github.com/sleungcy-sap/cli@v7.1.0+incompatible/actor/v7action/role.go (about) 1 package v7action 2 3 import ( 4 "code.cloudfoundry.org/cli/actor/actionerror" 5 "code.cloudfoundry.org/cli/api/cloudcontroller/ccerror" 6 "code.cloudfoundry.org/cli/api/cloudcontroller/ccv3" 7 "code.cloudfoundry.org/cli/api/cloudcontroller/ccv3/constant" 8 "code.cloudfoundry.org/cli/resources" 9 ) 10 11 func (actor Actor) CreateOrgRole(roleType constant.RoleType, orgGUID string, userNameOrGUID string, userOrigin string, isClient bool) (Warnings, error) { 12 roleToCreate := resources.Role{ 13 Type: roleType, 14 OrgGUID: orgGUID, 15 } 16 17 if isClient { 18 err := actor.UAAClient.ValidateClientUser(userNameOrGUID) 19 if err != nil { 20 return Warnings{}, err 21 } 22 23 roleToCreate.UserGUID = userNameOrGUID 24 } else { 25 roleToCreate.Username = userNameOrGUID 26 roleToCreate.Origin = userOrigin 27 } 28 29 _, warnings, err := actor.CloudControllerClient.CreateRole(roleToCreate) 30 31 return Warnings(warnings), err 32 } 33 34 func (actor Actor) CreateSpaceRole(roleType constant.RoleType, orgGUID string, spaceGUID string, userNameOrGUID string, userOrigin string, isClient bool) (Warnings, error) { 35 roleToCreate := resources.Role{ 36 Type: roleType, 37 SpaceGUID: spaceGUID, 38 } 39 40 if isClient { 41 roleToCreate.UserGUID = userNameOrGUID 42 } else { 43 roleToCreate.Username = userNameOrGUID 44 roleToCreate.Origin = userOrigin 45 } 46 47 warnings, err := actor.CreateOrgRole(constant.OrgUserRole, orgGUID, userNameOrGUID, userOrigin, isClient) 48 if err != nil { 49 _, isIdempotentError := err.(ccerror.RoleAlreadyExistsError) 50 _, isForbiddenError := err.(ccerror.ForbiddenError) 51 _, isUserNotFoundError := err.(actionerror.UserNotFoundError) 52 53 if !isIdempotentError && !isForbiddenError && !isUserNotFoundError { 54 return warnings, err 55 } 56 } 57 58 _, ccv3Warnings, err := actor.CloudControllerClient.CreateRole(roleToCreate) 59 warnings = append(warnings, ccv3Warnings...) 60 61 return warnings, err 62 } 63 64 func (actor Actor) DeleteOrgRole(roleType constant.RoleType, orgGUID string, userNameOrGUID string, userOrigin string, isClient bool) (Warnings, error) { 65 var userGUID string 66 var allWarnings Warnings 67 userGUID, warnings, err := actor.getUserGuidForDeleteRole(isClient, userNameOrGUID, userOrigin, allWarnings) 68 allWarnings = append(allWarnings, warnings...) 69 if err != nil { 70 return allWarnings, err 71 } 72 73 roleGUID, warnings, err := actor.GetRoleGUID(ccv3.OrganizationGUIDFilter, orgGUID, userGUID, roleType) 74 allWarnings = append(allWarnings, warnings...) 75 if err != nil || roleGUID == "" { 76 return allWarnings, err 77 } 78 79 jobURL, deleteRoleWarnings, err := actor.CloudControllerClient.DeleteRole(roleGUID) 80 allWarnings = append(allWarnings, deleteRoleWarnings...) 81 if err != nil { 82 return allWarnings, err 83 } 84 85 pollJobWarnings, err := actor.CloudControllerClient.PollJob(jobURL) 86 allWarnings = append(allWarnings, pollJobWarnings...) 87 if err != nil { 88 return allWarnings, err 89 } 90 91 return allWarnings, nil 92 } 93 94 func (actor Actor) DeleteSpaceRole(roleType constant.RoleType, spaceGUID string, userNameOrGUID string, userOrigin string, isClient bool) (Warnings, error) { 95 var userGUID string 96 var allWarnings Warnings 97 userGUID, userWarnings, err := actor.getUserGuidForDeleteRole(isClient, userNameOrGUID, userOrigin, allWarnings) 98 allWarnings = append(allWarnings, userWarnings...) 99 if err != nil { 100 return allWarnings, err 101 } 102 103 roleGUID, roleWarnings, err := actor.GetRoleGUID(ccv3.SpaceGUIDFilter, spaceGUID, userGUID, roleType) 104 allWarnings = append(allWarnings, roleWarnings...) 105 if err != nil || roleGUID == "" { 106 return allWarnings, err 107 } 108 109 jobURL, deleteRoleWarnings, err := actor.CloudControllerClient.DeleteRole(roleGUID) 110 allWarnings = append(allWarnings, deleteRoleWarnings...) 111 if err != nil { 112 return allWarnings, err 113 } 114 115 pollJobWarnings, err := actor.CloudControllerClient.PollJob(jobURL) 116 allWarnings = append(allWarnings, pollJobWarnings...) 117 if err != nil { 118 return allWarnings, err 119 } 120 121 return allWarnings, nil 122 } 123 124 func (actor Actor) getUserGuidForDeleteRole(isClient bool, userNameOrGUID string, userOrigin string, allWarnings Warnings) (string, Warnings, error) { 125 var userGUID string 126 if isClient { 127 user, warnings, err := actor.CloudControllerClient.GetUser(userNameOrGUID) 128 allWarnings = append(allWarnings, warnings...) 129 if err != nil { 130 if _, ok := err.(ccerror.UserNotFoundError); ok { 131 err = actionerror.UserNotFoundError{Username: userNameOrGUID} 132 } 133 return "", allWarnings, err 134 } 135 userGUID = user.GUID 136 } else { 137 queries := []ccv3.Query{{ 138 Key: ccv3.UsernamesFilter, 139 Values: []string{userNameOrGUID}, 140 }} 141 if userOrigin != "" { 142 queries = append(queries, ccv3.Query{ 143 Key: ccv3.OriginsFilter, 144 Values: []string{userOrigin}, 145 }) 146 } 147 148 ccv3Users, warnings, err := actor.CloudControllerClient.GetUsers(queries...) 149 allWarnings = append(allWarnings, warnings...) 150 if err != nil { 151 return "", allWarnings, err 152 } 153 if len(ccv3Users) == 0 { 154 return "", allWarnings, actionerror.UserNotFoundError{Username: userNameOrGUID, Origin: userOrigin} 155 } 156 if len(ccv3Users) > 1 { 157 origins := []string{} 158 for _, user := range ccv3Users { 159 origins = append(origins, user.Origin) 160 } 161 return "", allWarnings, actionerror.AmbiguousUserError{Username: userNameOrGUID, Origins: origins} 162 } 163 userGUID = ccv3Users[0].GUID 164 } 165 return userGUID, allWarnings, nil 166 } 167 168 func (actor Actor) GetRoleGUID(queryKey ccv3.QueryKey, orgOrSpaceGUID string, userGUID string, roleType constant.RoleType) (string, Warnings, error) { 169 ccv3Roles, _, warnings, err := actor.CloudControllerClient.GetRoles( 170 ccv3.Query{ 171 Key: ccv3.UserGUIDFilter, 172 Values: []string{userGUID}, 173 }, 174 ccv3.Query{ 175 Key: ccv3.RoleTypesFilter, 176 Values: []string{string(roleType)}, 177 }, 178 ccv3.Query{ 179 Key: queryKey, 180 Values: []string{orgOrSpaceGUID}, 181 }, 182 ) 183 184 if err != nil { 185 return "", Warnings(warnings), err 186 } 187 188 if len(ccv3Roles) == 0 { 189 return "", Warnings(warnings), nil 190 } 191 192 return ccv3Roles[0].GUID, Warnings(warnings), nil 193 } 194 195 func (actor Actor) GetOrgUsersByRoleType(orgGuid string) (map[constant.RoleType][]resources.User, Warnings, error) { 196 return actor.getUsersByRoleType(orgGuid, ccv3.OrganizationGUIDFilter) 197 } 198 199 func (actor Actor) GetSpaceUsersByRoleType(spaceGuid string) (map[constant.RoleType][]resources.User, Warnings, error) { 200 return actor.getUsersByRoleType(spaceGuid, ccv3.SpaceGUIDFilter) 201 } 202 203 func (actor Actor) getUsersByRoleType(guid string, filterKey ccv3.QueryKey) (map[constant.RoleType][]resources.User, Warnings, error) { 204 ccv3Roles, includes, ccWarnings, err := actor.CloudControllerClient.GetRoles( 205 ccv3.Query{ 206 Key: filterKey, 207 Values: []string{guid}, 208 }, 209 ccv3.Query{ 210 Key: ccv3.Include, 211 Values: []string{"user"}, 212 }, 213 ) 214 if err != nil { 215 return nil, Warnings(ccWarnings), err 216 } 217 usersByGuids := make(map[string]resources.User) 218 for _, user := range includes.Users { 219 usersByGuids[user.GUID] = user 220 } 221 usersByRoleType := make(map[constant.RoleType][]resources.User) 222 for _, role := range ccv3Roles { 223 user := resources.User(usersByGuids[role.UserGUID]) 224 usersByRoleType[role.Type] = append(usersByRoleType[role.Type], user) 225 } 226 return usersByRoleType, Warnings(ccWarnings), nil 227 }