roles

package
v0.0.0-...-0719098 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 17, 2025 License: Apache-2.0 Imports: 5 Imported by: 2

Documentation

Overview

Package roles provides information and interaction with the roles API resource for the OpenStack Identity service.

Example to List Roles 

listOpts := roles.ListOpts{
	DomainID: "default",
}

allPages, err := roles.List(identityClient, listOpts).AllPages()
if err != nil {
	panic(err)
}

allRoles, err := roles.ExtractRoles(allPages)
if err != nil {
	panic(err)
}

for _, role := range allRoles {
	fmt.Printf("%+v\n", role)
}

Example to Create a Role 

createOpts := roles.CreateOpts{
	Name:             "read-only-admin",
	DomainID:         "default",
	Extra: map[string]interface{}{
		"description": "this role grants read-only privilege cross tenant",
	}
}

role, err := roles.Create(identityClient, createOpts).Extract()
if err != nil {
	panic(err)
}

Example to Update a Role 

roleID := "0fe36e73809d46aeae6705c39077b1b3"

updateOpts := roles.UpdateOpts{
	Name: "read only admin",
}

role, err := roles.Update(identityClient, roleID, updateOpts).Extract()
if err != nil {
	panic(err)
}

Example to Delete a Role 

roleID := "0fe36e73809d46aeae6705c39077b1b3"
err := roles.Delete(identityClient, roleID).ExtractErr()
if err != nil {
	panic(err)
}

Example to List Role Assignments 

listOpts := roles.ListAssignmentsOpts{
	UserID:         "97061de2ed0647b28a393c36ab584f39",
	ScopeProjectID: "9df1a02f5eb2416a9781e8b0c022d3ae",
}

allPages, err := roles.ListAssignments(identityClient, listOpts).AllPages()
if err != nil {
	panic(err)
}

allRoles, err := roles.ExtractRoleAssignments(allPages)
if err != nil {
	panic(err)
}

for _, role := range allRoles {
	fmt.Printf("%+v\n", role)
}

Example to Assign a Role to a User in a Project 

projectID := "a99e9b4e620e4db09a2dfb6e42a01e66"
userID := "9df1a02f5eb2416a9781e8b0c022d3ae"
roleID := "9fe2ff9ee4384b1894a90878d3e92bab"

err := roles.Assign(identityClient, roleID, roles.AssignOpts{
	UserID:    userID,
	ProjectID: projectID,
}).ExtractErr()

if err != nil {
	panic(err)
}

Example to Unassign a Role From a User in a Project 

projectID := "a99e9b4e620e4db09a2dfb6e42a01e66"
userID := "9df1a02f5eb2416a9781e8b0c022d3ae"
roleID := "9fe2ff9ee4384b1894a90878d3e92bab"

err := roles.Unassign(identityClient, roleID, roles.UnassignOpts{
	UserID:    userID,
	ProjectID: projectID,
}).ExtractErr()

if err != nil {
	panic(err)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func List deprecated 

func List(client *golangsdk.ServiceClient, opts ListOptsBuilder) pagination.Pager

List enumerates the roles to which the current token has access.

Deprecated: AllPages will not work due to the links.next field is always null in API response. please use ListWithPages instead.

func ListAssignments 

func ListAssignments(client *golangsdk.ServiceClient, opts ListAssignmentsOptsBuilder) pagination.Pager

ListAssignments enumerates the roles assigned to a specified resource.

func ListWithPages 

func ListWithPages(client *golangsdk.ServiceClient, opts ListOpts) pagination.Pager

ListWithPages is a method to query role pages via page size and page number.

Types

type AssignOpts 

type AssignOpts struct {
	// UserID is the ID of a user to assign a role
	// Note: exactly one of UserID or GroupID must be provided
	UserID string `xor:"GroupID"`

	// GroupID is the ID of a group to assign a role
	// Note: exactly one of UserID or GroupID must be provided
	GroupID string `xor:"UserID"`

	// ProjectID is the ID of a project to assign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	ProjectID string `xor:"DomainID"`

	// DomainID is the ID of a domain to assign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	DomainID string `xor:"ProjectID"`
}

AssignOpts provides options to assign a role

type AssignmentResult 

type AssignmentResult struct {
	golangsdk.ErrResult
}

AssignmentResult represents the result of an assign operation. Call ExtractErr method to determine if the request succeeded or failed.

func Assign 

func Assign(client *golangsdk.ServiceClient, roleID string, opts AssignOpts) (r AssignmentResult)

Assign is the operation responsible for assigning a role to a user/group on a project/domain.

func AssignAllResources 

func AssignAllResources(client *golangsdk.ServiceClient, domainID, groupID, roleID string) (r AssignmentResult)

AssignAllResources is the operation responsible for granting a user group permissions for all resources, including those in enterprise projects, region-specific projects, and global services.

func UnassignAllResources 

func UnassignAllResources(client *golangsdk.ServiceClient, domainID, groupID, roleID string) (r AssignmentResult)

UnassignAllResources is the operation responsible for unassigning a user group permissions for all resources.

type CheckResult 

type CheckResult struct {
	golangsdk.ErrResult
}

func CheckAllResourcesPermission 

func CheckAllResourcesPermission(client *golangsdk.ServiceClient, domainID, groupID, roleID string) (r CheckResult)

CheckAllResourcesPermission is provided for the administrator to check whether a user group has specified permissions for all resources.

type CreateOpts 

type CreateOpts struct {
	// Name is the name of the new role.
	Name string `json:"name" required:"true"`

	// DomainID is the ID of the domain the role belongs to.
	DomainID string `json:"domain_id,omitempty"`

	// Extra is free-form extra key/value pairs to describe the role.
	Extra map[string]interface{} `json:"-"`
}

CreateOpts provides options used to create a role.

func (CreateOpts) ToRoleCreateMap 

func (opts CreateOpts) ToRoleCreateMap() (map[string]interface{}, error)

ToRoleCreateMap formats a CreateOpts into a create request.

type CreateOptsBuilder 

type CreateOptsBuilder interface {
	ToRoleCreateMap() (map[string]interface{}, error)
}

CreateOptsBuilder allows extensions to add additional parameters to the Create request.

type CreateResult 

type CreateResult struct {
	// contains filtered or unexported fields
}

CreateResult is the response from a Create operation. Call its Extract method to interpret it as a Role

func Create 

func Create(client *golangsdk.ServiceClient, opts CreateOptsBuilder) (r CreateResult)

Create creates a new Role.

func (CreateResult) Extract 

func (r CreateResult) Extract() (*Role, error)

Extract interprets any roleResults as a Role.

type DeleteResult 

type DeleteResult struct {
	golangsdk.ErrResult
}

DeleteResult is the response from a Delete operation. Call its ExtractErr to determine if the request succeeded or failed.

func Delete 

func Delete(client *golangsdk.ServiceClient, roleID string) (r DeleteResult)

Delete deletes a role.

type GetResult 

type GetResult struct {
	// contains filtered or unexported fields
}

GetResult is the response from a Get operation. Call its Extract method to interpret it as a Role.

func Get 

func Get(client *golangsdk.ServiceClient, id string) (r GetResult)

Get retrieves details on a single role, by ID.

func (GetResult) Extract 

func (r GetResult) Extract() (*Role, error)

Extract interprets any roleResults as a Role.

type ListAssignmentsOpts 

type ListAssignmentsOpts struct {
	// GroupID is the group ID to query.
	GroupID string `q:"group.id"`

	// ScopeDomainID filters the results by the given domain ID.
	ScopeDomainID string `q:"scope.domain.id"`

	// ScopeProjectID filters the results by the given Project ID.
	ScopeProjectID string `q:"scope.project.id"`

	// UserID filterst he results by the given User ID.
	UserID string `q:"user.id"`
}

ListAssignmentsOpts allows you to query the ListAssignments method. Specify one of or a combination of GroupId, RoleId, ScopeDomainId, ScopeProjectId, and/or UserId to search for roles assigned to corresponding entities.

type ListAssignmentsOptsBuilder 

type ListAssignmentsOptsBuilder interface {
	// contains filtered or unexported methods
}

ListAssignmentsOptsBuilder allows extensions to add additional parameters to the ListAssignments request.

type ListOpts 

type ListOpts struct {
	// DomainID filters the response by a domain ID.
	// If this parameter is specified, only custom policies of the account will be returned.
	// If not specified, all system permissions (including system-defined policies and roles) will be returned.
	DomainID string `q:"domain_id"`

	// Name filters the response by role name.
	Name string `q:"name"`

	DisplayName string `q:"display_name"`

	// This parameter is valid only when domain_id is left blank.
	// policy: system-defined policy; role: system-defined role
	PermissionType string `q:"permission_type"`

	// The number of pages of data for paging query, the minimum value is 1.
	// Need to exist at the same time as "PerPage" parameter. When the "DomainID" parameter is passed in to query the
	// custom policies, it can be used together.
	Page int `q:"page"`

	// The number of data per page in paging query, the value range is from 1 to 300, the default value is 300.
	// It needs to exist at the same time as "Page" parameter. When the "Page" and "PerPage" parameters are not passed,
	// a maximum of 300 permissions are returned per page.
	PerPage int `q:"per_page"`

	// Display mode of the permission. The options include domain, project, and all.
	Type string `q:"type"`

	// Service catalog, which corresponds to the catalog field in policies.
	Catalog string `q:"catalog"`
}

ListOpts provides options to filter the List results.

func (ListOpts) ToRoleListQuery 

func (opts ListOpts) ToRoleListQuery() (string, error)

ToRoleListQuery formats a ListOpts into a query string.

type ListOptsBuilder 

type ListOptsBuilder interface {
	ToRoleListQuery() (string, error)
}

ListOptsBuilder allows extensions to add additional parameters to the List request

type Policy 

type Policy struct {
	Statement []Statement `json:"Statement"`
	Version   string      `json:"Version"`
}

type Role 

type Role struct {
	// DomainID is the domain ID the role belongs to.
	DomainID string `json:"domain_id"`

	// ID is the unique ID of the role.
	ID string `json:"id"`

	// Links contains referencing links to the role.
	Links map[string]interface{} `json:"links"`

	Name          string `json:"name"`
	DisplayName   string `json:"display_name"`
	Description   string `json:"description"`
	DescriptionCN string `json:"description_cn"`
	Flag          string `json:"flag"`
	Catalog       string `json:"catalog"`
	Type          string `json:"type"`
	Policy        Policy `json:"policy"`

	// Extra is a collection of miscellaneous key/values.
	Extra map[string]interface{} `json:"-"`
}

Role grants permissions to a user.

func ExtractOffsetRoles 

func ExtractOffsetRoles(r pagination.Page) ([]Role, error)

ExtractOffsetRoles returns a slice of Roles contained in a single page of results.

func ExtractRoles 

func ExtractRoles(r pagination.Page) ([]Role, error)

ExtractRoles returns a slice of Roles contained in a single page of results.

func (*Role) UnmarshalJSON 

func (r *Role) UnmarshalJSON(b []byte) error

type RoleAssignment 

type RoleAssignment struct {
	ID            string `json:"id"`
	Name          string `json:"name"`
	DisplayName   string `json:"display_name"`
	Description   string `json:"description"`
	DescriptionCN string `json:"description_cn"`
	Catalog       string `json:"catalog"`
	Type          string `json:"type"`
	Policy        Policy `json:"policy"`
}

RoleAssignment is the result of a role assignments query.

func ExtractRoleAssignments 

func ExtractRoleAssignments(r pagination.Page) ([]RoleAssignment, error)

ExtractRoleAssignments extracts a slice of RoleAssignments from a Collection acquired from List.

type RoleAssignmentPage 

type RoleAssignmentPage struct {
	pagination.LinkedPageBase
}

RoleAssignmentPage is a single page of RoleAssignments results.

func (RoleAssignmentPage) IsEmpty 

func (r RoleAssignmentPage) IsEmpty() (bool, error)

IsEmpty returns true if the RoleAssignmentPage contains no results.

func (RoleAssignmentPage) NextPageURL 

func (r RoleAssignmentPage) NextPageURL() (string, error)

NextPageURL uses the response's embedded link reference to navigate to the next page of results.

type RoleOffsetPage 

type RoleOffsetPage struct {
	pagination.OffsetPageBase
}

RoleOffsetPage is the offset page of Role results.

func (RoleOffsetPage) CurrentPageNum 

func (current RoleOffsetPage) CurrentPageNum() int

NextOffset returns offset of the next element of the page.

func (RoleOffsetPage) IsEmpty 

func (r RoleOffsetPage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of Roles contains any results.

func (RoleOffsetPage) NextPageURL 

func (current RoleOffsetPage) NextPageURL() (string, error)

NextPageURL generates the URL for the page of results after this one.

type RolePage 

type RolePage struct {
	pagination.LinkedPageBase
}

RolePage is a single page of Role results.

func (RolePage) IsEmpty 

func (r RolePage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of Roles contains any results.

func (RolePage) NextPageURL 

func (r RolePage) NextPageURL() (string, error)

NextPageURL extracts the "next" link from the links section of the result.

type Statement 

type Statement struct {
	Action []string `json:"Action"`
	Effect string   `json:"Effect"`
}

type UnassignOpts 

type UnassignOpts struct {
	// UserID is the ID of a user to unassign a role
	// Note: exactly one of UserID or GroupID must be provided
	UserID string `xor:"GroupID"`

	// GroupID is the ID of a group to unassign a role
	// Note: exactly one of UserID or GroupID must be provided
	GroupID string `xor:"UserID"`

	// ProjectID is the ID of a project to unassign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	ProjectID string `xor:"DomainID"`

	// DomainID is the ID of a domain to unassign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	DomainID string `xor:"ProjectID"`
}

UnassignOpts provides options to unassign a role

type UnassignmentResult 

type UnassignmentResult struct {
	golangsdk.ErrResult
}

UnassignmentResult represents the result of an unassign operation. Call ExtractErr method to determine if the request succeeded or failed.

func Unassign 

func Unassign(client *golangsdk.ServiceClient, roleID string, opts UnassignOpts) (r UnassignmentResult)

Unassign is the operation responsible for unassigning a role from a user/group on a project/domain.

type UpdateOpts 

type UpdateOpts struct {
	// Name is the name of the new role.
	Name string `json:"name,omitempty"`

	// Extra is free-form extra key/value pairs to describe the role.
	Extra map[string]interface{} `json:"-"`
}

UpdateOpts provides options for updating a role.

func (UpdateOpts) ToRoleUpdateMap 

func (opts UpdateOpts) ToRoleUpdateMap() (map[string]interface{}, error)

ToRoleUpdateMap formats a UpdateOpts into an update request.

type UpdateOptsBuilder 

type UpdateOptsBuilder interface {
	ToRoleUpdateMap() (map[string]interface{}, error)
}

UpdateOptsBuilder allows extensions to add additional parameters to the Update request.

type UpdateResult 

type UpdateResult struct {
	// contains filtered or unexported fields
}

UpdateResult is the response from an Update operation. Call its Extract method to interpret it as a Role.

func Update 

func Update(client *golangsdk.ServiceClient, roleID string, opts UpdateOptsBuilder) (r UpdateResult)

Update updates an existing Role.

func (UpdateResult) Extract 

func (r UpdateResult) Extract() (*Role, error)

Extract interprets any roleResults as a Role.

Source Files

View all Source files

Directories

Path Synopsis
roles unit tests
 roles unit tests

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.