Class: Privy::Services::Policies

Inherits:

Resources::Policies

• Object
• Resources::Policies
• Privy::Services::Policies

Defined in:

lib/privy/public_api/services/policies.rb

Instance Attribute Summary

• #privy_client ⇒ Object readonly

  Returns the value of attribute privy_client.

Instance Method Summary

• #create(policy_create_params:, idempotency_key: nil, request_options: nil) ⇒ Privy::Models::Policy

  Create a new policy with rules for a given chain type.

• #create_rule(policy_id, policy_create_rule_params:, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::PolicyRuleResponse

  Create a new rule for a policy.

• #delete(policy_id, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::SuccessResponse

  Delete a policy by policy ID.

• #delete_rule(rule_id, policy_id:, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::SuccessResponse

  Delete a rule by policy ID and rule ID.

• #initialize(client:, privy_client:) ⇒ Policies constructor

  A new instance of Policies.

• #update(policy_id, policy_update_params:, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::Policy

  Update a policy by policy ID.

• #update_rule(rule_id, policy_id:, policy_update_rule_params:, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::PolicyRuleResponse

  Update a rule by policy ID and rule ID.

Methods inherited from Resources::Policies

#get, #get_rule

Constructor Details

#initialize(client:, privy_client:) ⇒ Policies

Returns a new instance of Policies.

# File 'lib/privy/public_api/services/policies.rb', line 8

def initialize(client:, privy_client:)
  super(client: client)
  @privy_client = privy_client
end

Instance Attribute Details

#privy_client ⇒ Object (readonly)

Returns the value of attribute privy_client.

# File 'lib/privy/public_api/services/policies.rb', line 6

def privy_client
  @privy_client
end

Instance Method Details

#create(policy_create_params:, idempotency_key: nil, request_options: nil) ⇒ Privy::Models::Policy

Create a new policy with rules for a given chain type.

Examples:

Create a policy restricting ETH transfer value

client.policies.create(policy_create_params: {
  version: "1.0",
  name: "Native token transfer maximums",
  chain_type: "ethereum",
  rules: [{
    name: "Restrict ETH transfers to a maximum value",
    method: "eth_sendTransaction",
    action: "ALLOW",
    conditions: [{
      field_source: "ethereum_transaction",
      field: "value",
      operator: "lte",
      value: "0x2386F26FC10000"
    }]
  }]
})

Parameters:

• policy_create_params (Hash) —

  Body parameters for policy creation.

• idempotency_key (String, nil) (defaults to: nil) —

  Ensures the request is executed only once.

• request_options (Privy::RequestOptions, Hash, nil) (defaults to: nil) —

  Transport-level config (timeouts, retries).

Options Hash (policy_create_params:):

• :version (String) —

  Policy version (required, e.g. “1.0”).

• :name (String) —

  Name to assign to the policy (required).

• :chain_type (String) —

  Chain type the policy applies to (required).

• :rules (Array<Hash>) —

  Array of rule objects (required).

• :owner (Hash, nil) —

  Owner specified as user_id: or public_key:.

• :owner_id (String, nil) —

  Key quorum ID to set as owner.

Returns:

• (Privy::Models::Policy)

# File 'lib/privy/public_api/services/policies.rb', line 44

def create(policy_create_params:, idempotency_key: nil, request_options: nil)
  combined_params = policy_create_params.merge(request_options: request_options)
  combined_params[:privy_idempotency_key] = idempotency_key if idempotency_key
  super(combined_params)
end

#create_rule(policy_id, policy_create_rule_params:, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::PolicyRuleResponse

Create a new rule for a policy.

Examples:

Add an allowlist rule to a policy

client.policies.create_rule("policy-id", policy_create_rule_params: {
  name: "Allow transfers to known address",
  method: "eth_sendTransaction",
  action: "ALLOW",
  conditions: [{
    field_source: "ethereum_transaction",
    field: "to",
    operator: "eq",
    value: "0x0000000000000000000000000000000000000001"
  }]
}, authorization_context: ctx)

Parameters:

• policy_id (String) —

  ID of the policy to add the rule to.

• policy_create_rule_params (Hash) —

  Body parameters for rule creation.

• authorization_context (Privy::Authorization::AuthorizationContext, nil) (defaults to: nil) —

  Authorization context for owned policies.

• request_expiry (Integer, nil) (defaults to: nil) —

  Absolute Unix-ms timestamp at which the request expires. Defaults to the value computed by the client’s PrivyRequestExpiryOptions.

• request_options (Privy::RequestOptions, Hash, nil) (defaults to: nil) —

  Transport-level config (timeouts, retries).

Options Hash (policy_create_rule_params:):

• :name (String) —

  Rule name (required).

• :method (String) —

  RPC method the rule applies to (required).

• :action (String) —

  Action when the rule matches (“ALLOW” or “DENY”, required).

• :conditions (Array<Hash>) —

  Array of condition objects (required).

Returns:

• (Privy::Models::PolicyRuleResponse)

# File 'lib/privy/public_api/services/policies.rb', line 147

def create_rule(policy_id, policy_create_rule_params:, authorization_context: nil, request_expiry: nil, request_options: nil)
  prepared = Privy::Authorization.prepare_request(
    privy_client,
    method: :post,
    url: Privy::Authorization.signed_url(privy_client, "v1/policies/#{policy_id}/rules"),
    body: policy_create_rule_params,
    authorization_context: authorization_context,
    request_expiry: privy_client.compute_request_expiry(request_expiry)
  )
  combined_params = policy_create_rule_params.merge(request_options: request_options)
  Privy::Authorization.merge_prepared_headers!(combined_params, prepared.headers)
  super(policy_id, combined_params)
end

#delete(policy_id, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::SuccessResponse

Delete a policy by policy ID.

Examples:

Delete an ownerless policy

client.policies.delete("policy-id")

Delete an owned policy (requires authorization)

client.policies.delete("policy-id", authorization_context: ctx)

Parameters:

• policy_id (String) —

  ID of the policy to delete.

• authorization_context (Privy::Authorization::AuthorizationContext, nil) (defaults to: nil) —

  Authorization context for owned policies.

• request_expiry (Integer, nil) (defaults to: nil) —

  Absolute Unix-ms timestamp at which the request expires. Defaults to the value computed by the client’s PrivyRequestExpiryOptions.

• request_options (Privy::RequestOptions, Hash, nil) (defaults to: nil) —

  Transport-level config (timeouts, retries).

Returns:

• (Privy::Models::SuccessResponse)

# File 'lib/privy/public_api/services/policies.rb', line 105

def delete(policy_id, authorization_context: nil, request_expiry: nil, request_options: nil)
  prepared = Privy::Authorization.prepare_request(
    privy_client,
    method: :delete,
    url: Privy::Authorization.signed_url(privy_client, "v1/policies/#{policy_id}"),
    body: "",
    authorization_context: authorization_context,
    request_expiry: privy_client.compute_request_expiry(request_expiry)
  )
  combined_params = {request_options: request_options}
  Privy::Authorization.merge_prepared_headers!(combined_params, prepared.headers)
  super(policy_id, combined_params)
end

#delete_rule(rule_id, policy_id:, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::SuccessResponse

Delete a rule by policy ID and rule ID.

Examples:

Delete a rule from a policy

client.policies.delete_rule("rule-id", policy_id: "policy-id",
  authorization_context: ctx)

Parameters:

• rule_id (String) —

  ID of the rule to delete.

• policy_id (String) —

  ID of the policy the rule belongs to.

• authorization_context (Privy::Authorization::AuthorizationContext, nil) (defaults to: nil) —

  Authorization context for owned policies.

• request_expiry (Integer, nil) (defaults to: nil) —

  Absolute Unix-ms timestamp at which the request expires. Defaults to the value computed by the client’s PrivyRequestExpiryOptions.

• request_options (Privy::RequestOptions, Hash, nil) (defaults to: nil) —

  Transport-level config (timeouts, retries).

Returns:

• (Privy::Models::SuccessResponse)

# File 'lib/privy/public_api/services/policies.rb', line 230

def delete_rule(rule_id, policy_id:, authorization_context: nil, request_expiry: nil, request_options: nil)
  prepared = Privy::Authorization.prepare_request(
    privy_client,
    method: :delete,
    url: Privy::Authorization.signed_url(privy_client, "v1/policies/#{policy_id}/rules/#{rule_id}"),
    body: "",
    authorization_context: authorization_context,
    request_expiry: privy_client.compute_request_expiry(request_expiry)
  )
  combined_params = {policy_id: policy_id, request_options: request_options}
  Privy::Authorization.merge_prepared_headers!(combined_params, prepared.headers)
  super(rule_id, combined_params)
end

#update(policy_id, policy_update_params:, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::Policy

Update a policy by policy ID.

Examples:

Update policy owner to a P-256 key

client.policies.update("policy-id", policy_update_params: {
  owner: {public_key: base64_p256_public_key}
})

Remove policy owner (requires authorization)

client.policies.update("policy-id", policy_update_params: {
  owner: nil
}, authorization_context: ctx)

Parameters:

• policy_id (String) —

  ID of the policy to update.

• policy_update_params (Hash) —

  Body parameters for the update.

• authorization_context (Privy::Authorization::AuthorizationContext, nil) (defaults to: nil) —

  Authorization context for owned policies.

• request_expiry (Integer, nil) (defaults to: nil) —

  Absolute Unix-ms timestamp at which the request expires. Defaults to the value computed by the client’s PrivyRequestExpiryOptions.

• request_options (Privy::RequestOptions, Hash, nil) (defaults to: nil) —

  Transport-level config (timeouts, retries).

Options Hash (policy_update_params:):

• :name (String, nil) —

  New name for the policy.

• :owner (Hash, nil) —

  New owner specified as user_id: or public_key:. Set to nil to remove.

• :owner_id (String, nil) —

  Key quorum ID to set as owner.

• :rules (Array<Hash>, nil) —

  New rules for the policy.

Returns:

• (Privy::Models::Policy)

# File 'lib/privy/public_api/services/policies.rb', line 75

def update(policy_id, policy_update_params:, authorization_context: nil, request_expiry: nil, request_options: nil)
  prepared = Privy::Authorization.prepare_request(
    privy_client,
    method: :patch,
    url: Privy::Authorization.signed_url(privy_client, "v1/policies/#{policy_id}"),
    body: policy_update_params,
    authorization_context: authorization_context,
    request_expiry: privy_client.compute_request_expiry(request_expiry)
  )
  combined_params = policy_update_params.merge(request_options: request_options)
  Privy::Authorization.merge_prepared_headers!(combined_params, prepared.headers)
  super(policy_id, combined_params)
end

#update_rule(rule_id, policy_id:, policy_update_rule_params:, authorization_context: nil, request_expiry: nil, request_options: nil) ⇒ Privy::Models::PolicyRuleResponse

Update a rule by policy ID and rule ID.

Examples:

Update a rule’s action to DENY

client.policies.update_rule("rule-id", policy_id: "policy-id",
  policy_update_rule_params: {
    name: "Updated rule",
    method: "eth_sendTransaction",
    action: "DENY",
    conditions: [{
      field_source: "ethereum_transaction",
      field: "to",
      operator: "eq",
      value: "0x0000000000000000000000000000000000000001"
    }]
  }, authorization_context: ctx)

Parameters:

• rule_id (String) —

  ID of the rule to update.

• policy_id (String) —

  ID of the policy the rule belongs to.

• policy_update_rule_params (Hash) —

  Body parameters for the rule update.

• authorization_context (Privy::Authorization::AuthorizationContext, nil) (defaults to: nil) —

  Authorization context for owned policies.

• request_expiry (Integer, nil) (defaults to: nil) —

  Absolute Unix-ms timestamp at which the request expires. Defaults to the value computed by the client’s PrivyRequestExpiryOptions.

• request_options (Privy::RequestOptions, Hash, nil) (defaults to: nil) —

  Transport-level config (timeouts, retries).

Options Hash (policy_update_rule_params:):

• :name (String) —

  Rule name (required).

• :method (String) —

  RPC method the rule applies to (required).

• :action (String) —

  Action when the rule matches (“ALLOW” or “DENY”, required).

• :conditions (Array<Hash>) —

  Array of condition objects (required).

Returns:

• (Privy::Models::PolicyRuleResponse)

# File 'lib/privy/public_api/services/policies.rb', line 191

def update_rule(
  rule_id,
  policy_id:,
  policy_update_rule_params:,
  authorization_context: nil,
  request_expiry: nil,
  request_options: nil
)
  prepared = Privy::Authorization.prepare_request(
    privy_client,
    method: :patch,
    url: Privy::Authorization.signed_url(privy_client, "v1/policies/#{policy_id}/rules/#{rule_id}"),
    body: policy_update_rule_params,
    authorization_context: authorization_context,
    request_expiry: privy_client.compute_request_expiry(request_expiry)
  )
  combined_params = policy_update_rule_params.merge(
    policy_id: policy_id,
    request_options: request_options
  )
  Privy::Authorization.merge_prepared_headers!(combined_params, prepared.headers)
  super(rule_id, combined_params)
end