Merge pull request #108 from TencentBlueKing/issue-107

feat：增加回收组权限接口 #107
TencentBlueKing · Aug 7, 2024 · 1fa8911 · 1fa8911
2 parents 0d27b32 + d89d494
commit 1fa8911
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 0 deletions.
diff --git a/src/main/java/com/tencent/bk/sdk/iam/constants/V2IamUri.java b/src/main/java/com/tencent/bk/sdk/iam/constants/V2IamUri.java
@@ -16,6 +16,7 @@ public class V2IamUri {
     public static final String V2_MANAGER_ROLE_GROUP_UPDATE = "/api/v2/open/management/systems/%s/groups/%s/";
     public static final String V2_MANAGER_ROLE_GROUP_DELETE = "/api/v2/open/management/systems/%s/groups/%s/";
     public static final String V2_MANAGER_ROLE_GROUP_GRANT = "/api/v2/open/management/systems/%s/groups/%s/policies/";
+    public static final String V2_MANAGER_ROLE_GROUP_GRANT_REVOKE = "/api/v2/open/management/systems/%s/groups/%s/policies/";
 
     public static final String V2_MANAGER_ROLE_GROUP_ACTION_DEL = "/api/v2/open/management/systems/%s/groups/%s/actions/-/policies/";
     public static final String V2_MANAGER_ROLE_GROUP_ACTION_GET = "/api/v2/open/management/systems/%s/groups/%s/policies/-/actions/";

diff --git a/src/main/java/com/tencent/bk/sdk/iam/service/v2/V2GrantService.java b/src/main/java/com/tencent/bk/sdk/iam/service/v2/V2GrantService.java
@@ -22,4 +22,13 @@ public interface V2GrantService {
      * @return
      */
     public void v2GrantRoleGroup(Integer groupId, ManagerRoleGroupGrantDTO managerRoleGroupGrantDTO);
+
+    /**
+     * 用户组授权回收
+     *
+     * @param groupId
+     * @param managerRoleGroupGrantDTO
+     * @return
+     */
+    public void revokeRoleGroupPolicies(Integer groupId, ManagerRoleGroupGrantDTO managerRoleGroupGrantDTO);
 }
diff --git a/src/main/java/com/tencent/bk/sdk/iam/service/v2/impl/V2GrantServiceImpl.java b/src/main/java/com/tencent/bk/sdk/iam/service/v2/impl/V2GrantServiceImpl.java
@@ -58,4 +58,28 @@ public void v2GrantRoleGroup(Integer groupId, ManagerRoleGroupGrantDTO managerRo
             throw new RuntimeException(e);
         }
     }
+
+    @Override
+    public void revokeRoleGroupPolicies(Integer groupId, ManagerRoleGroupGrantDTO managerRoleGroupGrantDTO) {
+        AuthRequestContext.setRequestName("V2_MANAGER_ROLE_GROUP_GRANT_REVOKE");
+        String url = String.format(V2IamUri.V2_MANAGER_ROLE_GROUP_GRANT_REVOKE, iamConfiguration.getSystemId(), groupId);
+        try {
+            String responseStr = apigwHttpClientService.doHttpDelete(url, managerRoleGroupGrantDTO);
+            if (StringUtils.isNotBlank(responseStr)) {
+                log.debug("revoke role group policies response|{}", responseStr);
+                ResponseDTO<Object> responseInfo = JsonUtil.fromJson(responseStr, new TypeReference<ResponseDTO<Object>>() {
+                });
+                if (responseInfo != null) {
+                    ResponseUtil.checkResponse(responseInfo);
+                }
+            } else {
+                log.warn("revoke role group policies got empty response!");
+            }
+        } catch (IamException iamException) {
+            throw iamException;
+        } catch (Exception e) {
+            log.error("revoke role group policies failed", e);
+            throw new RuntimeException(e);
+        }
+    }
 }