github.com/IBM-Cloud/bluemix-go@v0.0.0-20240314082800-4e02a69b84b2/api/iampap/iampapv1/authorization_policies.go (about) 1 package iampapv1 2 3 import ( 4 "fmt" 5 6 "github.com/IBM-Cloud/bluemix-go/client" 7 "github.com/IBM-Cloud/bluemix-go/models" 8 "github.com/IBM-Cloud/bluemix-go/rest" 9 ) 10 11 type AuthorizationPolicy struct { 12 ID string `json:"id,omitempty"` 13 Roles []models.PolicyRole `json:"roles"` 14 Resources []models.PolicyResource `json:"resources"` 15 Subjects []models.PolicyResource `json:"subjects"` 16 Type string `json:"type,omitempty"` 17 Version string `json:"-"` 18 } 19 20 type AuthorizationPolicySearchQuery struct { 21 SubjectID string 22 Type string 23 AccessGroupID string 24 } 25 26 func (q *AuthorizationPolicySearchQuery) setQuery(r *rest.Request) { 27 if q.SubjectID != "" { 28 r.Query("subjectId", q.SubjectID) 29 } 30 if q.Type != "" { 31 r.Query("type", q.Type) 32 } 33 if q.AccessGroupID != "" { 34 r.Query("accessGroupId", q.AccessGroupID) 35 } 36 } 37 38 const ( 39 AuthorizationPolicyType = "authorization" 40 AccessPolicyType = "access" 41 ) 42 43 type AuthorizationPolicyRepository interface { 44 List(accountID string, query *AuthorizationPolicySearchQuery) ([]AuthorizationPolicy, error) 45 Get(accountID string, policyID string) (AuthorizationPolicy, error) 46 Create(accountID string, policy AuthorizationPolicy) (AuthorizationPolicy, error) 47 Update(accountID string, policyID string, policy AuthorizationPolicy, version string) (AuthorizationPolicy, error) 48 Delete(accountID string, policyID string) error 49 // Purge(accountID string, request DeleteAuthorizationPolicyRequest) (error) 50 } 51 52 type authorizationPolicyRepository struct { 53 client *client.Client 54 } 55 56 func NewAuthorizationPolicyRepository(c *client.Client) AuthorizationPolicyRepository { 57 return &authorizationPolicyRepository{ 58 client: c, 59 } 60 } 61 62 type listAuthorizationPolicyResponse struct { 63 Policies []AuthorizationPolicy `json:"policies"` 64 } 65 66 func (r *authorizationPolicyRepository) List(accountID string, query *AuthorizationPolicySearchQuery) ([]AuthorizationPolicy, error) { 67 request := rest.GetRequest(*r.client.Config.Endpoint + fmt.Sprintf("/acms/v2/accounts/%s/policies", accountID)) 68 69 if query != nil { 70 query.setQuery(request) 71 } 72 73 var response listAuthorizationPolicyResponse 74 _, err := r.client.SendRequest(request, &response) 75 if err != nil { 76 return []AuthorizationPolicy{}, err 77 } 78 return response.Policies, nil 79 } 80 81 func (r *authorizationPolicyRepository) Get(accountID string, policyID string) (AuthorizationPolicy, error) { 82 var policy AuthorizationPolicy 83 84 resp, err := r.client.Get(fmt.Sprintf("/acms/v2/accounts/%s/policies/%s", accountID, policyID), &policy) 85 if err != nil { 86 return AuthorizationPolicy{}, err 87 } 88 policy.Version = resp.Header.Get("Etag") 89 return policy, nil 90 } 91 92 func (r *authorizationPolicyRepository) Create(accountID string, policy AuthorizationPolicy) (AuthorizationPolicy, error) { 93 var policyCreated AuthorizationPolicy 94 95 resp, err := r.client.Post(fmt.Sprintf("/acms/v2/accounts/%s/policies", accountID), &policy, &policyCreated) 96 if err != nil { 97 return AuthorizationPolicy{}, err 98 } 99 policyCreated.Version = resp.Header.Get("Etag") 100 return policyCreated, nil 101 } 102 103 func (r *authorizationPolicyRepository) Update(accountID string, policyID string, policy AuthorizationPolicy, version string) (AuthorizationPolicy, error) { 104 var policyUpdated AuthorizationPolicy 105 request := rest.PutRequest(*r.client.Config.Endpoint + fmt.Sprintf("/acms/v2/accounts/%s/policies/%s", accountID, policyID)).Body(policy) 106 if version != "" { 107 request = request.Set("If-Match", version) 108 } 109 110 resp, err := r.client.SendRequest(request, &policyUpdated) 111 if err != nil { 112 return AuthorizationPolicy{}, err 113 } 114 policyUpdated.Version = resp.Header.Get("Etag") 115 116 return policyUpdated, nil 117 } 118 119 func (r *authorizationPolicyRepository) Delete(accountID string, policyID string) error { 120 _, err := r.client.Delete(fmt.Sprintf("/acms/v1/policies/%s?scope=%s", policyID, "a/"+accountID)) 121 if err != nil { 122 return err 123 } 124 return nil 125 }