diff --git a/.openapi-generator/FILES b/.openapi-generator/FILES index 9152225..ea59c97 100644 --- a/.openapi-generator/FILES +++ b/.openapi-generator/FILES @@ -5,7 +5,7 @@ README.md docs/Access.md docs/AccessList.md -docs/AccessRuleCondition.md +docs/AccessRule.md docs/AccessRulesApi.md docs/AddBundleGroupRequest.md docs/AddBundleResourceRequest.md @@ -67,6 +67,7 @@ docs/GroupRemoteInfoGitlabGroup.md docs/GroupRemoteInfoGoogleGroup.md docs/GroupRemoteInfoLdapGroup.md docs/GroupRemoteInfoOktaGroup.md +docs/GroupRemoteInfoSnowflakeRole.md docs/GroupResource.md docs/GroupResourceList.md docs/GroupTypeEnum.md @@ -175,6 +176,7 @@ docs/UAR.md docs/UARReviewerAssignmentPolicyEnum.md docs/UARScope.md docs/UarsApi.md +docs/UpdateAccessRuleInfo.md docs/UpdateConfigurationTemplateInfo.md docs/UpdateGroupBindingInfo.md docs/UpdateGroupBindingInfoList.md @@ -223,7 +225,7 @@ opal_security/exceptions.py opal_security/models/__init__.py opal_security/models/access.py opal_security/models/access_list.py -opal_security/models/access_rule_condition.py +opal_security/models/access_rule.py opal_security/models/add_bundle_group_request.py opal_security/models/add_bundle_resource_request.py opal_security/models/add_group_resource_request.py @@ -279,6 +281,7 @@ opal_security/models/group_remote_info_gitlab_group.py opal_security/models/group_remote_info_google_group.py opal_security/models/group_remote_info_ldap_group.py opal_security/models/group_remote_info_okta_group.py +opal_security/models/group_remote_info_snowflake_role.py opal_security/models/group_resource.py opal_security/models/group_resource_list.py opal_security/models/group_type_enum.py @@ -376,6 +379,7 @@ opal_security/models/ticketing_provider_enum.py opal_security/models/uar.py opal_security/models/uar_reviewer_assignment_policy_enum.py opal_security/models/uar_scope.py +opal_security/models/update_access_rule_info.py opal_security/models/update_configuration_template_info.py opal_security/models/update_group_binding_info.py opal_security/models/update_group_binding_info_list.py @@ -403,24 +407,4 @@ setup.cfg setup.py test-requirements.txt test/__init__.py -test/test_access_rule_condition.py -test/test_access_rules_api.py -test/test_add_bundle_group_request.py -test/test_add_bundle_resource_request.py -test/test_bundle.py -test/test_bundle_group.py -test/test_bundle_resource.py -test/test_bundles_api.py -test/test_create_bundle_info.py -test/test_group_containing_group.py -test/test_group_containing_group_list.py -test/test_group_with_access_level.py -test/test_paginated_bundle_group_list.py -test/test_paginated_bundle_list.py -test/test_paginated_bundle_resource_list.py -test/test_rule_clauses.py -test/test_rule_conjunction.py -test/test_rule_disjunction.py -test/test_tag_selector.py -test/test_update_resource_user_request.py tox.ini diff --git a/README.md b/README.md index b766004..1c8624b 100644 --- a/README.md +++ b/README.md @@ -82,14 +82,14 @@ configuration = opal.Configuration( with opal.ApiClient(configuration) as api_client: # Create an instance of the API class api_instance = opal.AccessRulesApi(api_client) - access_rule_id = '1b978423-db0a-4037-a4cf-f79c60cb67b3' # str | The access rule ID (group ID) of the access rule. + update_access_rule_info = opal_security.UpdateAccessRuleInfo() # UpdateAccessRuleInfo | try: - api_response = api_instance.get_access_rule(access_rule_id) - print("The response of AccessRulesApi->get_access_rule:\n") + api_response = api_instance.create_access_rule(update_access_rule_info) + print("The response of AccessRulesApi->create_access_rule:\n") pprint(api_response) except ApiException as e: - print("Exception when calling AccessRulesApi->get_access_rule: %s\n" % e) + print("Exception when calling AccessRulesApi->create_access_rule: %s\n" % e) ``` @@ -141,6 +141,7 @@ All URIs are relative to *https://api.opal.dev/v1* Class | Method | HTTP request | Description ------------ | ------------- | ------------- | ------------- +*AccessRulesApi* | [**create_access_rule**](docs/AccessRulesApi.md#create_access_rule) | **POST** /access-rules | *AccessRulesApi* | [**get_access_rule**](docs/AccessRulesApi.md#get_access_rule) | **GET** /access-rules/{access_rule_id} | *AccessRulesApi* | [**update_access_rule**](docs/AccessRulesApi.md#update_access_rule) | **PUT** /access-rules/{access_rule_id} | *AppsApi* | [**get_app**](docs/AppsApi.md#get_app) | **GET** /apps/{app_id} | @@ -261,7 +262,7 @@ Class | Method | HTTP request | Description - [Access](docs/Access.md) - [AccessList](docs/AccessList.md) - - [AccessRuleCondition](docs/AccessRuleCondition.md) + - [AccessRule](docs/AccessRule.md) - [AddBundleGroupRequest](docs/AddBundleGroupRequest.md) - [AddBundleResourceRequest](docs/AddBundleResourceRequest.md) - [AddGroupResourceRequest](docs/AddGroupResourceRequest.md) @@ -317,6 +318,7 @@ Class | Method | HTTP request | Description - [GroupRemoteInfoGoogleGroup](docs/GroupRemoteInfoGoogleGroup.md) - [GroupRemoteInfoLdapGroup](docs/GroupRemoteInfoLdapGroup.md) - [GroupRemoteInfoOktaGroup](docs/GroupRemoteInfoOktaGroup.md) + - [GroupRemoteInfoSnowflakeRole](docs/GroupRemoteInfoSnowflakeRole.md) - [GroupResource](docs/GroupResource.md) - [GroupResourceList](docs/GroupResourceList.md) - [GroupTypeEnum](docs/GroupTypeEnum.md) @@ -414,6 +416,7 @@ Class | Method | HTTP request | Description - [UAR](docs/UAR.md) - [UARReviewerAssignmentPolicyEnum](docs/UARReviewerAssignmentPolicyEnum.md) - [UARScope](docs/UARScope.md) + - [UpdateAccessRuleInfo](docs/UpdateAccessRuleInfo.md) - [UpdateConfigurationTemplateInfo](docs/UpdateConfigurationTemplateInfo.md) - [UpdateGroupBindingInfo](docs/UpdateGroupBindingInfo.md) - [UpdateGroupBindingInfoList](docs/UpdateGroupBindingInfoList.md) diff --git a/api/openapi.yaml b/api/openapi.yaml index 303cf1b..21cf794 100644 --- a/api/openapi.yaml +++ b/api/openapi.yaml @@ -589,8 +589,8 @@ paths: summary: Example with date value: 2021-11-01 withDatetime: - summary: Example with date and time - value: 2021-11-01 12:00:00 + summary: Example with date and time in ISO 8601 datetime format. + value: 2025-01-01T00:00:00Z explode: true in: query name: start_date_filter @@ -604,8 +604,8 @@ paths: summary: Example with date value: 2021-11-12 withDatetime: - summary: Example with date and time - value: 2021-11-12 12:00:00 + summary: Example with date and time in ISO 8601 datetime format. + value: 2025-01-01T00:00:00Z explode: true in: query name: end_date_filter @@ -1988,6 +1988,36 @@ paths: description: Returns a list of requests for your organization that is visible by the admin. operationId: getRequests parameters: + - description: A start date filter for the events. + examples: + withDate: + summary: Example with date + value: 2021-11-01 + withDatetime: + summary: Example with date and time in ISO 8601 datetime format. + value: 2025-01-01T00:00:00Z + explode: true + in: query + name: start_date_filter + required: false + schema: + type: string + style: form + - description: An end date filter for the events. + examples: + withDate: + summary: Example with date + value: 2021-11-12 + withDatetime: + summary: Example with date and time in ISO 8601 datetime format. + value: 2025-01-01T00:00:00Z + explode: true + in: query + name: end_date_filter + required: false + schema: + type: string + style: form - description: The pagination cursor value. example: cD0yMDIxLTAxLTA2KzAzJTNBMjQlM0E1My40MzQzMjYlMkIwMCUzQTAw explode: true @@ -2841,6 +2871,7 @@ paths: - resources /resource-user-access-status/{resource_id}/{user_id}: get: + deprecated: true description: Get user's access status to a resource. operationId: resource_user_access_status_retrieve parameters: @@ -3060,6 +3091,27 @@ paths: - BearerAuth: [] tags: - users + /access-rules: + post: + description: Creates a new access rule config for the given group_id. + operationId: create_access_rule + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateAccessRuleInfo" + responses: + "201": + content: + application/json: + schema: + $ref: "#/components/schemas/AccessRule" + description: The created access rule config for the group. + security: + - BearerAuth: [] + tags: + - access-rules /access-rules/{access_rule_id}: get: description: Returns a list of access rule config given the group_id of the access rule. @@ -3080,7 +3132,7 @@ paths: content: application/json: schema: - $ref: "#/components/schemas/AccessRuleCondition" + $ref: "#/components/schemas/AccessRule" description: The access rules for the group. security: - BearerAuth: [] @@ -3105,13 +3157,13 @@ paths: content: application/json: schema: - $ref: "#/components/schemas/AccessRuleCondition" + $ref: "#/components/schemas/UpdateAccessRuleInfo" responses: "200": content: application/json: schema: - $ref: "#/components/schemas/AccessRuleCondition" + $ref: "#/components/schemas/AccessRule" description: The updated access rule config for the group. security: - BearerAuth: [] @@ -5930,6 +5982,16 @@ components: type: object required: - group_id + snowflake_role: + description: Remote info for Snowflake role. + properties: + role_id: + description: The id of the Snowflake role. + example: 01fa7402-01d8-103b-8deb-5f3a0ab7884 + type: string + type: object + required: + - role_id type: object ResourceRemoteInfo: description: Information that defines the remote resource. This replaces the deprecated remote_id and metadata fields. @@ -6803,10 +6865,10 @@ components: ### Usage Example Returned from the `GET Requests` endpoint. enum: - - pending - - approved - - denied - - canceled + - PENDING + - APPROVED + - DENIED + - CANCELED type: string Request: description: |- @@ -7679,15 +7741,67 @@ components: - group_id - group_type type: object - AccessRuleCondition: + UpdateAccessRuleInfo: + description: |- + # UpdateAccessRuleInfo Object + ### Description + The `UpdateAccessRuleInfo` object is used as an input to the UpdateAccessRule and CreateAccessRule API. + properties: + name: + description: The name of the access rule. + example: Platform Engineering + type: string + description: + description: A description of the group. + example: This access rule represents all platform engineers in the company. + type: string + admin_owner_id: + description: The ID of the owner of the group. + example: 7c86c85d-0651-43e2-a748-d69d658418e8 + format: uuid + type: string + status: + description: The status of the access rule. + type: string + enum: + - ACTIVE + - PAUSED + example: ACTIVE + ruleClauses: + $ref: "#/components/schemas/RuleClauses" + required: + - status + - ruleClauses + - name + - admin_owner_id + - description + AccessRule: description: |- - # Access Rule Config Object + # Access Rule Object ### Description - The `AccessRuleConfig` object is used to represent an access rule configuration. + The `AccessRule` object is used to represent an access rule configuration. ### Usage Example Get access rule configurations from the `GET Access Rule Configs` endpoint. properties: + access_rule_id: + description: The ID (group ID) of the access rule. + example: 7c86c85d-0651-43e2-a748-d69d658418e8 + format: uuid + type: string + name: + description: The name of the access rule. + example: Platform Engineering + type: string + description: + description: A description of the group. + example: This access rule represents all platform engineers in the company. + type: string + admin_owner_id: + description: The ID of the owner of the group. + example: 7c86c85d-0651-43e2-a748-d69d658418e8 + format: uuid + type: string status: description: The status of the access rule. type: string @@ -7700,6 +7814,10 @@ components: required: - status - ruleClauses + - name + - admin_owner_id + - access_rule_id + - description RuleClauses: properties: when: @@ -7721,7 +7839,6 @@ components: properties: selectors: type: array - minItems: 1 items: $ref: "#/components/schemas/TagSelector" required: diff --git a/docs/AccessRule.md b/docs/AccessRule.md new file mode 100644 index 0000000..943471b --- /dev/null +++ b/docs/AccessRule.md @@ -0,0 +1,35 @@ +# AccessRule + +# Access Rule Object ### Description The `AccessRule` object is used to represent an access rule configuration. ### Usage Example Get access rule configurations from the `GET Access Rule Configs` endpoint. + +## Properties + +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**access_rule_id** | **str** | The ID (group ID) of the access rule. | +**name** | **str** | The name of the access rule. | +**description** | **str** | A description of the group. | +**admin_owner_id** | **str** | The ID of the owner of the group. | +**status** | **str** | The status of the access rule. | +**rule_clauses** | [**RuleClauses**](RuleClauses.md) | | + +## Example + +```python +from opal_security.models.access_rule import AccessRule + +# TODO update the JSON string below +json = "{}" +# create an instance of AccessRule from a JSON string +access_rule_instance = AccessRule.from_json(json) +# print the JSON string representation of the object +print(AccessRule.to_json()) + +# convert the object into a dict +access_rule_dict = access_rule_instance.to_dict() +# create an instance of AccessRule from a dict +access_rule_from_dict = AccessRule.from_dict(access_rule_dict) +``` +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/docs/AccessRulesApi.md b/docs/AccessRulesApi.md index c63ffad..d09a203 100644 --- a/docs/AccessRulesApi.md +++ b/docs/AccessRulesApi.md @@ -4,12 +4,91 @@ All URIs are relative to *https://api.opal.dev/v1* Method | HTTP request | Description ------------- | ------------- | ------------- +[**create_access_rule**](AccessRulesApi.md#create_access_rule) | **POST** /access-rules | [**get_access_rule**](AccessRulesApi.md#get_access_rule) | **GET** /access-rules/{access_rule_id} | [**update_access_rule**](AccessRulesApi.md#update_access_rule) | **PUT** /access-rules/{access_rule_id} | +# **create_access_rule** +> AccessRule create_access_rule(update_access_rule_info) + +Creates a new access rule config for the given group_id. + +### Example + +* Bearer Authentication (BearerAuth): + +```python +import opal_security +from opal_security.models.access_rule import AccessRule +from opal_security.models.update_access_rule_info import UpdateAccessRuleInfo +from opal_security.rest import ApiException +from pprint import pprint + +# Defining the host is optional and defaults to https://api.opal.dev/v1 +# See configuration.py for a list of all supported configuration parameters. +import opal_security as opal + +configuration = opal.Configuration( + host = "https://api.opal.dev/v1" +) + +# The client must configure the authentication and authorization parameters +# in accordance with the API server security policy. +# Examples for each auth method are provided below, use the example that +# satisfies your auth use case. + +# Configure Bearer authorization: BearerAuth +configuration = opal.Configuration( + access_token = os.environ["BEARER_TOKEN"] +) + +# Enter a context with an instance of the API client +with opal_security.ApiClient(configuration) as api_client: + # Create an instance of the API class + api_instance = opal_security.AccessRulesApi(api_client) + update_access_rule_info = opal_security.UpdateAccessRuleInfo() # UpdateAccessRuleInfo | + + try: + api_response = api_instance.create_access_rule(update_access_rule_info) + print("The response of AccessRulesApi->create_access_rule:\n") + pprint(api_response) + except Exception as e: + print("Exception when calling AccessRulesApi->create_access_rule: %s\n" % e) +``` + + + +### Parameters + + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **update_access_rule_info** | [**UpdateAccessRuleInfo**](UpdateAccessRuleInfo.md)| | + +### Return type + +[**AccessRule**](AccessRule.md) + +### Authorization + +[BearerAuth](../README.md#BearerAuth) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +### HTTP response details + +| Status code | Description | Response headers | +|-------------|-------------|------------------| +**201** | The created access rule config for the group. | - | + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + # **get_access_rule** -> AccessRuleCondition get_access_rule(access_rule_id) +> AccessRule get_access_rule(access_rule_id) Returns a list of access rule config given the group_id of the access rule. @@ -19,7 +98,7 @@ Returns a list of access rule config given the group_id of the access rule. ```python import opal_security -from opal_security.models.access_rule_condition import AccessRuleCondition +from opal_security.models.access_rule import AccessRule from opal_security.rest import ApiException from pprint import pprint @@ -66,7 +145,7 @@ Name | Type | Description | Notes ### Return type -[**AccessRuleCondition**](AccessRuleCondition.md) +[**AccessRule**](AccessRule.md) ### Authorization @@ -86,7 +165,7 @@ Name | Type | Description | Notes [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) # **update_access_rule** -> AccessRuleCondition update_access_rule(access_rule_id, access_rule_condition) +> AccessRule update_access_rule(access_rule_id, update_access_rule_info) Updates the access rule config for the given group_id. @@ -96,7 +175,8 @@ Updates the access rule config for the given group_id. ```python import opal_security -from opal_security.models.access_rule_condition import AccessRuleCondition +from opal_security.models.access_rule import AccessRule +from opal_security.models.update_access_rule_info import UpdateAccessRuleInfo from opal_security.rest import ApiException from pprint import pprint @@ -123,10 +203,10 @@ with opal_security.ApiClient(configuration) as api_client: # Create an instance of the API class api_instance = opal_security.AccessRulesApi(api_client) access_rule_id = '1b978423-db0a-4037-a4cf-f79c60cb67b3' # str | The access rule ID (group ID) of the access rule. - access_rule_condition = opal_security.AccessRuleCondition() # AccessRuleCondition | + update_access_rule_info = opal_security.UpdateAccessRuleInfo() # UpdateAccessRuleInfo | try: - api_response = api_instance.update_access_rule(access_rule_id, access_rule_condition) + api_response = api_instance.update_access_rule(access_rule_id, update_access_rule_info) print("The response of AccessRulesApi->update_access_rule:\n") pprint(api_response) except Exception as e: @@ -141,11 +221,11 @@ with opal_security.ApiClient(configuration) as api_client: Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **access_rule_id** | **str**| The access rule ID (group ID) of the access rule. | - **access_rule_condition** | [**AccessRuleCondition**](AccessRuleCondition.md)| | + **update_access_rule_info** | [**UpdateAccessRuleInfo**](UpdateAccessRuleInfo.md)| | ### Return type -[**AccessRuleCondition**](AccessRuleCondition.md) +[**AccessRule**](AccessRule.md) ### Authorization diff --git a/docs/GroupRemoteInfo.md b/docs/GroupRemoteInfo.md index 4344194..3101f6f 100644 --- a/docs/GroupRemoteInfo.md +++ b/docs/GroupRemoteInfo.md @@ -15,6 +15,7 @@ Name | Type | Description | Notes **duo_group** | [**GroupRemoteInfoDuoGroup**](GroupRemoteInfoDuoGroup.md) | | [optional] **azure_ad_security_group** | [**GroupRemoteInfoAzureAdSecurityGroup**](GroupRemoteInfoAzureAdSecurityGroup.md) | | [optional] **azure_ad_microsoft_365_group** | [**GroupRemoteInfoAzureAdMicrosoft365Group**](GroupRemoteInfoAzureAdMicrosoft365Group.md) | | [optional] +**snowflake_role** | [**GroupRemoteInfoSnowflakeRole**](GroupRemoteInfoSnowflakeRole.md) | | [optional] ## Example diff --git a/docs/GroupRemoteInfoSnowflakeRole.md b/docs/GroupRemoteInfoSnowflakeRole.md new file mode 100644 index 0000000..7c43b1d --- /dev/null +++ b/docs/GroupRemoteInfoSnowflakeRole.md @@ -0,0 +1,30 @@ +# GroupRemoteInfoSnowflakeRole + +Remote info for Snowflake role. + +## Properties + +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**role_id** | **str** | The id of the Snowflake role. | + +## Example + +```python +from opal_security.models.group_remote_info_snowflake_role import GroupRemoteInfoSnowflakeRole + +# TODO update the JSON string below +json = "{}" +# create an instance of GroupRemoteInfoSnowflakeRole from a JSON string +group_remote_info_snowflake_role_instance = GroupRemoteInfoSnowflakeRole.from_json(json) +# print the JSON string representation of the object +print(GroupRemoteInfoSnowflakeRole.to_json()) + +# convert the object into a dict +group_remote_info_snowflake_role_dict = group_remote_info_snowflake_role_instance.to_dict() +# create an instance of GroupRemoteInfoSnowflakeRole from a dict +group_remote_info_snowflake_role_from_dict = GroupRemoteInfoSnowflakeRole.from_dict(group_remote_info_snowflake_role_dict) +``` +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/docs/RequestStatusEnum.md b/docs/RequestStatusEnum.md index d1fa9ff..fdbb782 100644 --- a/docs/RequestStatusEnum.md +++ b/docs/RequestStatusEnum.md @@ -4,13 +4,13 @@ ## Enum -* `PENDING` (value: `'pending'`) +* `PENDING` (value: `'PENDING'`) -* `APPROVED` (value: `'approved'`) +* `APPROVED` (value: `'APPROVED'`) -* `DENIED` (value: `'denied'`) +* `DENIED` (value: `'DENIED'`) -* `CANCELED` (value: `'canceled'`) +* `CANCELED` (value: `'CANCELED'`) [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/docs/RequestsApi.md b/docs/RequestsApi.md index f38d6d8..4d2fb04 100644 --- a/docs/RequestsApi.md +++ b/docs/RequestsApi.md @@ -87,7 +87,7 @@ Name | Type | Description | Notes [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) # **get_requests** -> RequestList get_requests(cursor=cursor, page_size=page_size, show_pending_only=show_pending_only) +> RequestList get_requests(start_date_filter=start_date_filter, end_date_filter=end_date_filter, cursor=cursor, page_size=page_size, show_pending_only=show_pending_only) Returns a list of requests for your organization that is visible by the admin. @@ -123,12 +123,14 @@ configuration = opal.Configuration( with opal_security.ApiClient(configuration) as api_client: # Create an instance of the API class api_instance = opal_security.RequestsApi(api_client) + start_date_filter = '2021-11-01' # str | A start date filter for the events. (optional) + end_date_filter = '2021-11-12' # str | An end date filter for the events. (optional) cursor = 'cD0yMDIxLTAxLTA2KzAzJTNBMjQlM0E1My40MzQzMjYlMkIwMCUzQTAw' # str | The pagination cursor value. (optional) page_size = 200 # int | Number of results to return per page. Default is 200. (optional) show_pending_only = True # bool | Boolean toggle for if it should only show pending requests. (optional) try: - api_response = api_instance.get_requests(cursor=cursor, page_size=page_size, show_pending_only=show_pending_only) + api_response = api_instance.get_requests(start_date_filter=start_date_filter, end_date_filter=end_date_filter, cursor=cursor, page_size=page_size, show_pending_only=show_pending_only) print("The response of RequestsApi->get_requests:\n") pprint(api_response) except Exception as e: @@ -142,6 +144,8 @@ with opal_security.ApiClient(configuration) as api_client: Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- + **start_date_filter** | **str**| A start date filter for the events. | [optional] + **end_date_filter** | **str**| An end date filter for the events. | [optional] **cursor** | **str**| The pagination cursor value. | [optional] **page_size** | **int**| Number of results to return per page. Default is 200. | [optional] **show_pending_only** | **bool**| Boolean toggle for if it should only show pending requests. | [optional] diff --git a/docs/UpdateAccessRuleInfo.md b/docs/UpdateAccessRuleInfo.md new file mode 100644 index 0000000..5deb162 --- /dev/null +++ b/docs/UpdateAccessRuleInfo.md @@ -0,0 +1,34 @@ +# UpdateAccessRuleInfo + +# UpdateAccessRuleInfo Object ### Description The `UpdateAccessRuleInfo` object is used as an input to the UpdateAccessRule and CreateAccessRule API. + +## Properties + +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**name** | **str** | The name of the access rule. | +**description** | **str** | A description of the group. | +**admin_owner_id** | **str** | The ID of the owner of the group. | +**status** | **str** | The status of the access rule. | +**rule_clauses** | [**RuleClauses**](RuleClauses.md) | | + +## Example + +```python +from opal_security.models.update_access_rule_info import UpdateAccessRuleInfo + +# TODO update the JSON string below +json = "{}" +# create an instance of UpdateAccessRuleInfo from a JSON string +update_access_rule_info_instance = UpdateAccessRuleInfo.from_json(json) +# print the JSON string representation of the object +print(UpdateAccessRuleInfo.to_json()) + +# convert the object into a dict +update_access_rule_info_dict = update_access_rule_info_instance.to_dict() +# create an instance of UpdateAccessRuleInfo from a dict +update_access_rule_info_from_dict = UpdateAccessRuleInfo.from_dict(update_access_rule_info_dict) +``` +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/opal_security/__init__.py b/opal_security/__init__.py index b80246d..c360c22 100644 --- a/opal_security/__init__.py +++ b/opal_security/__init__.py @@ -51,7 +51,7 @@ # import models into sdk package from opal_security.models.access import Access from opal_security.models.access_list import AccessList -from opal_security.models.access_rule_condition import AccessRuleCondition +from opal_security.models.access_rule import AccessRule from opal_security.models.add_bundle_group_request import AddBundleGroupRequest from opal_security.models.add_bundle_resource_request import AddBundleResourceRequest from opal_security.models.add_group_resource_request import AddGroupResourceRequest @@ -107,6 +107,7 @@ from opal_security.models.group_remote_info_google_group import GroupRemoteInfoGoogleGroup from opal_security.models.group_remote_info_ldap_group import GroupRemoteInfoLdapGroup from opal_security.models.group_remote_info_okta_group import GroupRemoteInfoOktaGroup +from opal_security.models.group_remote_info_snowflake_role import GroupRemoteInfoSnowflakeRole from opal_security.models.group_resource import GroupResource from opal_security.models.group_resource_list import GroupResourceList from opal_security.models.group_type_enum import GroupTypeEnum @@ -204,6 +205,7 @@ from opal_security.models.uar import UAR from opal_security.models.uar_reviewer_assignment_policy_enum import UARReviewerAssignmentPolicyEnum from opal_security.models.uar_scope import UARScope +from opal_security.models.update_access_rule_info import UpdateAccessRuleInfo from opal_security.models.update_configuration_template_info import UpdateConfigurationTemplateInfo from opal_security.models.update_group_binding_info import UpdateGroupBindingInfo from opal_security.models.update_group_binding_info_list import UpdateGroupBindingInfoList diff --git a/opal_security/api/access_rules_api.py b/opal_security/api/access_rules_api.py index 0f73d20..0255fdc 100644 --- a/opal_security/api/access_rules_api.py +++ b/opal_security/api/access_rules_api.py @@ -19,7 +19,8 @@ from pydantic import Field, StrictStr from typing_extensions import Annotated -from opal_security.models.access_rule_condition import AccessRuleCondition +from opal_security.models.access_rule import AccessRule +from opal_security.models.update_access_rule_info import UpdateAccessRuleInfo from opal_security.api_client import ApiClient, RequestSerialized from opal_security.api_response import ApiResponse @@ -39,6 +40,280 @@ def __init__(self, api_client=None) -> None: self.api_client = api_client + @validate_call + def create_access_rule( + self, + update_access_rule_info: UpdateAccessRuleInfo, + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[ + Annotated[StrictFloat, Field(gt=0)], + Annotated[StrictFloat, Field(gt=0)] + ] + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> AccessRule: + """create_access_rule + + Creates a new access rule config for the given group_id. + + :param update_access_rule_info: (required) + :type update_access_rule_info: UpdateAccessRuleInfo + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._create_access_rule_serialize( + update_access_rule_info=update_access_rule_info, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index + ) + + _response_types_map: Dict[str, Optional[str]] = { + '201': "AccessRule", + } + response_data = self.api_client.call_api( + *_param, + _request_timeout=_request_timeout + ) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ).data + + + @validate_call + def create_access_rule_with_http_info( + self, + update_access_rule_info: UpdateAccessRuleInfo, + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[ + Annotated[StrictFloat, Field(gt=0)], + Annotated[StrictFloat, Field(gt=0)] + ] + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> ApiResponse[AccessRule]: + """create_access_rule + + Creates a new access rule config for the given group_id. + + :param update_access_rule_info: (required) + :type update_access_rule_info: UpdateAccessRuleInfo + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._create_access_rule_serialize( + update_access_rule_info=update_access_rule_info, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index + ) + + _response_types_map: Dict[str, Optional[str]] = { + '201': "AccessRule", + } + response_data = self.api_client.call_api( + *_param, + _request_timeout=_request_timeout + ) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ) + + + @validate_call + def create_access_rule_without_preload_content( + self, + update_access_rule_info: UpdateAccessRuleInfo, + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[ + Annotated[StrictFloat, Field(gt=0)], + Annotated[StrictFloat, Field(gt=0)] + ] + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> RESTResponseType: + """create_access_rule + + Creates a new access rule config for the given group_id. + + :param update_access_rule_info: (required) + :type update_access_rule_info: UpdateAccessRuleInfo + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._create_access_rule_serialize( + update_access_rule_info=update_access_rule_info, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index + ) + + _response_types_map: Dict[str, Optional[str]] = { + '201': "AccessRule", + } + response_data = self.api_client.call_api( + *_param, + _request_timeout=_request_timeout + ) + return response_data.response + + + def _create_access_rule_serialize( + self, + update_access_rule_info, + _request_auth, + _content_type, + _headers, + _host_index, + ) -> RequestSerialized: + + _host = None + + _collection_formats: Dict[str, str] = { + } + + _path_params: Dict[str, str] = {} + _query_params: List[Tuple[str, str]] = [] + _header_params: Dict[str, Optional[str]] = _headers or {} + _form_params: List[Tuple[str, str]] = [] + _files: Dict[ + str, Union[str, bytes, List[str], List[bytes], List[Tuple[str, bytes]]] + ] = {} + _body_params: Optional[bytes] = None + + # process the path parameters + # process the query parameters + # process the header parameters + # process the form parameters + # process the body parameter + if update_access_rule_info is not None: + _body_params = update_access_rule_info + + + # set the HTTP header `Accept` + if 'Accept' not in _header_params: + _header_params['Accept'] = self.api_client.select_header_accept( + [ + 'application/json' + ] + ) + + # set the HTTP header `Content-Type` + if _content_type: + _header_params['Content-Type'] = _content_type + else: + _default_content_type = ( + self.api_client.select_header_content_type( + [ + 'application/json' + ] + ) + ) + if _default_content_type is not None: + _header_params['Content-Type'] = _default_content_type + + # authentication setting + _auth_settings: List[str] = [ + 'BearerAuth' + ] + + return self.api_client.param_serialize( + method='POST', + resource_path='/access-rules', + path_params=_path_params, + query_params=_query_params, + header_params=_header_params, + body=_body_params, + post_params=_form_params, + files=_files, + auth_settings=_auth_settings, + collection_formats=_collection_formats, + _host=_host, + _request_auth=_request_auth + ) + + + + @validate_call def get_access_rule( self, @@ -55,7 +330,7 @@ def get_access_rule( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> AccessRuleCondition: + ) -> AccessRule: """get_access_rule Returns a list of access rule config given the group_id of the access rule. @@ -93,7 +368,7 @@ def get_access_rule( ) _response_types_map: Dict[str, Optional[str]] = { - '200': "AccessRuleCondition", + '200': "AccessRule", } response_data = self.api_client.call_api( *_param, @@ -122,7 +397,7 @@ def get_access_rule_with_http_info( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> ApiResponse[AccessRuleCondition]: + ) -> ApiResponse[AccessRule]: """get_access_rule Returns a list of access rule config given the group_id of the access rule. @@ -160,7 +435,7 @@ def get_access_rule_with_http_info( ) _response_types_map: Dict[str, Optional[str]] = { - '200': "AccessRuleCondition", + '200': "AccessRule", } response_data = self.api_client.call_api( *_param, @@ -227,7 +502,7 @@ def get_access_rule_without_preload_content( ) _response_types_map: Dict[str, Optional[str]] = { - '200': "AccessRuleCondition", + '200': "AccessRule", } response_data = self.api_client.call_api( *_param, @@ -304,7 +579,7 @@ def _get_access_rule_serialize( def update_access_rule( self, access_rule_id: Annotated[StrictStr, Field(description="The access rule ID (group ID) of the access rule.")], - access_rule_condition: AccessRuleCondition, + update_access_rule_info: UpdateAccessRuleInfo, _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -317,15 +592,15 @@ def update_access_rule( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> AccessRuleCondition: + ) -> AccessRule: """update_access_rule Updates the access rule config for the given group_id. :param access_rule_id: The access rule ID (group ID) of the access rule. (required) :type access_rule_id: str - :param access_rule_condition: (required) - :type access_rule_condition: AccessRuleCondition + :param update_access_rule_info: (required) + :type update_access_rule_info: UpdateAccessRuleInfo :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -350,7 +625,7 @@ def update_access_rule( _param = self._update_access_rule_serialize( access_rule_id=access_rule_id, - access_rule_condition=access_rule_condition, + update_access_rule_info=update_access_rule_info, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -358,7 +633,7 @@ def update_access_rule( ) _response_types_map: Dict[str, Optional[str]] = { - '200': "AccessRuleCondition", + '200': "AccessRule", } response_data = self.api_client.call_api( *_param, @@ -375,7 +650,7 @@ def update_access_rule( def update_access_rule_with_http_info( self, access_rule_id: Annotated[StrictStr, Field(description="The access rule ID (group ID) of the access rule.")], - access_rule_condition: AccessRuleCondition, + update_access_rule_info: UpdateAccessRuleInfo, _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -388,15 +663,15 @@ def update_access_rule_with_http_info( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> ApiResponse[AccessRuleCondition]: + ) -> ApiResponse[AccessRule]: """update_access_rule Updates the access rule config for the given group_id. :param access_rule_id: The access rule ID (group ID) of the access rule. (required) :type access_rule_id: str - :param access_rule_condition: (required) - :type access_rule_condition: AccessRuleCondition + :param update_access_rule_info: (required) + :type update_access_rule_info: UpdateAccessRuleInfo :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -421,7 +696,7 @@ def update_access_rule_with_http_info( _param = self._update_access_rule_serialize( access_rule_id=access_rule_id, - access_rule_condition=access_rule_condition, + update_access_rule_info=update_access_rule_info, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -429,7 +704,7 @@ def update_access_rule_with_http_info( ) _response_types_map: Dict[str, Optional[str]] = { - '200': "AccessRuleCondition", + '200': "AccessRule", } response_data = self.api_client.call_api( *_param, @@ -446,7 +721,7 @@ def update_access_rule_with_http_info( def update_access_rule_without_preload_content( self, access_rule_id: Annotated[StrictStr, Field(description="The access rule ID (group ID) of the access rule.")], - access_rule_condition: AccessRuleCondition, + update_access_rule_info: UpdateAccessRuleInfo, _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -466,8 +741,8 @@ def update_access_rule_without_preload_content( :param access_rule_id: The access rule ID (group ID) of the access rule. (required) :type access_rule_id: str - :param access_rule_condition: (required) - :type access_rule_condition: AccessRuleCondition + :param update_access_rule_info: (required) + :type update_access_rule_info: UpdateAccessRuleInfo :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -492,7 +767,7 @@ def update_access_rule_without_preload_content( _param = self._update_access_rule_serialize( access_rule_id=access_rule_id, - access_rule_condition=access_rule_condition, + update_access_rule_info=update_access_rule_info, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -500,7 +775,7 @@ def update_access_rule_without_preload_content( ) _response_types_map: Dict[str, Optional[str]] = { - '200': "AccessRuleCondition", + '200': "AccessRule", } response_data = self.api_client.call_api( *_param, @@ -512,7 +787,7 @@ def update_access_rule_without_preload_content( def _update_access_rule_serialize( self, access_rule_id, - access_rule_condition, + update_access_rule_info, _request_auth, _content_type, _headers, @@ -540,8 +815,8 @@ def _update_access_rule_serialize( # process the header parameters # process the form parameters # process the body parameter - if access_rule_condition is not None: - _body_params = access_rule_condition + if update_access_rule_info is not None: + _body_params = update_access_rule_info # set the HTTP header `Accept` diff --git a/opal_security/api/requests_api.py b/opal_security/api/requests_api.py index 77868d8..dd2cf2b 100644 --- a/opal_security/api/requests_api.py +++ b/opal_security/api/requests_api.py @@ -319,6 +319,8 @@ def _create_request_serialize( @validate_call def get_requests( self, + start_date_filter: Annotated[Optional[StrictStr], Field(description="A start date filter for the events.")] = None, + end_date_filter: Annotated[Optional[StrictStr], Field(description="An end date filter for the events.")] = None, cursor: Annotated[Optional[StrictStr], Field(description="The pagination cursor value.")] = None, page_size: Annotated[Optional[Annotated[int, Field(le=1000, strict=True)]], Field(description="Number of results to return per page. Default is 200.")] = None, show_pending_only: Annotated[Optional[StrictBool], Field(description="Boolean toggle for if it should only show pending requests.")] = None, @@ -339,6 +341,10 @@ def get_requests( Returns a list of requests for your organization that is visible by the admin. + :param start_date_filter: A start date filter for the events. + :type start_date_filter: str + :param end_date_filter: An end date filter for the events. + :type end_date_filter: str :param cursor: The pagination cursor value. :type cursor: str :param page_size: Number of results to return per page. Default is 200. @@ -368,6 +374,8 @@ def get_requests( """ # noqa: E501 _param = self._get_requests_serialize( + start_date_filter=start_date_filter, + end_date_filter=end_date_filter, cursor=cursor, page_size=page_size, show_pending_only=show_pending_only, @@ -394,6 +402,8 @@ def get_requests( @validate_call def get_requests_with_http_info( self, + start_date_filter: Annotated[Optional[StrictStr], Field(description="A start date filter for the events.")] = None, + end_date_filter: Annotated[Optional[StrictStr], Field(description="An end date filter for the events.")] = None, cursor: Annotated[Optional[StrictStr], Field(description="The pagination cursor value.")] = None, page_size: Annotated[Optional[Annotated[int, Field(le=1000, strict=True)]], Field(description="Number of results to return per page. Default is 200.")] = None, show_pending_only: Annotated[Optional[StrictBool], Field(description="Boolean toggle for if it should only show pending requests.")] = None, @@ -414,6 +424,10 @@ def get_requests_with_http_info( Returns a list of requests for your organization that is visible by the admin. + :param start_date_filter: A start date filter for the events. + :type start_date_filter: str + :param end_date_filter: An end date filter for the events. + :type end_date_filter: str :param cursor: The pagination cursor value. :type cursor: str :param page_size: Number of results to return per page. Default is 200. @@ -443,6 +457,8 @@ def get_requests_with_http_info( """ # noqa: E501 _param = self._get_requests_serialize( + start_date_filter=start_date_filter, + end_date_filter=end_date_filter, cursor=cursor, page_size=page_size, show_pending_only=show_pending_only, @@ -469,6 +485,8 @@ def get_requests_with_http_info( @validate_call def get_requests_without_preload_content( self, + start_date_filter: Annotated[Optional[StrictStr], Field(description="A start date filter for the events.")] = None, + end_date_filter: Annotated[Optional[StrictStr], Field(description="An end date filter for the events.")] = None, cursor: Annotated[Optional[StrictStr], Field(description="The pagination cursor value.")] = None, page_size: Annotated[Optional[Annotated[int, Field(le=1000, strict=True)]], Field(description="Number of results to return per page. Default is 200.")] = None, show_pending_only: Annotated[Optional[StrictBool], Field(description="Boolean toggle for if it should only show pending requests.")] = None, @@ -489,6 +507,10 @@ def get_requests_without_preload_content( Returns a list of requests for your organization that is visible by the admin. + :param start_date_filter: A start date filter for the events. + :type start_date_filter: str + :param end_date_filter: An end date filter for the events. + :type end_date_filter: str :param cursor: The pagination cursor value. :type cursor: str :param page_size: Number of results to return per page. Default is 200. @@ -518,6 +540,8 @@ def get_requests_without_preload_content( """ # noqa: E501 _param = self._get_requests_serialize( + start_date_filter=start_date_filter, + end_date_filter=end_date_filter, cursor=cursor, page_size=page_size, show_pending_only=show_pending_only, @@ -539,6 +563,8 @@ def get_requests_without_preload_content( def _get_requests_serialize( self, + start_date_filter, + end_date_filter, cursor, page_size, show_pending_only, @@ -564,6 +590,14 @@ def _get_requests_serialize( # process the path parameters # process the query parameters + if start_date_filter is not None: + + _query_params.append(('start_date_filter', start_date_filter)) + + if end_date_filter is not None: + + _query_params.append(('end_date_filter', end_date_filter)) + if cursor is not None: _query_params.append(('cursor', cursor)) diff --git a/opal_security/api/resources_api.py b/opal_security/api/resources_api.py index c2173e4..8ba087b 100644 --- a/opal_security/api/resources_api.py +++ b/opal_security/api/resources_api.py @@ -4293,7 +4293,7 @@ def resource_user_access_status_retrieve( _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, ) -> ResourceUserAccessStatus: - """resource_user_access_status_retrieve + """(Deprecated) resource_user_access_status_retrieve Get user's access status to a resource. @@ -4328,6 +4328,7 @@ def resource_user_access_status_retrieve( :type _host_index: int, optional :return: Returns the result object. """ # noqa: E501 + warnings.warn("GET /resource-user-access-status/{resource_id}/{user_id} is deprecated.", DeprecationWarning) _param = self._resource_user_access_status_retrieve_serialize( resource_id=resource_id, @@ -4376,7 +4377,7 @@ def resource_user_access_status_retrieve_with_http_info( _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, ) -> ApiResponse[ResourceUserAccessStatus]: - """resource_user_access_status_retrieve + """(Deprecated) resource_user_access_status_retrieve Get user's access status to a resource. @@ -4411,6 +4412,7 @@ def resource_user_access_status_retrieve_with_http_info( :type _host_index: int, optional :return: Returns the result object. """ # noqa: E501 + warnings.warn("GET /resource-user-access-status/{resource_id}/{user_id} is deprecated.", DeprecationWarning) _param = self._resource_user_access_status_retrieve_serialize( resource_id=resource_id, @@ -4459,7 +4461,7 @@ def resource_user_access_status_retrieve_without_preload_content( _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, ) -> RESTResponseType: - """resource_user_access_status_retrieve + """(Deprecated) resource_user_access_status_retrieve Get user's access status to a resource. @@ -4494,6 +4496,7 @@ def resource_user_access_status_retrieve_without_preload_content( :type _host_index: int, optional :return: Returns the result object. """ # noqa: E501 + warnings.warn("GET /resource-user-access-status/{resource_id}/{user_id} is deprecated.", DeprecationWarning) _param = self._resource_user_access_status_retrieve_serialize( resource_id=resource_id, diff --git a/opal_security/models/__init__.py b/opal_security/models/__init__.py index dde490a..87e6d30 100644 --- a/opal_security/models/__init__.py +++ b/opal_security/models/__init__.py @@ -17,7 +17,7 @@ # import models into model package from opal_security.models.access import Access from opal_security.models.access_list import AccessList -from opal_security.models.access_rule_condition import AccessRuleCondition +from opal_security.models.access_rule import AccessRule from opal_security.models.add_bundle_group_request import AddBundleGroupRequest from opal_security.models.add_bundle_resource_request import AddBundleResourceRequest from opal_security.models.add_group_resource_request import AddGroupResourceRequest @@ -73,6 +73,7 @@ from opal_security.models.group_remote_info_google_group import GroupRemoteInfoGoogleGroup from opal_security.models.group_remote_info_ldap_group import GroupRemoteInfoLdapGroup from opal_security.models.group_remote_info_okta_group import GroupRemoteInfoOktaGroup +from opal_security.models.group_remote_info_snowflake_role import GroupRemoteInfoSnowflakeRole from opal_security.models.group_resource import GroupResource from opal_security.models.group_resource_list import GroupResourceList from opal_security.models.group_type_enum import GroupTypeEnum @@ -170,6 +171,7 @@ from opal_security.models.uar import UAR from opal_security.models.uar_reviewer_assignment_policy_enum import UARReviewerAssignmentPolicyEnum from opal_security.models.uar_scope import UARScope +from opal_security.models.update_access_rule_info import UpdateAccessRuleInfo from opal_security.models.update_configuration_template_info import UpdateConfigurationTemplateInfo from opal_security.models.update_group_binding_info import UpdateGroupBindingInfo from opal_security.models.update_group_binding_info_list import UpdateGroupBindingInfoList diff --git a/opal_security/models/access_rule.py b/opal_security/models/access_rule.py new file mode 100644 index 0000000..ed3e0f8 --- /dev/null +++ b/opal_security/models/access_rule.py @@ -0,0 +1,122 @@ +# coding: utf-8 + +""" + Opal API + + The Opal API is a RESTful API that allows you to interact with the Opal Security platform programmatically. + + The version of the OpenAPI document: 1.0 + Contact: hello@opal.dev + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + + +from __future__ import annotations +import pprint +import re # noqa: F401 +import json + +from pydantic import BaseModel, ConfigDict, Field, StrictStr, field_validator +from typing import Any, ClassVar, Dict, List +from opal_security.models.rule_clauses import RuleClauses +from typing import Optional, Set +from typing_extensions import Self + +class AccessRule(BaseModel): + """ + # Access Rule Object ### Description The `AccessRule` object is used to represent an access rule configuration. ### Usage Example Get access rule configurations from the `GET Access Rule Configs` endpoint. + """ # noqa: E501 + access_rule_id: StrictStr = Field(description="The ID (group ID) of the access rule.") + name: StrictStr = Field(description="The name of the access rule.") + description: StrictStr = Field(description="A description of the group.") + admin_owner_id: StrictStr = Field(description="The ID of the owner of the group.") + status: StrictStr = Field(description="The status of the access rule.") + rule_clauses: RuleClauses = Field(alias="ruleClauses") + additional_properties: Dict[str, Any] = {} + __properties: ClassVar[List[str]] = ["access_rule_id", "name", "description", "admin_owner_id", "status", "ruleClauses"] + + @field_validator('status') + def status_validate_enum(cls, value): + """Validates the enum""" + if value not in set(['ACTIVE', 'PAUSED']): + raise ValueError("must be one of enum values ('ACTIVE', 'PAUSED')") + return value + + model_config = ConfigDict( + populate_by_name=True, + validate_assignment=True, + protected_namespaces=(), + ) + + + def to_str(self) -> str: + """Returns the string representation of the model using alias""" + return pprint.pformat(self.model_dump(by_alias=True)) + + def to_json(self) -> str: + """Returns the JSON representation of the model using alias""" + # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str) -> Optional[Self]: + """Create an instance of AccessRule from a JSON string""" + return cls.from_dict(json.loads(json_str)) + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + * Fields in `self.additional_properties` are added to the output dict. + """ + excluded_fields: Set[str] = set([ + "additional_properties", + ]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + # override the default output from pydantic by calling `to_dict()` of rule_clauses + if self.rule_clauses: + _dict['ruleClauses'] = self.rule_clauses.to_dict() + # puts key-value pairs in additional_properties in the top level + if self.additional_properties is not None: + for _key, _value in self.additional_properties.items(): + _dict[_key] = _value + + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of AccessRule from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate({ + "access_rule_id": obj.get("access_rule_id"), + "name": obj.get("name"), + "description": obj.get("description"), + "admin_owner_id": obj.get("admin_owner_id"), + "status": obj.get("status"), + "ruleClauses": RuleClauses.from_dict(obj["ruleClauses"]) if obj.get("ruleClauses") is not None else None + }) + # store additional fields in additional_properties + for _key in obj.keys(): + if _key not in cls.__properties: + _obj.additional_properties[_key] = obj.get(_key) + + return _obj + + diff --git a/opal_security/models/group_remote_info.py b/opal_security/models/group_remote_info.py index bda537b..9a28167 100644 --- a/opal_security/models/group_remote_info.py +++ b/opal_security/models/group_remote_info.py @@ -29,6 +29,7 @@ from opal_security.models.group_remote_info_google_group import GroupRemoteInfoGoogleGroup from opal_security.models.group_remote_info_ldap_group import GroupRemoteInfoLdapGroup from opal_security.models.group_remote_info_okta_group import GroupRemoteInfoOktaGroup +from opal_security.models.group_remote_info_snowflake_role import GroupRemoteInfoSnowflakeRole from typing import Optional, Set from typing_extensions import Self @@ -45,8 +46,9 @@ class GroupRemoteInfo(BaseModel): duo_group: Optional[GroupRemoteInfoDuoGroup] = None azure_ad_security_group: Optional[GroupRemoteInfoAzureAdSecurityGroup] = None azure_ad_microsoft_365_group: Optional[GroupRemoteInfoAzureAdMicrosoft365Group] = None + snowflake_role: Optional[GroupRemoteInfoSnowflakeRole] = None additional_properties: Dict[str, Any] = {} - __properties: ClassVar[List[str]] = ["active_directory_group", "github_team", "gitlab_group", "google_group", "ldap_group", "okta_group", "duo_group", "azure_ad_security_group", "azure_ad_microsoft_365_group"] + __properties: ClassVar[List[str]] = ["active_directory_group", "github_team", "gitlab_group", "google_group", "ldap_group", "okta_group", "duo_group", "azure_ad_security_group", "azure_ad_microsoft_365_group", "snowflake_role"] model_config = ConfigDict( populate_by_name=True, @@ -116,6 +118,9 @@ def to_dict(self) -> Dict[str, Any]: # override the default output from pydantic by calling `to_dict()` of azure_ad_microsoft_365_group if self.azure_ad_microsoft_365_group: _dict['azure_ad_microsoft_365_group'] = self.azure_ad_microsoft_365_group.to_dict() + # override the default output from pydantic by calling `to_dict()` of snowflake_role + if self.snowflake_role: + _dict['snowflake_role'] = self.snowflake_role.to_dict() # puts key-value pairs in additional_properties in the top level if self.additional_properties is not None: for _key, _value in self.additional_properties.items(): @@ -141,7 +146,8 @@ def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: "okta_group": GroupRemoteInfoOktaGroup.from_dict(obj["okta_group"]) if obj.get("okta_group") is not None else None, "duo_group": GroupRemoteInfoDuoGroup.from_dict(obj["duo_group"]) if obj.get("duo_group") is not None else None, "azure_ad_security_group": GroupRemoteInfoAzureAdSecurityGroup.from_dict(obj["azure_ad_security_group"]) if obj.get("azure_ad_security_group") is not None else None, - "azure_ad_microsoft_365_group": GroupRemoteInfoAzureAdMicrosoft365Group.from_dict(obj["azure_ad_microsoft_365_group"]) if obj.get("azure_ad_microsoft_365_group") is not None else None + "azure_ad_microsoft_365_group": GroupRemoteInfoAzureAdMicrosoft365Group.from_dict(obj["azure_ad_microsoft_365_group"]) if obj.get("azure_ad_microsoft_365_group") is not None else None, + "snowflake_role": GroupRemoteInfoSnowflakeRole.from_dict(obj["snowflake_role"]) if obj.get("snowflake_role") is not None else None }) # store additional fields in additional_properties for _key in obj.keys(): diff --git a/opal_security/models/group_remote_info_snowflake_role.py b/opal_security/models/group_remote_info_snowflake_role.py new file mode 100644 index 0000000..abd9e48 --- /dev/null +++ b/opal_security/models/group_remote_info_snowflake_role.py @@ -0,0 +1,101 @@ +# coding: utf-8 + +""" + Opal API + + The Opal API is a RESTful API that allows you to interact with the Opal Security platform programmatically. + + The version of the OpenAPI document: 1.0 + Contact: hello@opal.dev + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + + +from __future__ import annotations +import pprint +import re # noqa: F401 +import json + +from pydantic import BaseModel, ConfigDict, Field, StrictStr +from typing import Any, ClassVar, Dict, List +from typing import Optional, Set +from typing_extensions import Self + +class GroupRemoteInfoSnowflakeRole(BaseModel): + """ + Remote info for Snowflake role. + """ # noqa: E501 + role_id: StrictStr = Field(description="The id of the Snowflake role.") + additional_properties: Dict[str, Any] = {} + __properties: ClassVar[List[str]] = ["role_id"] + + model_config = ConfigDict( + populate_by_name=True, + validate_assignment=True, + protected_namespaces=(), + ) + + + def to_str(self) -> str: + """Returns the string representation of the model using alias""" + return pprint.pformat(self.model_dump(by_alias=True)) + + def to_json(self) -> str: + """Returns the JSON representation of the model using alias""" + # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str) -> Optional[Self]: + """Create an instance of GroupRemoteInfoSnowflakeRole from a JSON string""" + return cls.from_dict(json.loads(json_str)) + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + * Fields in `self.additional_properties` are added to the output dict. + """ + excluded_fields: Set[str] = set([ + "additional_properties", + ]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + # puts key-value pairs in additional_properties in the top level + if self.additional_properties is not None: + for _key, _value in self.additional_properties.items(): + _dict[_key] = _value + + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of GroupRemoteInfoSnowflakeRole from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate({ + "role_id": obj.get("role_id") + }) + # store additional fields in additional_properties + for _key in obj.keys(): + if _key not in cls.__properties: + _obj.additional_properties[_key] = obj.get(_key) + + return _obj + + diff --git a/opal_security/models/request_status_enum.py b/opal_security/models/request_status_enum.py index 83ed8ac..08bf6e7 100644 --- a/opal_security/models/request_status_enum.py +++ b/opal_security/models/request_status_enum.py @@ -27,10 +27,10 @@ class RequestStatusEnum(str, Enum): """ allowed enum values """ - PENDING = 'pending' - APPROVED = 'approved' - DENIED = 'denied' - CANCELED = 'canceled' + PENDING = 'PENDING' + APPROVED = 'APPROVED' + DENIED = 'DENIED' + CANCELED = 'CANCELED' @classmethod def from_json(cls, json_str: str) -> Self: diff --git a/opal_security/models/rule_disjunction.py b/opal_security/models/rule_disjunction.py index bdbc7bc..7bf3367 100644 --- a/opal_security/models/rule_disjunction.py +++ b/opal_security/models/rule_disjunction.py @@ -18,9 +18,8 @@ import re # noqa: F401 import json -from pydantic import BaseModel, ConfigDict, Field +from pydantic import BaseModel, ConfigDict from typing import Any, ClassVar, Dict, List -from typing_extensions import Annotated from opal_security.models.tag_selector import TagSelector from typing import Optional, Set from typing_extensions import Self @@ -29,7 +28,7 @@ class RuleDisjunction(BaseModel): """ RuleDisjunction """ # noqa: E501 - selectors: Annotated[List[TagSelector], Field(min_length=1)] + selectors: List[TagSelector] additional_properties: Dict[str, Any] = {} __properties: ClassVar[List[str]] = ["selectors"] diff --git a/opal_security/models/update_access_rule_info.py b/opal_security/models/update_access_rule_info.py new file mode 100644 index 0000000..934de38 --- /dev/null +++ b/opal_security/models/update_access_rule_info.py @@ -0,0 +1,120 @@ +# coding: utf-8 + +""" + Opal API + + The Opal API is a RESTful API that allows you to interact with the Opal Security platform programmatically. + + The version of the OpenAPI document: 1.0 + Contact: hello@opal.dev + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + + +from __future__ import annotations +import pprint +import re # noqa: F401 +import json + +from pydantic import BaseModel, ConfigDict, Field, StrictStr, field_validator +from typing import Any, ClassVar, Dict, List +from opal_security.models.rule_clauses import RuleClauses +from typing import Optional, Set +from typing_extensions import Self + +class UpdateAccessRuleInfo(BaseModel): + """ + # UpdateAccessRuleInfo Object ### Description The `UpdateAccessRuleInfo` object is used as an input to the UpdateAccessRule and CreateAccessRule API. + """ # noqa: E501 + name: StrictStr = Field(description="The name of the access rule.") + description: StrictStr = Field(description="A description of the group.") + admin_owner_id: StrictStr = Field(description="The ID of the owner of the group.") + status: StrictStr = Field(description="The status of the access rule.") + rule_clauses: RuleClauses = Field(alias="ruleClauses") + additional_properties: Dict[str, Any] = {} + __properties: ClassVar[List[str]] = ["name", "description", "admin_owner_id", "status", "ruleClauses"] + + @field_validator('status') + def status_validate_enum(cls, value): + """Validates the enum""" + if value not in set(['ACTIVE', 'PAUSED']): + raise ValueError("must be one of enum values ('ACTIVE', 'PAUSED')") + return value + + model_config = ConfigDict( + populate_by_name=True, + validate_assignment=True, + protected_namespaces=(), + ) + + + def to_str(self) -> str: + """Returns the string representation of the model using alias""" + return pprint.pformat(self.model_dump(by_alias=True)) + + def to_json(self) -> str: + """Returns the JSON representation of the model using alias""" + # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str) -> Optional[Self]: + """Create an instance of UpdateAccessRuleInfo from a JSON string""" + return cls.from_dict(json.loads(json_str)) + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + * Fields in `self.additional_properties` are added to the output dict. + """ + excluded_fields: Set[str] = set([ + "additional_properties", + ]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + # override the default output from pydantic by calling `to_dict()` of rule_clauses + if self.rule_clauses: + _dict['ruleClauses'] = self.rule_clauses.to_dict() + # puts key-value pairs in additional_properties in the top level + if self.additional_properties is not None: + for _key, _value in self.additional_properties.items(): + _dict[_key] = _value + + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of UpdateAccessRuleInfo from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate({ + "name": obj.get("name"), + "description": obj.get("description"), + "admin_owner_id": obj.get("admin_owner_id"), + "status": obj.get("status"), + "ruleClauses": RuleClauses.from_dict(obj["ruleClauses"]) if obj.get("ruleClauses") is not None else None + }) + # store additional fields in additional_properties + for _key in obj.keys(): + if _key not in cls.__properties: + _obj.additional_properties[_key] = obj.get(_key) + + return _obj + + diff --git a/test/test_access_rule.py b/test/test_access_rule.py new file mode 100644 index 0000000..c5064c6 --- /dev/null +++ b/test/test_access_rule.py @@ -0,0 +1,103 @@ +# coding: utf-8 + +""" + Opal API + + The Opal API is a RESTful API that allows you to interact with the Opal Security platform programmatically. + + The version of the OpenAPI document: 1.0 + Contact: hello@opal.dev + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + + +import unittest + +from opal_security.models.access_rule import AccessRule + +class TestAccessRule(unittest.TestCase): + """AccessRule unit test stubs""" + + def setUp(self): + pass + + def tearDown(self): + pass + + def make_instance(self, include_optional) -> AccessRule: + """Test AccessRule + include_optional is a boolean, when False only required + params are included, when True both required and + optional params are included """ + # uncomment below to create an instance of `AccessRule` + """ + model = AccessRule() + if include_optional: + return AccessRule( + access_rule_id = '7c86c85d-0651-43e2-a748-d69d658418e8', + name = 'Platform Engineering', + description = 'This access rule represents all platform engineers in the company.', + admin_owner_id = '7c86c85d-0651-43e2-a748-d69d658418e8', + status = 'ACTIVE', + rule_clauses = opal_security.models.rule_clauses.RuleClauses( + when = opal_security.models.rule_conjunction.RuleConjunction( + clauses = [ + opal_security.models.rule_disjunction.RuleDisjunction( + selectors = [ + opal_security.models.tag_selector.TagSelector( + key = '', + value = '', + connection_id = '', ) + ], ) + ], ), + unless = opal_security.models.rule_conjunction.RuleConjunction( + clauses = [ + opal_security.models.rule_disjunction.RuleDisjunction( + selectors = [ + opal_security.models.tag_selector.TagSelector( + key = '', + value = '', + connection_id = '', ) + ], ) + ], ), ) + ) + else: + return AccessRule( + access_rule_id = '7c86c85d-0651-43e2-a748-d69d658418e8', + name = 'Platform Engineering', + description = 'This access rule represents all platform engineers in the company.', + admin_owner_id = '7c86c85d-0651-43e2-a748-d69d658418e8', + status = 'ACTIVE', + rule_clauses = opal_security.models.rule_clauses.RuleClauses( + when = opal_security.models.rule_conjunction.RuleConjunction( + clauses = [ + opal_security.models.rule_disjunction.RuleDisjunction( + selectors = [ + opal_security.models.tag_selector.TagSelector( + key = '', + value = '', + connection_id = '', ) + ], ) + ], ), + unless = opal_security.models.rule_conjunction.RuleConjunction( + clauses = [ + opal_security.models.rule_disjunction.RuleDisjunction( + selectors = [ + opal_security.models.tag_selector.TagSelector( + key = '', + value = '', + connection_id = '', ) + ], ) + ], ), ), + ) + """ + + def testAccessRule(self): + """Test AccessRule""" + # inst_req_only = self.make_instance(include_optional=False) + # inst_req_and_optional = self.make_instance(include_optional=True) + +if __name__ == '__main__': + unittest.main() diff --git a/test/test_group_remote_info_snowflake_role.py b/test/test_group_remote_info_snowflake_role.py new file mode 100644 index 0000000..82fba9d --- /dev/null +++ b/test/test_group_remote_info_snowflake_role.py @@ -0,0 +1,53 @@ +# coding: utf-8 + +""" + Opal API + + The Opal API is a RESTful API that allows you to interact with the Opal Security platform programmatically. + + The version of the OpenAPI document: 1.0 + Contact: hello@opal.dev + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + + +import unittest + +from opal_security.models.group_remote_info_snowflake_role import GroupRemoteInfoSnowflakeRole + +class TestGroupRemoteInfoSnowflakeRole(unittest.TestCase): + """GroupRemoteInfoSnowflakeRole unit test stubs""" + + def setUp(self): + pass + + def tearDown(self): + pass + + def make_instance(self, include_optional) -> GroupRemoteInfoSnowflakeRole: + """Test GroupRemoteInfoSnowflakeRole + include_optional is a boolean, when False only required + params are included, when True both required and + optional params are included """ + # uncomment below to create an instance of `GroupRemoteInfoSnowflakeRole` + """ + model = GroupRemoteInfoSnowflakeRole() + if include_optional: + return GroupRemoteInfoSnowflakeRole( + role_id = '01fa7402-01d8-103b-8deb-5f3a0ab7884' + ) + else: + return GroupRemoteInfoSnowflakeRole( + role_id = '01fa7402-01d8-103b-8deb-5f3a0ab7884', + ) + """ + + def testGroupRemoteInfoSnowflakeRole(self): + """Test GroupRemoteInfoSnowflakeRole""" + # inst_req_only = self.make_instance(include_optional=False) + # inst_req_and_optional = self.make_instance(include_optional=True) + +if __name__ == '__main__': + unittest.main() diff --git a/test/test_update_access_rule_info.py b/test/test_update_access_rule_info.py new file mode 100644 index 0000000..63c04c6 --- /dev/null +++ b/test/test_update_access_rule_info.py @@ -0,0 +1,101 @@ +# coding: utf-8 + +""" + Opal API + + The Opal API is a RESTful API that allows you to interact with the Opal Security platform programmatically. + + The version of the OpenAPI document: 1.0 + Contact: hello@opal.dev + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + + +import unittest + +from opal_security.models.update_access_rule_info import UpdateAccessRuleInfo + +class TestUpdateAccessRuleInfo(unittest.TestCase): + """UpdateAccessRuleInfo unit test stubs""" + + def setUp(self): + pass + + def tearDown(self): + pass + + def make_instance(self, include_optional) -> UpdateAccessRuleInfo: + """Test UpdateAccessRuleInfo + include_optional is a boolean, when False only required + params are included, when True both required and + optional params are included """ + # uncomment below to create an instance of `UpdateAccessRuleInfo` + """ + model = UpdateAccessRuleInfo() + if include_optional: + return UpdateAccessRuleInfo( + name = 'Platform Engineering', + description = 'This access rule represents all platform engineers in the company.', + admin_owner_id = '7c86c85d-0651-43e2-a748-d69d658418e8', + status = 'ACTIVE', + rule_clauses = opal_security.models.rule_clauses.RuleClauses( + when = opal_security.models.rule_conjunction.RuleConjunction( + clauses = [ + opal_security.models.rule_disjunction.RuleDisjunction( + selectors = [ + opal_security.models.tag_selector.TagSelector( + key = '', + value = '', + connection_id = '', ) + ], ) + ], ), + unless = opal_security.models.rule_conjunction.RuleConjunction( + clauses = [ + opal_security.models.rule_disjunction.RuleDisjunction( + selectors = [ + opal_security.models.tag_selector.TagSelector( + key = '', + value = '', + connection_id = '', ) + ], ) + ], ), ) + ) + else: + return UpdateAccessRuleInfo( + name = 'Platform Engineering', + description = 'This access rule represents all platform engineers in the company.', + admin_owner_id = '7c86c85d-0651-43e2-a748-d69d658418e8', + status = 'ACTIVE', + rule_clauses = opal_security.models.rule_clauses.RuleClauses( + when = opal_security.models.rule_conjunction.RuleConjunction( + clauses = [ + opal_security.models.rule_disjunction.RuleDisjunction( + selectors = [ + opal_security.models.tag_selector.TagSelector( + key = '', + value = '', + connection_id = '', ) + ], ) + ], ), + unless = opal_security.models.rule_conjunction.RuleConjunction( + clauses = [ + opal_security.models.rule_disjunction.RuleDisjunction( + selectors = [ + opal_security.models.tag_selector.TagSelector( + key = '', + value = '', + connection_id = '', ) + ], ) + ], ), ), + ) + """ + + def testUpdateAccessRuleInfo(self): + """Test UpdateAccessRuleInfo""" + # inst_req_only = self.make_instance(include_optional=False) + # inst_req_and_optional = self.make_instance(include_optional=True) + +if __name__ == '__main__': + unittest.main()