github.com/IBM-Cloud/bluemix-go@v0.0.0-20240423071914-9e96525baef4/api/iampap/iampapv1/iam_policy.go (about) 1 package iampapv1 2 3 import ( 4 "fmt" 5 6 "github.com/IBM-Cloud/bluemix-go/client" 7 ) 8 9 type AccessPolicyRequest struct { 10 Roles []Roles `json:"roles" binding:"required"` 11 Resources []Resources `json:"resources" binding:"required"` 12 } 13 14 type AccessPolicyResponse struct { 15 ID string 16 Roles []Roles 17 Resources []Resources 18 } 19 20 type AccessPolicyListResponse struct { 21 Policies []AccessPolicyResponse 22 } 23 24 type Roles struct { 25 ID string `json:"id" binding:"required"` 26 DisplayName string `json:"displayName,omitempty"` 27 Description string `json:"description,omitempty"` 28 } 29 30 type Resources struct { 31 ServiceName string `json:"serviceName,omitempty"` 32 ServiceInstance string `json:"serviceInstance,omitempty"` 33 Region string `json:"region,omitempty"` 34 ResourceType string `json:"resourceType,omitempty"` 35 Resource string `json:"resource,omitempty"` 36 SpaceId string `json:"spaceId,omitempty"` 37 AccountId string `json:"accountId,omitempty"` 38 OrganizationId string `json:"organizationId,omitempty"` 39 } 40 41 type IAMPolicy interface { 42 Create(scope, userId string, params AccessPolicyRequest) (AccessPolicyResponse, string, error) 43 List(scope, userId string) (AccessPolicyListResponse, error) 44 Delete(scope, userId, policyId string) error 45 Get(scope, userId, policyId string) (AccessPolicyResponse, error) 46 Update(scope, userId, policyId, etag string, params AccessPolicyRequest) (AccessPolicyResponse, string, error) 47 } 48 49 type iampolicy struct { 50 client *client.Client 51 } 52 53 const IAM_ACCOUNT_ESCAPE = "a%2f" 54 55 func newIAMPolicyAPI(c *client.Client) IAMPolicy { 56 return &iampolicy{ 57 client: c, 58 } 59 } 60 61 //Create ... 62 func (r *iampolicy) Create(scope, userId string, params AccessPolicyRequest) (AccessPolicyResponse, string, error) { 63 var accessPolicy AccessPolicyResponse 64 rawURL := fmt.Sprintf("/acms/v1/scopes/%s/users/%s/policies", IAM_ACCOUNT_ESCAPE+scope, userId) 65 resp, err := r.client.Post(rawURL, params, &accessPolicy) 66 eTag := resp.Header.Get("etag") 67 return accessPolicy, eTag, err 68 } 69 70 //List ... 71 func (r *iampolicy) List(scope, userId string) (AccessPolicyListResponse, error) { 72 var accessPolicyListResponse AccessPolicyListResponse 73 rawURL := fmt.Sprintf("/acms/v1/scopes/%s/users/%s/policies", IAM_ACCOUNT_ESCAPE+scope, userId) 74 _, err := r.client.Get(rawURL, &accessPolicyListResponse) 75 return accessPolicyListResponse, err 76 } 77 78 //Find ... 79 func (r *iampolicy) Get(scope, userId, policyId string) (AccessPolicyResponse, error) { 80 var accessPolicyResponse AccessPolicyResponse 81 rawURL := fmt.Sprintf("/acms/v1/scopes/%s/users/%s/policies/%s", IAM_ACCOUNT_ESCAPE+scope, userId, policyId) 82 _, err := r.client.Get(rawURL, &accessPolicyResponse) 83 return accessPolicyResponse, err 84 } 85 86 //Update ... 87 func (r *iampolicy) Update(scope, userId, policyId, etag string, params AccessPolicyRequest) (AccessPolicyResponse, string, error) { 88 var accessPolicy AccessPolicyResponse 89 rawURL := fmt.Sprintf("/acms/v1/scopes/%s/users/%s/policies/%s", IAM_ACCOUNT_ESCAPE+scope, userId, policyId) 90 header := make(map[string]string) 91 92 header["IF-Match"] = etag 93 accessPolicyResp, err := r.client.Put(rawURL, params, &accessPolicy, header) 94 eTag := accessPolicyResp.Header.Get("etag") 95 return accessPolicy, eTag, err 96 } 97 98 //Delete ... 99 func (r *iampolicy) Delete(scope, userId, policyId string) error { 100 rawURL := fmt.Sprintf("/acms/v1/scopes/%s/users/%s/policies/%s", IAM_ACCOUNT_ESCAPE+scope, userId, policyId) 101 _, err := r.client.Delete(rawURL) 102 return err 103 }