github.com/mook-as/cf-cli@v7.0.0-beta.28.0.20200120190804-b91c115fae48+incompatible/command/v7/set_org_role_command.go

github.com/mook-as/cf-cli@v7.0.0-beta.28.0.20200120190804-b91c115fae48+incompatible/command/v7/set_org_role_command.go (about)

     1  package v7
     2  
     3  import (
     4  	"code.cloudfoundry.org/cli/actor/v7action"
     5  	"code.cloudfoundry.org/cli/api/cloudcontroller/ccerror"
     6  	"code.cloudfoundry.org/cli/api/cloudcontroller/ccv3/constant"
     7  	"code.cloudfoundry.org/cli/cf/errors"
     8  	"code.cloudfoundry.org/cli/command/translatableerror"
     9  	"code.cloudfoundry.org/clock"
    10  
    11  	"code.cloudfoundry.org/cli/actor/sharedaction"
    12  	"code.cloudfoundry.org/cli/command"
    13  	"code.cloudfoundry.org/cli/command/flag"
    14  	"code.cloudfoundry.org/cli/command/v7/shared"
    15  )
    16  
    17  //go:generate counterfeiter . SetOrgRoleActor
    18  
    19  type SetOrgRoleActor interface {
    20  	CreateOrgRole(roleType constant.RoleType, orgGUID string, userNameOrGUID string, userOrigin string, isClient bool) (v7action.Warnings, error)
    21  	GetOrganizationByName(name string) (v7action.Organization, v7action.Warnings, error)
    22  	GetUser(username, origin string) (v7action.User, error)
    23  }
    24  
    25  type SetOrgRoleCommand struct {
    26  	Args            flag.OrgRoleArgs `positional-args:"yes"`
    27  	IsClient        bool             `long:"client" description:"Assign an org role to a client-id of a (non-user) service account"`
    28  	Origin          string           `long:"origin" description:"Indicates the identity provider to be used for authentication"`
    29  	usage           interface{}      `usage:"CF_NAME set-org-role USERNAME ORG ROLE\n   CF_NAME set-org-role USERNAME ORG ROLE [--client]\n   CF_NAME set-org-role USERNAME ORG ROLE [--origin ORIGIN]\n\nROLES:\n   OrgManager - Invite and manage users, select and change plans, and set spending limits\n   BillingManager - Create and manage the billing account and payment info\n   OrgAuditor - Read-only access to org info and reports"`
    30  	relatedCommands interface{}      `related_commands:"org-users, set-space-role"`
    31  
    32  	UI          command.UI
    33  	Config      command.Config
    34  	SharedActor command.SharedActor
    35  	Actor       SetOrgRoleActor
    36  }
    37  
    38  func (cmd *SetOrgRoleCommand) Setup(config command.Config, ui command.UI) error {
    39  	cmd.UI = ui
    40  	cmd.Config = config
    41  	sharedActor := sharedaction.NewActor(config)
    42  	cmd.SharedActor = sharedActor
    43  
    44  	ccClient, uaaClient, err := shared.GetNewClientsAndConnectToCF(config, ui, "")
    45  	if err != nil {
    46  		return err
    47  	}
    48  	cmd.Actor = v7action.NewActor(ccClient, config, sharedActor, uaaClient, clock.NewClock())
    49  	return nil
    50  }
    51  
    52  func (cmd *SetOrgRoleCommand) Execute(args []string) error {
    53  	err := cmd.validateFlags()
    54  	if err != nil {
    55  		return err
    56  	}
    57  
    58  	err = cmd.SharedActor.CheckTarget(false, false)
    59  	if err != nil {
    60  		return err
    61  	}
    62  
    63  	currentUser, err := cmd.Config.CurrentUser()
    64  	if err != nil {
    65  		return err
    66  	}
    67  
    68  	cmd.UI.DisplayTextWithFlavor("Assigning role {{.RoleType}} to user {{.TargetUserName}} in org {{.OrgName}} as {{.CurrentUserName}}...", map[string]interface{}{
    69  		"RoleType":        cmd.Args.Role.Role,
    70  		"TargetUserName":  cmd.Args.Username,
    71  		"OrgName":         cmd.Args.Organization,
    72  		"CurrentUserName": currentUser.Name,
    73  	})
    74  
    75  	roleType, err := convertRoleType(cmd.Args.Role)
    76  	if err != nil {
    77  		return err
    78  	}
    79  
    80  	org, warnings, err := cmd.Actor.GetOrganizationByName(cmd.Args.Organization)
    81  	cmd.UI.DisplayWarnings(warnings)
    82  	if err != nil {
    83  		return err
    84  	}
    85  
    86  	origin := cmd.Origin
    87  	if cmd.Origin == "" {
    88  		origin = constant.DefaultOriginUaa
    89  	}
    90  
    91  	warnings, err = cmd.Actor.CreateOrgRole(roleType, org.GUID, cmd.Args.Username, origin, cmd.IsClient)
    92  	cmd.UI.DisplayWarnings(warnings)
    93  	if err != nil {
    94  		if _, ok := err.(ccerror.RoleAlreadyExistsError); ok {
    95  			cmd.UI.DisplayWarning("User '{{.TargetUserName}}' already has role '{{.RoleType}}' in org '{{.OrgName}}'.", map[string]interface{}{
    96  				"RoleType":       cmd.Args.Role.Role,
    97  				"TargetUserName": cmd.Args.Username,
    98  				"OrgName":        cmd.Args.Organization,
    99  			})
   100  		} else {
   101  			return err
   102  		}
   103  	}
   104  
   105  	cmd.UI.DisplayOK()
   106  
   107  	return nil
   108  }
   109  
   110  func (cmd SetOrgRoleCommand) validateFlags() error {
   111  	if cmd.IsClient && cmd.Origin != "" {
   112  		return translatableerror.ArgumentCombinationError{
   113  			Args: []string{"--client", "--origin"},
   114  		}
   115  	}
   116  
   117  	return nil
   118  }
   119  
   120  func convertRoleType(givenRole flag.OrgRole) (constant.RoleType, error) {
   121  	switch givenRole.Role {
   122  	case "OrgAuditor":
   123  		return constant.OrgAuditorRole, nil
   124  	case "OrgManager":
   125  		return constant.OrgManagerRole, nil
   126  	case "BillingManager":
   127  		return constant.OrgBillingManagerRole, nil
   128  	default:
   129  		return "", errors.New("Invalid role type.")
   130  	}
   131  }