github.com/fastly/go-fastly/v6@v6.8.0/fastly/service_authorization.go (about) 1 package fastly 2 3 import ( 4 "bytes" 5 "fmt" 6 "io" 7 "reflect" 8 "strconv" 9 "time" 10 11 "github.com/google/jsonapi" 12 ) 13 14 // SAUser represents a service user account. 15 type SAUser struct { 16 ID string `jsonapi:"primary,user"` 17 } 18 19 // SAService represents a service. 20 type SAService struct { 21 ID string `jsonapi:"primary,service"` 22 } 23 24 // ServiceAuthorization is the API response model. 25 type ServiceAuthorization struct { 26 ID string `jsonapi:"primary,service_authorization"` 27 Permission string `jsonapi:"attr,permission,omitempty"` 28 CreatedAt *time.Time `jsonapi:"attr,created_at,iso8601"` 29 UpdatedAt *time.Time `jsonapi:"attr,updated_at,iso8601"` 30 // FIXME: Typo (DeltedAt -> DeletedAt). 31 DeltedAt *time.Time `jsonapi:"attr,deleted_at,iso8601"` 32 User *SAUser `jsonapi:"relation,user,omitempty"` 33 Service *SAService `jsonapi:"relation,service,omitempty"` 34 } 35 36 // SAResponse is an object containing the list of ServiceAuthorization results. 37 // FIXME: Ambiguous name (SAResponse -> ServiceAuthorizations) 38 type SAResponse struct { 39 Items []*ServiceAuthorization 40 Info infoResponse 41 } 42 43 // saType is used for reflection because JSONAPI wants to know what it's 44 // decoding into. 45 var saType = reflect.TypeOf(new(ServiceAuthorization)) 46 47 // ListServiceAuthorizationsInput is used as input to the ListWAFs function. 48 type ListServiceAuthorizationsInput struct { 49 // Limit the number of returned service authorizations. 50 PageSize int 51 // Request a specific page of service authorizations. 52 PageNumber int 53 } 54 55 // formatFilters ensures the parameters are formatted according to how the 56 // JSONAPI implementation requires them. 57 func (i *ListServiceAuthorizationsInput) formatFilters() map[string]string { 58 result := map[string]string{} 59 pairings := map[string]int{ 60 "page[size]": i.PageSize, 61 "page[number]": i.PageNumber, 62 } 63 64 for key, value := range pairings { 65 if value > 0 { 66 result[key] = strconv.Itoa(value) 67 } 68 } 69 return result 70 } 71 72 // ListServiceAuthorizations returns the list of wafs for the configuration version. 73 func (c *Client) ListServiceAuthorizations(i *ListServiceAuthorizationsInput) (*SAResponse, error) { 74 resp, err := c.Get("/service-authorizations", &RequestOptions{ 75 Params: i.formatFilters(), 76 }) 77 if err != nil { 78 return nil, err 79 } 80 defer resp.Body.Close() 81 82 var buf bytes.Buffer 83 tee := io.TeeReader(resp.Body, &buf) 84 85 info, err := getResponseInfo(tee) 86 if err != nil { 87 return nil, err 88 } 89 data, err := jsonapi.UnmarshalManyPayload(bytes.NewReader(buf.Bytes()), saType) 90 if err != nil { 91 return nil, err 92 } 93 94 sas := make([]*ServiceAuthorization, len(data)) 95 for i := range data { 96 typed, ok := data[i].(*ServiceAuthorization) 97 if !ok { 98 return nil, fmt.Errorf("got back a non-ServiceAuthorization response") 99 } 100 sas[i] = typed 101 } 102 103 return &SAResponse{ 104 Items: sas, 105 Info: info, 106 }, nil 107 } 108 109 // GetServiceAuthorizationInput is used as input to the GetServiceAuthorization function. 110 type GetServiceAuthorizationInput struct { 111 // ID of the service authorization to retrieve. 112 ID string 113 } 114 115 // GetServiceAuthorization retrieves an existing service authorization using its ID. 116 func (c *Client) GetServiceAuthorization(i *GetServiceAuthorizationInput) (*ServiceAuthorization, error) { 117 if i.ID == "" { 118 return nil, ErrMissingID 119 } 120 121 path := fmt.Sprintf("/service-authorizations/%s", i.ID) 122 resp, err := c.Get(path, nil) 123 if err != nil { 124 return nil, err 125 } 126 defer resp.Body.Close() 127 128 var sa ServiceAuthorization 129 if err := jsonapi.UnmarshalPayload(resp.Body, &sa); err != nil { 130 return nil, err 131 } 132 133 return &sa, nil 134 } 135 136 // CreateServiceAuthorizationInput is used as input to the CreateServiceAuthorization function. 137 type CreateServiceAuthorizationInput struct { 138 // ID value is ignored and should not be set, needed to make JSONAPI work correctly. 139 ID string `jsonapi:"primary,service_authorization"` 140 141 // Permission is the level of permissions to grant the user to the service. Valid values are "full", "read_only", "purge_select" or "purge_all". 142 Permission string `jsonapi:"attr,permission,omitempty"` 143 144 // Service is the ID of the service to grant permissions for. 145 Service *SAService `jsonapi:"relation,service,omitempty"` 146 147 // UserID is the ID of the user which should have its permissions set. 148 User *SAUser `jsonapi:"relation,user,omitempty"` 149 } 150 151 // CreateServiceAuthorization creates a new service authorization granting granular service and user permissions. 152 func (c *Client) CreateServiceAuthorization(i *CreateServiceAuthorizationInput) (*ServiceAuthorization, error) { 153 if i.Service == nil || i.Service.ID == "" { 154 return nil, ErrMissingServiceAuthorizationsService 155 } 156 if i.User == nil || i.User.ID == "" { 157 return nil, ErrMissingServiceAuthorizationsUser 158 } 159 160 resp, err := c.PostJSONAPI("/service-authorizations", i, nil) 161 if err != nil { 162 return nil, err 163 } 164 defer resp.Body.Close() 165 166 var sa ServiceAuthorization 167 if err := jsonapi.UnmarshalPayload(resp.Body, &sa); err != nil { 168 return nil, err 169 } 170 171 return &sa, nil 172 } 173 174 // UpdateServiceAuthorizationInput is used as input to the UpdateServiceAuthorization function. 175 type UpdateServiceAuthorizationInput struct { 176 // ID uniquely identifies the service authorization (service and user pair) to be updated. 177 ID string `jsonapi:"primary,service_authorization"` 178 179 // The permission to grant the user to the service referenced by this service authorization. 180 // FIXME: Should be singular (Permissions -> Permission). 181 Permissions string `jsonapi:"attr,permission,omitempty"` 182 } 183 184 // UpdateServiceAuthorization updates an exisitng service authorization. The ID must be known. 185 func (c *Client) UpdateServiceAuthorization(i *UpdateServiceAuthorizationInput) (*ServiceAuthorization, error) { 186 if i.ID == "" { 187 return nil, ErrMissingID 188 } 189 190 if i.Permissions == "" { 191 return nil, ErrMissingPermissions 192 } 193 194 path := fmt.Sprintf("/service-authorizations/%s", i.ID) 195 resp, err := c.PatchJSONAPI(path, i, nil) 196 if err != nil { 197 return nil, err 198 } 199 defer resp.Body.Close() 200 201 var sa ServiceAuthorization 202 if err := jsonapi.UnmarshalPayload(resp.Body, &sa); err != nil { 203 return nil, err 204 } 205 206 return &sa, nil 207 } 208 209 // DeleteServiceAuthorizationInput is used as input to the DeleteServiceAuthorization function. 210 type DeleteServiceAuthorizationInput struct { 211 // ID of the service authorization to delete. 212 ID string 213 } 214 215 // DeleteServiceAuthorization deletes an existing service authorization using the ID. 216 func (c *Client) DeleteServiceAuthorization(i *DeleteServiceAuthorizationInput) error { 217 if i.ID == "" { 218 return ErrMissingID 219 } 220 221 path := fmt.Sprintf("/service-authorizations/%s", i.ID) 222 _, err := c.Delete(path, nil) 223 224 return err 225 }