Removing excluded users from ListUsers response (#108)

Initial commit of removing excluded users

.openapi-generator/FILES

@@ -57,7 +57,6 @@ docs/Node.md
 docs/Nodes.md
 docs/NotFoundErrorCode.md
 docs/NullValue.md
-docs/ObjectOrUserset.md
 docs/ObjectRelation.md
 docs/OpenFgaApi.md
 docs/PathUnknownErrorMessageResponse.md
@@ -147,7 +146,6 @@ model_node.go
 model_nodes.go
 model_not_found_error_code.go
 model_null_value.go
-model_object_or_userset.go
 model_object_relation.go
 model_path_unknown_error_message_response.go
 model_read_assertions_response.go

README.md

@@ -823,7 +823,7 @@ userFilters := []openfga.UserTypeFilter{{ Type: "user" }}
 // userFilters := []openfga.UserTypeFilter{{ Type: "team", Relation: openfga.PtrString("member") }}
 
 requestBody := ClientListUsersRequest{
-    Object: openfga.Object{
+    Object: openfga.FgaObject{
         Type: "document",
         Id:   "roadmap",
     },
@@ -846,7 +846,6 @@ data, err := fgaClient.ListRelations(context.Background()).
   Execute()
 
 // response.users = [{object: {type: "user", id: "81684243-9356-4421-8fbf-a4f8d36aa31b"}}, {userset: { type: "user" }}, ...]
-// response.excluded_users = [ {object: {type: "user", id: "4a455e27-d15a-4434-82e0-136f9c2aa4cf"}}, ... ]
 ```
 
 ### Assertions
@@ -990,7 +989,6 @@ Class | Method | HTTP request | Description
  - [Nodes](docs/Nodes.md)
  - [NotFoundErrorCode](docs/NotFoundErrorCode.md)
  - [NullValue](docs/NullValue.md)
- - [ObjectOrUserset](docs/ObjectOrUserset.md)
  - [ObjectRelation](docs/ObjectRelation.md)
  - [PathUnknownErrorMessageResponse](docs/PathUnknownErrorMessageResponse.md)
  - [ReadAssertionsResponse](docs/ReadAssertionsResponse.md)

api_open_fga.go

@@ -304,8 +304,9 @@ type OpenFgaApi interface {
 	You may also specify `contextual_tuples` that will be treated as regular tuples. Each of these tuples may have an associated `condition`.
 	You may also provide a `context` object that will be used to evaluate the conditioned tuples in the system. It is strongly recommended to provide a value for all the input parameters of all the conditions, to ensure that all tuples be evaluated correctly.
 	The response will contain the related users in an array in the "users" field of the response. These results may include specific objects, usersets
-	or type-bound public access. Each of these types of results is encoded in its own type and not represented as a string.In certain cases of negation via the `but not` operator, some results are marked as excluded from the main set of results. These exclusions
-	are returned in the `excluded_users` property and should be handled appropriately at the point of implementation.The number of users in the response array will be limited by the execution timeout specified in the flag OPENFGA_LIST_USERS_DEADLINE and by the upper bound specified in the flag OPENFGA_LIST_USERS_MAX_RESULTS, whichever is hit first.
+	or type-bound public access. Each of these types of results is encoded in its own type and not represented as a string.In cases where a type-bound public acces result is returned (e.g. `user:*`), it cannot be inferred that all subjects
+	of that type have a relation to the object; it is possible that negations exist and checks should still be queried
+	on individual subjects to ensure access to that document.The number of users in the response array will be limited by the execution timeout specified in the flag OPENFGA_LIST_USERS_DEADLINE and by the upper bound specified in the flag OPENFGA_LIST_USERS_MAX_RESULTS, whichever is hit first.
 	The returned users will not be sorted, and therefore two identical calls may yield different sets of users.
 		 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
 		 * @param storeId
@@ -2708,8 +2709,9 @@ An `authorization_model_id` may be specified in the body. If it is not specified
 You may also specify `contextual_tuples` that will be treated as regular tuples. Each of these tuples may have an associated `condition`.
 You may also provide a `context` object that will be used to evaluate the conditioned tuples in the system. It is strongly recommended to provide a value for all the input parameters of all the conditions, to ensure that all tuples be evaluated correctly.
 The response will contain the related users in an array in the "users" field of the response. These results may include specific objects, usersets
-or type-bound public access. Each of these types of results is encoded in its own type and not represented as a string.In certain cases of negation via the `but not` operator, some results are marked as excluded from the main set of results. These exclusions
-are returned in the `excluded_users` property and should be handled appropriately at the point of implementation.The number of users in the response array will be limited by the execution timeout specified in the flag OPENFGA_LIST_USERS_DEADLINE and by the upper bound specified in the flag OPENFGA_LIST_USERS_MAX_RESULTS, whichever is hit first.
+or type-bound public access. Each of these types of results is encoded in its own type and not represented as a string.In cases where a type-bound public acces result is returned (e.g. `user:*`), it cannot be inferred that all subjects
+of that type have a relation to the object; it is possible that negations exist and checks should still be queried
+on individual subjects to ensure access to that document.The number of users in the response array will be limited by the execution timeout specified in the flag OPENFGA_LIST_USERS_DEADLINE and by the upper bound specified in the flag OPENFGA_LIST_USERS_MAX_RESULTS, whichever is hit first.
 The returned users will not be sorted, and therefore two identical calls may yield different sets of users.
   - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
   - @param storeId

api_open_fga_test.go

@@ -885,7 +885,7 @@ func TestOpenFgaApi(t *testing.T) {
 		test := TestDefinition{
 			Name: "ListUsers",
 			// A real API would not return all these for the filter provided, these are just for test purposes
-			JsonResponse:   `{"excluded_users":null,"users":[{"object":{"id":"81684243-9356-4421-8fbf-a4f8d36aa31b","type":"user"}},{"userset":{"id":"fga","relation":"member","type":"team"}},{"wildcard":{"type":"user"}}]}`,
+			JsonResponse:   `{"users":[{"object":{"id":"81684243-9356-4421-8fbf-a4f8d36aa31b","type":"user"}},{"userset":{"id":"fga","relation":"member","type":"team"}},{"wildcard":{"type":"user"}}]}`,
 			ResponseStatus: http.StatusOK,
 			Method:         http.MethodPost,
 			RequestPath:    "list-users",
@@ -964,10 +964,6 @@ func TestOpenFgaApi(t *testing.T) {
 		if got.Users[2].GetWildcard().Type != expectedResponse.Users[2].GetWildcard().Type {
 			t.Fatalf("OpenFga%v().Execute() = %v, want %v (%v)", test.Name, got.Users[2], expectedResponse.Users[2], "wildcard: { type: \"user\" }")
 		}
-
-		if len(got.ExcludedUsers) != len(expectedResponse.ExcludedUsers) {
-			t.Fatalf("OpenFga%v().Execute() = %v, want %v", test.Name, got.GetExcludedUsers(), expectedResponse.GetExcludedUsers())
-		}
 	})
 
 	t.Run("Check with 400 error", func(t *testing.T) {

client/client_test.go

@@ -2441,7 +2441,7 @@ func TestOpenFgaClient(t *testing.T) {
 		test := TestDefinition{
 			Name: "ListUsers",
 			// A real API would not return all these for the filter provided, these are just for test purposes
-			JsonResponse:   `{"excluded_users":null,"users":[{"object":{"id":"81684243-9356-4421-8fbf-a4f8d36aa31b","type":"user"}},{"userset":{"id":"fga","relation":"member","type":"team"}},{"wildcard":{"type":"user"}}]}`,
+			JsonResponse:   `{"users":[{"object":{"id":"81684243-9356-4421-8fbf-a4f8d36aa31b","type":"user"}},{"userset":{"id":"fga","relation":"member","type":"team"}},{"wildcard":{"type":"user"}}]}`,
 			ResponseStatus: http.StatusOK,
 			Method:         http.MethodPost,
 			RequestPath:    "list-users",
@@ -2518,10 +2518,6 @@ func TestOpenFgaClient(t *testing.T) {
 			t.Fatalf("OpenFga%v().Execute() = %v, want %v (%v)", test.Name, got.Users[2], expectedResponse.Users[2], "wildcard: { type: \"user\" }")
 		}
 
-		if len(got.ExcludedUsers) != len(expectedResponse.ExcludedUsers) {
-			t.Fatalf("OpenFga%v().Execute() = %v, want %v", test.Name, got.GetExcludedUsers(), expectedResponse.GetExcludedUsers())
-		}
-
 		// ListUsers without options should work
 		_, err = fgaClient.ListUsers(context.Background()).Body(requestBody).Execute()
 		if err != nil {

docs/ListUsersResponse.md

@@ -5,13 +5,12 @@
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **Users** | [**[]User**](User.md) |  | 
-**ExcludedUsers** | [**[]ObjectOrUserset**](ObjectOrUserset.md) |  | 
 
 ## Methods
 
 ### NewListUsersResponse
 
-`func NewListUsersResponse(users []User, excludedUsers []ObjectOrUserset, ) *ListUsersResponse`
+`func NewListUsersResponse(users []User, ) *ListUsersResponse`
 
 NewListUsersResponse instantiates a new ListUsersResponse object
 This constructor will assign default values to properties that have it defined,
@@ -46,26 +45,6 @@ and a boolean to check if the value has been set.
 SetUsers sets Users field to given value.
 
 
-### GetExcludedUsers
-
-`func (o *ListUsersResponse) GetExcludedUsers() []ObjectOrUserset`
-
-GetExcludedUsers returns the ExcludedUsers field if non-nil, zero value otherwise.
-
-### GetExcludedUsersOk
-
-`func (o *ListUsersResponse) GetExcludedUsersOk() (*[]ObjectOrUserset, bool)`
-
-GetExcludedUsersOk returns a tuple with the ExcludedUsers field if it's non-nil, zero value otherwise
-and a boolean to check if the value has been set.
-
-### SetExcludedUsers
-
-`func (o *ListUsersResponse) SetExcludedUsers(v []ObjectOrUserset)`
-
-SetExcludedUsers sets ExcludedUsers field to given value.
-
-
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
 

model_list_users_response.go

@@ -20,18 +20,16 @@ import (
 
 // ListUsersResponse struct for ListUsersResponse
 type ListUsersResponse struct {
-	Users         []User            `json:"users"yaml:"users"`
-	ExcludedUsers []ObjectOrUserset `json:"excluded_users"yaml:"excluded_users"`
+	Users []User `json:"users"yaml:"users"`
 }
 
 // NewListUsersResponse instantiates a new ListUsersResponse object
 // This constructor will assign default values to properties that have it defined,
 // and makes sure properties required by API are set, but the set of arguments
 // will change when the set of required properties is changed
-func NewListUsersResponse(users []User, excludedUsers []ObjectOrUserset) *ListUsersResponse {
+func NewListUsersResponse(users []User) *ListUsersResponse {
 	this := ListUsersResponse{}
 	this.Users = users
-	this.ExcludedUsers = excludedUsers
 	return &this
 }
 
@@ -67,34 +65,9 @@ func (o *ListUsersResponse) SetUsers(v []User) {
 	o.Users = v
 }
 
-// GetExcludedUsers returns the ExcludedUsers field value
-func (o *ListUsersResponse) GetExcludedUsers() []ObjectOrUserset {
-	if o == nil {
-		var ret []ObjectOrUserset
-		return ret
-	}
-
-	return o.ExcludedUsers
-}
-
-// GetExcludedUsersOk returns a tuple with the ExcludedUsers field value
-// and a boolean to check if the value has been set.
-func (o *ListUsersResponse) GetExcludedUsersOk() (*[]ObjectOrUserset, bool) {
-	if o == nil {
-		return nil, false
-	}
-	return &o.ExcludedUsers, true
-}
-
-// SetExcludedUsers sets field value
-func (o *ListUsersResponse) SetExcludedUsers(v []ObjectOrUserset) {
-	o.ExcludedUsers = v
-}
-
 func (o ListUsersResponse) MarshalJSON() ([]byte, error) {
 	toSerialize := map[string]interface{}{}
 	toSerialize["users"] = o.Users
-	toSerialize["excluded_users"] = o.ExcludedUsers
 	var b bytes.Buffer
 	enc := json.NewEncoder(&b)
 	enc.SetEscapeHTML(false)