ory_client/apis/
permission_api.rs

1/*
2 * Ory APIs
3 *
4 * # Introduction Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.  ## SDKs This document describes the APIs available in the Ory Network. The APIs are available as SDKs for the following languages:  | Language       | Download SDK                                                     | Documentation                                                                        | | -------------- | ---------------------------------------------------------------- | ------------------------------------------------------------------------------------ | | Dart           | [pub.dev](https://pub.dev/packages/ory_client)                   | [README](https://github.com/ory/sdk/blob/master/clients/client/dart/README.md)       | | .NET           | [nuget.org](https://www.nuget.org/packages/Ory.Client/)          | [README](https://github.com/ory/sdk/blob/master/clients/client/dotnet/README.md)     | | Elixir         | [hex.pm](https://hex.pm/packages/ory_client)                     | [README](https://github.com/ory/sdk/blob/master/clients/client/elixir/README.md)     | | Go             | [github.com](https://github.com/ory/client-go)                   | [README](https://github.com/ory/sdk/blob/master/clients/client/go/README.md)         | | Java           | [maven.org](https://search.maven.org/artifact/sh.ory/ory-client) | [README](https://github.com/ory/sdk/blob/master/clients/client/java/README.md)       | | JavaScript     | [npmjs.com](https://www.npmjs.com/package/@ory/client)           | [README](https://github.com/ory/sdk/blob/master/clients/client/typescript/README.md) | | JavaScript (With fetch) | [npmjs.com](https://www.npmjs.com/package/@ory/client-fetch)           | [README](https://github.com/ory/sdk/blob/master/clients/client/typescript-fetch/README.md) |  | PHP            | [packagist.org](https://packagist.org/packages/ory/client)       | [README](https://github.com/ory/sdk/blob/master/clients/client/php/README.md)        | | Python         | [pypi.org](https://pypi.org/project/ory-client/)                 | [README](https://github.com/ory/sdk/blob/master/clients/client/python/README.md)     | | Ruby           | [rubygems.org](https://rubygems.org/gems/ory-client)             | [README](https://github.com/ory/sdk/blob/master/clients/client/ruby/README.md)       | | Rust           | [crates.io](https://crates.io/crates/ory-client)                 | [README](https://github.com/ory/sdk/blob/master/clients/client/rust/README.md)       | 
5 *
6 * The version of the OpenAPI document: v1.22.2
7 * Contact: support@ory.sh
8 * Generated by: https://openapi-generator.tech
9 */
10
11
12use reqwest;
13use serde::{Deserialize, Serialize, de::Error as _};
14use crate::{apis::ResponseContent, models};
15use super::{Error, configuration, ContentType};
16
17
18/// struct for typed errors of method [`batch_check_permission`]
19#[derive(Debug, Clone, Serialize, Deserialize)]
20#[serde(untagged)]
21pub enum BatchCheckPermissionError {
22    Status400(models::ErrorGeneric),
23    DefaultResponse(models::ErrorGeneric),
24    UnknownValue(serde_json::Value),
25}
26
27/// struct for typed errors of method [`check_permission`]
28#[derive(Debug, Clone, Serialize, Deserialize)]
29#[serde(untagged)]
30pub enum CheckPermissionError {
31    Status400(models::ErrorGeneric),
32    DefaultResponse(models::ErrorGeneric),
33    UnknownValue(serde_json::Value),
34}
35
36/// struct for typed errors of method [`check_permission_or_error`]
37#[derive(Debug, Clone, Serialize, Deserialize)]
38#[serde(untagged)]
39pub enum CheckPermissionOrErrorError {
40    Status400(models::ErrorGeneric),
41    Status403(models::CheckPermissionResult),
42    DefaultResponse(models::ErrorGeneric),
43    UnknownValue(serde_json::Value),
44}
45
46/// struct for typed errors of method [`expand_permissions`]
47#[derive(Debug, Clone, Serialize, Deserialize)]
48#[serde(untagged)]
49pub enum ExpandPermissionsError {
50    Status400(models::ErrorGeneric),
51    Status404(models::ErrorGeneric),
52    DefaultResponse(models::ErrorGeneric),
53    UnknownValue(serde_json::Value),
54}
55
56/// struct for typed errors of method [`post_check_permission`]
57#[derive(Debug, Clone, Serialize, Deserialize)]
58#[serde(untagged)]
59pub enum PostCheckPermissionError {
60    Status400(models::ErrorGeneric),
61    DefaultResponse(models::ErrorGeneric),
62    UnknownValue(serde_json::Value),
63}
64
65/// struct for typed errors of method [`post_check_permission_or_error`]
66#[derive(Debug, Clone, Serialize, Deserialize)]
67#[serde(untagged)]
68pub enum PostCheckPermissionOrErrorError {
69    Status400(models::ErrorGeneric),
70    Status403(models::CheckPermissionResult),
71    DefaultResponse(models::ErrorGeneric),
72    UnknownValue(serde_json::Value),
73}
74
75
76/// To learn how relationship tuples and the check works, head over to [the documentation](https://www.ory.sh/docs/keto/concepts/api-overview).
77pub async fn batch_check_permission(configuration: &configuration::Configuration, max_depth: Option<i64>, batch_check_permission_body: Option<models::BatchCheckPermissionBody>) -> Result<models::BatchCheckPermissionResult, Error<BatchCheckPermissionError>> {
78    // add a prefix to parameters to efficiently prevent name collisions
79    let p_max_depth = max_depth;
80    let p_batch_check_permission_body = batch_check_permission_body;
81
82    let uri_str = format!("{}/relation-tuples/batch/check", configuration.base_path);
83    let mut req_builder = configuration.client.request(reqwest::Method::POST, &uri_str);
84
85    if let Some(ref param_value) = p_max_depth {
86        req_builder = req_builder.query(&[("max-depth", &param_value.to_string())]);
87    }
88    if let Some(ref user_agent) = configuration.user_agent {
89        req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
90    }
91    if let Some(ref token) = configuration.bearer_access_token {
92        req_builder = req_builder.bearer_auth(token.to_owned());
93    };
94    req_builder = req_builder.json(&p_batch_check_permission_body);
95
96    let req = req_builder.build()?;
97    let resp = configuration.client.execute(req).await?;
98
99    let status = resp.status();
100    let content_type = resp
101        .headers()
102        .get("content-type")
103        .and_then(|v| v.to_str().ok())
104        .unwrap_or("application/octet-stream");
105    let content_type = super::ContentType::from(content_type);
106
107    if !status.is_client_error() && !status.is_server_error() {
108        let content = resp.text().await?;
109        match content_type {
110            ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
111            ContentType::Text => return Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::BatchCheckPermissionResult`"))),
112            ContentType::Unsupported(unknown_type) => return Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::BatchCheckPermissionResult`")))),
113        }
114    } else {
115        let content = resp.text().await?;
116        let entity: Option<BatchCheckPermissionError> = serde_json::from_str(&content).ok();
117        Err(Error::ResponseError(ResponseContent { status, content, entity }))
118    }
119}
120
121/// To learn how relationship tuples and the check works, head over to [the documentation](https://www.ory.sh/docs/keto/concepts/api-overview).
122pub async fn check_permission(configuration: &configuration::Configuration, namespace: Option<&str>, object: Option<&str>, relation: Option<&str>, subject_id: Option<&str>, subject_set_period_namespace: Option<&str>, subject_set_period_object: Option<&str>, subject_set_period_relation: Option<&str>, max_depth: Option<i64>) -> Result<models::CheckPermissionResult, Error<CheckPermissionError>> {
123    // add a prefix to parameters to efficiently prevent name collisions
124    let p_namespace = namespace;
125    let p_object = object;
126    let p_relation = relation;
127    let p_subject_id = subject_id;
128    let p_subject_set_period_namespace = subject_set_period_namespace;
129    let p_subject_set_period_object = subject_set_period_object;
130    let p_subject_set_period_relation = subject_set_period_relation;
131    let p_max_depth = max_depth;
132
133    let uri_str = format!("{}/relation-tuples/check/openapi", configuration.base_path);
134    let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
135
136    if let Some(ref param_value) = p_namespace {
137        req_builder = req_builder.query(&[("namespace", &param_value.to_string())]);
138    }
139    if let Some(ref param_value) = p_object {
140        req_builder = req_builder.query(&[("object", &param_value.to_string())]);
141    }
142    if let Some(ref param_value) = p_relation {
143        req_builder = req_builder.query(&[("relation", &param_value.to_string())]);
144    }
145    if let Some(ref param_value) = p_subject_id {
146        req_builder = req_builder.query(&[("subject_id", &param_value.to_string())]);
147    }
148    if let Some(ref param_value) = p_subject_set_period_namespace {
149        req_builder = req_builder.query(&[("subject_set.namespace", &param_value.to_string())]);
150    }
151    if let Some(ref param_value) = p_subject_set_period_object {
152        req_builder = req_builder.query(&[("subject_set.object", &param_value.to_string())]);
153    }
154    if let Some(ref param_value) = p_subject_set_period_relation {
155        req_builder = req_builder.query(&[("subject_set.relation", &param_value.to_string())]);
156    }
157    if let Some(ref param_value) = p_max_depth {
158        req_builder = req_builder.query(&[("max-depth", &param_value.to_string())]);
159    }
160    if let Some(ref user_agent) = configuration.user_agent {
161        req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
162    }
163    if let Some(ref token) = configuration.bearer_access_token {
164        req_builder = req_builder.bearer_auth(token.to_owned());
165    };
166
167    let req = req_builder.build()?;
168    let resp = configuration.client.execute(req).await?;
169
170    let status = resp.status();
171    let content_type = resp
172        .headers()
173        .get("content-type")
174        .and_then(|v| v.to_str().ok())
175        .unwrap_or("application/octet-stream");
176    let content_type = super::ContentType::from(content_type);
177
178    if !status.is_client_error() && !status.is_server_error() {
179        let content = resp.text().await?;
180        match content_type {
181            ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
182            ContentType::Text => return Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::CheckPermissionResult`"))),
183            ContentType::Unsupported(unknown_type) => return Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::CheckPermissionResult`")))),
184        }
185    } else {
186        let content = resp.text().await?;
187        let entity: Option<CheckPermissionError> = serde_json::from_str(&content).ok();
188        Err(Error::ResponseError(ResponseContent { status, content, entity }))
189    }
190}
191
192/// To learn how relationship tuples and the check works, head over to [the documentation](https://www.ory.sh/docs/keto/concepts/api-overview).
193pub async fn check_permission_or_error(configuration: &configuration::Configuration, namespace: Option<&str>, object: Option<&str>, relation: Option<&str>, subject_id: Option<&str>, subject_set_period_namespace: Option<&str>, subject_set_period_object: Option<&str>, subject_set_period_relation: Option<&str>, max_depth: Option<i64>) -> Result<models::CheckPermissionResult, Error<CheckPermissionOrErrorError>> {
194    // add a prefix to parameters to efficiently prevent name collisions
195    let p_namespace = namespace;
196    let p_object = object;
197    let p_relation = relation;
198    let p_subject_id = subject_id;
199    let p_subject_set_period_namespace = subject_set_period_namespace;
200    let p_subject_set_period_object = subject_set_period_object;
201    let p_subject_set_period_relation = subject_set_period_relation;
202    let p_max_depth = max_depth;
203
204    let uri_str = format!("{}/relation-tuples/check", configuration.base_path);
205    let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
206
207    if let Some(ref param_value) = p_namespace {
208        req_builder = req_builder.query(&[("namespace", &param_value.to_string())]);
209    }
210    if let Some(ref param_value) = p_object {
211        req_builder = req_builder.query(&[("object", &param_value.to_string())]);
212    }
213    if let Some(ref param_value) = p_relation {
214        req_builder = req_builder.query(&[("relation", &param_value.to_string())]);
215    }
216    if let Some(ref param_value) = p_subject_id {
217        req_builder = req_builder.query(&[("subject_id", &param_value.to_string())]);
218    }
219    if let Some(ref param_value) = p_subject_set_period_namespace {
220        req_builder = req_builder.query(&[("subject_set.namespace", &param_value.to_string())]);
221    }
222    if let Some(ref param_value) = p_subject_set_period_object {
223        req_builder = req_builder.query(&[("subject_set.object", &param_value.to_string())]);
224    }
225    if let Some(ref param_value) = p_subject_set_period_relation {
226        req_builder = req_builder.query(&[("subject_set.relation", &param_value.to_string())]);
227    }
228    if let Some(ref param_value) = p_max_depth {
229        req_builder = req_builder.query(&[("max-depth", &param_value.to_string())]);
230    }
231    if let Some(ref user_agent) = configuration.user_agent {
232        req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
233    }
234    if let Some(ref token) = configuration.bearer_access_token {
235        req_builder = req_builder.bearer_auth(token.to_owned());
236    };
237
238    let req = req_builder.build()?;
239    let resp = configuration.client.execute(req).await?;
240
241    let status = resp.status();
242    let content_type = resp
243        .headers()
244        .get("content-type")
245        .and_then(|v| v.to_str().ok())
246        .unwrap_or("application/octet-stream");
247    let content_type = super::ContentType::from(content_type);
248
249    if !status.is_client_error() && !status.is_server_error() {
250        let content = resp.text().await?;
251        match content_type {
252            ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
253            ContentType::Text => return Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::CheckPermissionResult`"))),
254            ContentType::Unsupported(unknown_type) => return Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::CheckPermissionResult`")))),
255        }
256    } else {
257        let content = resp.text().await?;
258        let entity: Option<CheckPermissionOrErrorError> = serde_json::from_str(&content).ok();
259        Err(Error::ResponseError(ResponseContent { status, content, entity }))
260    }
261}
262
263/// Use this endpoint to expand a relationship tuple into permissions.
264pub async fn expand_permissions(configuration: &configuration::Configuration, namespace: &str, object: &str, relation: &str, max_depth: Option<i64>) -> Result<models::ExpandedPermissionTree, Error<ExpandPermissionsError>> {
265    // add a prefix to parameters to efficiently prevent name collisions
266    let p_namespace = namespace;
267    let p_object = object;
268    let p_relation = relation;
269    let p_max_depth = max_depth;
270
271    let uri_str = format!("{}/relation-tuples/expand", configuration.base_path);
272    let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
273
274    req_builder = req_builder.query(&[("namespace", &p_namespace.to_string())]);
275    req_builder = req_builder.query(&[("object", &p_object.to_string())]);
276    req_builder = req_builder.query(&[("relation", &p_relation.to_string())]);
277    if let Some(ref param_value) = p_max_depth {
278        req_builder = req_builder.query(&[("max-depth", &param_value.to_string())]);
279    }
280    if let Some(ref user_agent) = configuration.user_agent {
281        req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
282    }
283    if let Some(ref token) = configuration.bearer_access_token {
284        req_builder = req_builder.bearer_auth(token.to_owned());
285    };
286
287    let req = req_builder.build()?;
288    let resp = configuration.client.execute(req).await?;
289
290    let status = resp.status();
291    let content_type = resp
292        .headers()
293        .get("content-type")
294        .and_then(|v| v.to_str().ok())
295        .unwrap_or("application/octet-stream");
296    let content_type = super::ContentType::from(content_type);
297
298    if !status.is_client_error() && !status.is_server_error() {
299        let content = resp.text().await?;
300        match content_type {
301            ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
302            ContentType::Text => return Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::ExpandedPermissionTree`"))),
303            ContentType::Unsupported(unknown_type) => return Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::ExpandedPermissionTree`")))),
304        }
305    } else {
306        let content = resp.text().await?;
307        let entity: Option<ExpandPermissionsError> = serde_json::from_str(&content).ok();
308        Err(Error::ResponseError(ResponseContent { status, content, entity }))
309    }
310}
311
312/// To learn how relationship tuples and the check works, head over to [the documentation](https://www.ory.sh/docs/keto/concepts/api-overview).
313pub async fn post_check_permission(configuration: &configuration::Configuration, max_depth: Option<i64>, post_check_permission_body: Option<models::PostCheckPermissionBody>) -> Result<models::CheckPermissionResult, Error<PostCheckPermissionError>> {
314    // add a prefix to parameters to efficiently prevent name collisions
315    let p_max_depth = max_depth;
316    let p_post_check_permission_body = post_check_permission_body;
317
318    let uri_str = format!("{}/relation-tuples/check/openapi", configuration.base_path);
319    let mut req_builder = configuration.client.request(reqwest::Method::POST, &uri_str);
320
321    if let Some(ref param_value) = p_max_depth {
322        req_builder = req_builder.query(&[("max-depth", &param_value.to_string())]);
323    }
324    if let Some(ref user_agent) = configuration.user_agent {
325        req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
326    }
327    if let Some(ref token) = configuration.bearer_access_token {
328        req_builder = req_builder.bearer_auth(token.to_owned());
329    };
330    req_builder = req_builder.json(&p_post_check_permission_body);
331
332    let req = req_builder.build()?;
333    let resp = configuration.client.execute(req).await?;
334
335    let status = resp.status();
336    let content_type = resp
337        .headers()
338        .get("content-type")
339        .and_then(|v| v.to_str().ok())
340        .unwrap_or("application/octet-stream");
341    let content_type = super::ContentType::from(content_type);
342
343    if !status.is_client_error() && !status.is_server_error() {
344        let content = resp.text().await?;
345        match content_type {
346            ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
347            ContentType::Text => return Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::CheckPermissionResult`"))),
348            ContentType::Unsupported(unknown_type) => return Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::CheckPermissionResult`")))),
349        }
350    } else {
351        let content = resp.text().await?;
352        let entity: Option<PostCheckPermissionError> = serde_json::from_str(&content).ok();
353        Err(Error::ResponseError(ResponseContent { status, content, entity }))
354    }
355}
356
357/// To learn how relationship tuples and the check works, head over to [the documentation](https://www.ory.sh/docs/keto/concepts/api-overview).
358pub async fn post_check_permission_or_error(configuration: &configuration::Configuration, max_depth: Option<i64>, post_check_permission_or_error_body: Option<models::PostCheckPermissionOrErrorBody>) -> Result<models::CheckPermissionResult, Error<PostCheckPermissionOrErrorError>> {
359    // add a prefix to parameters to efficiently prevent name collisions
360    let p_max_depth = max_depth;
361    let p_post_check_permission_or_error_body = post_check_permission_or_error_body;
362
363    let uri_str = format!("{}/relation-tuples/check", configuration.base_path);
364    let mut req_builder = configuration.client.request(reqwest::Method::POST, &uri_str);
365
366    if let Some(ref param_value) = p_max_depth {
367        req_builder = req_builder.query(&[("max-depth", &param_value.to_string())]);
368    }
369    if let Some(ref user_agent) = configuration.user_agent {
370        req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
371    }
372    if let Some(ref token) = configuration.bearer_access_token {
373        req_builder = req_builder.bearer_auth(token.to_owned());
374    };
375    req_builder = req_builder.json(&p_post_check_permission_or_error_body);
376
377    let req = req_builder.build()?;
378    let resp = configuration.client.execute(req).await?;
379
380    let status = resp.status();
381    let content_type = resp
382        .headers()
383        .get("content-type")
384        .and_then(|v| v.to_str().ok())
385        .unwrap_or("application/octet-stream");
386    let content_type = super::ContentType::from(content_type);
387
388    if !status.is_client_error() && !status.is_server_error() {
389        let content = resp.text().await?;
390        match content_type {
391            ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
392            ContentType::Text => return Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::CheckPermissionResult`"))),
393            ContentType::Unsupported(unknown_type) => return Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::CheckPermissionResult`")))),
394        }
395    } else {
396        let content = resp.text().await?;
397        let entity: Option<PostCheckPermissionOrErrorError> = serde_json::from_str(&content).ok();
398        Err(Error::ResponseError(ResponseContent { status, content, entity }))
399    }
400}
401