yunion.io/x/cloudmux@v0.3.10-0-alpha.1/pkg/multicloud/huawei/cloudgroup.go (about) 1 // Copyright 2019 Yunion 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package huawei 16 17 import ( 18 "fmt" 19 "strings" 20 21 "yunion.io/x/jsonutils" 22 "yunion.io/x/pkg/errors" 23 24 "yunion.io/x/cloudmux/pkg/cloudprovider" 25 ) 26 27 type SCloudgroup struct { 28 client *SHuaweiClient 29 Name string 30 Description string 31 Id string 32 CreateTime string 33 } 34 35 func (group *SCloudgroup) GetName() string { 36 return group.Name 37 } 38 39 func (group *SCloudgroup) GetDescription() string { 40 return group.Description 41 } 42 43 func (group *SCloudgroup) GetGlobalId() string { 44 return group.Id 45 } 46 47 func (group *SCloudgroup) Delete() error { 48 return group.client.DeleteGroup(group.Id) 49 } 50 51 func (group *SCloudgroup) AddUser(name string) error { 52 user, err := group.client.GetIClouduserByName(name) 53 if err != nil { 54 return errors.Wrap(err, "GetIClouduserByName") 55 } 56 return group.client.AddUserToGroup(group.Id, user.GetGlobalId()) 57 } 58 59 func (group *SCloudgroup) RemoveUser(name string) error { 60 user, err := group.client.GetIClouduserByName(name) 61 if err != nil { 62 if errors.Cause(err) == cloudprovider.ErrNotFound { 63 return nil 64 } 65 return errors.Wrapf(err, "GetIClouduserByName(%s)", name) 66 } 67 return group.client.RemoveUserFromGroup(group.Id, user.GetGlobalId()) 68 } 69 70 func (group *SCloudgroup) DetachSystemPolicy(roleId string) error { 71 return group.client.DetachGroupRole(group.Id, roleId) 72 } 73 74 func (group *SCloudgroup) DetachCustomPolicy(roleId string) error { 75 return group.client.DetachGroupCustomRole(group.Id, roleId) 76 } 77 78 func (group *SCloudgroup) AttachSystemPolicy(roleId string) error { 79 return group.client.AttachGroupRole(group.Id, roleId) 80 } 81 82 func (group *SCloudgroup) AttachCustomPolicy(roleId string) error { 83 return group.client.AttachGroupCustomRole(group.Id, roleId) 84 } 85 86 func (group *SCloudgroup) GetISystemCloudpolicies() ([]cloudprovider.ICloudpolicy, error) { 87 roles, err := group.client.GetGroupRoles(group.Id) 88 if err != nil { 89 return nil, errors.Wrap(err, "GetGroupRoles") 90 } 91 ret := []cloudprovider.ICloudpolicy{} 92 for i := range roles { 93 _, err := group.client.GetRole(roles[i].GetName()) 94 if err != nil { 95 if errors.Cause(err) == cloudprovider.ErrNotFound { 96 continue 97 } 98 return nil, errors.Wrapf(err, "GetRole(%s)", roles[i].GetName()) 99 } 100 ret = append(ret, &roles[i]) 101 } 102 return ret, nil 103 } 104 105 func (group *SCloudgroup) GetICustomCloudpolicies() ([]cloudprovider.ICloudpolicy, error) { 106 roles, err := group.client.GetGroupRoles(group.Id) 107 if err != nil { 108 return nil, errors.Wrap(err, "GetGroupRoles") 109 } 110 ret := []cloudprovider.ICloudpolicy{} 111 for i := range roles { 112 _, err := group.client.GetCustomRole(roles[i].GetName()) 113 if err != nil { 114 if errors.Cause(err) == cloudprovider.ErrNotFound { 115 continue 116 } 117 return nil, errors.Wrapf(err, "GetRole(%s)", roles[i].GetName()) 118 } 119 ret = append(ret, &roles[i]) 120 } 121 return ret, nil 122 } 123 124 func (group *SCloudgroup) GetICloudusers() ([]cloudprovider.IClouduser, error) { 125 users, err := group.client.GetGroupUsers(group.Id) 126 if err != nil { 127 return nil, err 128 } 129 ret := []cloudprovider.IClouduser{} 130 for i := range users { 131 users[i].client = group.client 132 ret = append(ret, &users[i]) 133 } 134 return ret, nil 135 } 136 137 func (self *SHuaweiClient) GetGroups(domainId, name string) ([]SCloudgroup, error) { 138 params := map[string]string{} 139 if len(domainId) > 0 { 140 params["domain_id"] = self.ownerId 141 } 142 if len(name) > 0 { 143 params["name"] = name 144 } 145 146 client, err := self.newGeneralAPIClient() 147 if err != nil { 148 return nil, errors.Wrap(err, "newGeneralAPIClient") 149 } 150 151 groups := []SCloudgroup{} 152 err = doListAllWithNextLink(client.Groups.List, params, &groups) 153 if err != nil { 154 return nil, errors.Wrap(err, "doListAllWithOffset") 155 } 156 return groups, nil 157 } 158 159 func (self *SHuaweiClient) GetICloudgroups() ([]cloudprovider.ICloudgroup, error) { 160 groups, err := self.GetGroups("", "") 161 if err != nil { 162 return nil, errors.Wrap(err, "GetGroup") 163 } 164 ret := []cloudprovider.ICloudgroup{} 165 for i := range groups { 166 if groups[i].Name != "admin" { 167 groups[i].client = self 168 ret = append(ret, &groups[i]) 169 } 170 } 171 return ret, nil 172 } 173 174 func (self *SHuaweiClient) GetGroupUsers(groupId string) ([]SClouduser, error) { 175 client, err := self.newGeneralAPIClient() 176 if err != nil { 177 return nil, errors.Wrap(err, "newGeneralAPIClient") 178 } 179 180 resp, err := client.Groups.ListInContextWithSpec(nil, fmt.Sprintf("%s/users", groupId), nil, "users") 181 if err != nil { 182 return nil, errors.Wrap(err, "") 183 } 184 users := []SClouduser{} 185 err = jsonutils.Update(&users, resp.Data) 186 if err != nil { 187 return nil, errors.Wrap(err, "jsonutils.Update") 188 } 189 return users, nil 190 } 191 192 func (self *SHuaweiClient) GetGroupRoles(groupId string) ([]SRole, error) { 193 client, err := self.newGeneralAPIClient() 194 if err != nil { 195 return nil, errors.Wrap(err, "newGeneralAPIClient") 196 } 197 resp, err := client.Domains.ListRoles(self.ownerId, groupId) 198 if err != nil { 199 return nil, errors.Wrap(err, "ListRoles") 200 } 201 roles := []SRole{} 202 err = jsonutils.Update(&roles, resp.Data) 203 if err != nil { 204 return nil, errors.Wrap(err, "jsonutils.Update") 205 } 206 return roles, nil 207 } 208 209 func (self *SHuaweiClient) CreateGroup(name, desc string) (*SCloudgroup, error) { 210 params := map[string]string{ 211 "name": name, 212 } 213 if len(desc) > 0 { 214 params["description"] = desc 215 } 216 client, err := self.newGeneralAPIClient() 217 if err != nil { 218 return nil, errors.Wrap(err, "newGeneralAPIClient") 219 } 220 221 group := SCloudgroup{client: self} 222 err = DoCreate(client.Groups.Create, jsonutils.Marshal(map[string]interface{}{"group": params}), &group) 223 if err != nil { 224 return nil, errors.Wrap(err, "DoCreate") 225 } 226 return &group, nil 227 } 228 229 func (self *SHuaweiClient) CreateICloudgroup(name, desc string) (cloudprovider.ICloudgroup, error) { 230 group, err := self.CreateGroup(name, desc) 231 if err != nil { 232 return nil, errors.Wrap(err, "CreateGroup") 233 } 234 return group, nil 235 } 236 237 func (self *SHuaweiClient) DeleteGroup(id string) error { 238 client, err := self.newGeneralAPIClient() 239 if err != nil { 240 return errors.Wrap(err, "newGeneralAPIClient") 241 } 242 return DoDeleteWithSpec(client.Groups.DeleteInContextWithSpec, nil, id, "", nil, nil) 243 } 244 245 func (self *SHuaweiClient) GetICloudgroupByName(name string) (cloudprovider.ICloudgroup, error) { 246 groups, err := self.GetGroups(self.ownerId, name) 247 if err != nil { 248 return nil, errors.Wrap(err, "GetGroups") 249 } 250 if len(groups) == 0 { 251 return nil, cloudprovider.ErrNotFound 252 } 253 if len(groups) > 1 { 254 return nil, cloudprovider.ErrDuplicateId 255 } 256 groups[0].client = self 257 return &groups[0], nil 258 } 259 260 func (self *SHuaweiClient) AddUserToGroup(groupId, userId string) error { 261 client, err := self.newGeneralAPIClient() 262 if err != nil { 263 return errors.Wrap(err, "newGeneralAPIClient") 264 } 265 _, err = client.Groups.UpdateInContextWithSpec(nil, groupId, fmt.Sprintf("users/%s", userId), nil, "") 266 return err 267 } 268 269 func (self *SHuaweiClient) RemoveUserFromGroup(groupId, userId string) error { 270 client, err := self.newGeneralAPIClient() 271 if err != nil { 272 return errors.Wrap(err, "newGeneralAPIClient") 273 } 274 _, err = client.Groups.DeleteInContextWithSpec(nil, groupId, fmt.Sprintf("users/%s", userId), nil, nil, "") 275 return err 276 } 277 278 func (self *SHuaweiClient) GetCustomRoles() ([]SRole, error) { 279 params := map[string]string{} 280 281 client, err := self.newGeneralAPIClient() 282 if err != nil { 283 return nil, errors.Wrap(err, "newGeneralAPIClient") 284 } 285 286 client.Roles.SetVersion("v3.0/OS-ROLE") 287 defer client.Roles.SetVersion("v3.0") 288 289 roles := []SRole{} 290 err = doListAllWithNextLink(client.Roles.List, params, &roles) 291 if err != nil { 292 return nil, errors.Wrap(err, "doListAllWithOffset") 293 } 294 return roles, nil 295 } 296 297 func (self *SHuaweiClient) GetCustomRole(name string) (*SRole, error) { 298 roles, err := self.GetCustomRoles() 299 if err != nil { 300 return nil, errors.Wrapf(err, "GetCustomRoles(%s)", name) 301 } 302 for i := range roles { 303 if roles[i].DisplayName == name { 304 return &roles[i], nil 305 } 306 } 307 return nil, errors.Wrapf(cloudprovider.ErrNotFound, name) 308 } 309 310 func (self *SHuaweiClient) GetRole(name string) (*SRole, error) { 311 roles, err := self.GetRoles("", "") 312 if err != nil { 313 return nil, errors.Wrapf(err, "GetRoles(%s)", name) 314 } 315 for i := range roles { 316 if roles[i].DisplayName == name { 317 return &roles[i], nil 318 } 319 } 320 return nil, errors.Wrapf(cloudprovider.ErrNotFound, name) 321 } 322 323 func (self *SHuaweiClient) DetachGroupRole(groupId, roleId string) error { 324 client, err := self.newGeneralAPIClient() 325 if err != nil { 326 return errors.Wrap(err, "newGeneralAPIClient") 327 } 328 role, err := self.GetRole(roleId) 329 if err != nil { 330 return errors.Wrapf(err, "GetRole(%s)", roleId) 331 } 332 if role.Type == "AX" || role.Type == "AA" { 333 err = client.Domains.AddRole(self.ownerId, groupId, role.Id) 334 if err != nil { 335 return errors.Wrapf(err, "AddRole") 336 } 337 if strings.Contains(strings.ToLower(role.Policy.String()), "obs") { 338 err = client.Projects.AddProjectRole(self.GetMosProjectId(), groupId, role.Id) 339 if err != nil { 340 return errors.Wrapf(err, "AddProjectRole") 341 } 342 } 343 } 344 if role.Type == "XA" || role.Type == "AA" { 345 projects, err := self.GetProjects() 346 if err != nil { 347 return errors.Wrapf(err, "GetProjects") 348 } 349 for _, project := range projects { 350 err = client.Projects.AddProjectRole(project.ID, groupId, role.Id) 351 if err != nil { 352 return errors.Wrapf(err, "AddProjectRole") 353 } 354 } 355 } 356 return nil 357 } 358 359 func (self *SHuaweiClient) AttachGroupRole(groupId, roleId string) error { 360 client, err := self.newGeneralAPIClient() 361 if err != nil { 362 return errors.Wrap(err, "newGeneralAPIClient") 363 } 364 role, err := self.GetRole(roleId) 365 if err != nil { 366 return errors.Wrapf(err, "GetRole(%s)", roleId) 367 } 368 if role.Type == "AX" || role.Type == "AA" { 369 err = client.Domains.AddRole(self.ownerId, groupId, role.Id) 370 if err != nil { 371 return errors.Wrapf(err, "AddRole") 372 } 373 if strings.Contains(strings.ToLower(role.Policy.String()), "obs") { 374 err = client.Projects.AddProjectRole(self.GetMosProjectId(), groupId, role.Id) 375 if err != nil { 376 return errors.Wrapf(err, "AddProjectRole") 377 } 378 } 379 } 380 if role.Type == "XA" || role.Type == "AA" { 381 projects, err := self.GetProjects() 382 if err != nil { 383 return errors.Wrapf(err, "GetProjects") 384 } 385 for _, project := range projects { 386 err = client.Projects.AddProjectRole(project.ID, groupId, role.Id) 387 if err != nil { 388 return errors.Wrapf(err, "AddProjectRole") 389 } 390 } 391 } 392 return nil 393 } 394 395 func (self *SHuaweiClient) AttachGroupCustomRole(groupId, roleId string) error { 396 client, err := self.newGeneralAPIClient() 397 if err != nil { 398 return errors.Wrap(err, "newGeneralAPIClient") 399 } 400 role, err := self.GetCustomRole(roleId) 401 if err != nil { 402 return errors.Wrapf(err, "GetRole(%s)", roleId) 403 } 404 if role.Type == "AX" || role.Type == "AA" { 405 err = client.Domains.AddRole(self.ownerId, groupId, role.Id) 406 if err != nil { 407 return errors.Wrapf(err, "AddRole") 408 } 409 if strings.Contains(strings.ToLower(role.Policy.String()), "obs") { 410 err = client.Projects.AddProjectRole(self.GetMosProjectId(), groupId, role.Id) 411 if err != nil { 412 return errors.Wrapf(err, "AddProjectRole") 413 } 414 } 415 } 416 if role.Type == "XA" || role.Type == "AA" { 417 projects, err := self.GetProjects() 418 if err != nil { 419 return errors.Wrapf(err, "GetProjects") 420 } 421 for _, project := range projects { 422 err = client.Projects.AddProjectRole(project.ID, groupId, role.Id) 423 if err != nil { 424 return errors.Wrapf(err, "AddProjectRole") 425 } 426 } 427 } 428 return nil 429 } 430 431 func (self *SHuaweiClient) DetachGroupCustomRole(groupId, roleId string) error { 432 client, err := self.newGeneralAPIClient() 433 if err != nil { 434 return errors.Wrap(err, "newGeneralAPIClient") 435 } 436 role, err := self.GetCustomRole(roleId) 437 if err != nil { 438 return errors.Wrapf(err, "GetCustomRole(%s)", roleId) 439 } 440 if role.Type == "AX" || role.Type == "AA" { 441 err = client.Domains.DeleteRole(self.ownerId, groupId, role.Id) 442 if err != nil { 443 return errors.Wrapf(err, "DeleteRole") 444 } 445 if strings.Contains(strings.ToLower(role.Policy.String()), "obs") { 446 err = client.Projects.DeleteProjectRole(self.GetMosProjectId(), groupId, role.Id) 447 if err != nil { 448 return errors.Wrapf(err, "DeleteProjectRole") 449 } 450 } 451 } 452 if role.Type == "XA" || role.Type == "AA" { 453 projects, err := self.GetProjects() 454 if err != nil { 455 return errors.Wrapf(err, "GetProjects") 456 } 457 for _, project := range projects { 458 err = client.Projects.DeleteProjectRole(project.ID, groupId, role.Id) 459 if err != nil { 460 return errors.Wrapf(err, "DeleteProjectRole") 461 } 462 } 463 } 464 return nil 465 }