yunion.io/x/cloudmux@v0.3.10-0-alpha.1/pkg/multicloud/google/shell/iam.go

yunion.io/x/cloudmux@v0.3.10-0-alpha.1/pkg/multicloud/google/shell/iam.go (about)

     1  // Copyright 2019 Yunion
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package shell
    16  
    17  import (
    18  	"yunion.io/x/cloudmux/pkg/multicloud/google"
    19  	"yunion.io/x/onecloud/pkg/util/shellutils"
    20  )
    21  
    22  func init() {
    23  
    24  	type RoleShowOptions struct {
    25  	}
    26  	shellutils.R(&RoleShowOptions{}, "iam-policy-show", "Show project policy", func(cli *google.SRegion, args *RoleShowOptions) error {
    27  		policy, err := cli.GetClient().GetIamPolicy()
    28  		if err != nil {
    29  			return err
    30  		}
    31  		printObject(policy)
    32  		return nil
    33  	})
    34  
    35  	type ClouduserListOptions struct {
    36  	}
    37  	shellutils.R(&ClouduserListOptions{}, "cloud-user-list", "List cloudusers", func(cli *google.SRegion, args *ClouduserListOptions) error {
    38  		policy, err := cli.GetClient().GetIamPolicy()
    39  		if err != nil {
    40  			return err
    41  		}
    42  		users, err := policy.GetICloudusers()
    43  		if err != nil {
    44  			return err
    45  		}
    46  		printList(users, 0, 0, 0, nil)
    47  		return nil
    48  	})
    49  
    50  	type RoleListOptions struct {
    51  		ProjectId string
    52  	}
    53  
    54  	shellutils.R(&RoleListOptions{}, "cloud-role-list", "List roles", func(cli *google.SRegion, args *RoleListOptions) error {
    55  		roles, err := cli.GetClient().GetRoles(args.ProjectId)
    56  		if err != nil {
    57  			return err
    58  		}
    59  		printList(roles, 0, 0, 0, nil)
    60  		return nil
    61  	})
    62  
    63  	type RoleIdOption struct {
    64  		ID string
    65  	}
    66  
    67  	shellutils.R(&RoleIdOption{}, "cloud-role-show", "Show role details", func(cli *google.SRegion, args *RoleIdOption) error {
    68  		role, err := cli.GetClient().GetRole(args.ID)
    69  		if err != nil {
    70  			return err
    71  		}
    72  		printObject(role)
    73  		return nil
    74  	})
    75  
    76  	type ClouduserOptions struct {
    77  		USER  string
    78  		ROLES []string
    79  	}
    80  
    81  	shellutils.R(&ClouduserOptions{}, "cloud-user-add", "Add user to project", func(cli *google.SRegion, args *ClouduserOptions) error {
    82  		policy, err := cli.GetClient().GetIamPolicy()
    83  		if err != nil {
    84  			return err
    85  		}
    86  		return policy.AttachPolicy(args.USER, args.ROLES)
    87  	})
    88  
    89  	type ClouduserDetachRoleOptions struct {
    90  		USER string
    91  		ROLE string
    92  	}
    93  
    94  	shellutils.R(&ClouduserDetachRoleOptions{}, "cloud-user-detach-role", "Detach role for clouduser", func(cli *google.SRegion, args *ClouduserDetachRoleOptions) error {
    95  		policy, err := cli.GetClient().GetIamPolicy()
    96  		if err != nil {
    97  			return err
    98  		}
    99  		return policy.DetachPolicy(args.USER, args.ROLE)
   100  	})
   101  
   102  	type ClouduserDeleteOptions struct {
   103  		USER string
   104  	}
   105  
   106  	shellutils.R(&ClouduserDeleteOptions{}, "cloud-user-delete", "Delete clouduseruser from project", func(cli *google.SRegion, args *ClouduserDeleteOptions) error {
   107  		policy, err := cli.GetClient().GetIamPolicy()
   108  		if err != nil {
   109  			return err
   110  		}
   111  		return policy.DeleteUser(args.USER)
   112  	})
   113  
   114  	type RoleDeleteOptions struct {
   115  		NAME string
   116  	}
   117  
   118  	shellutils.R(&RoleDeleteOptions{}, "cloud-role-delete", "Delete role", func(cli *google.SRegion, args *RoleDeleteOptions) error {
   119  		return cli.GetClient().DeleteRole(args.NAME)
   120  	})
   121  
   122  	type RoleCreateOptons struct {
   123  		NAME        string
   124  		Desc        string
   125  		PERMISSIONS []string
   126  	}
   127  
   128  	shellutils.R(&RoleCreateOptons{}, "cloud-role-create", "Create role", func(cli *google.SRegion, args *RoleCreateOptons) error {
   129  		role, err := cli.GetClient().CreateRole(args.PERMISSIONS, args.NAME, args.Desc)
   130  		if err != nil {
   131  			return err
   132  		}
   133  		printObject(role)
   134  		return nil
   135  	})
   136  
   137  	type RoleUpdateOptions struct {
   138  		ID          string
   139  		PERMISSIONS []string
   140  	}
   141  
   142  	shellutils.R(&RoleUpdateOptions{}, "cloud-role-update", "Update role", func(cli *google.SRegion, args *RoleUpdateOptions) error {
   143  		return cli.GetClient().UpdateRole(args.ID, args.PERMISSIONS)
   144  	})
   145  
   146  }