forked from cxpsemea/Cx1ClientGo
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathaccess.go
More file actions
125 lines (103 loc) · 4.38 KB
/
Copy pathaccess.go
File metadata and controls
125 lines (103 loc) · 4.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
package Cx1ClientGo
import (
"bytes"
"encoding/json"
"fmt"
"net/http"
"strings"
)
func (c Cx1Client) GetAccessAssignmentByID(entityId, resourceId string) (AccessAssignment, error) {
c.logger.Debugf("Getting access assignment for entityId %v and resourceId %v", entityId, resourceId)
var aa AccessAssignment
response, err := c.sendRequest(http.MethodGet, fmt.Sprintf("/access-management/?entity-id=%v&resource-id=%v", entityId, resourceId), nil, nil)
if err != nil {
return aa, err
}
err = json.Unmarshal(response, &aa)
return aa, err
}
func (c Cx1Client) AddAccessAssignment(access AccessAssignment) error {
c.logger.Debugf("Creating access assignment for entityId %v and resourceId %v", access.EntityID, access.ResourceID)
type AccessAssignmentPOST struct {
TenantID string `json:"tenantID"`
EntityID string `json:"entityID"`
EntityType string `json:"entityType"`
EntityName string `json:"entityName"`
EntityRoles []string `json:"entityRoles"`
ResourceID string `json:"resourceID"`
ResourceType string `json:"resourceType"`
ResourceName string `json:"resourceName"`
CreatedAt string `json:"createdAt"`
}
roles := make([]string, 0)
for _, r := range access.EntityRoles {
roles = append(roles, r.Name)
}
accessPost := AccessAssignmentPOST{
TenantID: access.TenantID,
EntityID: access.EntityID,
EntityType: access.EntityType,
EntityName: access.EntityName,
EntityRoles: roles,
ResourceID: access.ResourceID,
ResourceType: access.ResourceType,
ResourceName: access.ResourceName,
CreatedAt: access.CreatedAt,
}
body, err := json.Marshal(accessPost)
if err != nil {
return err
}
_, err = c.sendRequest(http.MethodPost, "/access-management", bytes.NewReader(body), nil)
return err
}
func (c Cx1Client) GetEntitiesAccessToResourceByID(resourceId, resourceType string) ([]AccessAssignment, error) {
c.logger.Debugf("Getting the entities with access assignment for resourceId %v", resourceId)
var aas []AccessAssignment
response, err := c.sendRequest(http.MethodGet, fmt.Sprintf("/access-management/entities-for?resource-id=%v&resource-type=%v", resourceId, resourceId), nil, nil)
if err != nil {
return aas, err
}
err = json.Unmarshal(response, &aas)
return aas, err
}
func (c Cx1Client) GetResourcesAccessibleToEntityByID(entityId, entityType string, resourceTypes []string) ([]AccessAssignment, error) {
var aas []AccessAssignment
c.logger.Debugf("Getting the resources accessible to entity %v", entityId)
response, err := c.sendRequest(http.MethodGet, fmt.Sprintf("/access-management/resources-for?entity-id=%v&entity-type=%v&resource-types=%v", entityId, entityType, strings.Join(resourceTypes, ",")), nil, nil)
if err != nil {
return aas, err
}
err = json.Unmarshal(response, &aas)
return aas, err
}
func (c Cx1Client) CheckAccessToResourceByID(resourceId, resourceType, action string) (bool, error) {
c.logger.Debugf("Checking current user access for resource %v and action %v", resourceId, action)
response, err := c.sendRequest(http.MethodGet, fmt.Sprintf("/access-management/has-access?resource-id=%v&resource-type=%v&action=%v", resourceId, resourceType, action), nil, nil)
if err != nil {
return false, err
}
var accessResponse struct {
AccessGranted bool `json:"accessGranted"`
}
err = json.Unmarshal(response, &accessResponse)
return accessResponse.AccessGranted, err
}
func (c Cx1Client) CheckAccessibleResources(resourceTypes []string, action string) (bool, []AccessibleResource, error) {
c.logger.Debugf("Checking current user accessible resources for action %v", action)
response, err := c.sendRequest(http.MethodGet, fmt.Sprintf("/access-management/get-resources?resource-types=%v&action=%v", strings.Join(resourceTypes, ","), action), nil, nil)
var responseStruct struct {
All bool `json:"all"`
Resources []AccessibleResource `json:"resources"`
}
if err != nil {
return responseStruct.All, responseStruct.Resources, err
}
err = json.Unmarshal(response, &responseStruct)
return responseStruct.All, responseStruct.Resources, err
}
func (c Cx1Client) DeleteAccessAssignmentByID(entityId, resourceId string) error {
c.logger.Debugf("Deleting access assignment between entity %v and resource %v", entityId, resourceId)
_, err := c.sendRequest(http.MethodDelete, fmt.Sprintf("/access-management?resource-id=%v&entity-id=%v", resourceId, entityId), nil, nil)
return err
}