import { Credential } from '../client/adminApiClient'; /** * Representation of an entitlement */ export interface Entitlement { /** * Name of the entitlement */ name: string; /** * Description, if any, of the entitlement */ description?: string; /** * Value of the entitlement. */ value: number; } /** * Representation of an entitlement definition */ export interface EntitlementDefinition { /** * Name of the entitlement */ name: string; /** * Description, if any, of the entitlement */ description?: string; /** * Type of the entitlement. */ type: 'numeric' | 'boolean'; /** * Whether or not this entitlement is expendable */ expendable: boolean; } /** * Set of entitlements current for the user */ export interface EntitlementsSet { /** * Time at which the entitlements for the user was originally created */ createdAt: Date; /** * Time at which the entitlements for the user were most recently updated. */ updatedAt: Date; /** * Version number of the user's entitlements. This is incremented every * time there is a change of entitlements set or explicit entitlements * for this user. */ version: number; /** * Name of the entitlements set specifying this user's entitlements * or the user's subject ID if the user's entitlements are specified * explicitly rather than by entitlements set name. */ name: string; /** * Description, if any, of the entitlements set as specified by the entitlements * set administrator or undefined if user's entitlements are specified explicitly * rather than by entitlements set name. */ description?: string; /** * The set of entitlements active for the user. This details the limits * of the user's entitlements and does not specify any information regarding * current consumption of those entitlements. */ entitlements: Entitlement[]; } /** * Entitled user. */ export interface EntitledUser { /** * External IDP identifier identifying the user */ externalId: string; } /** * Input when creating a new entitlements set */ export type NewEntitlementsSet = Omit; /** * Paginated entitlements sets result */ export interface EntitlementsSetsConnection { /** * Entitlements sets in this page. May be empty even if there * are more entitlements to come. */ items: EntitlementsSet[]; /** * If defined, a further call to listEntitlementsSets is required * to complete the full list of entitlements sets. */ nextToken?: string; } /** * Paginated entitlement definition result */ export interface EntitlementDefinitionConnection { /** * Entitlements definitions in this page. */ items: EntitlementDefinition[]; /** * If defined, a further call to listEntitlementDefinitions is required * to complete the full list of entitlements definitions. */ nextToken?: string; } /** * Definition of a single transition within an entitlements sequence */ export interface EntitlementsSequenceTransition { /** * Name of entitlements set. */ entitlementsSetName: string; /** * ISO8601 period string - if not specified then this transition * is the final state for all users on the sequence. */ duration?: string; } /** * Definition of a sequence of entitlements sets through which a user will transition */ export interface EntitlementsSequence { /** * Time at which the entitlements sequence was originally created */ createdAt: Date; /** * Time at which the entitlements sequence was most recently updated. */ updatedAt: Date; /** * Version number of the entitlements sequence. This is incremented every * time there is a change to this entitlements sequence. */ version: number; /** * Name of this entitlements sequence. */ name: string; /** * Description, if any, of the entitlements sequence as specified by the entitlements * administrator. */ description?: string; /** * The sequence of transitions a user will go through in order. */ transitions: EntitlementsSequenceTransition[]; } /** * Paginated entitlements sequences result */ export interface EntitlementsSequencesConnection { /** * Entitlements sequences in this page. May be empty even if there * are more sequences to come. */ items: EntitlementsSequence[]; /** * If defined, a further call to listEntitlementsSequences is required * to complete the full list of entitlements sequences. */ nextToken?: string; } /** * ID of individual entitlement consumer. A different * consumer is specified for each consumption record * for "per something" entitlements. The issuer, identifies * the source of the consumer. For example, consumption of * a "per Sudo" entitlement will have a consumption record * for each Sudo that has consumed the entitlement with a * consumer identifying each such Sudo. */ export interface EntitlementConsumer { /** * ID of the consumer */ id: string; /** * Issuing service of the ID. */ issuer: string; } /** * Entitlement consumption information */ export interface EntitlementConsumption { /** * Name of the entitlement */ name: string; /** * Value of the entitlement. */ value: number; /** * Remaining amount of entitlement */ available: number; /** * Consumed amount of entitlement */ consumed: number; /** * The time at which this entitlement was first consumed */ firstConsumedAtEpochMs?: number; /** * The most recent time at which this entitlement was consumed */ lastConsumedAtEpochMs?: number; /** * Consumer to whom this record pertains. * If not present, consumption is at the user level. */ consumer?: EntitlementConsumer; } /** * Entitlements of a user. */ export interface ExternalUserEntitlements { /** * Time of initial creation of user entitlements mapping. */ createdAt: Date; /** * Time of last updates of user entitlements mapping. */ updatedAt: Date; /** * Version number of the user's entitlements. This is incremented every * time there is a change of entitlements set or explicit entitlements * for this user. * * For users entitled by entitlement set, the fractional part of this version * specifies the version of the entitlements set itself. Entitlements set version * is divided by 100000 then added to the user entitlements version * * This ensures that the version of user entitlements always increases mon */ version: number; /** * External IDP identifier identifying the user */ externalId: string; /** * Sudo Platform owner. This value matches the subject in identity * tokens used to authenticate to Sudo Platform services. Will not * be present if the user has not yet redeemed their identity token * with the entitlements service. */ owner?: string; /** * Name of the entitlements set specified for this user. Will be undefined * if entitlements have been specified explicitly rather than by an * entitlements set. */ entitlementsSetName?: string; entitlementsSequenceName?: string; /** * Effective entitlements for the user either obtained from the entitlements * set or as specified explicitly for this user. */ entitlements: Entitlement[]; /** * User's expendable entitlements. */ expendableEntitlements: Entitlement[]; /** * Date from when user's transitions should * be calculated. Defaults to current time. */ transitionsRelativeTo?: Date; } /** * Operation error for a particular operation of one of the * bulk applyEntitlements*ToUsers methods. */ export interface ExternalUserEntitlementsError { /** * Error of failure for the particular operation */ error: Error; } /** * Individual operation result for the bulk applyEntitlements*ToUsers * methods */ export type ExternalUserEntitlementsResult = ExternalUserEntitlements | ExternalUserEntitlementsError; /** * Type guard for ExternalUserEntitlementsResult union type * @param u ExternalUserEntitlementsResult to check * @returns Whether or not u is an ExternalUserEntitlementsError */ export declare function isExternalUserEntitlementsError(u: ExternalUserEntitlementsResult): u is ExternalUserEntitlementsError; /** * Entitlements consumption information */ export interface ExternalEntitlementsConsumption { entitlements: ExternalUserEntitlements; /** * Entitlement consumption information for each of a user's * entitlements. If there is no entry for an entitlement, * none of the entitlement has been consumed. */ consumption: EntitlementConsumption[]; } /** * Client responsible for establishing entitlements of federated identities. * * @beta */ export interface SudoEntitlementsAdminClient { /** * Get an entitlements set * * @param name Name of the entitlements set to return * * @returns Named entitlements set or undefined if no entitlements set * of the specified name has been defined. */ getEntitlementsSet(name: string): Promise; /** * List all entitlements sets * * Call again with a token parameter to continue paginated listing * * @param token Optional token from which to continue listing * * @returns Paginated list of entitlements sets */ listEntitlementsSets(token?: string): Promise; /** * Get an entitlement definition by entitlement name * * @param name Name of the entitlement definition to return * * @returns Named entitlements definition or undefined if no entitlement * definition of the specified name has been defined. */ getEntitlementDefinition(name: string): Promise; /** * List all entitlement definitions * * Call again with a token parameter to continue paginated listing * * @param limit number of entitlement definitions to be returned per call * @param nextToken Optional token from which to continue listing * * @returns Paginated list of entitlement definitions */ listEntitlementDefinitions(limit?: number, nextToken?: string): Promise; /** * Get entitlements for a user * * @param externalId External IDP user ID of user to retrieve entitlements for * * @returns Entitlements consumption for the user. * * @throws NoEntitlementsError * - The user has no entitlements defined */ getEntitlementsForUser(externalId: string): Promise; /** * Add a new entitlements set * * @param newEntitlementsSet Definition of new entitlements set * * @returns The created entitlements set * * @throws {@link InvalidEntitlementsError} * - Entitlements set contains one or more entitlements with unrecognized names */ addEntitlementsSet(newEntitlementsSet: Omit): Promise; /** * Update an entitlements set * * @param newEntitlementsSet Definition of new entitlements set * * @returns The updated entitlements set * * @throws {@link InvalidEntitlementsError} * - Entitlements set contains one or more entitlements with unrecognized names */ setEntitlementsSet(newEntitlementsSet: Omit): Promise; /** * Remove entitlements set * * @param name Name of entitlements set to remove * * @returns The entitlements set removed or undefined if entitlements set was not present */ removeEntitlementsSet(name: string): Promise; /** * Apply entitlements to a user * * If a record for that user's entitlements does not yet exist it will be created. * * @param externalId External IDP user ID of user to retrieve entitlements for * @param entitlements The entitlements to apply to the user * @param version If specified, version of any current entitlements that must be matched * * @returns The effective entitlements for the user * * @throws {@link InvalidEntitlementsError} * - Entitlements contains one or more entitlements with unrecognized names * @throws {@link AlreadyUpdatedError} * - Specified version is less than the current entitlements version * @throws IllegalArgumentError * - Specified version is greater than the current entitlements version */ applyEntitlementsToUser(externalId: string, entitlements: Entitlement[], version?: number): Promise; /** * Apply entitlements to users * * Equivalent of multiple calls to {@link applyEntitlementsToUser} * * If a record for any user's entitlements does not yet exist it will be created. * * @param operations Array of applyEntitlementsToUser operations to perform. * * @returns The effective entitlements for the user * * @throws {@link InvalidEntitlementsError} * - Entitlements contains one or more entitlements with unrecognized names */ applyEntitlementsToUsers(operations: { externalId: string; entitlements: Entitlement[]; version?: number; }[]): Promise; /** * Apply entitlements set to a user * * If a record for that user's entitlements does not yet exist it will be created. * * @param externalId External IDP user ID of user to retrieve entitlements for * @param entitlementsSetName Name of the entitlements set to apply to the user * @param version If specified, version of any current entitlements that must be matched * * @returns The effective entitlements for the user * * @throws EntitlementSetNotFoundError * - If the named entitlements set does not exist * @throws {@link AlreadyUpdatedError} * - if the user's entitlements have been updated with a later version * @throws {@link AlreadyUpdatedError} * - Specified version is less than the current entitlements version * @throws IllegalArgumentError * - Specified version is greater than the current entitlements version */ applyEntitlementsSetToUser(externalId: string, entitlementsSetName: string, version?: number): Promise; /** * Apply entitlements sets to users. * * Equivalent of multiple calls to {@link applyEntitlementsSetToUser} * * If a record for a user's entitlements does not yet exist it will be created. * * @param operations Array of applyEntitlementsSetToUser operations to perform. * * @returns The effective entitlements for the user * * @throws EntitlementSetNotFoundError * - If the named entitlements set does not exist * * @throws {@link AlreadyUpdatedError} * - if the user's entitlements have been updated with a later version */ applyEntitlementsSetToUsers(operations: { externalId: string; entitlementsSetName: string; version?: number; }[]): Promise; /** * Apply an expendable entitlements delta to a user * * If a record for the user's entitlements does not yet exist a * NoEntitlementsForUserError is thrown. Call an applyEntitlements* * method to assign entitlements before calling this method. * * @param externalId External IDP user ID of user to retrieve entitlements for * @param expendableEntitlements The expendable entitlements delta to apply to the user * @param requestId * Request of this delta. Repetition of requests for the same external ID with the * same requestId are idempotent * * @returns The effective entitlements for the user * * @throws InvalidEntitlementsError * Entitlements contains one or more entitlements with unrecognized names * or that are not expendable entitlements. * @throws NoEntitlementsForUserError * User has not previously been assigned entitlements. * @throws DuplicateEntitlementError * expendableEntitlements refers to the same entitlement more than once. * @throws NegativeEntitlementError * expendableEntitlements would cause an expendable entitlement for the user * to go negative. * @throws OverflowedEntitlementError * expendableEntitlements would cause an expendable entitlement for the user * to exceed the maximum allowable value. */ applyExpendableEntitlementsToUser(externalId: string, expendableEntitlements: Entitlement[], requestId: string): Promise; /** * Get an entitlements sequence * * @param name Name of the entitlements sequence to return * * @returns Named entitlements sequence or undefined if no entitlements sequence * of the specified name has been defined. */ getEntitlementsSequence(name: string): Promise; /** * List all entitlements sequences * * Call again with a token parameter to continue paginated listing * * @param nextToken Optional token from which to continue listing * * @returns Paginated list of entitlements sequences */ listEntitlementsSequences(nextToken?: string): Promise; /** * Add a new entitlements sequence * * @param newEntitlementsSequence Definition of new entitlements sequence * * @returns The created entitlements sequence * * @throws InvalidArgumentError * - if the specified entitlements sequence name is invalid */ addEntitlementsSequence(newEntitlementsSequence: Omit): Promise; /** * Update an entitlements sequence * * @param newEntitlementsSequence Definition of new entitlements sequence * * @returns The updated entitlements sequence * * @throws InvalidArgumentError * - if the specified entitlements sequence name is invalid */ setEntitlementsSequence(newEntitlementsSequence: Omit): Promise; /** * Remove entitlements sequence * * @param name Name of entitlements sequence to remove * * @returns The entitlements sequence removed or undefined if entitlements sequence was not present */ removeEntitlementsSequence(name: string): Promise; /** * Apply entitlements sequence directly to a user * * If a record for that user's entitlements sequence does not yet exist it will be created. * * @param externalId External IDP user ID of user to apply entitlements sequence to * @param entitlementsSequenceName Name of the entitlements sequence to apply to the user * @param version If specified, version of any current entitlements that must be matched * * @returns The effective entitlements for the user * * @throws {@link AlreadyUpdatedError} * - if the user's entitlements have been updated with a later version * * @throws {@link EntitlementsSequenceNotFoundError} * - If the entitlements sequence named is not defined * @throws {@link AlreadyUpdatedError} * - Specified version is less than the current entitlements version * @throws IllegalArgumentError * - Specified version is greater than the current entitlements version */ applyEntitlementsSequenceToUser(externalId: string, entitlementsSequenceName: string, transitionsRelativeTo?: Date, version?: number): Promise; /** * Apply entitlements sequence to users * * Equivalent of multiple calls to {@link applyEntitlementsSequenceToUser} * * If a record for any user's entitlements sequence does not yet exist it will be created. * * @param operations Array of applyEntitlementsSequenceToUser operations to perform. * * @returns The effective entitlements for the user * * @throws {@link AlreadyUpdatedError} * - if the user's entitlements have been updated with a later version * * @throws {@link EntitlementsSequenceNotFoundError} * - If the entitlements sequence named is not defined */ applyEntitlementsSequenceToUsers(operations: { externalId: string; entitlementsSequenceName: string; transitionsRelativeTo?: Date; version?: number; }[]): Promise; /** * Remove entitlements and consumption records of the specified user. * * @param externalId External IDP user ID of user to remove. * * @returns The entitled user removed or undefined if the user is not found. */ removeEntitledUser(externalId: string): Promise; } export interface DefaultSudoEntitlementsAdminClientOptions { } export declare class DefaultSudoEntitlementsAdminClient implements SudoEntitlementsAdminClient { private readonly adminApiClient; constructor(apiKeyOrCred: string | Credential, options?: DefaultSudoEntitlementsAdminClientOptions); getEntitlementsSet(name: string): Promise; listEntitlementsSets(nextToken?: string): Promise; getEntitlementDefinition(name: string): Promise; listEntitlementDefinitions(limit?: number, nextToken?: string): Promise; getEntitlementsForUser(externalId: string): Promise; addEntitlementsSet(newEntitlementsSet: NewEntitlementsSet): Promise; setEntitlementsSet(newEntitlementsSet: NewEntitlementsSet): Promise; removeEntitlementsSet(name: string): Promise; applyEntitlementsSetToUser(externalId: string, entitlementsSetName: string, version?: number): Promise; applyEntitlementsSetToUsers(operations: { externalId: string; entitlementsSetName: string; version?: number; }[]): Promise; applyEntitlementsToUser(externalId: string, entitlements: Entitlement[], version?: number): Promise; applyEntitlementsToUsers(operations: { externalId: string; entitlements: Entitlement[]; version?: number; }[]): Promise; getEntitlementsSequence(name: string): Promise; listEntitlementsSequences(nextToken?: string): Promise; addEntitlementsSequence(newEntitlementsSequence: Omit): Promise; setEntitlementsSequence(newEntitlementsSequence: Omit): Promise; removeEntitlementsSequence(name: string): Promise; applyEntitlementsSequenceToUser(externalId: string, entitlementsSequenceName: string, transitionsRelativeTo?: Date, version?: number): Promise; applyEntitlementsSequenceToUsers(operations: { externalId: string; entitlementsSequenceName: string; transitionsRelativeTo?: Date; version?: number; }[]): Promise; applyExpendableEntitlementsToUser(externalId: string, expendableEntitlements: Entitlement[], requestId: string): Promise; removeEntitledUser(externalId: string): Promise; }