github.com/chnsz/golangsdk@v0.0.0-20240506093406-85a3fbfa605b/openstack/identity/v3.0/security/requests.go

github.com/chnsz/golangsdk@v0.0.0-20240506093406-85a3fbfa605b/openstack/identity/v3.0/security/requests.go (about)

     1  package security
     2  
     3  import (
     4  	"github.com/chnsz/golangsdk"
     5  )
     6  
     7  // PasswordPolicyOpts provides options used to update the account password policy
     8  type PasswordPolicyOpts struct {
     9  	// Minimum number of character types that a password must contain. Value range: 2–4.
    10  	MinCharCombination *int `json:"password_char_combination,omitempty"`
    11  	// Minimum number of characters that a password must contain. Value range: 6–32.
    12  	MinPasswordLength *int `json:"minimum_password_length,omitempty"`
    13  	// Maximum number of times that a character is allowed to consecutively present in a password.
    14  	// Value range: 0–32.
    15  	MaxConsecutiveIdenticalChars *int `json:"maximum_consecutive_identical_chars,omitempty"`
    16  	// Number of previously used passwords that are not allowed. Value range: 0–10.
    17  	RecentPasswordsDisallowedCount *int `json:"number_of_recent_passwords_disallowed,omitempty"`
    18  	// Password validity period (days). Value range: 0–180. Value 0 indicates that this requirement does not apply.
    19  	PasswordValidityPeriod *int `json:"password_validity_period,omitempty"`
    20  	// Minimum period (minutes) after which users are allowed to make a password change.
    21  	// Value range: 0–1440.
    22  	MinPasswordAge *int `json:"minimum_password_age,omitempty"`
    23  	// Indicates whether the password can be the username or the username spelled backwards.
    24  	PasswordNotUsernameOrInvert *bool `json:"password_not_username_or_invert,omitempty"`
    25  }
    26  
    27  // UpdatePasswordPolicy can update the account password policy
    28  func UpdatePasswordPolicy(client *golangsdk.ServiceClient, opts *PasswordPolicyOpts, domainID string) (*PasswordPolicy, error) {
    29  	b, err := golangsdk.BuildRequestBody(opts, "password_policy")
    30  	if err != nil {
    31  		return nil, err
    32  	}
    33  
    34  	var resp PasswordPolicyResp
    35  	_, err = client.Put(passwordPolicyURL(client, domainID), &b, &resp, nil)
    36  	return &resp.Body, err
    37  }
    38  
    39  // GetPasswordPolicy retrieves details of the account password policy
    40  func GetPasswordPolicy(client *golangsdk.ServiceClient, domainID string) (*PasswordPolicy, error) {
    41  	var resp PasswordPolicyResp
    42  	_, err := client.Get(passwordPolicyURL(client, domainID), &resp, nil)
    43  	return &resp.Body, err
    44  }
    45  
    46  // ProtectPolicyOpts provides options used to modify the operation protection policy.
    47  type ProtectPolicyOpts struct {
    48  	// Specifies whether to enable operation protection. The value can be true or false.
    49  	Protection *bool `json:"operation_protection" required:"true"`
    50  	// Specifies the attributes IAM users can modify.
    51  	AllowUser *AllowUserOpts `json:"allow_user,omitempty"`
    52  	// Specifies whether to designate a person for verification.
    53  	// If this parameter is set to on, you need to specify the scene parameter to designate a person for verification.
    54  	// If this parameter is set to off, the designated operator is responsible for the verification.
    55  	AdminCheck *string `json:"admin_check,omitempty"`
    56  	// Specifies the verification method. This parameter is mandatory when admin_check is set to on.
    57  	// The optional values are mobile and email.
    58  	Scene *string `json:"scene,omitempty"`
    59  	// Specifies the mobile number used for verification. Example: 0086-123456789
    60  	Mobile *string `json:"mobile,omitempty"`
    61  	// Specifies the email address used for verification. An example value is example@email.com.
    62  	Email *string `json:"email,omitempty"`
    63  }
    64  
    65  type AllowUserOpts struct {
    66  	// Specifies whether to allow IAM users to manage access keys by themselves.
    67  	ManageAccesskey *bool `json:"manage_accesskey,omitempty"`
    68  	// Specifies whether to allow IAM users to change their email addresses.
    69  	ManageEmail *bool `json:"manage_email,omitempty"`
    70  	// Specifies whether to allow IAM users to change their mobile numbers.
    71  	ManageMobile *bool `json:"manage_mobile,omitempty"`
    72  	// Specifies whether to allow IAM users to change their passwords.
    73  	ManagePassword *bool `json:"manage_password,omitempty"`
    74  }
    75  
    76  // UpdateProtectPolicy can modify the operation protection policy
    77  func UpdateProtectPolicy(client *golangsdk.ServiceClient, opts *ProtectPolicyOpts, domainID string) (*ProtectPolicy, error) {
    78  	b, err := golangsdk.BuildRequestBody(opts, "protect_policy")
    79  	if err != nil {
    80  		return nil, err
    81  	}
    82  
    83  	var resp ProtectPolicyResp
    84  	_, err = client.Put(protectPolicyURL(client, domainID), &b, &resp, nil)
    85  	return &resp.Body, err
    86  }
    87  
    88  // GetProtectPolicy retrieves details of the operation protection policy
    89  func GetProtectPolicy(client *golangsdk.ServiceClient, domainID string) (*ProtectPolicy, error) {
    90  	var resp ProtectPolicyResp
    91  	_, err := client.Get(protectPolicyURL(client, domainID), &resp, nil)
    92  	return &resp.Body, err
    93  }