Class: OpenFga::OpenFgaApi

Inherits:

Object

Object
OpenFga::OpenFgaApi

show all

Defined in:: lib/openfga/api/open_fga_api.rb

Instance Attribute Summary collapse

#api_client ⇒ Object

Returns the value of attribute api_client.

Instance Method Summary collapse

#batch_check(store_id, body, opts = {}) ⇒ BatchCheckResponse

Send a list of ‘check` operations in a single request The `BatchCheck` API functions nearly identically to `Check`, but instead of checking a single user-object relationship BatchCheck accepts a list of relationships to check and returns a map containing `BatchCheckItem` response for each check it received.
#batch_check_with_http_info(store_id, body, opts = {}) ⇒ Array<(BatchCheckResponse, Integer, Hash)>

Send a list of `check` operations in a single request The `BatchCheck` API functions nearly identically to `Check`, but instead of checking a single user-object relationship BatchCheck accepts a list of relationships to check and returns a map containing `BatchCheckItem` response for each check it received.
#check(store_id, body, opts = {}) ⇒ CheckResponse

Check whether a user is authorized to access an object The Check API returns whether a given user has a relationship with a given object in a given store.
#check_with_http_info(store_id, body, opts = {}) ⇒ Array<(CheckResponse, Integer, Hash)>

Check whether a user is authorized to access an object The Check API returns whether a given user has a relationship with a given object in a given store.
#create_store(body, opts = {}) ⇒ CreateStoreResponse

Create a store Create a unique OpenFGA store which will be used to store authorization models and relationship tuples.
#create_store_with_http_info(body, opts = {}) ⇒ Array<(CreateStoreResponse, Integer, Hash)>

Create a store Create a unique OpenFGA store which will be used to store authorization models and relationship tuples.
#delete_store(store_id, opts = {}) ⇒ nil

Delete a store Delete an OpenFGA store.
#delete_store_with_http_info(store_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a store Delete an OpenFGA store.
#expand(store_id, body, opts = {}) ⇒ ExpandResponse

Expand all relationships in userset tree format, and following userset rewrite rules.
#expand_with_http_info(store_id, body, opts = {}) ⇒ Array<(ExpandResponse, Integer, Hash)>

Expand all relationships in userset tree format, and following userset rewrite rules.
#get_store(store_id, opts = {}) ⇒ GetStoreResponse

Get a store Returns an OpenFGA store by its identifier.
#get_store_with_http_info(store_id, opts = {}) ⇒ Array<(GetStoreResponse, Integer, Hash)>

Get a store Returns an OpenFGA store by its identifier.
#initialize(api_client = ApiClient.default) ⇒ OpenFgaApi constructor

A new instance of OpenFgaApi.
#list_objects(store_id, body, opts = {}) ⇒ ListObjectsResponse

List all objects of the given type that the user has a relation with The ListObjects API returns a list of all the objects of the given type that the user has a relation with.
#list_objects_with_http_info(store_id, body, opts = {}) ⇒ Array<(ListObjectsResponse, Integer, Hash)>

List all objects of the given type that the user has a relation with The ListObjects API returns a list of all the objects of the given type that the user has a relation with.
#list_stores(opts = {}) ⇒ ListStoresResponse

List all stores Returns a paginated list of OpenFGA stores and a continuation token to get additional stores.
#list_stores_with_http_info(opts = {}) ⇒ Array<(ListStoresResponse, Integer, Hash)>

List all stores Returns a paginated list of OpenFGA stores and a continuation token to get additional stores.
#list_users(store_id, body, opts = {}) ⇒ ListUsersResponse

List the users matching the provided filter who have a certain relation to a particular type.
#list_users_with_http_info(store_id, body, opts = {}) ⇒ Array<(ListUsersResponse, Integer, Hash)>

List the users matching the provided filter who have a certain relation to a particular type.
#read(store_id, body, opts = {}) ⇒ ReadResponse

Get tuples from the store that matches a query, without following userset rewrite rules The Read API will return the tuples for a certain store that match a query filter specified in the body of the request.
#read_assertions(store_id, authorization_model_id, opts = {}) ⇒ ReadAssertionsResponse

Read assertions for an authorization model ID The ReadAssertions API will return, for a given authorization model id, all the assertions stored for it.
#read_assertions_with_http_info(store_id, authorization_model_id, opts = {}) ⇒ Array<(ReadAssertionsResponse, Integer, Hash)>

Read assertions for an authorization model ID The ReadAssertions API will return, for a given authorization model id, all the assertions stored for it.
#read_authorization_model(store_id, id, opts = {}) ⇒ ReadAuthorizationModelResponse

Return a particular version of an authorization model The ReadAuthorizationModel API returns an authorization model by its identifier.
#read_authorization_model_with_http_info(store_id, id, opts = {}) ⇒ Array<(ReadAuthorizationModelResponse, Integer, Hash)>

Return a particular version of an authorization model The ReadAuthorizationModel API returns an authorization model by its identifier.
#read_authorization_models(store_id, opts = {}) ⇒ ReadAuthorizationModelsResponse

Return all the authorization models for a particular store The ReadAuthorizationModels API will return all the authorization models for a certain store.
#read_authorization_models_with_http_info(store_id, opts = {}) ⇒ Array<(ReadAuthorizationModelsResponse, Integer, Hash)>

Return all the authorization models for a particular store The ReadAuthorizationModels API will return all the authorization models for a certain store.
#read_changes(store_id, opts = {}) ⇒ ReadChangesResponse

Return a list of all the tuple changes The ReadChanges API will return a paginated list of tuple changes (additions and deletions) that occurred in a given store, sorted by ascending time.
#read_changes_with_http_info(store_id, opts = {}) ⇒ Array<(ReadChangesResponse, Integer, Hash)>

Return a list of all the tuple changes The ReadChanges API will return a paginated list of tuple changes (additions and deletions) that occurred in a given store, sorted by ascending time.
#read_with_http_info(store_id, body, opts = {}) ⇒ Array<(ReadResponse, Integer, Hash)>

Get tuples from the store that matches a query, without following userset rewrite rules The Read API will return the tuples for a certain store that match a query filter specified in the body of the request.
#write(store_id, body, opts = {}) ⇒ Object

Add or delete tuples from the store The Write API will transactionally update the tuples for a certain store.
#write_assertions(store_id, authorization_model_id, body, opts = {}) ⇒ nil

Upsert assertions for an authorization model ID The WriteAssertions API will upsert new assertions for an authorization model id, or overwrite the existing ones.
#write_assertions_with_http_info(store_id, authorization_model_id, body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Upsert assertions for an authorization model ID The WriteAssertions API will upsert new assertions for an authorization model id, or overwrite the existing ones.
#write_authorization_model(store_id, body, opts = {}) ⇒ WriteAuthorizationModelResponse

Create a new authorization model The WriteAuthorizationModel API will add a new authorization model to a store.
#write_authorization_model_with_http_info(store_id, body, opts = {}) ⇒ Array<(WriteAuthorizationModelResponse, Integer, Hash)>

Create a new authorization model The WriteAuthorizationModel API will add a new authorization model to a store.
#write_with_http_info(store_id, body, opts = {}) ⇒ Array<(Object, Integer, Hash)>

Add or delete tuples from the store The Write API will transactionally update the tuples for a certain store.

Constructor Details

#initialize(api_client = ApiClient.default) ⇒ `OpenFgaApi`

Returns a new instance of OpenFgaApi.



20
21
22

# File 'lib/openfga/api/open_fga_api.rb', line 20

def initialize(api_client = ApiClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ `Object`

Returns the value of attribute api_client.



18
19
20

# File 'lib/openfga/api/open_fga_api.rb', line 18

def api_client
  @api_client
end

Instance Method Details

#batch_check(store_id, body, opts = {}) ⇒ `BatchCheckResponse`

Send a list of ‘check` operations in a single request The `BatchCheck` API functions nearly identically to `Check`, but instead of checking a single user-object relationship BatchCheck accepts a list of relationships to check and returns a map containing `BatchCheckItem` response for each check it received. An associated `correlation_id` is required for each check in the batch. This ID is used to correlate a check to the appropriate response. It is a string consisting of only alphanumeric characters or hyphens with a maximum length of 36 characters. This `correlation_id` is used to map the result of each check to the item which was checked, so it must be unique for each item in the batch. We recommend using a UUID or ULID as the `correlation_id`, but you can use whatever unique identifier you need as long as it matches this regex pattern: `^[\w\d-]1,36$` NOTE: The maximum number of checks that can be passed in the `BatchCheck` API is configurable via the [OPENFGA_MAX_CHECKS_PER_BATCH_CHECK](openfga.dev/docs/getting-started/setup-openfga/configuration#OPENFGA_MAX_CHECKS_PER_BATCH_CHECK) environment variable. If `BatchCheck` is called using the SDK, the SDK can split the batch check requests for you. For more details on how `Check` functions, see the docs for `/check`. ### Examples #### A BatchCheckRequest “`json { "checks": [ { "tuple_key": { "object": "document:2021-budget" "relation": "reader", "user": "user:anne", }, "contextual_tuples": … "context": {} "correlation_id": "01JA8PM3QM7VBPGB8KMPK8SBD5" }, { "tuple_key": { "object": "document:2021-budget" "relation": "reader", "user": "user:bob", }, "contextual_tuples": … "context": {} "correlation_id": "01JA8PMM6A90NV5ET0F28CYSZQ" } ] } “` Below is a possible response to the above request. Note that the result map’s keys are the ‘correlation_id` values from the checked items in the request: “`json { "result": { "01JA8PMM6A90NV5ET0F28CYSZQ": { "allowed": false, "error": "" }, "01JA8PM3QM7VBPGB8KMPK8SBD5": { "allowed": true, "error": "" } } “`

Parameters:

store_id (String)
body (BatchCheckRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(BatchCheckResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 29

def batch_check(store_id, body, opts = {})
  data, _status_code, _headers = batch_check_with_http_info(store_id, body, opts)
  data
end

#batch_check_with_http_info(store_id, body, opts = {}) ⇒ `Array<(BatchCheckResponse, Integer, Hash)>`

Send a list of `check` operations in a single request The `BatchCheck` API functions nearly identically to `Check`, but instead of checking a single user-object relationship BatchCheck accepts a list of relationships to check and returns a map containing `BatchCheckItem` response for each check it received. An associated `correlation_id` is required for each check in the batch. This ID is used to correlate a check to the appropriate response. It is a string consisting of only alphanumeric characters or hyphens with a maximum length of 36 characters. This `correlation_id` is used to map the result of each check to the item which was checked, so it must be unique for each item in the batch. We recommend using a UUID or ULID as the `correlation_id`, but you can use whatever unique identifier you need as long as it matches this regex pattern: `^1,36$` NOTE: The maximum number of checks that can be passed in the `BatchCheck` API is configurable via the [OPENFGA_MAX_CHECKS_PER_BATCH_CHECK](openfga.dev/docs/getting-started/setup-openfga/configuration#OPENFGA_MAX_CHECKS_PER_BATCH_CHECK) environment variable. If `BatchCheck` is called using the SDK, the SDK can split the batch check requests for you. For more details on how `Check` functions, see the docs for `/check`. ### Examples #### A BatchCheckRequest ```json { "checks": [ { "tuple_key": { "object": "document:2021-budget" "relation": "reader", "user": "user:anne", }, "contextual_tuples": … "context": {} "correlation_id": "01JA8PM3QM7VBPGB8KMPK8SBD5" }, { "tuple_key": { "object": "document:2021-budget" "relation": "reader", "user": "user:bob", }, "contextual_tuples": … "context": {} "correlation_id": "01JA8PMM6A90NV5ET0F28CYSZQ" } ] } ``` Below is a possible response to the above request. Note that the result map's keys are the `correlation_id` values from the checked items in the request: ```json { "result": { "01JA8PMM6A90NV5ET0F28CYSZQ": { "allowed": false, "error": "" }, "01JA8PM3QM7VBPGB8KMPK8SBD5": { "allowed": true, "error": "" } } ```

Parameters:

store_id (String)
body (BatchCheckRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(BatchCheckResponse, Integer, Hash)>) —

BatchCheckResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 40

def batch_check_with_http_info(store_id, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.batch_check ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.batch_check"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.batch_check"
  end
  # resource path
  local_var_path = '/stores/{store_id}/batch-check'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'BatchCheckResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.batch_check",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#batch_check\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#check(store_id, body, opts = {}) ⇒ `CheckResponse`

Check whether a user is authorized to access an object The Check API returns whether a given user has a relationship with a given object in a given store. The ‘user` field of the request can be a specific target, such as `user:anne`, or a userset (set of users) such as `group:marketing#member` or a type-bound public access `user:*`. To arrive at a result, the API uses: an authorization model, explicit tuples written through the Write API, contextual tuples present in the request, and implicit tuples that exist by virtue of applying set theory (such as `document:2021-budget#viewer@document:2021-budget#viewer`; the set of users who are viewers of `document:2021-budget` are the set of users who are the viewers of `document:2021-budget`). A `contextual_tuples` object may also be included in the body of the request. This object contains one field `tuple_keys`, which is an array of tuple keys. Each of these tuples may have an associated `condition`. You may also provide an `authorization_model_id` in the body. This will be used to assert that the input `tuple_key` is valid for the model specified. If not specified, the assertion will be made against the latest authorization model ID. It is strongly recommended to specify authorization model id for better performance. You may also provide a `context` object that will be used to evaluate the conditioned tuples in the system. It is strongly recommended to provide a value for all the input parameters of all the conditions, to ensure that all tuples be evaluated correctly. By default, the Check API caches results for a short time to optimize performance. You may specify a value of `HIGHER_CONSISTENCY` for the optional `consistency` parameter in the body to inform the server that higher conisistency is preferred at the expense of increased latency. Consideration should be given to the increased latency if requesting higher consistency. The response will return whether the relationship exists in the field `allowed`. Some exceptions apply, but in general, if a Check API responds with `true`, then you can expect the equivalent ListObjects query to return the object, and viceversa. For example, if `Check(user:anne, reader, document:2021-budget)` responds with `true`, then `ListObjects(user:anne, reader, document)` may include `document:2021-budget` in the response. ## Examples ### Querying with contextual tuples In order to check if user `user:anne` of type `user` has a `reader` relationship with object `document:2021-budget` given the following contextual tuple “`json { "user": "user:anne", "relation": "member", "object": "time_slot:office_hours" } “` the Check API can be used with the following request body: “`json { "tuple_key": { "user": "user:anne", "relation": "reader", "object": "document:2021-budget" }, "contextual_tuples": { "tuple_keys": [ { "user": "user:anne", "relation": "member", "object": "time_slot:office_hours" } ] }, "authorization_model_id": "01G50QVV17PECNVAHX1GG4Y5NC" } “` ### Querying usersets Some Checks will always return `true`, even without any tuples. For example, for the following authorization model “`python model schema 1.1 type user type document relations define reader: [user] “` the following query “`json { "tuple_key": { "user": "document:2021-budget#reader", "relation": "reader", "object": "document:2021-budget" } } “` will always return `{ "allowed": true }`. This is because usersets are self-defining: the userset `document:2021-budget#reader` will always have the `reader` relation with `document:2021-budget`. ### Querying usersets with difference in the model A Check for a userset can yield results that must be treated carefully if the model involves difference. For example, for the following authorization model “`python model schema 1.1 type user type group relations define member: [user] type document relations define blocked: [user] define reader: [group#member] but not blocked “` the following query “`json { "tuple_key": { "user": "group:finance#member", "relation": "reader", "object": "document:2021-budget" }, "contextual_tuples": { "tuple_keys": [ { "user": "user:anne", "relation": "member", "object": "group:finance" }, { "user": "group:finance#member", "relation": "reader", "object": "document:2021-budget" }, { "user": "user:anne", "relation": "blocked", "object": "document:2021-budget" } ] }, } “` will return `{ "allowed": true }`, even though a specific user of the userset `group:finance#member` does not have the `reader` relationship with the given object. ### Requesting higher consistency By default, the Check API caches results for a short time to optimize performance. You may request higher consistency to inform the server that higher consistency should be preferred at the expense of increased latency. Care should be taken when requesting higher consistency due to the increased latency. “`json { "tuple_key": { "user": "group:finance#member", "relation": "reader", "object": "document:2021-budget" }, "consistency": "HIGHER_CONSISTENCY" } “`

Parameters:

store_id (String)
body (CheckRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(CheckResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 103

def check(store_id, body, opts = {})
  data, _status_code, _headers = check_with_http_info(store_id, body, opts)
  data
end

#check_with_http_info(store_id, body, opts = {}) ⇒ `Array<(CheckResponse, Integer, Hash)>`

Check whether a user is authorized to access an object The Check API returns whether a given user has a relationship with a given object in a given store. The `user` field of the request can be a specific target, such as `user:anne`, or a userset (set of users) such as `group:marketing#member` or a type-bound public access `user:*`. To arrive at a result, the API uses: an authorization model, explicit tuples written through the Write API, contextual tuples present in the request, and implicit tuples that exist by virtue of applying set theory (such as `document:2021-budget#viewer@document:2021-budget#viewer`; the set of users who are viewers of `document:2021-budget` are the set of users who are the viewers of `document:2021-budget`). A `contextual_tuples` object may also be included in the body of the request. This object contains one field `tuple_keys`, which is an array of tuple keys. Each of these tuples may have an associated `condition`. You may also provide an `authorization_model_id` in the body. This will be used to assert that the input `tuple_key` is valid for the model specified. If not specified, the assertion will be made against the latest authorization model ID. It is strongly recommended to specify authorization model id for better performance. You may also provide a `context` object that will be used to evaluate the conditioned tuples in the system. It is strongly recommended to provide a value for all the input parameters of all the conditions, to ensure that all tuples be evaluated correctly. By default, the Check API caches results for a short time to optimize performance. You may specify a value of `HIGHER_CONSISTENCY` for the optional `consistency` parameter in the body to inform the server that higher conisistency is preferred at the expense of increased latency. Consideration should be given to the increased latency if requesting higher consistency. The response will return whether the relationship exists in the field `allowed`. Some exceptions apply, but in general, if a Check API responds with `true`, then you can expect the equivalent ListObjects query to return the object, and viceversa. For example, if `Check(user:anne, reader, document:2021-budget)` responds with `true`, then `ListObjects(user:anne, reader, document)` may include `document:2021-budget` in the response. ## Examples ### Querying with contextual tuples In order to check if user `user:anne` of type `user` has a `reader` relationship with object `document:2021-budget` given the following contextual tuple ```json { "user": "user:anne", "relation": "member", "object": "time_slot:office_hours" } ``` the Check API can be used with the following request body: ```json { "tuple_key": { "user": "user:anne", "relation": "reader", "object": "document:2021-budget" }, "contextual_tuples": { "tuple_keys": [ { "user": "user:anne", "relation": "member", "object": "time_slot:office_hours" } ] }, "authorization_model_id": "01G50QVV17PECNVAHX1GG4Y5NC" } ``` ### Querying usersets Some Checks will always return `true`, even without any tuples. For example, for the following authorization model ```python model schema 1.1 type user type document relations define reader: [user] ``` the following query ```json { "tuple_key": { "user": "document:2021-budget#reader", "relation": "reader", "object": "document:2021-budget" } } ``` will always return `{ "allowed": true }`. This is because usersets are self-defining: the userset `document:2021-budget#reader` will always have the `reader` relation with `document:2021-budget`. ### Querying usersets with difference in the model A Check for a userset can yield results that must be treated carefully if the model involves difference. For example, for the following authorization model ```python model schema 1.1 type user type group relations define member: [user] type document relations define blocked: [user] define reader: [group#member] but not blocked ``` the following query ```json { "tuple_key": { "user": "group:finance#member", "relation": "reader", "object": "document:2021-budget" }, "contextual_tuples": { "tuple_keys": [ { "user": "user:anne", "relation": "member", "object": "group:finance" }, { "user": "group:finance#member", "relation": "reader", "object": "document:2021-budget" }, { "user": "user:anne", "relation": "blocked", "object": "document:2021-budget" } ] }, } ``` will return `{ "allowed": true }`, even though a specific user of the userset `group:finance#member` does not have the `reader` relationship with the given object. ### Requesting higher consistency By default, the Check API caches results for a short time to optimize performance. You may request higher consistency to inform the server that higher consistency should be preferred at the expense of increased latency. Care should be taken when requesting higher consistency due to the increased latency. ```json { "tuple_key": { "user": "group:finance#member", "relation": "reader", "object": "document:2021-budget" }, "consistency": "HIGHER_CONSISTENCY" } ```

Parameters:

store_id (String)
body (CheckRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(CheckResponse, Integer, Hash)>) —

CheckResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 114

def check_with_http_info(store_id, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.check ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.check"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.check"
  end
  # resource path
  local_var_path = '/stores/{store_id}/check'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'CheckResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.check",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#check\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_store(body, opts = {}) ⇒ `CreateStoreResponse`

Create a store Create a unique OpenFGA store which will be used to store authorization models and relationship tuples.

Parameters:

body (CreateStoreRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(CreateStoreResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 176

def create_store(body, opts = {})
  data, _status_code, _headers = create_store_with_http_info(body, opts)
  data
end

#create_store_with_http_info(body, opts = {}) ⇒ `Array<(CreateStoreResponse, Integer, Hash)>`

Create a store Create a unique OpenFGA store which will be used to store authorization models and relationship tuples.

Parameters:

body (CreateStoreRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(CreateStoreResponse, Integer, Hash)>) —

CreateStoreResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 186

def create_store_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.create_store ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.create_store"
  end
  # resource path
  local_var_path = '/stores'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'CreateStoreResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.create_store",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#create_store\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_store(store_id, opts = {}) ⇒ `nil`

Delete a store Delete an OpenFGA store. This does not delete the data associated with the store, like tuples or authorization models.

Parameters:

store_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(nil)

# File 'lib/openfga/api/open_fga_api.rb', line 244

def delete_store(store_id, opts = {})
  delete_store_with_http_info(store_id, opts)
  nil
end

#delete_store_with_http_info(store_id, opts = {}) ⇒ `Array<(nil, Integer, Hash)>`

Delete a store Delete an OpenFGA store. This does not delete the data associated with the store, like tuples or authorization models.

Parameters:

store_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(nil, Integer, Hash)>) —

nil, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 254

def delete_store_with_http_info(store_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.delete_store ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.delete_store"
  end
  # resource path
  local_var_path = '/stores/{store_id}'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.delete_store",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#delete_store\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#expand(store_id, body, opts = {}) ⇒ `ExpandResponse`

Expand all relationships in userset tree format, and following userset rewrite rules. Useful to reason about and debug a certain relationship The Expand API will return all users and usersets that have certain relationship with an object in a certain store. This is different from the ‘/stores/store_id/read` API in that both users and computed usersets are returned. Body parameters `tuple_key.object` and `tuple_key.relation` are all required. A `contextual_tuples` object may also be included in the body of the request. This object contains one field `tuple_keys`, which is an array of tuple keys. Each of these tuples may have an associated `condition`. The response will return a tree whose leaves are the specific users and usersets. Union, intersection and difference operator are located in the intermediate nodes. ## Example To expand all users that have the `reader` relationship with object `document:2021-budget`, use the Expand API with the following request body “`json { "tuple_key": { "object": "document:2021-budget", "relation": "reader" }, "authorization_model_id": "01G50QVV17PECNVAHX1GG4Y5NC" } “` OpenFGA’s response will be a userset tree of the users and usersets that have read access to the document. “‘json { "tree":{ "root":{ "type":"document:2021-budget#reader", "union":{ "nodes":[ { "type":"document:2021-budget#reader", "leaf":{ "users":{ "users":[ "user:bob" ] } } }, { "type":"document:2021-budget#reader", "leaf":{ "computed":{ "userset":"document:2021-budget#writer" } } } ] } } } } “` The caller can then call expand API for the `writer` relationship for the `document:2021-budget`. ### Expand Request with Contextual Tuples Given the model “`python model schema 1.1 type user type folder relations define owner: [user] type document relations define parent: [folder] define viewer: [user] or writer define writer: [user] or owner from parent “` and the initial tuples “`json [{ "user": "user:bob", "relation": "owner", "object": "folder:1" }] “` To expand all `writers` of `document:1` when `document:1` is put in `folder:1`, the first call could be “`json { "tuple_key": { "object": "document:1", "relation": "writer" }, "contextual_tuples": { "tuple_keys": [ { "user": "folder:1", "relation": "parent", "object": "document:1" } ] } } “` this returns: “`json { "tree": { "root": { "name": "document:1#writer", "union": { "nodes": [ { "name": "document:1#writer", "leaf": { "users": { "users": [] } } }, { "name": "document:1#writer", "leaf": { "tupleToUserset": { "tupleset": "document:1#parent", "computed": [ { "userset": "folder:1#owner" } ] } } } ] } } } } “` This tells us that the `owner` of `folder:1` may also be a writer. So our next call could be to find the `owners` of `folder:1` “`json { "tuple_key": { "object": "folder:1", "relation": "owner" } } “` which gives “`json { "tree": { "root": { "name": "folder:1#owner", "leaf": { "users": { "users": [ "user:bob" ] } } } } } “`

Parameters:

store_id (String)
body (ExpandRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(ExpandResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 308

def expand(store_id, body, opts = {})
  data, _status_code, _headers = expand_with_http_info(store_id, body, opts)
  data
end

#expand_with_http_info(store_id, body, opts = {}) ⇒ `Array<(ExpandResponse, Integer, Hash)>`

Expand all relationships in userset tree format, and following userset rewrite rules. Useful to reason about and debug a certain relationship The Expand API will return all users and usersets that have certain relationship with an object in a certain store. This is different from the `/stores/store_id/read` API in that both users and computed usersets are returned. Body parameters `tuple_key.object` and `tuple_key.relation` are all required. A `contextual_tuples` object may also be included in the body of the request. This object contains one field `tuple_keys`, which is an array of tuple keys. Each of these tuples may have an associated `condition`. The response will return a tree whose leaves are the specific users and usersets. Union, intersection and difference operator are located in the intermediate nodes. ## Example To expand all users that have the `reader` relationship with object `document:2021-budget`, use the Expand API with the following request body ```json { "tuple_key": { "object": "document:2021-budget", "relation": "reader" }, "authorization_model_id": "01G50QVV17PECNVAHX1GG4Y5NC" } ``` OpenFGA's response will be a userset tree of the users and usersets that have read access to the document. ```json { "tree":{ "root":{ "type":"document:2021-budget#reader", "union":{ "nodes":[ { "type":"document:2021-budget#reader", "leaf":{ "users":{ "users":[ "user:bob" ] } } }, { "type":"document:2021-budget#reader", "leaf":{ "computed":{ "userset":"document:2021-budget#writer" } } } ] } } } } ``` The caller can then call expand API for the `writer` relationship for the `document:2021-budget`. ### Expand Request with Contextual Tuples Given the model ```python model schema 1.1 type user type folder relations define owner: [user] type document relations define parent: [folder] define viewer: [user] or writer define writer: [user] or owner from parent ``` and the initial tuples ```json [{ "user": "user:bob", "relation": "owner", "object": "folder:1" }] ``` To expand all `writers` of `document:1` when `document:1` is put in `folder:1`, the first call could be ```json { "tuple_key": { "object": "document:1", "relation": "writer" }, "contextual_tuples": { "tuple_keys": [ { "user": "folder:1", "relation": "parent", "object": "document:1" } ] } } ``` this returns: ```json { "tree": { "root": { "name": "document:1#writer", "union": { "nodes": [ { "name": "document:1#writer", "leaf": { "users": { "users": [] } } }, { "name": "document:1#writer", "leaf": { "tupleToUserset": { "tupleset": "document:1#parent", "computed": [ { "userset": "folder:1#owner" } ] } } } ] } } } } ``` This tells us that the `owner` of `folder:1` may also be a writer. So our next call could be to find the `owners` of `folder:1` ```json { "tuple_key": { "object": "folder:1", "relation": "owner" } } ``` which gives ```json { "tree": { "root": { "name": "folder:1#owner", "leaf": { "users": { "users": [ "user:bob" ] } } } } } ```

Parameters:

store_id (String)
body (ExpandRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(ExpandResponse, Integer, Hash)>) —

ExpandResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 319

def expand_with_http_info(store_id, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.expand ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.expand"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.expand"
  end
  # resource path
  local_var_path = '/stores/{store_id}/expand'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ExpandResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.expand",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#expand\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_store(store_id, opts = {}) ⇒ `GetStoreResponse`

Get a store Returns an OpenFGA store by its identifier

Parameters:

store_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(GetStoreResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 381

def get_store(store_id, opts = {})
  data, _status_code, _headers = get_store_with_http_info(store_id, opts)
  data
end

#get_store_with_http_info(store_id, opts = {}) ⇒ `Array<(GetStoreResponse, Integer, Hash)>`

Get a store Returns an OpenFGA store by its identifier

Parameters:

store_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(GetStoreResponse, Integer, Hash)>) —

GetStoreResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 391

def get_store_with_http_info(store_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.get_store ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.get_store"
  end
  # resource path
  local_var_path = '/stores/{store_id}'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetStoreResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.get_store",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#get_store\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_objects(store_id, body, opts = {}) ⇒ `ListObjectsResponse`

List all objects of the given type that the user has a relation with The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To arrive at a result, the API uses: an authorization model, explicit tuples written through the Write API, contextual tuples present in the request, and implicit tuples that exist by virtue of applying set theory (such as ‘document:2021-budget#viewer@document:2021-budget#viewer`; the set of users who are viewers of `document:2021-budget` are the set of users who are the viewers of `document:2021-budget`). An `authorization_model_id` may be specified in the body. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. Each of these tuples may have an associated `condition`. You may also provide a `context` object that will be used to evaluate the conditioned tuples in the system. It is strongly recommended to provide a value for all the input parameters of all the conditions, to ensure that all tuples be evaluated correctly. By default, the Check API caches results for a short time to optimize performance. You may specify a value of `HIGHER_CONSISTENCY` for the optional `consistency` parameter in the body to inform the server that higher conisistency is preferred at the expense of increased latency. Consideration should be given to the increased latency if requesting higher consistency. The response will contain the related objects in an array in the "objects" field of the response and they will be strings in the object format `<type>:<id>` (e.g. "document:roadmap"). The number of objects in the response array will be limited by the execution timeout specified in the flag OPENFGA_LIST_OBJECTS_DEADLINE and by the upper bound specified in the flag OPENFGA_LIST_OBJECTS_MAX_RESULTS, whichever is hit first. The objects given will not be sorted, and therefore two identical calls can give a given different set of objects.

Parameters:

store_id (String)
body (ListObjectsRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(ListObjectsResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 445

def list_objects(store_id, body, opts = {})
  data, _status_code, _headers = list_objects_with_http_info(store_id, body, opts)
  data
end

#list_objects_with_http_info(store_id, body, opts = {}) ⇒ `Array<(ListObjectsResponse, Integer, Hash)>`

List all objects of the given type that the user has a relation with The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To arrive at a result, the API uses: an authorization model, explicit tuples written through the Write API, contextual tuples present in the request, and implicit tuples that exist by virtue of applying set theory (such as `document:2021-budget#viewer@document:2021-budget#viewer`; the set of users who are viewers of `document:2021-budget` are the set of users who are the viewers of `document:2021-budget`). An `authorization_model_id` may be specified in the body. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. Each of these tuples may have an associated `condition`. You may also provide a `context` object that will be used to evaluate the conditioned tuples in the system. It is strongly recommended to provide a value for all the input parameters of all the conditions, to ensure that all tuples be evaluated correctly. By default, the Check API caches results for a short time to optimize performance. You may specify a value of `HIGHER_CONSISTENCY` for the optional `consistency` parameter in the body to inform the server that higher conisistency is preferred at the expense of increased latency. Consideration should be given to the increased latency if requesting higher consistency. The response will contain the related objects in an array in the "objects" field of the response and they will be strings in the object format `<type>:<id>` (e.g. "document:roadmap"). The number of objects in the response array will be limited by the execution timeout specified in the flag OPENFGA_LIST_OBJECTS_DEADLINE and by the upper bound specified in the flag OPENFGA_LIST_OBJECTS_MAX_RESULTS, whichever is hit first. The objects given will not be sorted, and therefore two identical calls can give a given different set of objects.

Parameters:

store_id (String)
body (ListObjectsRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(ListObjectsResponse, Integer, Hash)>) —

ListObjectsResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 456

def list_objects_with_http_info(store_id, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.list_objects ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.list_objects"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.list_objects"
  end
  # resource path
  local_var_path = '/stores/{store_id}/list-objects'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ListObjectsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.list_objects",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#list_objects\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_stores(opts = {}) ⇒ `ListStoresResponse`

List all stores Returns a paginated list of OpenFGA stores and a continuation token to get additional stores. The continuation token will be empty if there are no more stores.

Parameters:

opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:page_size (Integer)
:continuation_token (String)
:name (String) —

The name parameter instructs the API to only include results that match that name.Multiple results may be returned. Only exact matches will be returned; substring matches and regexes will not be evaluated

Returns:

(ListStoresResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 520

def list_stores(opts = {})
  data, _status_code, _headers = list_stores_with_http_info(opts)
  data
end

#list_stores_with_http_info(opts = {}) ⇒ `Array<(ListStoresResponse, Integer, Hash)>`

List all stores Returns a paginated list of OpenFGA stores and a continuation token to get additional stores. The continuation token will be empty if there are no more stores.

Parameters:

opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:page_size (Integer)
:continuation_token (String)
:name (String) —

The name parameter instructs the API to only include results that match that name.Multiple results may be returned. Only exact matches will be returned; substring matches and regexes will not be evaluated

Returns:

(Array<(ListStoresResponse, Integer, Hash)>) —

ListStoresResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 532

def list_stores_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.list_stores ...'
  end
  # resource path
  local_var_path = '/stores'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page_size'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'continuation_token'] = opts[:'continuation_token'] if !opts[:'continuation_token'].nil?
  query_params[:'name'] = opts[:'name'] if !opts[:'name'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListStoresResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.list_stores",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#list_stores\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_users(store_id, body, opts = {}) ⇒ `ListUsersResponse`

List the users matching the provided filter who have a certain relation to a particular type. The ListUsers API returns a list of all the users of a specific type that have a relation to a given object. To arrive at a result, the API uses: an authorization model, explicit tuples written through the Write API, contextual tuples present in the request, and implicit tuples that exist by virtue of applying set theory (such as ‘document:2021-budget#viewer@document:2021-budget#viewer`; the set of users who are viewers of `document:2021-budget` are the set of users who are the viewers of `document:2021-budget`). An `authorization_model_id` may be specified in the body. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. Each of these tuples may have an associated `condition`. You may also provide a `context` object that will be used to evaluate the conditioned tuples in the system. It is strongly recommended to provide a value for all the input parameters of all the conditions, to ensure that all tuples be evaluated correctly. The response will contain the related users in an array in the "users" field of the response. These results may include specific objects, usersets or type-bound public access. Each of these types of results is encoded in its own type and not represented as a string.In cases where a type-bound public access result is returned (e.g. `user:*`), it cannot be inferred that all subjects of that type have a relation to the object; it is possible that negations exist and checks should still be queried on individual subjects to ensure access to that document.The number of users in the response array will be limited by the execution timeout specified in the flag OPENFGA_LIST_USERS_DEADLINE and by the upper bound specified in the flag OPENFGA_LIST_USERS_MAX_RESULTS, whichever is hit first. The returned users will not be sorted, and therefore two identical calls may yield different sets of users.

Parameters:

store_id (String)
body (ListUsersRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(ListUsersResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 585

def list_users(store_id, body, opts = {})
  data, _status_code, _headers = list_users_with_http_info(store_id, body, opts)
  data
end

#list_users_with_http_info(store_id, body, opts = {}) ⇒ `Array<(ListUsersResponse, Integer, Hash)>`

List the users matching the provided filter who have a certain relation to a particular type. The ListUsers API returns a list of all the users of a specific type that have a relation to a given object. To arrive at a result, the API uses: an authorization model, explicit tuples written through the Write API, contextual tuples present in the request, and implicit tuples that exist by virtue of applying set theory (such as `document:2021-budget#viewer@document:2021-budget#viewer`; the set of users who are viewers of `document:2021-budget` are the set of users who are the viewers of `document:2021-budget`). An `authorization_model_id` may be specified in the body. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. Each of these tuples may have an associated `condition`. You may also provide a `context` object that will be used to evaluate the conditioned tuples in the system. It is strongly recommended to provide a value for all the input parameters of all the conditions, to ensure that all tuples be evaluated correctly. The response will contain the related users in an array in the "users" field of the response. These results may include specific objects, usersets or type-bound public access. Each of these types of results is encoded in its own type and not represented as a string.In cases where a type-bound public access result is returned (e.g. `user:*`), it cannot be inferred that all subjects of that type have a relation to the object; it is possible that negations exist and checks should still be queried on individual subjects to ensure access to that document.The number of users in the response array will be limited by the execution timeout specified in the flag OPENFGA_LIST_USERS_DEADLINE and by the upper bound specified in the flag OPENFGA_LIST_USERS_MAX_RESULTS, whichever is hit first. The returned users will not be sorted, and therefore two identical calls may yield different sets of users.

Parameters:

store_id (String)
body (ListUsersRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(ListUsersResponse, Integer, Hash)>) —

ListUsersResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 596

def list_users_with_http_info(store_id, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.list_users ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.list_users"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.list_users"
  end
  # resource path
  local_var_path = '/stores/{store_id}/list-users'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ListUsersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.list_users",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#list_users\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#read(store_id, body, opts = {}) ⇒ `ReadResponse`

Get tuples from the store that matches a query, without following userset rewrite rules The Read API will return the tuples for a certain store that match a query filter specified in the body of the request. The API doesn’t guarantee order by any field. It is different from the ‘/stores/store_id/expand` API in that it only returns relationship tuples that are stored in the system and satisfy the query. In the body: 1. `tuple_key` is optional. If not specified, it will return all tuples in the store. 2. `tuple_key.object` is mandatory if `tuple_key` is specified. It can be a full object (e.g., `type:object_id`) or type only (e.g., `type:`). 3. `tuple_key.user` is mandatory if tuple_key is specified in the case the `tuple_key.object` is a type only. If tuple_key.user is specified, it needs to be a full object (e.g., `type:user_id`). ## Examples ### Query for all objects in a type definition To query for all objects that `user:bob` has `reader` relationship in the `document` type definition, call read API with body of “`json { "tuple_key": { "user": "user:bob", "relation": "reader", "object": "document:" } } “` The API will return tuples and a continuation token, something like “`json { "tuples": [ { "key": { "user": "user:bob", "relation": "reader", "object": "document:2021-budget" }, "timestamp": "2021-10-06T15:32:11.128Z" } ], "continuation_token": "eyJwayI6IkxBVEVTVF9OU0NPTkZJR19hdXRoMHN0b3JlIiwic2siOiIxem1qbXF3MWZLZExTcUoyN01MdTdqTjh0cWgifQ==" } “` This means that `user:bob` has a `reader` relationship with 1 document `document:2021-budget`. Note that this API, unlike the List Objects API, does not evaluate the tuples in the store. The continuation token will be empty if there are no more tuples to query. ### Query for all stored relationship tuples that have a particular relation and object To query for all users that have `reader` relationship with `document:2021-budget`, call read API with body of “`json { "tuple_key": { "object": "document:2021-budget", "relation": "reader" } } “` The API will return something like “`json { "tuples": [ { "key": { "user": "user:bob", "relation": "reader", "object": "document:2021-budget" }, "timestamp": "2021-10-06T15:32:11.128Z" } ], "continuation_token": "eyJwayI6IkxBVEVTVF9OU0NPTkZJR19hdXRoMHN0b3JlIiwic2siOiIxem1qbXF3MWZLZExTcUoyN01MdTdqTjh0cWgifQ==" } “` This means that `document:2021-budget` has 1 `reader` (`user:bob`). Note that, even if the model said that all `writers` are also `readers`, the API will not return writers such as `user:anne` because it only returns tuples and does not evaluate them. ### Query for all users with all relationships for a particular document To query for all users that have any relationship with `document:2021-budget`, call read API with body of “`json { "tuple_key": { "object": "document:2021-budget" } } “` The API will return something like “`json { "tuples": [ { "key": { "user": "user:anne", "relation": "writer", "object": "document:2021-budget" }, "timestamp": "2021-10-05T13:42:12.356Z" }, { "key": { "user": "user:bob", "relation": "reader", "object": "document:2021-budget" }, "timestamp": "2021-10-06T15:32:11.128Z" } ], "continuation_token": "eyJwayI6IkxBVEVTVF9OU0NPTkZJR19hdXRoMHN0b3JlIiwic2siOiIxem1qbXF3MWZLZExTcUoyN01MdTdqTjh0cWgifQ==" } “` This means that `document:2021-budget` has 1 `reader` (`user:bob`) and 1 `writer` (`user:anne`).

Parameters:

store_id (String)
body (ReadRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(ReadResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 659

def read(store_id, body, opts = {})
  data, _status_code, _headers = read_with_http_info(store_id, body, opts)
  data
end

#read_assertions(store_id, authorization_model_id, opts = {}) ⇒ `ReadAssertionsResponse`

Read assertions for an authorization model ID The ReadAssertions API will return, for a given authorization model id, all the assertions stored for it.

Parameters:

store_id (String)
authorization_model_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(ReadAssertionsResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 733

def read_assertions(store_id, authorization_model_id, opts = {})
  data, _status_code, _headers = read_assertions_with_http_info(store_id, authorization_model_id, opts)
  data
end

#read_assertions_with_http_info(store_id, authorization_model_id, opts = {}) ⇒ `Array<(ReadAssertionsResponse, Integer, Hash)>`

Read assertions for an authorization model ID The ReadAssertions API will return, for a given authorization model id, all the assertions stored for it.

Parameters:

store_id (String)
authorization_model_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(ReadAssertionsResponse, Integer, Hash)>) —

ReadAssertionsResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 744

def read_assertions_with_http_info(store_id, authorization_model_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.read_assertions ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.read_assertions"
  end
  # verify the required parameter 'authorization_model_id' is set
  if @api_client.config.client_side_validation && authorization_model_id.nil?
    fail ArgumentError, "Missing the required parameter 'authorization_model_id' when calling OpenFgaApi.read_assertions"
  end
  # resource path
  local_var_path = '/stores/{store_id}/assertions/{authorization_model_id}'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s)).sub('{' + 'authorization_model_id' + '}', CGI.escape(authorization_model_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ReadAssertionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.read_assertions",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#read_assertions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#read_authorization_model(store_id, id, opts = {}) ⇒ `ReadAuthorizationModelResponse`

Return a particular version of an authorization model The ReadAuthorizationModel API returns an authorization model by its identifier. The response will return the authorization model for the particular version. ## Example To retrieve the authorization model with ID ‘01G5JAVJ41T49E9TT3SKVS7X1J` for the store, call the GET authorization-models by ID API with `01G5JAVJ41T49E9TT3SKVS7X1J` as the `id` path parameter. The API will return: “`json { "authorization_model":{ "id":"01G5JAVJ41T49E9TT3SKVS7X1J", "type_definitions":[ { "type":"user" }, { "type":"document", "relations":{ "reader":{ "union":{ "child":[ { "this":{} }, { "computedUserset":{ "object":"", "relation":"writer" } } ] } }, "writer":{ "this":{} } } } ] } } “` In the above example, there are 2 types (`user` and `document`). The `document` type has 2 relations (`writer` and `reader`).

Parameters:

store_id (String)
id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(ReadAuthorizationModelResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 802

def read_authorization_model(store_id, id, opts = {})
  data, _status_code, _headers = read_authorization_model_with_http_info(store_id, id, opts)
  data
end

#read_authorization_model_with_http_info(store_id, id, opts = {}) ⇒ `Array<(ReadAuthorizationModelResponse, Integer, Hash)>`

Return a particular version of an authorization model The ReadAuthorizationModel API returns an authorization model by its identifier. The response will return the authorization model for the particular version. ## Example To retrieve the authorization model with ID `01G5JAVJ41T49E9TT3SKVS7X1J` for the store, call the GET authorization-models by ID API with `01G5JAVJ41T49E9TT3SKVS7X1J` as the `id` path parameter. The API will return: ```json { "authorization_model":{ "id":"01G5JAVJ41T49E9TT3SKVS7X1J", "type_definitions":[ { "type":"user" }, { "type":"document", "relations":{ "reader":{ "union":{ "child":[ { "this":{} }, { "computedUserset":{ "object":"", "relation":"writer" } } ] } }, "writer":{ "this":{} } } } ] } } ``` In the above example, there are 2 types (`user` and `document`). The `document` type has 2 relations (`writer` and `reader`).

Parameters:

store_id (String)
id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(ReadAuthorizationModelResponse, Integer, Hash)>) —

ReadAuthorizationModelResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 813

def read_authorization_model_with_http_info(store_id, id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.read_authorization_model ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.read_authorization_model"
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling OpenFgaApi.read_authorization_model"
  end
  # resource path
  local_var_path = '/stores/{store_id}/authorization-models/{id}'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s)).sub('{' + 'id' + '}', CGI.escape(id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ReadAuthorizationModelResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.read_authorization_model",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#read_authorization_model\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#read_authorization_models(store_id, opts = {}) ⇒ `ReadAuthorizationModelsResponse`

Return all the authorization models for a particular store The ReadAuthorizationModels API will return all the authorization models for a certain store. OpenFGA’s response will contain an array of all authorization models, sorted in descending order of creation. ## Example Assume that a store’s authorization model has been configured twice. To get all the authorization models that have been created in this store, call GET authorization-models. The API will return a response that looks like: “‘json { "authorization_models": [ { "id": "01G50QVV17PECNVAHX1GG4Y5NC", "type_definitions": […] }, { "id": "01G4ZW8F4A07AKQ8RHSVG9RW04", "type_definitions": […] }, ], "continuation_token": "eyJwayI6IkxBVEVTVF9OU0NPTkZJR19hdXRoMHN0b3JlIiwic2siOiIxem1qbXF3MWZLZExTcUoyN01MdTdqTjh0cWgifQ==" } “` If there are no more authorization models available, the `continuation_token` field will be empty “`json { "authorization_models": [ { "id": "01G50QVV17PECNVAHX1GG4Y5NC", "type_definitions": […] }, { "id": "01G4ZW8F4A07AKQ8RHSVG9RW04", "type_definitions": […] }, ], "continuation_token": "" } “`

Parameters:

store_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:page_size (Integer)
:continuation_token (String)

Returns:

(ReadAuthorizationModelsResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 872

def read_authorization_models(store_id, opts = {})
  data, _status_code, _headers = read_authorization_models_with_http_info(store_id, opts)
  data
end

#read_authorization_models_with_http_info(store_id, opts = {}) ⇒ `Array<(ReadAuthorizationModelsResponse, Integer, Hash)>`

Return all the authorization models for a particular store The ReadAuthorizationModels API will return all the authorization models for a certain store. OpenFGA's response will contain an array of all authorization models, sorted in descending order of creation. ## Example Assume that a store's authorization model has been configured twice. To get all the authorization models that have been created in this store, call GET authorization-models. The API will return a response that looks like: ```json { "authorization_models": [ { "id": "01G50QVV17PECNVAHX1GG4Y5NC", "type_definitions": […] }, { "id": "01G4ZW8F4A07AKQ8RHSVG9RW04", "type_definitions": […] }, ], "continuation_token": "eyJwayI6IkxBVEVTVF9OU0NPTkZJR19hdXRoMHN0b3JlIiwic2siOiIxem1qbXF3MWZLZExTcUoyN01MdTdqTjh0cWgifQ==" } ``` If there are no more authorization models available, the `continuation_token` field will be empty ```json { "authorization_models": [ { "id": "01G50QVV17PECNVAHX1GG4Y5NC", "type_definitions": […] }, { "id": "01G4ZW8F4A07AKQ8RHSVG9RW04", "type_definitions": […] }, ], "continuation_token": "" } ```

Parameters:

store_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:page_size (Integer)
:continuation_token (String)

Returns:

(Array<(ReadAuthorizationModelsResponse, Integer, Hash)>) —

ReadAuthorizationModelsResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 884

def read_authorization_models_with_http_info(store_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.read_authorization_models ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.read_authorization_models"
  end
  # resource path
  local_var_path = '/stores/{store_id}/authorization-models'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page_size'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'continuation_token'] = opts[:'continuation_token'] if !opts[:'continuation_token'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ReadAuthorizationModelsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.read_authorization_models",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#read_authorization_models\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#read_changes(store_id, opts = {}) ⇒ `ReadChangesResponse`

Return a list of all the tuple changes The ReadChanges API will return a paginated list of tuple changes (additions and deletions) that occurred in a given store, sorted by ascending time. The response will include a continuation token that is used to get the next set of changes. If there are no changes after the provided continuation token, the same token will be returned in order for it to be used when new changes are recorded. If the store never had any tuples added or removed, this token will be empty. You can use the ‘type` parameter to only get the list of tuple changes that affect objects of that type. When reading a write tuple change, if it was conditioned, the condition will be returned. When reading a delete tuple change, the condition will NOT be returned regardless of whether it was originally conditioned or not.

Parameters:

store_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:type (String)
:page_size (Integer)
:continuation_token (String)
:start_time (Time) —

Start date and time of changes to read. Format: ISO 8601 timestamp (e.g., 2022-01-01T00:00:00Z) If a continuation_token is provided along side start_time, the continuation_token will take precedence over start_time.

Returns:

(ReadChangesResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 943

def read_changes(store_id, opts = {})
  data, _status_code, _headers = read_changes_with_http_info(store_id, opts)
  data
end

#read_changes_with_http_info(store_id, opts = {}) ⇒ `Array<(ReadChangesResponse, Integer, Hash)>`

Return a list of all the tuple changes The ReadChanges API will return a paginated list of tuple changes (additions and deletions) that occurred in a given store, sorted by ascending time. The response will include a continuation token that is used to get the next set of changes. If there are no changes after the provided continuation token, the same token will be returned in order for it to be used when new changes are recorded. If the store never had any tuples added or removed, this token will be empty. You can use the `type` parameter to only get the list of tuple changes that affect objects of that type. When reading a write tuple change, if it was conditioned, the condition will be returned. When reading a delete tuple change, the condition will NOT be returned regardless of whether it was originally conditioned or not.

Parameters:

store_id (String)
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:type (String)
:page_size (Integer)
:continuation_token (String)
:start_time (Time) —

Start date and time of changes to read. Format: ISO 8601 timestamp (e.g., 2022-01-01T00:00:00Z) If a continuation_token is provided along side start_time, the continuation_token will take precedence over start_time.

Returns:

(Array<(ReadChangesResponse, Integer, Hash)>) —

ReadChangesResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 957

def read_changes_with_http_info(store_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.read_changes ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.read_changes"
  end
  # resource path
  local_var_path = '/stores/{store_id}/changes'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'type'] = opts[:'type'] if !opts[:'type'].nil?
  query_params[:'page_size'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'continuation_token'] = opts[:'continuation_token'] if !opts[:'continuation_token'].nil?
  query_params[:'start_time'] = opts[:'start_time'] if !opts[:'start_time'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ReadChangesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.read_changes",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#read_changes\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#read_with_http_info(store_id, body, opts = {}) ⇒ `Array<(ReadResponse, Integer, Hash)>`

Get tuples from the store that matches a query, without following userset rewrite rules The Read API will return the tuples for a certain store that match a query filter specified in the body of the request. The API doesn't guarantee order by any field. It is different from the `/stores/store_id/expand` API in that it only returns relationship tuples that are stored in the system and satisfy the query. In the body: 1. `tuple_key` is optional. If not specified, it will return all tuples in the store. 2. `tuple_key.object` is mandatory if `tuple_key` is specified. It can be a full object (e.g., `type:object_id`) or type only (e.g., `type:`). 3. `tuple_key.user` is mandatory if tuple_key is specified in the case the `tuple_key.object` is a type only. If tuple_key.user is specified, it needs to be a full object (e.g., `type:user_id`). ## Examples ### Query for all objects in a type definition To query for all objects that `user:bob` has `reader` relationship in the `document` type definition, call read API with body of ```json { "tuple_key": { "user": "user:bob", "relation": "reader", "object": "document:" } } ``` The API will return tuples and a continuation token, something like ```json { "tuples": [ { "key": { "user": "user:bob", "relation": "reader", "object": "document:2021-budget" }, "timestamp": "2021-10-06T15:32:11.128Z" } ], "continuation_token": "eyJwayI6IkxBVEVTVF9OU0NPTkZJR19hdXRoMHN0b3JlIiwic2siOiIxem1qbXF3MWZLZExTcUoyN01MdTdqTjh0cWgifQ==" } ``` This means that `user:bob` has a `reader` relationship with 1 document `document:2021-budget`. Note that this API, unlike the List Objects API, does not evaluate the tuples in the store. The continuation token will be empty if there are no more tuples to query. ### Query for all stored relationship tuples that have a particular relation and object To query for all users that have `reader` relationship with `document:2021-budget`, call read API with body of ```json { "tuple_key": { "object": "document:2021-budget", "relation": "reader" } } ``` The API will return something like ```json { "tuples": [ { "key": { "user": "user:bob", "relation": "reader", "object": "document:2021-budget" }, "timestamp": "2021-10-06T15:32:11.128Z" } ], "continuation_token": "eyJwayI6IkxBVEVTVF9OU0NPTkZJR19hdXRoMHN0b3JlIiwic2siOiIxem1qbXF3MWZLZExTcUoyN01MdTdqTjh0cWgifQ==" } ``` This means that `document:2021-budget` has 1 `reader` (`user:bob`). Note that, even if the model said that all `writers` are also `readers`, the API will not return writers such as `user:anne` because it only returns tuples and does not evaluate them. ### Query for all users with all relationships for a particular document To query for all users that have any relationship with `document:2021-budget`, call read API with body of ```json { "tuple_key": { "object": "document:2021-budget" } } ``` The API will return something like ```json { "tuples": [ { "key": { "user": "user:anne", "relation": "writer", "object": "document:2021-budget" }, "timestamp": "2021-10-05T13:42:12.356Z" }, { "key": { "user": "user:bob", "relation": "reader", "object": "document:2021-budget" }, "timestamp": "2021-10-06T15:32:11.128Z" } ], "continuation_token": "eyJwayI6IkxBVEVTVF9OU0NPTkZJR19hdXRoMHN0b3JlIiwic2siOiIxem1qbXF3MWZLZExTcUoyN01MdTdqTjh0cWgifQ==" } ``` This means that `document:2021-budget` has 1 `reader` (`user:bob`) and 1 `writer` (`user:anne`).

Parameters:

store_id (String)
body (ReadRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(ReadResponse, Integer, Hash)>) —

ReadResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 670

def read_with_http_info(store_id, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.read ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.read"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.read"
  end
  # resource path
  local_var_path = '/stores/{store_id}/read'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ReadResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.read",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#read\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#write(store_id, body, opts = {}) ⇒ `Object`

Add or delete tuples from the store The Write API will transactionally update the tuples for a certain store. Tuples and type definitions allow OpenFGA to determine whether a relationship exists between an object and an user. In the body, ‘writes` adds new tuples and `deletes` removes existing tuples. When deleting a tuple, any `condition` specified with it is ignored. The API is not idempotent by default: if, later on, you try to add the same tuple key (even if the `condition` is different), or if you try to delete a non-existing tuple, it will throw an error. To allow writes when an identical tuple already exists in the database, set `"on_duplicate": "ignore"` on the `writes` object. To allow deletes when a tuple was already removed from the database, set `"on_missing": "ignore"` on the `deletes` object. If a Write request contains both idempotent (ignore) and non-idempotent (error) operations, the most restrictive action (error) will take precedence. If a condition fails for a sub-request with an error flag, the entire transaction will be rolled back. This gives developers explicit control over the atomicity of the requests. The API will not allow you to write tuples such as `document:2021-budget#viewer@document:2021-budget#viewer`, because they are implicit. An `authorization_model_id` may be specified in the body. If it is, it will be used to assert that each written tuple (not deleted) is valid for the model specified. If it is not specified, the latest authorization model ID will be used. ## Example ### Adding relationships To add `user:anne` as a `writer` for `document:2021-budget`, call write API with the following “`json { "writes": { "tuple_keys": [ { "user": "user:anne", "relation": "writer", "object": "document:2021-budget" } ], "on_duplicate": "ignore" }, "authorization_model_id": "01G50QVV17PECNVAHX1GG4Y5NC" } “` ### Removing relationships To remove `user:bob` as a `reader` for `document:2021-budget`, call write API with the following “`json { "deletes": { "tuple_keys": [ { "user": "user:bob", "relation": "reader", "object": "document:2021-budget" } ], "on_missing": "ignore" } } “`

Parameters:

store_id (String)
body (WriteRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Object)

# File 'lib/openfga/api/open_fga_api.rb', line 1015

def write(store_id, body, opts = {})
  data, _status_code, _headers = write_with_http_info(store_id, body, opts)
  data
end

#write_assertions(store_id, authorization_model_id, body, opts = {}) ⇒ `nil`

Upsert assertions for an authorization model ID The WriteAssertions API will upsert new assertions for an authorization model id, or overwrite the existing ones. An assertion is an object that contains a tuple key, the expectation of whether a call to the Check API of that tuple key will return true or false, and optionally a list of contextual tuples.

Parameters:

store_id (String)
authorization_model_id (String)
body (WriteAssertionsRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(nil)

# File 'lib/openfga/api/open_fga_api.rb', line 1090

def write_assertions(store_id, authorization_model_id, body, opts = {})
  write_assertions_with_http_info(store_id, authorization_model_id, body, opts)
  nil
end

#write_assertions_with_http_info(store_id, authorization_model_id, body, opts = {}) ⇒ `Array<(nil, Integer, Hash)>`

Parameters:

store_id (String)
authorization_model_id (String)
body (WriteAssertionsRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(nil, Integer, Hash)>) —

nil, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 1102

def write_assertions_with_http_info(store_id, authorization_model_id, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.write_assertions ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.write_assertions"
  end
  # verify the required parameter 'authorization_model_id' is set
  if @api_client.config.client_side_validation && authorization_model_id.nil?
    fail ArgumentError, "Missing the required parameter 'authorization_model_id' when calling OpenFgaApi.write_assertions"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.write_assertions"
  end
  # resource path
  local_var_path = '/stores/{store_id}/assertions/{authorization_model_id}'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s)).sub('{' + 'authorization_model_id' + '}', CGI.escape(authorization_model_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.write_assertions",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:PUT, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#write_assertions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#write_authorization_model(store_id, body, opts = {}) ⇒ `WriteAuthorizationModelResponse`

Create a new authorization model The WriteAuthorizationModel API will add a new authorization model to a store. Each item in the ‘type_definitions` array is a type definition as specified in the field `type_definition`. The response will return the authorization model’s ID in the ‘id` field. ## Example To add an authorization model with `user` and `document` type definitions, call POST authorization-models API with the body: “`json { "type_definitions":[ { "type":"user" }, { "type":"document", "relations":{ "reader":{ "union":{ "child":[ { "this":{} }, { "computedUserset":{ "object":"", "relation":"writer" } } ] } }, "writer":{ "this":{} } } } ] } “` OpenFGA’s response will include the version id for this authorization model, which will look like “‘ "01G50QVV17PECNVAHX1GG4Y5NC" “`

Parameters:

store_id (String)
body (WriteAuthorizationModelRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(WriteAuthorizationModelResponse)

# File 'lib/openfga/api/open_fga_api.rb', line 1169

def write_authorization_model(store_id, body, opts = {})
  data, _status_code, _headers = write_authorization_model_with_http_info(store_id, body, opts)
  data
end

#write_authorization_model_with_http_info(store_id, body, opts = {}) ⇒ `Array<(WriteAuthorizationModelResponse, Integer, Hash)>`

Create a new authorization model The WriteAuthorizationModel API will add a new authorization model to a store. Each item in the `type_definitions` array is a type definition as specified in the field `type_definition`. The response will return the authorization model's ID in the `id` field. ## Example To add an authorization model with `user` and `document` type definitions, call POST authorization-models API with the body: ```json { "type_definitions":[ { "type":"user" }, { "type":"document", "relations":{ "reader":{ "union":{ "child":[ { "this":{} }, { "computedUserset":{ "object":"", "relation":"writer" } } ] } }, "writer":{ "this":{} } } } ] } ``` OpenFGA's response will include the version id for this authorization model, which will look like ``` "01G50QVV17PECNVAHX1GG4Y5NC" ```

Parameters:

store_id (String)
body (WriteAuthorizationModelRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(WriteAuthorizationModelResponse, Integer, Hash)>) —

WriteAuthorizationModelResponse data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 1180

def write_authorization_model_with_http_info(store_id, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.write_authorization_model ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.write_authorization_model"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.write_authorization_model"
  end
  # resource path
  local_var_path = '/stores/{store_id}/authorization-models'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'WriteAuthorizationModelResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.write_authorization_model",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#write_authorization_model\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#write_with_http_info(store_id, body, opts = {}) ⇒ `Array<(Object, Integer, Hash)>`

Add or delete tuples from the store The Write API will transactionally update the tuples for a certain store. Tuples and type definitions allow OpenFGA to determine whether a relationship exists between an object and an user. In the body, `writes` adds new tuples and `deletes` removes existing tuples. When deleting a tuple, any `condition` specified with it is ignored. The API is not idempotent by default: if, later on, you try to add the same tuple key (even if the `condition` is different), or if you try to delete a non-existing tuple, it will throw an error. To allow writes when an identical tuple already exists in the database, set `"on_duplicate": "ignore"` on the `writes` object. To allow deletes when a tuple was already removed from the database, set `"on_missing": "ignore"` on the `deletes` object. If a Write request contains both idempotent (ignore) and non-idempotent (error) operations, the most restrictive action (error) will take precedence. If a condition fails for a sub-request with an error flag, the entire transaction will be rolled back. This gives developers explicit control over the atomicity of the requests. The API will not allow you to write tuples such as `document:2021-budget#viewer@document:2021-budget#viewer`, because they are implicit. An `authorization_model_id` may be specified in the body. If it is, it will be used to assert that each written tuple (not deleted) is valid for the model specified. If it is not specified, the latest authorization model ID will be used. ## Example ### Adding relationships To add `user:anne` as a `writer` for `document:2021-budget`, call write API with the following ```json { "writes": { "tuple_keys": [ { "user": "user:anne", "relation": "writer", "object": "document:2021-budget" } ], "on_duplicate": "ignore" }, "authorization_model_id": "01G50QVV17PECNVAHX1GG4Y5NC" } ``` ### Removing relationships To remove `user:bob` as a `reader` for `document:2021-budget`, call write API with the following ```json { "deletes": { "tuple_keys": [ { "user": "user:bob", "relation": "reader", "object": "document:2021-budget" } ], "on_missing": "ignore" } } ```

Parameters:

store_id (String)
body (WriteRequest)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(Object, Integer, Hash)>) —

Object data, response status code and response headers

# File 'lib/openfga/api/open_fga_api.rb', line 1026

def write_with_http_info(store_id, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: OpenFgaApi.write ...'
  end
  # verify the required parameter 'store_id' is set
  if @api_client.config.client_side_validation && store_id.nil?
    fail ArgumentError, "Missing the required parameter 'store_id' when calling OpenFgaApi.write"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling OpenFgaApi.write"
  end
  # resource path
  local_var_path = '/stores/{store_id}/write'.sub('{' + 'store_id' + '}', CGI.escape(store_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'Object'

  # auth_names
  auth_names = opts[:debug_auth_names] || []

  new_options = opts.merge(
    operation: :"OpenFgaApi.write",
    header_params:,
    query_params:,
    form_params:,
    body: post_body,
    auth_names:,
    return_type:
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: OpenFgaApi#write\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

Class: OpenFga::OpenFgaApi

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(api_client = ApiClient.default) ⇒ OpenFgaApi

Instance Attribute Details

#api_client ⇒ Object

Instance Method Details

#batch_check(store_id, body, opts = {}) ⇒ BatchCheckResponse

#batch_check_with_http_info(store_id, body, opts = {}) ⇒ Array<(BatchCheckResponse, Integer, Hash)>

#check(store_id, body, opts = {}) ⇒ CheckResponse

#check_with_http_info(store_id, body, opts = {}) ⇒ Array<(CheckResponse, Integer, Hash)>

#create_store(body, opts = {}) ⇒ CreateStoreResponse

#create_store_with_http_info(body, opts = {}) ⇒ Array<(CreateStoreResponse, Integer, Hash)>

#delete_store(store_id, opts = {}) ⇒ nil

#delete_store_with_http_info(store_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

#expand(store_id, body, opts = {}) ⇒ ExpandResponse

#expand_with_http_info(store_id, body, opts = {}) ⇒ Array<(ExpandResponse, Integer, Hash)>

#get_store(store_id, opts = {}) ⇒ GetStoreResponse

#get_store_with_http_info(store_id, opts = {}) ⇒ Array<(GetStoreResponse, Integer, Hash)>

#list_objects(store_id, body, opts = {}) ⇒ ListObjectsResponse

#list_objects_with_http_info(store_id, body, opts = {}) ⇒ Array<(ListObjectsResponse, Integer, Hash)>

#list_stores(opts = {}) ⇒ ListStoresResponse

#list_stores_with_http_info(opts = {}) ⇒ Array<(ListStoresResponse, Integer, Hash)>

#list_users(store_id, body, opts = {}) ⇒ ListUsersResponse

#list_users_with_http_info(store_id, body, opts = {}) ⇒ Array<(ListUsersResponse, Integer, Hash)>

#read(store_id, body, opts = {}) ⇒ ReadResponse

#read_assertions(store_id, authorization_model_id, opts = {}) ⇒ ReadAssertionsResponse

#read_assertions_with_http_info(store_id, authorization_model_id, opts = {}) ⇒ Array<(ReadAssertionsResponse, Integer, Hash)>

#read_authorization_model(store_id, id, opts = {}) ⇒ ReadAuthorizationModelResponse

#read_authorization_model_with_http_info(store_id, id, opts = {}) ⇒ Array<(ReadAuthorizationModelResponse, Integer, Hash)>

#read_authorization_models(store_id, opts = {}) ⇒ ReadAuthorizationModelsResponse

#read_authorization_models_with_http_info(store_id, opts = {}) ⇒ Array<(ReadAuthorizationModelsResponse, Integer, Hash)>

#read_changes(store_id, opts = {}) ⇒ ReadChangesResponse

#read_changes_with_http_info(store_id, opts = {}) ⇒ Array<(ReadChangesResponse, Integer, Hash)>

#read_with_http_info(store_id, body, opts = {}) ⇒ Array<(ReadResponse, Integer, Hash)>

#write(store_id, body, opts = {}) ⇒ Object

#write_assertions(store_id, authorization_model_id, body, opts = {}) ⇒ nil

#write_assertions_with_http_info(store_id, authorization_model_id, body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

#write_authorization_model(store_id, body, opts = {}) ⇒ WriteAuthorizationModelResponse

#write_authorization_model_with_http_info(store_id, body, opts = {}) ⇒ Array<(WriteAuthorizationModelResponse, Integer, Hash)>

#write_with_http_info(store_id, body, opts = {}) ⇒ Array<(Object, Integer, Hash)>

#initialize(api_client = ApiClient.default) ⇒ `OpenFgaApi`

#api_client ⇒ `Object`

#batch_check(store_id, body, opts = {}) ⇒ `BatchCheckResponse`

#batch_check_with_http_info(store_id, body, opts = {}) ⇒ `Array<(BatchCheckResponse, Integer, Hash)>`

#check(store_id, body, opts = {}) ⇒ `CheckResponse`

#check_with_http_info(store_id, body, opts = {}) ⇒ `Array<(CheckResponse, Integer, Hash)>`

#create_store(body, opts = {}) ⇒ `CreateStoreResponse`

#create_store_with_http_info(body, opts = {}) ⇒ `Array<(CreateStoreResponse, Integer, Hash)>`

#delete_store(store_id, opts = {}) ⇒ `nil`

#delete_store_with_http_info(store_id, opts = {}) ⇒ `Array<(nil, Integer, Hash)>`

#expand(store_id, body, opts = {}) ⇒ `ExpandResponse`

#expand_with_http_info(store_id, body, opts = {}) ⇒ `Array<(ExpandResponse, Integer, Hash)>`

#get_store(store_id, opts = {}) ⇒ `GetStoreResponse`

#get_store_with_http_info(store_id, opts = {}) ⇒ `Array<(GetStoreResponse, Integer, Hash)>`

#list_objects(store_id, body, opts = {}) ⇒ `ListObjectsResponse`

#list_objects_with_http_info(store_id, body, opts = {}) ⇒ `Array<(ListObjectsResponse, Integer, Hash)>`

#list_stores(opts = {}) ⇒ `ListStoresResponse`

#list_stores_with_http_info(opts = {}) ⇒ `Array<(ListStoresResponse, Integer, Hash)>`

#list_users(store_id, body, opts = {}) ⇒ `ListUsersResponse`

#list_users_with_http_info(store_id, body, opts = {}) ⇒ `Array<(ListUsersResponse, Integer, Hash)>`

#read(store_id, body, opts = {}) ⇒ `ReadResponse`

#read_assertions(store_id, authorization_model_id, opts = {}) ⇒ `ReadAssertionsResponse`

#read_assertions_with_http_info(store_id, authorization_model_id, opts = {}) ⇒ `Array<(ReadAssertionsResponse, Integer, Hash)>`

#read_authorization_model(store_id, id, opts = {}) ⇒ `ReadAuthorizationModelResponse`

#read_authorization_model_with_http_info(store_id, id, opts = {}) ⇒ `Array<(ReadAuthorizationModelResponse, Integer, Hash)>`

#read_authorization_models(store_id, opts = {}) ⇒ `ReadAuthorizationModelsResponse`

#read_authorization_models_with_http_info(store_id, opts = {}) ⇒ `Array<(ReadAuthorizationModelsResponse, Integer, Hash)>`

#read_changes(store_id, opts = {}) ⇒ `ReadChangesResponse`

#read_changes_with_http_info(store_id, opts = {}) ⇒ `Array<(ReadChangesResponse, Integer, Hash)>`

#read_with_http_info(store_id, body, opts = {}) ⇒ `Array<(ReadResponse, Integer, Hash)>`

#write(store_id, body, opts = {}) ⇒ `Object`

#write_assertions(store_id, authorization_model_id, body, opts = {}) ⇒ `nil`

#write_assertions_with_http_info(store_id, authorization_model_id, body, opts = {}) ⇒ `Array<(nil, Integer, Hash)>`

#write_authorization_model(store_id, body, opts = {}) ⇒ `WriteAuthorizationModelResponse`

#write_authorization_model_with_http_info(store_id, body, opts = {}) ⇒ `Array<(WriteAuthorizationModelResponse, Integer, Hash)>`

#write_with_http_info(store_id, body, opts = {}) ⇒ `Array<(Object, Integer, Hash)>`