Improve Authz Relations Delete APIs (#484)

* feat: added deleteRelationsForIDs alias for deleteRelationsForResources and updated comments

* feat(authz): added support for deleteResourceRelationsForResources and deleteAllRelations

Author: yosiharan

lib/management/authz.test.ts

@@ -325,6 +325,64 @@ describe('Management Authz', () => {
     });
   });
 
+  describe('deleteResourceRelationsForResources', () => {
+    it('should delete the relations for given resource', async () => {
+      const httpResponse = {
+        ok: true,
+        json: () => {},
+        clone: () => ({
+          json: () => Promise.resolve({}),
+        }),
+        status: 200,
+      };
+      mockHttpClient.post.mockResolvedValue(httpResponse);
+
+      const resp: SdkResponse<never> = await management.authz.deleteResourceRelationsForResources([
+        'x',
+      ]);
+
+      expect(mockHttpClient.post).toHaveBeenCalledWith(
+        apiPaths.authz.reDeleteResourceRelationsForResources,
+        { resources: ['x'] },
+        { token: 'key' },
+      );
+      expect(resp).toEqual({
+        code: 200,
+        data: {},
+        ok: true,
+        response: httpResponse,
+      });
+    });
+  });
+
+  describe('deleteRelationsForIDs', () => {
+    it('should delete the relations for the given ids using the reDeleteResources API', async () => {
+      const httpResponse = {
+        ok: true,
+        json: () => {},
+        clone: () => ({
+          json: () => Promise.resolve({}),
+        }),
+        status: 200,
+      };
+      mockHttpClient.post.mockResolvedValue(httpResponse);
+
+      const resp: SdkResponse<never> = await management.authz.deleteRelationsForIds(['x']);
+
+      expect(mockHttpClient.post).toHaveBeenCalledWith(
+        apiPaths.authz.reDeleteResources,
+        { resources: ['x'] },
+        { token: 'key' },
+      );
+      expect(resp).toEqual({
+        code: 200,
+        data: {},
+        ok: true,
+        response: httpResponse,
+      });
+    });
+  });
+
   describe('deleteRelations', () => {
     it('should delete the relations', async () => {
       const httpResponse = {

lib/management/authz.ts

@@ -141,9 +141,11 @@ const WithAuthz = (sdk: CoreSdk, managementKey?: string) => ({
       sdk.httpClient.post(apiPaths.authz.reDelete, { relations }, { token: managementKey }),
     ),
   /**
-   * Delete the relations for the given resources.
+   * @deprecated use `deleteRelationsForIds` instead for better clarity
    *
-   * @param resources resources to delete relations for.
+   * Delete any relations with matching resourceIds OR targetIds
+   *
+   * @param resources ids to delete relations for.
    * @returns standard success or failure response
    */
   deleteRelationsForResources: (resources: string[]): Promise<SdkResponse<never>> =>
@@ -154,6 +156,35 @@ const WithAuthz = (sdk: CoreSdk, managementKey?: string) => ({
         { token: managementKey },
       ),
     ),
+  /**
+   *
+   * Delete any relations with matching resourceIds
+   *
+   * @param resources resource ids to delete relations for.
+   * @returns
+   */
+  deleteResourceRelationsForResources: (resources: string[]): Promise<SdkResponse<never>> =>
+    transformResponse(
+      sdk.httpClient.post(
+        apiPaths.authz.reDeleteResourceRelationsForResources,
+        { resources },
+        { token: managementKey },
+      ),
+    ),
+  /**
+   * Delete any relations with matching resourceIds OR targetIds
+   *
+   * @param ids ids to delete relations for.
+   * @returns standard success or failure response
+   */
+  deleteRelationsForIds: (ids: string[]): Promise<SdkResponse<never>> =>
+    transformResponse(
+      sdk.httpClient.post(
+        apiPaths.authz.reDeleteResources,
+        { resources: ids },
+        { token: managementKey },
+      ),
+    ),
   /**
    * Query relations to see what relations exists.
    *

lib/management/fga.test.ts

@@ -93,6 +93,16 @@ describe('Management FGA', () => {
     });
   });
 
+  describe('deleteAllRelations', () => {
+    it('should delete all relations', async () => {
+      const response = await WithFGA(mockCoreSdk).deleteAllRelations();
+      expect(mockHttpClient.delete).toHaveBeenCalledWith(apiPaths.fga.relations, {
+        token: undefined,
+      });
+      expect(response).toEqual(emptySuccessResponse);
+    });
+  });
+
   describe('check', () => {
     it('should check the relations', async () => {
       const relations = [relation1, relation2];

lib/management/fga.ts

@@ -64,6 +64,14 @@ const WithFGA = (sdk: CoreSdk, managementKey?: string) => ({
       sdk.httpClient.post(apiPaths.fga.check, { tuples: relations }, { token: managementKey }),
       (data) => data.tuples,
     ),
+
+  /**
+   * Delete all relations.
+   *
+   * @returns standard success or failure response
+   */
+  deleteAllRelations: (): Promise<SdkResponse<never>> =>
+    transformResponse(sdk.httpClient.delete(apiPaths.fga.relations, { token: managementKey })),
 });
 
 export default WithFGA;

lib/management/paths.ts

@@ -146,6 +146,7 @@ export default {
     reCreate: '/v1/mgmt/authz/re/create',
     reDelete: '/v1/mgmt/authz/re/delete',
     reDeleteResources: '/v1/mgmt/authz/re/deleteresources',
+    reDeleteResourceRelationsForResources: '/v1/mgmt/authz/re/deleteresourcesrelations',
     hasRelations: '/v1/mgmt/authz/re/has',
     who: '/v1/mgmt/authz/re/who',
     resource: '/v1/mgmt/authz/re/resource',