Add query api method (#8)

* Update example to delete created permission

* Add query warrants method

* Update query method to take a Subject object instead of string

Author: stanleyphu

examples/example.py

@@ -45,6 +45,9 @@ def make_warrant_requests(api_key):
     print(f"create_report role/permission check authorization result: {role_permission_check}")
     print(f"List all warrants: {client.list_warrants()}")
 
+    # Query all warrants for user1
+    print(f"List all warrants for user1: {client.query_warrants(user1_subject)}")
+
     # Delete users, tenants, roles, permissions
     client.remove_permission_from_role(admin_role, permission2)
     client.remove_permission_from_user(user1, permission1)
@@ -59,6 +62,8 @@ def make_warrant_requests(api_key):
     print("Deleted role " + admin_role)
     client.delete_permission(permission1)
     print("Deleted permission " + permission1)
+    client.delete_permission(permission2)
+    print("Deleted permission " + permission2)
 
 if __name__ == '__main__':
     # Replace with your Warrant api key

warrant/__init__.py

@@ -212,6 +212,18 @@ def list_warrants(self, object_type="", object_id="", relation="", user_id=""):
         resp = self._make_get_request(uri="/v1/warrants", params=filters)
         return resp
 
+    def query_warrants(self, subject, object_type="", relation=""):
+        if not isinstance(subject, Subject):
+            raise WarrantException(msg="Subject must be of type Subject")
+        subject_param = subject.object_type + ":" + subject.object_id
+        params = {
+            "objectType": object_type,
+            "relation": relation,
+            "subject": subject_param,
+        }
+        resp = self._make_get_request(uri="/v1/query", params=params)
+        return resp
+
     def is_authorized(self, warrant_check):
         if not isinstance(warrant_check.warrants, list):
             raise WarrantException(msg="Must provide a list of warrants")