160 lines
4.4 KiB
Go
160 lines
4.4 KiB
Go
package triton
|
|
|
|
import (
|
|
"fmt"
|
|
"github.com/hashicorp/errwrap"
|
|
"net/http"
|
|
"encoding/json"
|
|
)
|
|
|
|
type RolesClient struct {
|
|
*Client
|
|
}
|
|
|
|
// Roles returns a c used for accessing functions pertaining
|
|
// to Role functionality in the Triton API.
|
|
func (c *Client) Roles() *RolesClient {
|
|
return &RolesClient{c}
|
|
}
|
|
|
|
type Role struct {
|
|
ID string `json:"id"`
|
|
Name string `json:"name"`
|
|
Policies []string `json:"policies"`
|
|
Members []string `json:"policies"`
|
|
DefaultMembers []string `json:"default_members"`
|
|
}
|
|
|
|
type ListRolesInput struct{}
|
|
|
|
func (client *RolesClient) ListRoles(*ListRolesInput) ([]*Role, error) {
|
|
respReader, err := client.executeRequest(http.MethodGet, fmt.Sprintf("/%s/roles", client.accountName), nil)
|
|
if respReader != nil {
|
|
defer respReader.Close()
|
|
}
|
|
if err != nil {
|
|
return nil, errwrap.Wrapf("Error executing ListRoles request: {{err}}", err)
|
|
}
|
|
|
|
var result []*Role
|
|
decoder := json.NewDecoder(respReader)
|
|
if err = decoder.Decode(&result); err != nil {
|
|
return nil, errwrap.Wrapf("Error decoding ListRoles response: {{err}}", err)
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
type GetRoleInput struct{
|
|
RoleID string
|
|
}
|
|
|
|
func (client *RolesClient) GetRole(input *GetRoleInput) (*Role, error) {
|
|
path := fmt.Sprintf("/%s/roles/%s", client.accountName, input.RoleID)
|
|
respReader, err := client.executeRequest(http.MethodGet, path, nil)
|
|
if respReader != nil {
|
|
defer respReader.Close()
|
|
}
|
|
if err != nil {
|
|
return nil, errwrap.Wrapf("Error executing GetRole request: {{err}}", err)
|
|
}
|
|
|
|
var result *Role
|
|
decoder := json.NewDecoder(respReader)
|
|
if err = decoder.Decode(&result); err != nil {
|
|
return nil, errwrap.Wrapf("Error decoding GetRole response: {{err}}", err)
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
// CreateRoleInput represents the options that can be specified
|
|
// when creating a new role.
|
|
type CreateRoleInput struct {
|
|
// Name of the role. Required.
|
|
Name string `json:"name"`
|
|
|
|
// This account's policies to be given to this role. Optional.
|
|
Policies []string `json:"policies,omitempty"`
|
|
|
|
// This account's user logins to be added to this role. Optional.
|
|
Members []string `json:"members,omitempty"`
|
|
|
|
// This account's user logins to be added to this role and have
|
|
// it enabled by default. Optional.
|
|
DefaultMembers []string `json:"default_members,omitempty"`
|
|
}
|
|
|
|
func (client *RolesClient) CreateRole(input *CreateRoleInput) (*Role, error) {
|
|
respReader, err := client.executeRequest(http.MethodPost, fmt.Sprintf("/%s/roles", client.accountName), input)
|
|
if respReader != nil {
|
|
defer respReader.Close()
|
|
}
|
|
if err != nil {
|
|
return nil, errwrap.Wrapf("Error executing CreateRole request: {{err}}", err)
|
|
}
|
|
|
|
var result *Role
|
|
decoder := json.NewDecoder(respReader)
|
|
if err = decoder.Decode(&result); err != nil {
|
|
return nil, errwrap.Wrapf("Error decoding CreateRole response: {{err}}", err)
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
// UpdateRoleInput represents the options that can be specified
|
|
// when updating a role. Anything but ID can be modified.
|
|
type UpdateRoleInput struct {
|
|
// ID of the role to modify. Required.
|
|
RoleID string `json:"id"`
|
|
|
|
// Name of the role. Required.
|
|
Name string `json:"name"`
|
|
|
|
// This account's policies to be given to this role. Optional.
|
|
Policies []string `json:"policies,omitempty"`
|
|
|
|
// This account's user logins to be added to this role. Optional.
|
|
Members []string `json:"members,omitempty"`
|
|
|
|
// This account's user logins to be added to this role and have
|
|
// it enabled by default. Optional.
|
|
DefaultMembers []string `json:"default_members,omitempty"`
|
|
}
|
|
|
|
func (client *RolesClient) UpdateRole(input *UpdateRoleInput) (*Role, error) {
|
|
respReader, err := client.executeRequest(http.MethodPost, fmt.Sprintf("/%s/roles/%s", client.accountName, input.RoleID), input)
|
|
if respReader != nil {
|
|
defer respReader.Close()
|
|
}
|
|
if err != nil {
|
|
return nil, errwrap.Wrapf("Error executing UpdateRole request: {{err}}", err)
|
|
}
|
|
|
|
var result *Role
|
|
decoder := json.NewDecoder(respReader)
|
|
if err = decoder.Decode(&result); err != nil {
|
|
return nil, errwrap.Wrapf("Error decoding UpdateRole response: {{err}}", err)
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
type DeleteRoleInput struct {
|
|
RoleID string
|
|
}
|
|
|
|
func (client *RolesClient) DeleteRoles(input *DeleteRoleInput) error {
|
|
path := fmt.Sprintf("/%s/roles/%s", client.accountName, input.RoleID)
|
|
respReader, err := client.executeRequest(http.MethodDelete, path, nil)
|
|
if respReader != nil {
|
|
defer respReader.Close()
|
|
}
|
|
if err != nil {
|
|
return errwrap.Wrapf("Error executing DeleteRole request: {{err}}", err)
|
|
}
|
|
|
|
return nil
|
|
}
|