-
Notifications
You must be signed in to change notification settings - Fork 127
/
Copy pathrole.go
318 lines (283 loc) · 11.2 KB
/
role.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
package client
import (
"context"
"net/url"
"github.com/cloudfoundry/go-cfclient/v3/internal/path"
"github.com/cloudfoundry/go-cfclient/v3/resource"
)
type RoleClient commonClient
// RoleListOptions list filters
type RoleListOptions struct {
*ListOptions
GUIDs Filter `qs:"guids"` // list of role guids to filter by
Types Filter `qs:"types"` // list of role types to filter by
OrganizationGUIDs Filter `qs:"organization_guids"` // list of organization guids to filter by
SpaceGUIDs Filter `qs:"space_guids"` // list of space guids to filter by
UserGUIDs Filter `qs:"user_guids"` // list of user guids to filter by
Include resource.RoleIncludeType `qs:"include"`
}
// NewRoleListOptions creates new options to pass to list
func NewRoleListOptions() *RoleListOptions {
return &RoleListOptions{
ListOptions: NewListOptions(),
}
}
func (o *RoleListOptions) ToQueryString() (url.Values, error) {
return o.ListOptions.ToQueryString(o)
}
// WithOrganizationRoleType returns only roles with the specified organization roles type
func (o *RoleListOptions) WithOrganizationRoleType(roleType ...resource.OrganizationRoleType) {
for _, r := range roleType {
o.Types.Values = append(o.Types.Values, r.String())
}
}
// WithSpaceRoleType returns only roles with the specified space roles type
func (o *RoleListOptions) WithSpaceRoleType(roleType ...resource.SpaceRoleType) {
for _, r := range roleType {
o.Types.Values = append(o.Types.Values, r.String())
}
}
// CreateSpaceRole creates a new role for a user in the space
//
// To create a space role you must be an admin, an organization manager
// in the parent organization of the space associated with the role,
// or a space manager in the space associated with the role.
//
// For a user to be assigned a space role, the user must already
// have an organization role in the parent organization.
func (c *RoleClient) CreateSpaceRole(ctx context.Context, spaceGUID, userGUID string, roleType resource.SpaceRoleType) (*resource.Role, error) {
req := resource.NewRoleSpaceCreate(spaceGUID, userGUID, roleType)
var r resource.Role
_, err := c.client.post(ctx, "/v3/roles", req, &r)
if err != nil {
return nil, err
}
return &r, nil
}
// CreateSpaceRoleWithUsername creates a new role for a user in the space via username and origin.
// If origin need not be passed, it must be "".
//
// To create a space role you must be an admin, an organization manager
// in the parent organization of the space associated with the role,
// or a space manager in the space associated with the role.
//
// For a user to be assigned a space role, the user must already
// have an organization role in the parent organization.
func (c *RoleClient) CreateSpaceRoleWithUsername(ctx context.Context, spaceGUID string, userName string, roleType resource.SpaceRoleType, origin string) (*resource.Role, error) {
req := resource.NewRoleSpaceCreateWithUserName(spaceGUID, userName, roleType, origin)
var r resource.Role
_, err := c.client.post(ctx, "/v3/roles", req, &r)
if err != nil {
return nil, err
}
return &r, nil
}
// CreateOrganizationRole creates a new role for a user in the organization
//
// To create an organization role you must be an admin or organization
// manager in the organization associated with the role.
func (c *RoleClient) CreateOrganizationRole(ctx context.Context, organizationGUID, userGUID string, roleType resource.OrganizationRoleType) (*resource.Role, error) {
req := resource.NewRoleOrganizationCreate(organizationGUID, userGUID, roleType)
var r resource.Role
_, err := c.client.post(ctx, "/v3/roles", req, &r)
if err != nil {
return nil, err
}
return &r, nil
}
// CreateOrganizationRoleWithUsername creates a new role for a user in the organization via username and origin.
// If origin need not be passed, it must be "".
//
// To create an organization role you must be an admin or organization
// manager in the organization associated with the role.
func (c *RoleClient) CreateOrganizationRoleWithUsername(ctx context.Context, organizationGUID string, userName string, roleType resource.OrganizationRoleType, origin string) (*resource.Role, error) {
req := resource.NewRoleOrganizationCreateWithUserName(organizationGUID, userName, roleType, origin)
var r resource.Role
_, err := c.client.post(ctx, "/v3/roles", req, &r)
if err != nil {
return nil, err
}
return &r, nil
}
// Delete the specified role asynchronously and return a jobGUID
func (c *RoleClient) Delete(ctx context.Context, guid string) (string, error) {
return c.client.delete(ctx, path.Format("/v3/roles/%s", guid))
}
// First returns the first role matching the options or an error when less than 1 match
func (c *RoleClient) First(ctx context.Context, opts *RoleListOptions) (*resource.Role, error) {
return First[*RoleListOptions, *resource.Role](opts, func(opts *RoleListOptions) ([]*resource.Role, *Pager, error) {
return c.List(ctx, opts)
})
}
// Get the specified role
func (c *RoleClient) Get(ctx context.Context, guid string) (*resource.Role, error) {
var r resource.Role
err := c.client.get(ctx, path.Format("/v3/roles/%s", guid), &r)
if err != nil {
return nil, err
}
return &r, nil
}
// GetIncludeOrganizations allows callers to fetch a role and include any assigned organizations
func (c *RoleClient) GetIncludeOrganizations(ctx context.Context, guid string) (*resource.Role, []*resource.Organization, error) {
var role resource.RoleWithIncluded
err := c.client.get(ctx, path.Format("/v3/roles/%s?include=%s", guid, resource.RoleIncludeOrganization), &role)
if err != nil {
return nil, nil, err
}
return &role.Role, role.Included.Organizations, nil
}
// GetIncludeSpaces allows callers to fetch a role and include any assigned spaces
func (c *RoleClient) GetIncludeSpaces(ctx context.Context, guid string) (*resource.Role, []*resource.Space, error) {
var role resource.RoleWithIncluded
err := c.client.get(ctx, path.Format("/v3/roles/%s?include=%s", guid, resource.RoleIncludeSpace), &role)
if err != nil {
return nil, nil, err
}
return &role.Role, role.Included.Spaces, nil
}
// GetIncludeUsers allows callers to fetch a role and include any assigned users
func (c *RoleClient) GetIncludeUsers(ctx context.Context, guid string) (*resource.Role, []*resource.User, error) {
var role resource.RoleWithIncluded
err := c.client.get(ctx, path.Format("/v3/roles/%s?include=%s", guid, resource.RoleIncludeUser), &role)
if err != nil {
return nil, nil, err
}
return &role.Role, role.Included.Users, nil
}
// List all roles the user has access to in paged results
func (c *RoleClient) List(ctx context.Context, opts *RoleListOptions) ([]*resource.Role, *Pager, error) {
if opts == nil {
opts = NewRoleListOptions()
}
var res resource.RoleList
err := c.client.list(ctx, "/v3/roles", opts.ToQueryString, &res)
if err != nil {
return nil, nil, err
}
pager := NewPager(res.Pagination)
return res.Resources, pager, nil
}
// ListAll retrieves all roles the user has access to
func (c *RoleClient) ListAll(ctx context.Context, opts *RoleListOptions) ([]*resource.Role, error) {
if opts == nil {
opts = NewRoleListOptions()
}
return AutoPage[*RoleListOptions, *resource.Role](opts, func(opts *RoleListOptions) ([]*resource.Role, *Pager, error) {
return c.List(ctx, opts)
})
}
// ListIncludeOrganizations pages all roles and specified and includes organizations that have the roles
func (c *RoleClient) ListIncludeOrganizations(ctx context.Context, opts *RoleListOptions) ([]*resource.Role, []*resource.Organization, *Pager, error) {
if opts == nil {
opts = NewRoleListOptions()
}
opts.Include = resource.RoleIncludeOrganization
var res resource.RoleList
err := c.client.list(ctx, "/v3/roles", opts.ToQueryString, &res)
if err != nil {
return nil, nil, nil, err
}
pager := NewPager(res.Pagination)
return res.Resources, res.Included.Organizations, pager, nil
}
// ListIncludeOrganizationsAll retrieves all roles and specified and includes organizations that have the roles
func (c *RoleClient) ListIncludeOrganizationsAll(ctx context.Context, opts *RoleListOptions) ([]*resource.Role, []*resource.Organization, error) {
if opts == nil {
opts = NewRoleListOptions()
}
opts.Include = resource.RoleIncludeOrganization
var all []*resource.Role
var allOrgs []*resource.Organization
for {
page, orgs, pager, err := c.ListIncludeOrganizations(ctx, opts)
if err != nil {
return nil, nil, err
}
all = append(all, page...)
allOrgs = append(allOrgs, orgs...)
if !pager.HasNextPage() {
break
}
pager.NextPage(opts)
}
return all, allOrgs, nil
}
// ListIncludeSpaces pages all roles and specified and includes spaces that have the roles
func (c *RoleClient) ListIncludeSpaces(ctx context.Context, opts *RoleListOptions) ([]*resource.Role, []*resource.Space, *Pager, error) {
if opts == nil {
opts = NewRoleListOptions()
}
opts.Include = resource.RoleIncludeSpace
var res resource.RoleList
err := c.client.list(ctx, "/v3/roles", opts.ToQueryString, &res)
if err != nil {
return nil, nil, nil, err
}
pager := NewPager(res.Pagination)
return res.Resources, res.Included.Spaces, pager, nil
}
// ListIncludeSpacesAll retrieves all roles and specified and includes spaces that have the roles
func (c *RoleClient) ListIncludeSpacesAll(ctx context.Context, opts *RoleListOptions) ([]*resource.Role, []*resource.Space, error) {
if opts == nil {
opts = NewRoleListOptions()
}
opts.Include = resource.RoleIncludeSpace
var all []*resource.Role
var allSpaces []*resource.Space
for {
page, spaces, pager, err := c.ListIncludeSpaces(ctx, opts)
if err != nil {
return nil, nil, err
}
all = append(all, page...)
allSpaces = append(allSpaces, spaces...)
if !pager.HasNextPage() {
break
}
pager.NextPage(opts)
}
return all, allSpaces, nil
}
// ListIncludeUsers pages all roles and specified and includes users that belong to the roles
func (c *RoleClient) ListIncludeUsers(ctx context.Context, opts *RoleListOptions) ([]*resource.Role, []*resource.User, *Pager, error) {
if opts == nil {
opts = NewRoleListOptions()
}
opts.Include = resource.RoleIncludeUser
var res resource.RoleList
err := c.client.list(ctx, "/v3/roles", opts.ToQueryString, &res)
if err != nil {
return nil, nil, nil, err
}
pager := NewPager(res.Pagination)
return res.Resources, res.Included.Users, pager, nil
}
// ListIncludeUsersAll retrieves all roles and all the users that belong to those roles
func (c *RoleClient) ListIncludeUsersAll(ctx context.Context, opts *RoleListOptions) ([]*resource.Role, []*resource.User, error) {
if opts == nil {
opts = NewRoleListOptions()
}
opts.Include = resource.RoleIncludeUser
var all []*resource.Role
var allUsers []*resource.User
for {
page, users, pager, err := c.ListIncludeUsers(ctx, opts)
if err != nil {
return nil, nil, err
}
all = append(all, page...)
allUsers = append(allUsers, users...)
if !pager.HasNextPage() {
break
}
pager.NextPage(opts)
}
return all, allUsers, nil
}
// Single returns a single role matching the options or an error if not exactly 1 match
func (c *RoleClient) Single(ctx context.Context, opts *RoleListOptions) (*resource.Role, error) {
return Single[*RoleListOptions, *resource.Role](opts, func(opts *RoleListOptions) ([]*resource.Role, *Pager, error) {
return c.List(ctx, opts)
})
}