Add ttl and context to SessionParams and create a separate SelfServiceSessionParams for creating self service sessions (#33)

* Add ttl and context to SessionParams and create a separate SelfServiceSessionParams for creating self service sessions

* Add role parameter to methods assigning/removing users to/from tenants

* Update self service strategies to rbac and fgac

* Update tests

* Move tenantId from SessionParams to SelfServiceSessionParams

Author: kkajla12

src/modules/Session.ts

@@ -1,6 +1,6 @@
 import WarrantClient from "../WarrantClient";
 import { SELF_SERVICE_DASH_URL_BASE } from "../constants";
-import { SessionParams } from "../types/Session";
+import { SelfServiceSessionParams, SessionParams } from "../types/Session";
 
 export default class Session {
     /**
@@ -10,7 +10,7 @@ export default class Session {
      * @param session A session object containing the userId, redirectUrl, and optional tenantId for which the authorization session should be created.
      * @returns A session token that can be passed to any of the Warrant client-side SDKs to allow the SDK to make client-side authorization checks for the specified user.
      */
-     public static async createAuthorizationSession(session: SessionParams): Promise<string> {
+    public static async createAuthorizationSession(session: SessionParams): Promise<string> {
         try {
             const sess = await WarrantClient.httpClient.post({
                 url: "/v1/sessions",
@@ -33,7 +33,7 @@ export default class Session {
      * @param session A session object containing the userId, redirectUrl, and optional tenantId for which the self service session should be created.
      * @returns A url pointing to the self-service dashboard that will allow the specified user to make changes to the roles and permissions of users in their tenant.
      */
-    public static async createSelfServiceSession(session: SessionParams, redirectUrl: string): Promise<string> {
+    public static async createSelfServiceSession(session: SelfServiceSessionParams, redirectUrl: string): Promise<string> {
         try {
             const sess = await WarrantClient.httpClient.post({
                 url: "/v1/sessions",

src/modules/Tenant.ts

@@ -118,12 +118,12 @@ export default class Tenant implements WarrantObject {
         return User.listUsersForTenant(this.tenantId, listOptions);
     }
 
-    public async assignUser(userId: string): Promise<Warrant> {
-        return User.assignUserToTenant(this.tenantId, userId);
+    public async assignUser(userId: string, role: string): Promise<Warrant> {
+        return User.assignUserToTenant(this.tenantId, userId, role);
     }
 
-    public async removeUser(userId: string): Promise<void> {
-        return User.removeUserFromTenant(this.tenantId, userId);
+    public async removeUser(userId: string, role: string): Promise<void> {
+        return User.removeUserFromTenant(this.tenantId, userId, role);
     }
 
     public async listPricingTiers(listOptions: ListPricingTierOptions = {}): Promise<PricingTier[]> {

src/modules/User.ts

@@ -14,6 +14,7 @@ import { ListRoleOptions } from "../types/Role";
 import { CreateUserParams, ListUserOptions, UpdateUserParams } from "../types/User";
 import { ListTenantOptions } from "../types/Tenant";
 import { Context, WarrantObject } from "../types/Warrant";
+import WarrantModule from "./WarrantModule";
 
 export default class User implements WarrantObject {
     userId: string;
@@ -114,24 +115,32 @@ export default class User implements WarrantObject {
         }
     }
 
-    public static async assignUserToTenant(tenantId: string, userId: string): Promise<Warrant> {
-        try {
-            return await WarrantClient.httpClient.post({
-                url: `/v1/tenants/${tenantId}/users/${userId}`,
-            });
-        } catch (e) {
-            throw e;
-        }
-    }
-
-    public static async removeUserFromTenant(tenantId: string, userId: string): Promise<void> {
-        try {
-            return await WarrantClient.httpClient.delete({
-                url: `/v1/tenants/${tenantId}/users/${userId}`,
-            });
-        } catch (e) {
-            throw e;
-        }
+    public static async assignUserToTenant(tenantId: string, userId: string, role: string): Promise<Warrant> {
+        return WarrantModule.create({
+            object: {
+                objectType: "tenant",
+                objectId: tenantId,
+            },
+            relation: role,
+            subject: {
+                objectType: "user",
+                objectId: userId,
+            }
+        });
+    }
+
+    public static async removeUserFromTenant(tenantId: string, userId: string, role: string): Promise<void> {
+        return WarrantModule.delete({
+            object: {
+                objectType: "tenant",
+                objectId: tenantId,
+            },
+            relation: role,
+            subject: {
+                objectType: "user",
+                objectId: userId,
+            }
+        });
     }
 
     //

src/types/Session.ts

@@ -1,4 +1,17 @@
+import { Context } from "./Warrant";
+
 export interface SessionParams {
     userId: string;
-    tenantId?: string;
+    ttl?: number;
+    context?: Context;
+}
+
+export interface SelfServiceSessionParams extends SessionParams {
+    tenantId: string;
+    selfServiceStrategy: SelfServiceStrategy;
+}
+
+export enum SelfServiceStrategy {
+    RBAC = "rbac",
+    FGAC = "fgac",
 }

src/types/index.ts

@@ -5,7 +5,7 @@ export { CreatePermissionParams, ListPermissionOptions, UpdatePermissionParams }
 export { CreatePricingTierParams, ListPricingTierOptions } from "./PricingTier";
 export { default as Query } from "./Query";
 export { CreateRoleParams, ListRoleOptions, UpdateRoleParams } from "./Role";
-export { SessionParams } from "./Session";
+export { SessionParams, SelfServiceSessionParams, SelfServiceStrategy } from "./Session";
 export { CreateTenantParams, ListTenantOptions, UpdateTenantParams } from "./Tenant";
 export { CreateUserParams, ListUserOptions, UpdateUserParams } from "./User";
 export { default as Warrant, ListWarrantOptions, Context, Subject, WarrantObject } from "./Warrant";

test/LiveTest.spec.js

@@ -1,4 +1,4 @@
-const { Query, WarrantClient } = require("../dist/index");
+const { SelfServiceStrategy, Query, WarrantClient } = require("../dist/index");
 var assert = require('assert');
 
 // Uncomment .skip and add your API_KEY to run tests
@@ -56,8 +56,8 @@ describe.skip('Live Test', function () {
     });
 
     it('CRUD roles', async function () {
-        const adminRole = await this.warrant.Role.create({ roleId: "administrator", name: "Admin", description: "The admin role" });
-        assert.strictEqual(adminRole.roleId, "administrator");
+        const adminRole = await this.warrant.Role.create({ roleId: "admin", name: "Admin", description: "The admin role" });
+        assert.strictEqual(adminRole.roleId, "admin");
         assert.strictEqual(adminRole.name, "Admin");
         assert.strictEqual(adminRole.description, "The admin role");
 
@@ -74,12 +74,12 @@ describe.skip('Live Test', function () {
         assert.strictEqual(refetchedRole.description, "Updated desc");
 
         let roles = await this.warrant.Role.listRoles({ limit: 10, page: 1 });
-        assert.strictEqual(roles.length, 3);    // includes default 'admin' role
+        assert.strictEqual(roles.length, 2);
 
         await this.warrant.Role.delete(adminRole.roleId);
         await this.warrant.Role.delete(viewerRole.roleId);
         roles = await this.warrant.Role.listRoles({ limit: 10, page: 1 });
-        assert.strictEqual(roles.length, 1);
+        assert.strictEqual(roles.length, 0);
     });
 
     it('CRUD permissions', async function () {
@@ -101,12 +101,12 @@ describe.skip('Live Test', function () {
         assert.strictEqual(refetchedPermission.description, "Updated desc");
 
         let permissions = await this.warrant.Permission.listPermissions({ limit: 10, page: 1 });
-        assert.strictEqual(permissions.length, 3);     // includes default 'view-self-service-dashboard' permission
+        assert.strictEqual(permissions.length, 2);
 
         await this.warrant.Permission.delete(permission1.permissionId);
         await this.warrant.Permission.delete(permission2.permissionId);
         permissions = await this.warrant.Permission.listPermissions({ limit: 10, page: 1 });
-        assert.strictEqual(permissions.length, 1);
+        assert.strictEqual(permissions.length, 0);
     });
 
     it('CRUD features', async function () {
@@ -183,7 +183,7 @@ describe.skip('Live Test', function () {
         assert.strictEqual(tenant1Users.length, 0);
 
         // Assign user1 -> tenant1
-        await this.warrant.User.assignUserToTenant(tenant1.tenantId, user1.userId);
+        await this.warrant.User.assignUserToTenant(tenant1.tenantId, user1.userId, "member");
 
         user1Tenants = await this.warrant.Tenant.listTenantsForUser(user1.userId, { limit: 100, page: 1 });
         assert.strictEqual(user1Tenants.length, 1);
@@ -194,7 +194,7 @@ describe.skip('Live Test', function () {
         assert.strictEqual(tenant1Users[0].userId, user1.userId);
 
         // Remove user1 -> tenant1
-        await this.warrant.User.removeUserFromTenant(tenant1.tenantId, user1.userId);
+        await this.warrant.User.removeUserFromTenant(tenant1.tenantId, user1.userId, "member");
 
         user1Tenants = await this.warrant.Tenant.listTenantsForUser(user1.userId, { limit: 100, page: 1 });
         assert.strictEqual(user1Tenants.length, 0);
@@ -215,7 +215,7 @@ describe.skip('Live Test', function () {
         const viewerUser = await this.warrant.User.create();
 
         // Create roles
-        const adminRole = await this.warrant.Role.create({ roleId: "administrator", name: "Admin", description: "The admin role" });
+        const adminRole = await this.warrant.Role.create({ roleId: "admin", name: "Admin", description: "The admin role" });
         const viewerRole = await this.warrant.Role.create({ roleId: "viewer", name: "Viewer", description: "The viewer role" });
 
         // Create permissions
@@ -462,13 +462,16 @@ describe.skip('Live Test', function () {
         const user = await this.warrant.User.create();
         const tenant = await this.warrant.Tenant.create();
 
-        await this.warrant.User.assignUserToTenant(tenant.tenantId, user.userId);
-        await this.warrant.Permission.assignPermissionToUser(user.userId, "view-self-service-dashboard");
+        await this.warrant.User.assignUserToTenant(tenant.tenantId, user.userId, "admin");
 
         const userAuthzSession = await this.warrant.Session.createAuthorizationSession({ userId: user.userId });
         assert(userAuthzSession);
 
-        const userSelfServicDashboardUrl = await this.warrant.Session.createSelfServiceSession({ userId: user.userId, tenantId: tenant.tenantId }, "http://localhost:8080");
+        const userSelfServicDashboardUrl = await this.warrant.Session.createSelfServiceSession({
+            userId: user.userId,
+            tenantId: tenant.tenantId,
+            selfServiceStrategy: SelfServiceStrategy.FGAC,
+        }, "http://localhost:8080");
         assert(userSelfServicDashboardUrl);
 
         await this.warrant.User.delete(user.userId);