UNPKG

@terminusdb/terminusdb-client

Version:

TerminusDB client library

github.com/terminusdb/terminusdb-client

terminusdb/terminusdb-client-js

989 lines (930 loc) • 33.2 kB

JavaScript

/* eslint-disable max-len */ /* eslint-disable no-underscore-dangle */ const DispatchRequest = require('./dispatchRequest'); const ErrorMessage = require('./errorMessage'); const CONST = require('./const'); const UTILS = require('./utils'); // eslint-disable-next-line no-unused-vars const typedef = require('./typedef'); /** * @license Apache Version 2 * @module AccessControl * @constructor AccessControl * @description The AccessControl is a driver to work with * TerminusDB and TerminusX access control api * for the credential you can use the JWT token, the API token or * the basic authentication with username and password * @example * //connect with the API token * //(to request a token create an account in https://terminusdb.com/) * const accessContol = new AccessControl("https://servername.com", * {organization:"my_team_name", * token:"dGVybWludXNkYjovLy9kYXRhL2tleXNfYXB........"}) * accessControl.getOrgUsers().then(result=>{ * console.log(result) * }) * * //connect with the jwt token this type of connection is only for the dashboard * //or for application integrate with our login workflow * const accessContol = new AccessControl("https://servername.com", * {organization:"my_team_name", * jwt:"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkpXUjBIOXYyeTFORUd........"}) * accessControl.getOrgUsers().then(result=>{ * console.log(result) * }) * * //if the jwt is expired you can change it with * accessControl.setJwtToken("eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkpXUjBIOXYy * eTFORUd.......") * * //connect with the base authentication this type of connection is only for the local installation * const accessContol = new AccessControl("http://127.0.0.1:6363", * {organization:"my_team_name", user:"admin" * key:"mykey"}) * accessControl.getOrgUsers().then(result=>{ * console.log(result) * }) * */ function AccessControl(cloudAPIUrl, params) { this.baseURL = this.getAPIUrl(cloudAPIUrl); if (!params) return; if (params.jwt) { this.setJwtToken(params.jwt); } else if (params.token) { this.setApiToken(params.token); } else if (params.key) { this.setApiKey(params.key); this.user = params.user; } this.defaultOrganization = this.getDefaultOrganization(params); } /** * Get a organization from parameters. * @param {object} params - The parameters * @return {string|undefined} - organization */ AccessControl.prototype.getDefaultOrganization = function (params) { if (params && params.organization && typeof params.organization === 'string') { return params.organization; } return undefined; }; /** * Sets the Jwt token for the object * @param {string} jwt - The jwt api token to use */ AccessControl.prototype.setJwtToken = function (jwt) { if (!jwt) { throw new Error('TerminusX Access token required'); } this.apiKey = jwt; this.apiType = 'jwt'; }; /** * Sets the API token for the object, to request a token create an account in https://terminusdb.com/ * @param {string} atokenpi - The API token to use to connect with TerminusX */ AccessControl.prototype.setApiToken = function (token) { if (!token) { throw new Error('TerminusX Access token required'); } this.apiKey = token; this.apiType = 'apikey'; }; /** * Sets the API token for the object, to request a token create an account in https://terminusdb.com/ * @param {string} atokenpi - The API token to use to connect with TerminusX */ AccessControl.prototype.setApiKey = function (key) { if (!key) { throw new Error('TerminusDB bacis authentication key required'); } this.apiKey = key; this.apiType = 'basic'; }; /** * Get a API url from cloudAPIUrl * @param {string} cloudAPIUrl - The base url for cloud * @return {string} apiUrl */ AccessControl.prototype.getAPIUrl = function (cloudAPIUrl) { if (!cloudAPIUrl || typeof cloudAPIUrl !== 'string') { throw new Error('TerminusX api url required!'); } if (cloudAPIUrl.lastIndexOf('/') !== cloudAPIUrl.length - 1) { // eslint-disable-next-line no-param-reassign cloudAPIUrl += '/'; // always append slash to ensure regularity } return `${cloudAPIUrl}api`; }; AccessControl.prototype.dispatch = function (requestUrl, action, payload) { if (!requestUrl) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( action, 'Invalid request URL', ), ), ); } return DispatchRequest( requestUrl, action, payload, { type: this.apiType, key: this.apiKey, user: this.user }, null, this.customHeaders(), ); }; /** * add extra headers to your request * @param {object} customHeaders * @returns {object} */ // eslint-disable-next-line consistent-return AccessControl.prototype.customHeaders = function (customHeaders) { if (customHeaders) this._customHeaders = customHeaders; else return this._customHeaders; }; /** * -- TerminusDB API --- * Get an organization from the TerminusDB API. * @param {string} organization - The organization * @return {object} - organization */ AccessControl.prototype.getOrganization = function (org) { return this.dispatch(`${this.baseURL}/organizations/${org}`, CONST.GET); }; /** * -- TerminusDB API --- * This end point works in basic authentication, admin user * Get list of organizations * @return {Promise} A promise that returns the call response object, or an Error if rejected. */ AccessControl.prototype.getAllOrganizations = function () { return this.dispatch(`${this.baseURL}/organizations`, CONST.GET); }; /** * -- TerminusDB API --- * This end point works in basic authentication, admin user * Create an organization * @param {string} orgName - The organization name to create * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.createOrganization("my_org_name").then(result=>{ * console.log(result) * }) */ AccessControl.prototype.createOrganization = function (orgName) { // maybe we have to review this return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(orgName)}`, CONST.POST, {}); }; /** * -- TerminusDB API --- * Delete an Organization * @param {string} orgName - The organization name to delete * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.deleteOrganization("my_org_name").then(result=>{ * console.log(result) * }) */ AccessControl.prototype.deleteOrganization = function (orgName) { return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(orgName)}`, CONST.DELETE); }; /** * --TerminusDB API --- * basic authentication, admin user. * Create a new role in the system database. * @param {string} [name] - The role name. * @param {typedef.RolesActions} [actions] - A list of actions * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.createRole("Reader",[ACTIONS.INSTANCE_READ_ACCESS]).then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.createRole = function (name, actions) { const payload = { name, action: actions }; return this.dispatch(`${this.baseURL}/roles`, CONST.POST, payload); }; /** * -- TerminusdDB API --- * basic Authentication, admin user. * Delete role in the system database, (this api is enabled only in the local installation) * @param {string} [name] - The role name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.deleteRole("Reader").then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.deleteRole = function (name) { return this.dispatch(`${this.baseURL}/roles/${UTILS.encodeURISegment(name)}`, CONST.DELETE); }; /** * -- TerminusdDB API --- * basic Authentication, admin user. * Return the list of all the users (this api is enabled only in the local installation) * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.getAllUsers().then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.getAllUsers = function () { return this.dispatch(`${this.baseURL}/users`, CONST.GET); }; /** * -- TerminusdDB API --- * basic Authentication, admin user. * Add the user into the system database * @param {string} name - the user name * @param {string} [password] - you need the password for basic authentication * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.deleteUser(userId).then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.createUser = function (name, password) { const payload = { name, password }; return this.dispatch(`${this.baseURL}/users`, CONST.POST, payload); }; /** * -- TerminusdDB API --- * basic Authentication, admin user. * Remove the user from the system database. * @param {string} userId - the document user id * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.deleteUser(userId).then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.deleteUser = function (userId) { return this.dispatch(`${this.baseURL}/users/${UTILS.encodeURISegment(userId)}`, CONST.DELETE); }; /** * -- TerminusdDB API --- * Grant/Revoke Capability * @param {string} userName - the document user id * @param {string} resourceName - the name of a (database or team) * @param {array} rolesArr - the roles name list * @param {typedef.CapabilityCommand} operation - grant/revoke operation * @param {typedef.ScopeType} [scopeType] - the resource type (database or organization) * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * //we add an user to an organization and manage users' access * //the user myUser can access the Organization and all the database under the organization with "reader" Role * client.manageCapability(myUser,myteam,[reader],"grant","organization").then(result=>{ * consol.log(result) * }) * * //the user myUser can access the database db__001 under the organization myteam * //with "writer" Role * client.manageCapability(myUser,myteam/db__001,[writer],"grant","database").then(result=>{ * consol.log(result) * }) */ AccessControl.prototype.manageCapability = function (userName, resourceName, rolesArr, operation, scopeType) { const payload = { operation, user: userName, roles: rolesArr, scope: resourceName, scope_type: scopeType, }; return this.dispatch(`${this.baseURL}/capabilities`, CONST.POST, payload); }; /** * --TerminusX and TerminusDB API --- * Get all the system database roles types. * @return {Promise} A promise that returns the call response object, or an Error if rejected. */ AccessControl.prototype.getAccessRoles = function () { return this.dispatch(`${this.baseURL}/roles`, CONST.GET); }; /** * -- TerminusX and TerminusDB API -- * Get all the organization's users and roles, * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.getOrgUsers().then(result=>{ * console.log(result) * }) * * //this function will return an array of capabilities with users and roles * //-- TerminusX -- response array example * //[{capability: "Capability/3ea26e1d698821c570afe9cb4fe81a3......" * // email: {@type: "xsd:string", @value: "user@terminusdb.com"} * // picture: {@type: "xsd:string",…} * // role: "Role/dataReader" * // scope: "Organization/my_org_name" * // user: "User/auth0%7C613f5dnndjdjkTTT"}] * // * // * // -- Local Installation -- response array example * //[{ "@id":"User/auth0%7C615462f8ab33f4006a6bee0c", * // "capability": [{ * // "@id":"Capability/c52af34b71f6f8916ac0115ecb5fe0e31248ead8b1e3d100852015...", * // "@type":"Capability", * // "role": [{ * // "@id":"Role/admin", * // "@type":"Role", * // "action": ["instance_read_access"], * // "name":"Admin Role" * // }], * // "scope":"Organization/@team"}]] */ AccessControl.prototype.getOrgUsers = function (orgName) { if (!orgName && !this.defaultOrganization) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'GET', 'Please provide a organization name', ), ), ); } const org = orgName || this.defaultOrganization; return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/users`, CONST.GET); }; /** * -- TerminusX and TerminusDB API -- * Get the user roles for a given organization or the default organization, * @param {string} [userName] - The organization name. * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.getTeamUserRole("myUser").then(result=>{ * console.log(result) * }) * * //response object example * { * "@id": "User/myUser", * "capability": [ * { * "@id":"Capability/server_access", * "@type":"Capability", * "role": [{ * "@id":"Role/reader", * "@type":"Role", * "action": [ * "instance_read_access", * ], * "name":"reader" * }], * "scope":"Organization/myteam" * } * ], * "name": "myUser" *} */ AccessControl.prototype.getTeamUserRoles = function (userName, orgName) { if (!orgName && !this.defaultOrganization) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'GET', 'Please provide a organization name', ), ), ); } const org = orgName || this.defaultOrganization; return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/users/${UTILS.encodeURISegment(userName)}`, CONST.GET); }; /** * -- TerminusX API --- * Check if the organization exists. it is a Head call . * IMPORTANT This does not work with the API-TOKEN. * @param {string} orgName - The organization name to check if exists. * @return {Promise} A promise that returns the call status object, 200: if the organization * exists and 404: if the organization does not exist */ AccessControl.prototype.ifOrganizationExists = function (orgName) { if (!orgName) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'HEAD', 'Please provide a organization name', ), ), ); } return this.dispatch(`${this.baseURL}/private/organizations/${UTILS.encodeURISegment(orgName)}`, CONST.HEAD); }; /** * -- TerminusX API --- * IMPORTANT This does not work with the API-TOKEN. * Create an organization * @param {string} orgName - The organization name to create * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.createOrganization("my_org_name").then(result=>{ * console.log(result) * }) */ AccessControl.prototype.createOrganizationRemote = function (orgName) { const payload = { organization: orgName }; return this.dispatch(`${this.baseURL}/private/organizations`, CONST.POST, payload); }; /** * -- TerminusX API --- * Get the pending invitations list. * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * const invitationList = accessControl.getPendingOrgInvites().then(result=>{ * console.log(invitationList) * * }) * //this will return an array of invitations object like this * //[{@id: "Organization/my_team_name/invitations/Invitation/7ad0c9eb82b6175bcda9c0dfc2ac51161ef5ba * cb0988d992c4bce82b3fa5d25" * // @type: "Invitation" * // creation_date: "2021-10-22T11:13:28.762Z" * // email_to: "new_user@terminusdb.com" * // invited_by: "User/auth0%7C6162f8ab33567406a6bee0c" * // role: "Role/dataReader" * // status: "needs_invite"}] * */ AccessControl.prototype.getPendingOrgInvites = function (orgName) { if (!orgName && !this.defaultOrganization) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'GET', 'Please provide a organization name', ), ), ); } const org = orgName || this.defaultOrganization; return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/invites`, CONST.GET); }; /** * -- TerminusX API --- * Send a new invitation * @param {string} userEmail - The email of user. * @param {string} role - The role for user. (the document @id role like Role/collaborator) * @param {string} [note] - The note to send with the invitation. * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.sendOrgInvite("new_user@terminusdb.com","Role/admin", * "please join myteam").then(result=>{ * console.log(result) * }) */ // eslint-disable-next-line default-param-last AccessControl.prototype.sendOrgInvite = function (userEmail, role, note = '', orgName) { let errorMessage; if (!orgName && !this.defaultOrganization) { errorMessage = 'Please provide a organization name'; } else if (!userEmail) { errorMessage = 'Please provide a user email'; } else if (!role) { errorMessage = 'Please provide a role'; } if (errorMessage) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'POST', errorMessage, ), ), ); } const org = orgName || this.defaultOrganization; return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/invites`, CONST.POST, { email_to: userEmail, role, note, }); }; /** * -- TerminusX API --- * Get the invitation info * @param {string} inviteId - The invite id to retrieve. * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * const fullInviteId="Organization/my_team_name/invitations/Invitation/7ad0c9eb82b6175bcda9c0dfc * 2ac51161ef5ba7cb0988d992c4bce82b3fa5d25" * accessControl.getOrgInvite(fullInviteId).then(result=>{ * console.log(result) * }) */ AccessControl.prototype.getOrgInvite = function (inviteId, orgName) { let errorMessage; if (!orgName && !this.defaultOrganization) { errorMessage = 'Please provide a organization name'; } else if (!inviteId) { errorMessage = 'Please provide a invite id'; } if (errorMessage) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'POST', errorMessage, ), ), ); } const org = orgName || this.defaultOrganization; const inviteHash = UTILS.removeDocType(inviteId); return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/invites/${inviteHash}`, CONST.GET); }; /** * -- TerminusX API --- * Delete an invitation * @param {string} inviteId - The invite id to delete. * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * const fullInviteId="Organization/my_team_name/invitations/Invitation/7ad0c9eb82b6175bcda9 * c0dfc2ac51161ef5ba7cb0988d992c4bce82b3fa5d25" * accessControl.deleteOrgInvite(fullInviteId).then(result=>{ * console.log(result) * }) */ AccessControl.prototype.deleteOrgInvite = function (inviteId, orgName) { let errorMessage; if (!orgName && !this.defaultOrganization) { errorMessage = 'Please provide a organization name'; } else if (!inviteId) { errorMessage = 'Please provide a invite id'; } if (errorMessage) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'POST', errorMessage, ), ), ); } const org = orgName || this.defaultOrganization; const inviteHash = UTILS.removeDocType(inviteId); return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/invites/${inviteHash}`, CONST.DELETE); }; /** * -- TerminusX API --- * Accept /Reject invitation. if the invitation has been accepted we add the current user * to the organization. * * the only user that can accept this invitation is the user registered with the invitation email, * we indentify the user with the jwt token * @param {string} inviteId - The invite id to updated. * @param {boolean} accepted - The status of the invitation. * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * const fullInviteId="Organization/my_team_name/invitations/Invitation/7ad0c9eb82b6175bcda9 * c0dfc2ac51161ef5ba7cb0988d992c4bce82b3fa5d25" * accessControl.updateOrgInviteStatus(fullInviteId,true).then(result=>{ * console.log(result) * }) */ AccessControl.prototype.updateOrgInviteStatus = function (inviteId, accepted, orgName) { let errorMessage; if (!orgName && !this.defaultOrganization) { errorMessage = 'Please provide a organization name'; } else if (!inviteId) { errorMessage = 'Please provide a invite id'; } else if (typeof accepted === 'undefined') { errorMessage = 'Please provide a accepted status'; } if (errorMessage) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'PUT', errorMessage, ), ), ); } const org = orgName || this.defaultOrganization; const inviteHash = UTILS.removeDocType(inviteId); return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/invites/${inviteHash}`, CONST.PUT, { accepted, }); }; /** * -- TerminusX API --- * Get the user role for a given organization or the default organization * The user is identified by the jwt or the access token * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.getTeamUserRole().then(result=>{ * console.log(result) * }) * * //response object example * {"userRole":"Role/admin"} */ AccessControl.prototype.getTeamUserRole = function (orgName) { if (!orgName && !this.defaultOrganization) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'GET', 'Please provide a organization name', ), ), ); } const org = orgName || this.defaultOrganization; return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/role`, CONST.GET); }; /** * -- TerminusX API -- * Remove an user from an organization, only an admin user can remove an user from an organization * @param {string} userId - The id of the user to be removed. (this is the document user's @id) * @param {string} [orgName] - The organization name in which the user is to be removed. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.removeUserFromOrg("User/auth0%7C613f5dnndjdjkTTT","my_org_name").then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.removeUserFromOrg = function (userId, orgName) { let errorMessage; if (!orgName && !this.defaultOrganization) { errorMessage = 'Please provide a organization name'; } else if (!userId) { errorMessage = 'Please provide a userId'; } if (errorMessage) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'DELETE', errorMessage, ), ), ); } const org = orgName || this.defaultOrganization; const user = UTILS.removeDocType(userId); return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/users/${user}`, CONST.DELETE); }; /** * -- TerminusX API -- * Get the user's role for every databases under the organization * @param {string} userId - The user's id. * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.getDatabaseRolesOfUser('User/auth0%7C61790e366377Yu6596a').then(result=>{ * console.log(result) * }) * * //this is a capabilities list of databases and roles * //[ {capability: "Capability/b395e8523d509dec6b33aefc9baed3b2e2bfadbd4c79d4ff9b20dce2b14e2edc" * //if there is an id we have a user specific capabality for this database * // name: {@type: "xsd:string", @value: "profiles_test"} * // role: "Role/dataUpdater" * // scope: "UserDatabase/7ebdfae5a02bc7e8f6d79sjjjsa4e179b1df9d4576a3b1d2e5ff3b4859" * // user: "User/auth0%7C61790e11a3966d006906596a"}, * * //{ capability: null * // if the capability id is null the user level of access for this database is the * same of the team * //name: {@type: "xsd:string", @value: "Collab002"} * //role: "Role/dataReader" * // scope: "UserDatabase/acfcc2db02b83792sssb15239ccdf586fc5b176846ffe4878b1aea6a36c8f" * //user: "User/auth0%7C61790e11a3966d006906596a"}] */ AccessControl.prototype.getDatabaseRolesOfUser = function (userId, orgName) { let errorMessage; if (!orgName && !this.defaultOrganization) { errorMessage = 'Please provide a organization name'; } else if (!userId) { errorMessage = 'Please provide a user id'; } if (errorMessage) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'GET', errorMessage, ), ), ); } const org = orgName || this.defaultOrganization; const user = UTILS.removeDocType(userId); return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/users/${user}/databases`, CONST.GET); }; /** * -- TerminusX API -- * Create a user's a role for a resource (organization/database) * @param {string} userId - The user's id. * @param {string} scope - The resource name/id. * @param {string} role - The user role to be assigned. * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * const dbId = "UserDatabase/acfcc2db02b83792sssb15239ccdf586fc5b176846ffe4878b1aea6a36c8f" * accessControl.assignUserRole('User/auth0%7C61790e11a3966d006906596a',dbId, * "Role/collaborator").then(result=>{ * console.log(result) * * }) */ AccessControl.prototype.createUserRole = function (userId, scope, role, orgName) { let errorMessage; if (!orgName && !this.defaultOrganization) { errorMessage = 'Please provide a organization name'; } else if (!userId) { errorMessage = 'Please provide a user id'; } else if (!scope) { errorMessage = 'Please provide a scope'; } else if (!role) { errorMessage = 'Please provide a role'; } if (errorMessage) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'POST', errorMessage, ), ), ); } const org = orgName || this.defaultOrganization; const user = UTILS.removeDocType(userId); return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/users/${user}/capabilities`, CONST.POST, { scope, role, }); }; /** * -- TerminusX API -- * Update user's a role for a resource (organization/database), (this api works only in terminusX) * @param {string} userId - The user's id. * @param {string} capabilityId - The capability id. * @param {string} scope - The resource name/id. * @param {string} role - The user role to be updated. * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * const dbId = "UserDatabase/acfcc2db02b83792sssb15239ccdf586fc5b176846ffe4878b1aea6a36c8f" * const capId= "Capability/b395e8523d509dec6b33aefc9baed3b2e2bfadbd4c79d4ff9b20dce2b14e2edc" * accessControl.updateUserRole('User/auth0%7C61790e11a3966d006906596a',capId,dbId, * "Role/dataUpdater").then(result=>{ * console.log(result) * * }) */ AccessControl.prototype.updateUserRole = function (userId, capabilityId, scope, role, orgName) { let errorMessage; if (!orgName && !this.defaultOrganization) { errorMessage = 'Please provide a organization name'; } else if (!userId) { errorMessage = 'Please provide a user id'; } else if (!capabilityId) { errorMessage = 'Please provide a capabilityId'; } else if (!scope) { errorMessage = 'Please provide a scope'; } else if (!role) { errorMessage = 'Please provide a role'; } if (errorMessage) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'PUT', errorMessage, ), ), ); } const org = orgName || this.defaultOrganization; const user = UTILS.removeDocType(userId); const capHash = UTILS.removeDocType(capabilityId); return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/users/${user}/capabilities/${capHash}`, CONST.PUT, { scope, role, }); }; /** * -- TerminusX API -- * Get all the access request list for a specify organization * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.accessRequestsList().then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.accessRequestsList = function (orgName) { if (!orgName && !this.defaultOrganization) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'GET', 'Please provide a organization name', ), ), ); } const org = orgName || this.defaultOrganization; return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/access_requests`, CONST.GET); }; /** * -- TerminusX API -- * Get all the access request list for a specify organization * @param {string} [email] - the user email. * @param {string} [affiliation] - the user affiliation, company, university etc.. * @param {string} [note] - the message for the team admin * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.sendAccessRequest("myemail@terminusdb.com", * "my_company", * "please add me to your team" * ).then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.sendAccessRequest = function (email, affiliation, note, orgName) { if (!orgName && !this.defaultOrganization) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'POST', 'Please provide a organization name', ), ), ); } const payload = { email, affiliation, note }; const org = orgName || this.defaultOrganization; return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/access_requests`, CONST.POST, payload); }; /** * -- TerminusX API -- * Delete an access request to join your team, only an admin user can delete it * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.deleteAccessRequest("djjdshhsuuwewueueuiHYHYYW.......").then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.deleteAccessRequest = function (acceId, orgName) { if (!orgName && !this.defaultOrganization) { return Promise.reject( new Error( ErrorMessage.getInvalidParameterMessage( 'POST', 'Please provide a organization name', ), ), ); } const org = orgName || this.defaultOrganization; return this.dispatch(`${this.baseURL}/organizations/${UTILS.encodeURISegment(org)}/access_requests/${acceId}`, CONST.DELETE); }; /** * -- TerminusX API -- * Get the userinfo teams ownership and subscription * @param {string} [orgName] - The organization name. * @return {Promise} A promise that returns the call response object, or an Error if rejected. * @example * accessControl.getUserInfo().then(result=>{ * console.log(result) * }) * */ AccessControl.prototype.getUserInfo = function (userName) { const userNameUrl = userName || 'info'; return this.dispatch(`${this.baseURL}/users/${UTILS.encodeURISegment(userNameUrl)}`, CONST.GET); }; module.exports = AccessControl;