github.com/vmware/govmomi@v0.43.0/object/authorization_manager.go

github.com/vmware/govmomi@v0.43.0/object/authorization_manager.go (about)

     1  /*
     2  Copyright (c) 2015 VMware, Inc. All Rights Reserved.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package object
    18  
    19  import (
    20  	"context"
    21  
    22  	"github.com/vmware/govmomi/vim25"
    23  	"github.com/vmware/govmomi/vim25/methods"
    24  	"github.com/vmware/govmomi/vim25/mo"
    25  	"github.com/vmware/govmomi/vim25/types"
    26  )
    27  
    28  type AuthorizationManager struct {
    29  	Common
    30  }
    31  
    32  func NewAuthorizationManager(c *vim25.Client) *AuthorizationManager {
    33  	m := AuthorizationManager{
    34  		Common: NewCommon(c, *c.ServiceContent.AuthorizationManager),
    35  	}
    36  
    37  	return &m
    38  }
    39  
    40  type AuthorizationRoleList []types.AuthorizationRole
    41  
    42  func (l AuthorizationRoleList) ById(id int32) *types.AuthorizationRole {
    43  	for _, role := range l {
    44  		if role.RoleId == id {
    45  			return &role
    46  		}
    47  	}
    48  
    49  	return nil
    50  }
    51  
    52  func (l AuthorizationRoleList) ByName(name string) *types.AuthorizationRole {
    53  	for _, role := range l {
    54  		if role.Name == name {
    55  			return &role
    56  		}
    57  	}
    58  
    59  	return nil
    60  }
    61  
    62  func (m AuthorizationManager) RoleList(ctx context.Context) (AuthorizationRoleList, error) {
    63  	var am mo.AuthorizationManager
    64  
    65  	err := m.Properties(ctx, m.Reference(), []string{"roleList"}, &am)
    66  	if err != nil {
    67  		return nil, err
    68  	}
    69  
    70  	return AuthorizationRoleList(am.RoleList), nil
    71  }
    72  
    73  func (m AuthorizationManager) RetrieveEntityPermissions(ctx context.Context, entity types.ManagedObjectReference, inherited bool) ([]types.Permission, error) {
    74  	req := types.RetrieveEntityPermissions{
    75  		This:      m.Reference(),
    76  		Entity:    entity,
    77  		Inherited: inherited,
    78  	}
    79  
    80  	res, err := methods.RetrieveEntityPermissions(ctx, m.Client(), &req)
    81  	if err != nil {
    82  		return nil, err
    83  	}
    84  
    85  	return res.Returnval, nil
    86  }
    87  
    88  func (m AuthorizationManager) RemoveEntityPermission(ctx context.Context, entity types.ManagedObjectReference, user string, isGroup bool) error {
    89  	req := types.RemoveEntityPermission{
    90  		This:    m.Reference(),
    91  		Entity:  entity,
    92  		User:    user,
    93  		IsGroup: isGroup,
    94  	}
    95  
    96  	_, err := methods.RemoveEntityPermission(ctx, m.Client(), &req)
    97  	return err
    98  }
    99  
   100  func (m AuthorizationManager) SetEntityPermissions(ctx context.Context, entity types.ManagedObjectReference, permission []types.Permission) error {
   101  	req := types.SetEntityPermissions{
   102  		This:       m.Reference(),
   103  		Entity:     entity,
   104  		Permission: permission,
   105  	}
   106  
   107  	_, err := methods.SetEntityPermissions(ctx, m.Client(), &req)
   108  	return err
   109  }
   110  
   111  func (m AuthorizationManager) RetrieveRolePermissions(ctx context.Context, id int32) ([]types.Permission, error) {
   112  	req := types.RetrieveRolePermissions{
   113  		This:   m.Reference(),
   114  		RoleId: id,
   115  	}
   116  
   117  	res, err := methods.RetrieveRolePermissions(ctx, m.Client(), &req)
   118  	if err != nil {
   119  		return nil, err
   120  	}
   121  
   122  	return res.Returnval, nil
   123  }
   124  
   125  func (m AuthorizationManager) RetrieveAllPermissions(ctx context.Context) ([]types.Permission, error) {
   126  	req := types.RetrieveAllPermissions{
   127  		This: m.Reference(),
   128  	}
   129  
   130  	res, err := methods.RetrieveAllPermissions(ctx, m.Client(), &req)
   131  	if err != nil {
   132  		return nil, err
   133  	}
   134  
   135  	return res.Returnval, nil
   136  }
   137  
   138  func (m AuthorizationManager) AddRole(ctx context.Context, name string, ids []string) (int32, error) {
   139  	req := types.AddAuthorizationRole{
   140  		This:    m.Reference(),
   141  		Name:    name,
   142  		PrivIds: ids,
   143  	}
   144  
   145  	res, err := methods.AddAuthorizationRole(ctx, m.Client(), &req)
   146  	if err != nil {
   147  		return -1, err
   148  	}
   149  
   150  	return res.Returnval, nil
   151  }
   152  
   153  func (m AuthorizationManager) RemoveRole(ctx context.Context, id int32, failIfUsed bool) error {
   154  	req := types.RemoveAuthorizationRole{
   155  		This:       m.Reference(),
   156  		RoleId:     id,
   157  		FailIfUsed: failIfUsed,
   158  	}
   159  
   160  	_, err := methods.RemoveAuthorizationRole(ctx, m.Client(), &req)
   161  	return err
   162  }
   163  
   164  func (m AuthorizationManager) UpdateRole(ctx context.Context, id int32, name string, ids []string) error {
   165  	req := types.UpdateAuthorizationRole{
   166  		This:    m.Reference(),
   167  		RoleId:  id,
   168  		NewName: name,
   169  		PrivIds: ids,
   170  	}
   171  
   172  	_, err := methods.UpdateAuthorizationRole(ctx, m.Client(), &req)
   173  	return err
   174  }
   175  
   176  func (m AuthorizationManager) HasUserPrivilegeOnEntities(ctx context.Context, entities []types.ManagedObjectReference, userName string, privID []string) ([]types.EntityPrivilege, error) {
   177  	req := types.HasUserPrivilegeOnEntities{
   178  		This:     m.Reference(),
   179  		Entities: entities,
   180  		UserName: userName,
   181  		PrivId:   privID,
   182  	}
   183  
   184  	res, err := methods.HasUserPrivilegeOnEntities(ctx, m.Client(), &req)
   185  	if err != nil {
   186  		return nil, err
   187  	}
   188  
   189  	return res.Returnval, nil
   190  }
   191  
   192  func (m AuthorizationManager) HasPrivilegeOnEntity(ctx context.Context, entity types.ManagedObjectReference, sessionID string, privID []string) ([]bool, error) {
   193  	req := types.HasPrivilegeOnEntity{
   194  		This:      m.Reference(),
   195  		Entity:    entity,
   196  		SessionId: sessionID,
   197  		PrivId:    privID,
   198  	}
   199  
   200  	res, err := methods.HasPrivilegeOnEntity(ctx, m.Client(), &req)
   201  	if err != nil {
   202  		return nil, err
   203  	}
   204  
   205  	return res.Returnval, nil
   206  }
   207  
   208  func (m AuthorizationManager) FetchUserPrivilegeOnEntities(ctx context.Context, entities []types.ManagedObjectReference, userName string) ([]types.UserPrivilegeResult, error) {
   209  	req := types.FetchUserPrivilegeOnEntities{
   210  		This:     m.Reference(),
   211  		Entities: entities,
   212  		UserName: userName,
   213  	}
   214  
   215  	res, err := methods.FetchUserPrivilegeOnEntities(ctx, m.Client(), &req)
   216  	if err != nil {
   217  		return nil, err
   218  	}
   219  
   220  	return res.Returnval, nil
   221  }