From 2e12d903429c8ffc94b274e370674d9f03974400 Mon Sep 17 00:00:00 2001 From: Murad Biashimov Date: Tue, 20 Aug 2024 09:21:24 +0200 Subject: [PATCH] feat: add user permissions --- config.yaml | 2 + handler/domain/domain.go | 4 +- handler/organization/organization.go | 72 ++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 2 deletions(-) diff --git a/config.yaml b/config.yaml index ed6232e..5d0d8dc 100644 --- a/config.yaml +++ b/config.yaml @@ -177,6 +177,8 @@ Organization: - OrganizationGet - OrganizationProjectsList - OrganizationUpdate + - PermissionsGet + - PermissionsUpdate - UserOrganizationCreate - UserOrganizationsList OrganizationUser: diff --git a/handler/domain/domain.go b/handler/domain/domain.go index 7a1ea3d..22d393c 100644 --- a/handler/domain/domain.go +++ b/handler/domain/domain.go @@ -132,8 +132,8 @@ func DomainStateTypeChoices() []string { // OrganizationDomainAddIn OrganizationDomainAddRequestBody type OrganizationDomainAddIn struct { - DomainName string `json:"domain_name"` // Name of the domain to be added - VerificationType VerificationType `json:"verification_type"` // Type of verification to be made + DomainName string `json:"domain_name"` // Name of the domain to be added + VerificationType VerificationType `json:"verification_type,omitempty"` // Type of verification to be made } // OrganizationDomainAddOut OrganizationDomainAddResponse diff --git a/handler/organization/organization.go b/handler/organization/organization.go index dcef3d3..996bcaa 100644 --- a/handler/organization/organization.go +++ b/handler/organization/organization.go @@ -46,6 +46,16 @@ type Handler interface { // https://api.aiven.io/doc/#tag/Organizations/operation/OrganizationUpdate OrganizationUpdate(ctx context.Context, organizationId string, in *OrganizationUpdateIn) (*OrganizationUpdateOut, error) + // PermissionsGet [EXPERIMENTAL] Retrieve the list of permission entries for the given resource + // GET /v1/organization/{organization_id}/permissions/{resource_type}/{resource_id} + // https://api.aiven.io/doc/#tag/Permissions/operation/PermissionsGet + PermissionsGet(ctx context.Context, organizationId string, resourceType ResourceType, resourceId string) ([]PermissionOut, error) + + // PermissionsUpdate [EXPERIMENTAL] Add, update, or remove permission assignments on the given resource + // PATCH /v1/organization/{organization_id}/permissions/{resource_type}/{resource_id} + // https://api.aiven.io/doc/#tag/Permissions/operation/PermissionsUpdate + PermissionsUpdate(ctx context.Context, organizationId string, resourceType ResourceType, resourceId string, in *PermissionsUpdateIn) error + // UserOrganizationCreate create an organization // POST /v1/organizations // https://api.aiven.io/doc/#tag/Organizations/operation/UserOrganizationCreate @@ -145,6 +155,24 @@ func (h *OrganizationHandler) OrganizationUpdate(ctx context.Context, organizati } return out, nil } +func (h *OrganizationHandler) PermissionsGet(ctx context.Context, organizationId string, resourceType ResourceType, resourceId string) ([]PermissionOut, error) { + path := fmt.Sprintf("/v1/organization/%s/permissions/%s/%s", url.PathEscape(organizationId), url.PathEscape(string(resourceType)), url.PathEscape(resourceId)) + b, err := h.doer.Do(ctx, "PermissionsGet", "GET", path, nil) + if err != nil { + return nil, err + } + out := new(permissionsGetOut) + err = json.Unmarshal(b, out) + if err != nil { + return nil, err + } + return out.Permissions, nil +} +func (h *OrganizationHandler) PermissionsUpdate(ctx context.Context, organizationId string, resourceType ResourceType, resourceId string, in *PermissionsUpdateIn) error { + path := fmt.Sprintf("/v1/organization/%s/permissions/%s/%s", url.PathEscape(organizationId), url.PathEscape(string(resourceType)), url.PathEscape(resourceId)) + _, err := h.doer.Do(ctx, "PermissionsUpdate", "PATCH", path, in) + return err +} func (h *OrganizationHandler) UserOrganizationCreate(ctx context.Context, in *UserOrganizationCreateIn) (*UserOrganizationCreateOut, error) { path := fmt.Sprintf("/v1/organizations") b, err := h.doer.Do(ctx, "UserOrganizationCreate", "POST", path, in) @@ -268,6 +296,45 @@ type OrganizationUpdateOut struct { Tier TierType `json:"tier"` // Tier of the organization UpdateTime time.Time `json:"update_time"` // Time of the organization's latest update } +type PermissionIn struct { + Permissions []string `json:"permissions"` // List of permissions + PrincipalId string `json:"principal_id"` // ID of the principal + PrincipalType PrincipalType `json:"principal_type"` // Type of the principal +} +type PermissionOut struct { + CreateTime time.Time `json:"create_time"` // Create Time + Permissions []string `json:"permissions"` // List of permissions + PrincipalId string `json:"principal_id"` // ID of the principal + PrincipalType PrincipalType `json:"principal_type"` // Type of the principal + UpdateTime time.Time `json:"update_time"` // Update Time +} + +// PermissionsUpdateIn PermissionsUpdateRequestBody +type PermissionsUpdateIn struct { + Permissions []PermissionIn `json:"permissions"` // List of permissions to set +} +type PrincipalType string + +const ( + PrincipalTypeUser PrincipalType = "user" + PrincipalTypeUserGroup PrincipalType = "user_group" +) + +func PrincipalTypeChoices() []string { + return []string{"user", "user_group"} +} + +type ResourceType string + +const ( + ResourceTypeAccount ResourceType = "account" + ResourceTypeProject ResourceType = "project" +) + +func ResourceTypeChoices() []string { + return []string{"account", "project"} +} + type TierType string const ( @@ -312,6 +379,11 @@ type organizationAuthDomainListOut struct { Domains []DomainOut `json:"domains"` // List of domains for the organization } +// permissionsGetOut PermissionsGetResponse +type permissionsGetOut struct { + Permissions []PermissionOut `json:"permissions"` // List of permissions +} + // userOrganizationsListOut UserOrganizationsListResponse type userOrganizationsListOut struct { Organizations []OrganizationOut `json:"organizations"` // Organizations