cursor': cursor,
'options': options,
'props': props,
},
body: requestBody,
mediaType: 'application/json',
errors: {
400: `The request is invalid.`,
401: `Authentication credentials are incorrect or missing.`,
403: `The caller doesn't have the required access rights.`,
404: `The collection or properties is not found.`,
405: `The operation is not allowed.`,
409: `A conflict occurs.`,
410: `Access to a resource that is no longer available occurs.`,
500: `An error occurs on the server.`,
503: `The service is unavailable.`,
},
});
}
}
exports.ObjectsClient = ObjectsClient;
//# sourceMappingURL=ObjectsClient.js.map