github.com/IBM-Cloud/bluemix-go@v0.0.0-20240314082800-4e02a69b84b2/api/iampap/iampapv1/models.go (about) 1 package iampapv1 2 3 import ( 4 "github.com/IBM-Cloud/bluemix-go/api/iampap/iampapv2" 5 "github.com/IBM-Cloud/bluemix-go/models" 6 ) 7 8 // Policy is the model of IAM PAP policy 9 type Policy struct { 10 ID string `json:"id,omitempty"` 11 Type string `json:"type"` 12 Subjects []Subject `json:"subjects"` 13 Roles []Role `json:"roles"` 14 Resources []Resource `json:"resources"` 15 Href string `json:"href,omitempty"` 16 CreatedAt string `json:"created_at,omitempty"` 17 CreatedByID string `json:"created_by_id,omitempty"` 18 LastModifiedAt string `json:"last_modified_at,omitempty"` 19 LastModifiedByID string `json:"last_modified_by_id,omitempty"` 20 Version string `json:"-"` 21 } 22 23 // Role is the role model used by policy 24 type Role struct { 25 RoleID string `json:"role_id"` 26 Name string `json:"display_name,omitempty"` 27 Description string `json:"description,omitempty"` 28 } 29 30 func fromModel(role models.PolicyRole) Role { 31 return Role{ 32 RoleID: role.ID.String(), 33 // When create/update, "name" and "description" are not allowed 34 // Name: role.Name, 35 // Description: role.Description, 36 } 37 } 38 39 // ConvertRoleModels will transform role models returned from "/v1/roles" to the model used by policy 40 func ConvertRoleModels(roles []models.PolicyRole) []Role { 41 results := make([]Role, len(roles)) 42 for i, r := range roles { 43 results[i] = fromModel(r) 44 } 45 return results 46 } 47 48 // ConvertV2RoleModels will transform role models returned from "/v2/roles" to the model used by policy 49 func ConvertV2RoleModels(roles []iampapv2.Role) []Role { 50 results := make([]Role, len(roles)) 51 for i, r := range roles { 52 results[i] = Role{ 53 RoleID: r.Crn, 54 } 55 } 56 return results 57 } 58 59 // Subject is the target to which is assigned policy 60 type Subject struct { 61 Attributes []Attribute `json:"attributes"` 62 } 63 64 const ( 65 AccessGroupIDAttribute = "accesGroupId" 66 AccountIDAttribute = "accountId" 67 OrganizationIDAttribute = "organizationId" 68 SpaceIDAttribute = "spaceId" 69 RegionAttribute = "region" 70 ServiceTypeAttribute = "serviceType" 71 ServiceNameAttribute = "serviceName" 72 ServiceInstanceAttribute = "serviceInstance" 73 ResourceTypeAttribute = "resourceType" 74 ResourceAttribute = "resource" 75 ResourceGroupIDAttribute = "resourceGroupId" 76 ) 77 78 // GetAttribute returns an attribute of policy subject 79 func (s *Subject) GetAttribute(name string) string { 80 for _, a := range s.Attributes { 81 if a.Name == name { 82 return a.Value 83 } 84 } 85 return "" 86 } 87 88 // SetAttribute sets value of an attribute of policy subject 89 func (s *Subject) SetAttribute(name string, value string) { 90 for _, a := range s.Attributes { 91 if a.Name == name { 92 a.Value = value 93 return 94 } 95 } 96 s.Attributes = append(s.Attributes, Attribute{ 97 Name: name, 98 Value: value, 99 }) 100 } 101 102 // AccessGroupID returns access group ID attribute of policy subject if exists 103 func (s *Subject) AccessGroupID() string { 104 return s.GetAttribute("access_group_id") 105 } 106 107 // AccountID returns account ID attribute of policy subject if exists 108 func (s *Subject) AccountID() string { 109 return s.GetAttribute("accountId") 110 } 111 112 // IAMID returns IAM ID attribute of policy subject if exists 113 func (s *Subject) IAMID() string { 114 return s.GetAttribute("iam_id") 115 } 116 117 // ServiceName returns service name attribute of policy subject if exists 118 func (s *Subject) ServiceName() string { 119 return s.GetAttribute("serviceName") 120 } 121 122 // ServiceInstance returns service instance attribute of policy subject if exists 123 func (s *Subject) ServiceInstance() string { 124 return s.GetAttribute("serviceInstance") 125 } 126 127 // ResourceType returns resource type of the policy subject if exists 128 func (s *Subject) ResourceType() string { 129 return s.GetAttribute("resourceType") 130 } 131 132 // ResourceGroupID returns resource group ID attribute of policy resource if exists 133 func (s *Subject) ResourceGroupID() string { 134 return s.GetAttribute(ResourceGroupIDAttribute) 135 } 136 137 // SetAccessGroupID sets value of access group ID attribute of policy subject 138 func (s *Subject) SetAccessGroupID(value string) { 139 s.SetAttribute("access_group_id", value) 140 } 141 142 // SetAccountID sets value of account ID attribute of policy subject 143 func (s *Subject) SetAccountID(value string) { 144 s.SetAttribute("accountId", value) 145 } 146 147 // SetIAMID sets value of IAM ID attribute of policy subject 148 func (s *Subject) SetIAMID(value string) { 149 s.SetAttribute("iam_id", value) 150 } 151 152 // SetServiceName sets value of service name attribute of policy subject 153 func (s *Subject) SetServiceName(value string) { 154 s.SetAttribute("serviceName", value) 155 } 156 157 // SetServiceInstance sets value of service instance attribute of policy subject 158 func (s *Subject) SetServiceInstance(value string) { 159 s.SetAttribute("serviceInstance", value) 160 } 161 162 // SetResourceType sets value of resource type attribute of policy subject 163 func (s *Subject) SetResourceType(value string) { 164 s.SetAttribute("resourceType", value) 165 } 166 167 // SetResourceGroupID sets value of resource group ID attribute of policy resource 168 func (s *Subject) SetResourceGroupID(value string) { 169 s.SetAttribute(ResourceGroupIDAttribute, value) 170 } 171 172 // Resource is the object controlled by the policy 173 type Resource struct { 174 Attributes []Attribute `json:"attributes"` 175 } 176 177 // GetAttribute returns an attribute of policy resource 178 func (r *Resource) GetAttribute(name string) string { 179 for _, a := range r.Attributes { 180 if a.Name == name { 181 return a.Value 182 } 183 } 184 return "" 185 } 186 187 // SetAttribute sets value of an attribute of policy resource 188 func (r *Resource) SetAttribute(name string, value string) { 189 for _, a := range r.Attributes { 190 if a.Name == name { 191 a.Value = value 192 return 193 } 194 } 195 r.Attributes = append(r.Attributes, Attribute{ 196 Name: name, 197 Value: value, 198 }) 199 } 200 201 // AccessGroupID returns access group ID attribute of policy resource if exists 202 func (r *Resource) AccessGroupID() string { 203 return r.GetAttribute(AccessGroupIDAttribute) 204 } 205 206 // AccountID returns account ID attribute of policy resource if exists 207 func (r *Resource) AccountID() string { 208 return r.GetAttribute(AccountIDAttribute) 209 } 210 211 // OrganizationID returns organization ID attribute of policy resource if exists 212 func (r *Resource) OrganizationID() string { 213 return r.GetAttribute(OrganizationIDAttribute) 214 } 215 216 // Region returns region attribute of policy resource if exists 217 func (r *Resource) Region() string { 218 return r.GetAttribute(RegionAttribute) 219 } 220 221 // Resource returns resource attribute of policy resource if exists 222 func (r *Resource) Resource() string { 223 return r.GetAttribute(ResourceAttribute) 224 } 225 226 // ResourceType returns resource type attribute of policy resource if exists 227 func (r *Resource) ResourceType() string { 228 return r.GetAttribute(ResourceTypeAttribute) 229 } 230 231 // ResourceGroupID returns resource group ID attribute of policy resource if exists 232 func (r *Resource) ResourceGroupID() string { 233 return r.GetAttribute(ResourceGroupIDAttribute) 234 } 235 236 // ServiceName returns service name attribute of policy resource if exists 237 func (r *Resource) ServiceName() string { 238 return r.GetAttribute(ServiceNameAttribute) 239 } 240 241 // ServiceInstance returns service instance attribute of policy resource if exists 242 func (r *Resource) ServiceInstance() string { 243 return r.GetAttribute(ServiceInstanceAttribute) 244 } 245 246 // SpaceID returns space ID attribute of policy resource if exists 247 func (r *Resource) SpaceID() string { 248 return r.GetAttribute(SpaceIDAttribute) 249 } 250 251 // ServiceType returns service type attribute of policy resource if exists 252 func (r *Resource) ServiceType() string { 253 return r.GetAttribute(ServiceTypeAttribute) 254 } 255 256 // CustomAttributes will return all attributes which are not system defined 257 func (r *Resource) CustomAttributes() []Attribute { 258 attributes := []Attribute{} 259 for _, a := range r.Attributes { 260 switch a.Name { 261 case AccessGroupIDAttribute: 262 case AccountIDAttribute: 263 case OrganizationIDAttribute: 264 case SpaceIDAttribute: 265 case RegionAttribute: 266 case ResourceAttribute: 267 case ResourceTypeAttribute: 268 case ResourceGroupIDAttribute: 269 case ServiceTypeAttribute: 270 case ServiceNameAttribute: 271 case ServiceInstanceAttribute: 272 default: 273 attributes = append(attributes, a) 274 } 275 } 276 return attributes 277 } 278 279 // SetAccessGroupID sets value of access group ID attribute of policy resource 280 func (r *Resource) SetAccessGroupID(value string) { 281 r.SetAttribute(AccessGroupIDAttribute, value) 282 } 283 284 // SetAccountID sets value of account ID attribute of policy resource 285 func (r *Resource) SetAccountID(value string) { 286 r.SetAttribute(AccountIDAttribute, value) 287 } 288 289 // SetOrganizationID sets value of organization ID attribute of policy resource 290 func (r *Resource) SetOrganizationID(value string) { 291 r.SetAttribute(OrganizationIDAttribute, value) 292 } 293 294 // SetRegion sets value of region attribute of policy resource 295 func (r *Resource) SetRegion(value string) { 296 r.SetAttribute(RegionAttribute, value) 297 } 298 299 // SetResource sets value of resource attribute of policy resource 300 func (r *Resource) SetResource(value string) { 301 r.SetAttribute(ResourceAttribute, value) 302 } 303 304 // SetResourceType sets value of resource type attribute of policy resource 305 func (r *Resource) SetResourceType(value string) { 306 r.SetAttribute(ResourceTypeAttribute, value) 307 } 308 309 // SetResourceGroupID sets value of resource group ID attribute of policy resource 310 func (r *Resource) SetResourceGroupID(value string) { 311 r.SetAttribute(ResourceGroupIDAttribute, value) 312 } 313 314 // SetServiceName sets value of service name attribute of policy resource 315 func (r *Resource) SetServiceName(value string) { 316 r.SetAttribute(ServiceNameAttribute, value) 317 } 318 319 // SetServiceInstance sets value of service instance attribute of policy resource 320 func (r *Resource) SetServiceInstance(value string) { 321 r.SetAttribute(ServiceInstanceAttribute, value) 322 } 323 324 // SetSpaceID sets value of space ID attribute of policy resource 325 func (r *Resource) SetSpaceID(value string) { 326 r.SetAttribute("spaceID", value) 327 } 328 329 // SetServiceType sets value of service type attribute of policy resource 330 func (r *Resource) SetServiceType(value string) { 331 r.SetAttribute(ServiceTypeAttribute, value) 332 } 333 334 // Attribute is part of policy subject and resource 335 type Attribute struct { 336 Name string `json:"name"` 337 Value string `json:"value"` 338 Operator string `json:"operator,omitempty"` 339 }