github.com/IBM-Cloud/bluemix-go@v0.0.0-20240314082800-4e02a69b84b2/api/iampap/iampapv1/authorization_policies.go (about)

     1  package iampapv1
     2  
     3  import (
     4  	"fmt"
     5  
     6  	"github.com/IBM-Cloud/bluemix-go/client"
     7  	"github.com/IBM-Cloud/bluemix-go/models"
     8  	"github.com/IBM-Cloud/bluemix-go/rest"
     9  )
    10  
    11  type AuthorizationPolicy struct {
    12  	ID        string                  `json:"id,omitempty"`
    13  	Roles     []models.PolicyRole     `json:"roles"`
    14  	Resources []models.PolicyResource `json:"resources"`
    15  	Subjects  []models.PolicyResource `json:"subjects"`
    16  	Type      string                  `json:"type,omitempty"`
    17  	Version   string                  `json:"-"`
    18  }
    19  
    20  type AuthorizationPolicySearchQuery struct {
    21  	SubjectID     string
    22  	Type          string
    23  	AccessGroupID string
    24  }
    25  
    26  func (q *AuthorizationPolicySearchQuery) setQuery(r *rest.Request) {
    27  	if q.SubjectID != "" {
    28  		r.Query("subjectId", q.SubjectID)
    29  	}
    30  	if q.Type != "" {
    31  		r.Query("type", q.Type)
    32  	}
    33  	if q.AccessGroupID != "" {
    34  		r.Query("accessGroupId", q.AccessGroupID)
    35  	}
    36  }
    37  
    38  const (
    39  	AuthorizationPolicyType = "authorization"
    40  	AccessPolicyType        = "access"
    41  )
    42  
    43  type AuthorizationPolicyRepository interface {
    44  	List(accountID string, query *AuthorizationPolicySearchQuery) ([]AuthorizationPolicy, error)
    45  	Get(accountID string, policyID string) (AuthorizationPolicy, error)
    46  	Create(accountID string, policy AuthorizationPolicy) (AuthorizationPolicy, error)
    47  	Update(accountID string, policyID string, policy AuthorizationPolicy, version string) (AuthorizationPolicy, error)
    48  	Delete(accountID string, policyID string) error
    49  	// Purge(accountID string, request DeleteAuthorizationPolicyRequest) (error)
    50  }
    51  
    52  type authorizationPolicyRepository struct {
    53  	client *client.Client
    54  }
    55  
    56  func NewAuthorizationPolicyRepository(c *client.Client) AuthorizationPolicyRepository {
    57  	return &authorizationPolicyRepository{
    58  		client: c,
    59  	}
    60  }
    61  
    62  type listAuthorizationPolicyResponse struct {
    63  	Policies []AuthorizationPolicy `json:"policies"`
    64  }
    65  
    66  func (r *authorizationPolicyRepository) List(accountID string, query *AuthorizationPolicySearchQuery) ([]AuthorizationPolicy, error) {
    67  	request := rest.GetRequest(*r.client.Config.Endpoint + fmt.Sprintf("/acms/v2/accounts/%s/policies", accountID))
    68  
    69  	if query != nil {
    70  		query.setQuery(request)
    71  	}
    72  
    73  	var response listAuthorizationPolicyResponse
    74  	_, err := r.client.SendRequest(request, &response)
    75  	if err != nil {
    76  		return []AuthorizationPolicy{}, err
    77  	}
    78  	return response.Policies, nil
    79  }
    80  
    81  func (r *authorizationPolicyRepository) Get(accountID string, policyID string) (AuthorizationPolicy, error) {
    82  	var policy AuthorizationPolicy
    83  
    84  	resp, err := r.client.Get(fmt.Sprintf("/acms/v2/accounts/%s/policies/%s", accountID, policyID), &policy)
    85  	if err != nil {
    86  		return AuthorizationPolicy{}, err
    87  	}
    88  	policy.Version = resp.Header.Get("Etag")
    89  	return policy, nil
    90  }
    91  
    92  func (r *authorizationPolicyRepository) Create(accountID string, policy AuthorizationPolicy) (AuthorizationPolicy, error) {
    93  	var policyCreated AuthorizationPolicy
    94  
    95  	resp, err := r.client.Post(fmt.Sprintf("/acms/v2/accounts/%s/policies", accountID), &policy, &policyCreated)
    96  	if err != nil {
    97  		return AuthorizationPolicy{}, err
    98  	}
    99  	policyCreated.Version = resp.Header.Get("Etag")
   100  	return policyCreated, nil
   101  }
   102  
   103  func (r *authorizationPolicyRepository) Update(accountID string, policyID string, policy AuthorizationPolicy, version string) (AuthorizationPolicy, error) {
   104  	var policyUpdated AuthorizationPolicy
   105  	request := rest.PutRequest(*r.client.Config.Endpoint + fmt.Sprintf("/acms/v2/accounts/%s/policies/%s", accountID, policyID)).Body(policy)
   106  	if version != "" {
   107  		request = request.Set("If-Match", version)
   108  	}
   109  
   110  	resp, err := r.client.SendRequest(request, &policyUpdated)
   111  	if err != nil {
   112  		return AuthorizationPolicy{}, err
   113  	}
   114  	policyUpdated.Version = resp.Header.Get("Etag")
   115  
   116  	return policyUpdated, nil
   117  }
   118  
   119  func (r *authorizationPolicyRepository) Delete(accountID string, policyID string) error {
   120  	_, err := r.client.Delete(fmt.Sprintf("/acms/v1/policies/%s?scope=%s", policyID, "a/"+accountID))
   121  	if err != nil {
   122  		return err
   123  	}
   124  	return nil
   125  }