mdsv2alpha1

package module
v0.0.0-...-b922b35 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 23, 2024 License: Apache-2.0 Imports: 23 Imported by: 8

README

Go API client for mdsv2alpha1

Confluent Metadata API - Swagger UI

This tool (SwaggerUI) and the Open API spec file are provided for development / test purposes only:

  • Do not enable in Production.
  • This tool only works with HTTP.
Authenticating

Authentication is supported in this version only for testing purposes. Real users get their tokens from cc-auth-service.

Authentication is performed by HTTP Basic Auth or by presenting a bearer token. In this UI, click Authorize to enter credentials.

To get a bearer token, first call the authenticate endpoint with basic auth, and then extract the auth_token part of the request, and pass that as the bearer token.

Access Restrictions - Who can call what?

Some endpoints can be called by any authenticated user, while others can only be called by "admins". Additionally, many of the endpoints in the API involve two users: the user who is calling the endpoint (the "calling" principal) and the user that the API call is about (the "target" principal).

Example: User u-abc12, who has the UserAdmin role, and is identifed by her basic auth credentials or a bearer token, calls the CRUD endpoint to modify role bindings about user u-45def.

To document what access restrictions each endpoint has, use the following legend, which lists access in order from least restrictive to most restrictive:

  • Users: Any authenticated user
  • Admins+Users: Admins or the user requesting information about themself
  • Admins: Admins only, which can be UserAdmin, SystemAdmin, broker super.user, or SecurityAdmin as "Read"
Overview of Responses

Valid

  • 200 - Successful call with a return body.
  • 204 - Sucessuful call with no return body.

Errors

  • 400 - Invalid request. JSON parsing error, or otherwise incorrect request.
  • 401 - Not Authenticated. You need to pass valid basic auth credentials or a user bearer token.
  • 403 - Not Authorized. Valid request, but you aren't authorized to perform the requested action.
  • 404 - Invalid URL. If you get this error from the authenticate endpoint, it means bearer token authentication needs to be enabled in the configuration.
    • confluent.metadata.server.authentication.method=BEARER
  • 405 - Method Not Allowed. Using the wrong HTTP method on a valid endpoint (for example, GET instead of POST).
  • 415 - Invalid Content Type. Usually, not sending "application/json" as request body header.
  • 500 - Server Error.
Special Resource Types

Cluster and KsqlCluster are special ResourceTypes because they grant resource-scoped roles like ResourceOwner and DeveloperManage limited access to cluster-level operations (for example, Describe Configs on Kafka clusters). These special resource types only accept LITERAL patterns with the values "kafka-cluster" and "kql-cluster", respectively.

Overview

This API client was generated by the OpenAPI Generator project. By using the OpenAPI-spec from a remote server, you can easily generate an API client.

  • API version: v2alpha1
  • Package version: 1.0.0
  • Build package: org.openapitools.codegen.languages.GoDeprecatedClientCodegen

Installation

Install the following dependencies:

go get github.com/stretchr/testify/assert
go get golang.org/x/oauth2
go get golang.org/x/net/context
go get github.com/antihax/optional

Put the package under your project folder and add the following in import:

import "./mdsv2alpha1"

Documentation for API Endpoints

All URIs are relative to http://localhost/security/v2alpha1

Class Method HTTP request Description
AuthorizationApi Authorize Put /authorize Authorize operations against resourceType for a given user. Callable by Admins+User.
CloudLifecycleApi DuplicateRolesForOrg Post /cloudlifecycle/rolebindings/{sourceOrgId}/copy Duplicate all role bindings from the source organization to the destination organization
CloudLifecycleApi RemoveAllRoleBindingsForScope Delete /cloudlifecycle/rolebindings Delete all role bindings at the given scope
CloudLifecycleApi ScopeUndelete Post /cloudlifecycle/scope/undelete Undelete all role bindings for a given scope and reason.
CloudLifecycleApi UserUndelete Post /cloudlifecycle/user/undelete Undelete all role bindings for a given user, org, and reason.
MetadataServiceOperationsApi Activenodes Get /activenodes/{protocol} Returns all the nodes running the Metadata Service REST API. Clients are expected to round robin call to these endpoints if they don't set up a load balancer in front of the Metadata Service nodes. Callable by authenticated users.
MetadataServiceOperationsApi MetadataClusterId Get /metadataClusterId Returns the ID of the Kafka cluster that MDS is running on. Callable by LDAP users.
RBACRoleBindingCRUDApi AddRoleForPrincipal Post /principals/{principal}/roles/{roleName} Binds the principal to a role for a specific cluster or in the given scope. Callable by Admins.
RBACRoleBindingCRUDApi AddRoleResourcesForPrincipal Post /principals/{principal}/roles/{roleName}/bindings Incrementally grant the resources to the principal at the given scope/cluster using the given role.
RBACRoleBindingCRUDApi DeleteAllRolesForPrincipal Delete /principals/{principal}/roles Remove all roles for the principal at the given scope and all contained scopes. Callable by Admins.
RBACRoleBindingCRUDApi DeleteRoleForPrincipal Delete /principals/{principal}/roles/{roleName} Remove the role from the principal at the given scope/cluster. No-op if the user doesn't have the role. Callable by Admins.
RBACRoleBindingCRUDApi GetRoleResourcesForPrincipal Post /principals/{principal}/roles/{roleName}/resources Look up the rolebindings for the principal at the given scope/cluster using the given role.
RBACRoleBindingCRUDApi RemoveRoleResourcesForPrincipal Delete /principals/{principal}/roles/{roleName}/bindings Incrementally remove the resources from the principal at the given scope/cluster using the given role.
RBACRoleBindingCRUDApi SetRoleResourcesForPrincipal Put /principals/{principal}/roles/{roleName}/bindings Overwrite existing resource grants.
RBACRoleBindingSummariesApi LookupPrincipalsWithRole Post /lookup/role/{roleName} Look up the KafkaPrincipals who have the given role for the given scope. Callable by Admins.
RBACRoleBindingSummariesApi LookupPrincipalsWithRoleOnResource Post /lookup/role/{roleName}/resource/{resourceType}/name/{resourceName} Look up the KafkaPrincipals who have the given role on the specified resource for the given scope.
RBACRoleBindingSummariesApi ManagedNonResourceRoleBindingsAtScope Post /lookup/managed/rolebindings Returns all non-resource rolebindings in the given scope for all users (not just the calling user) that the calling user has permission to see. A user can see, but not alter rolebindings for scopes that they have Describe access on, and alter rolebindings for scopes that they have Alter access on. Callable by Admins+Users.
RBACRoleBindingSummariesApi MyAllowedResources Post /lookup/resources/{resourceType}/operation/{operation} List all resource patterns of the specified resourceType that the caller is allowed to perform the specified operation on. If the caller is not allowed to perform the operation on any resources, the list will be empty. Overlapping resource patterns will be "squashed" to eliminate redundancy, for example if you have access on both the prefix "topic-" and the literal "topic-1", only "topic-" will be returned. Callable by Admins+Users.
RBACRoleBindingSummariesApi MyRoleBindings Post /lookup/rolebindings/principal/{principal} List all rolebindings for the specifed principal in the scope and all contained scopes. Be aware that this simply looks at the rolebinding data, and does not mean that the scopes actually exist. Callable by Admins+Users.
RBACRoleDefinitionsApi RoleDetail Get /roles/{roleName} List the resourceType and operations allowed for a given role. Callable by Users.
RBACRoleDefinitionsApi Rolenames Get /roleNames Returns the names of all the roles defined in the system. For information and developer purposes. Callable by Users.
RBACRoleDefinitionsApi Roles Get /roles Returns all the public roles defined in the system. For information and developer purposes. Callable by Users.
TokensAndAuthenticationApi GetToken Get /authenticate Get a token. This is here for testing purposes. Real users get tokens from cc-auth-service.

Documentation For Models

Documentation For Authorization

basicAuth

  • Type: HTTP basic authentication

Example

auth := context.WithValue(context.Background(), mdsv2alpha1.ContextBasicAuth, mdsv2alpha1.BasicAuth{
    UserName: "username",
    Password: "password",
})
r, err := client.Service.Operation(auth, args)

bearerAuth

  • Type: HTTP Bearer token authentication

Example

auth := context.WithValue(context.Background(), mdsv2alpha1.ContextAccessToken, "BEARERTOKENSTRING")
r, err := client.Service.Operation(auth, args)

Author

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ContextOAuth2 takes an oauth2.TokenSource as authentication for the request.
	ContextOAuth2 = contextKey("token")

	// ContextBasicAuth takes BasicAuth as authentication for the request.
	ContextBasicAuth = contextKey("basic")

	// ContextAccessToken takes a string oauth2 access token as authentication for the request.
	ContextAccessToken = contextKey("accesstoken")

	// ContextAPIKey takes an APIKey as authentication for the request
	ContextAPIKey = contextKey("apikey")
)

Functions

func CacheExpires 

func CacheExpires(r *http.Response) time.Time

CacheExpires helper function to determine remaining time before repeating a request.

Types

type APIClient 

type APIClient struct {
	AuthorizationApi AuthorizationApi

	CloudLifecycleApi CloudLifecycleApi

	MetadataServiceOperationsApi MetadataServiceOperationsApi

	RBACRoleBindingCRUDApi RBACRoleBindingCRUDApi

	RBACRoleBindingSummariesApi RBACRoleBindingSummariesApi

	RBACRoleDefinitionsApi RBACRoleDefinitionsApi

	TokensAndAuthenticationApi TokensAndAuthenticationApi
	// contains filtered or unexported fields
}

APIClient manages communication with the MDS API API vv2alpha1 In most cases there should be only one, shared, APIClient.

func NewAPIClient 

func NewAPIClient(cfg *Configuration) *APIClient

NewAPIClient creates a new API client. Requires a userAgent string describing your application. optionally a custom http.Client to allow for advanced features such as caching.

func (*APIClient) ChangeBasePath 

func (c *APIClient) ChangeBasePath(path string)

ChangeBasePath changes base path to allow switching to mocks

func (*APIClient) GetConfig 

func (c *APIClient) GetConfig() *Configuration

Allow modification of underlying config for alternate implementations and testing Caution: modifying the configuration while live can cause data races and potentially unwanted behavior

type APIKey 

type APIKey struct {
	Key    string
	Prefix string
}

APIKey provides API key based authentication to a request passed via context using ContextAPIKey

type APIResponse 

type APIResponse struct {
	*http.Response `json:"-"`
	Message        string `json:"message,omitempty"`
	// Operation is the name of the OpenAPI operation.
	Operation string `json:"operation,omitempty"`
	// RequestURL is the request URL. This value is always available, even if the
	// embedded *http.Response is nil.
	RequestURL string `json:"url,omitempty"`
	// Method is the HTTP method used for the request.  This value is always
	// available, even if the embedded *http.Response is nil.
	Method string `json:"method,omitempty"`
	// Payload holds the contents of the response body (which may be nil or empty).
	// This is provided here as the raw response.Body() reader will have already
	// been drained.
	Payload []byte `json:"-"`
}

APIResponse stores the API response returned by the server.

func NewAPIResponse 

func NewAPIResponse(r *http.Response) *APIResponse

NewAPIResponse returns a new APIResonse object.

func NewAPIResponseWithError 

func NewAPIResponseWithError(errorMessage string) *APIResponse

NewAPIResponseWithError returns a new APIResponse object with the provided error message.

type AccessPolicy 

type AccessPolicy struct {
	BindingScope      string      `json:"bindingScope,omitempty"`
	BindWithResource  bool        `json:"bindWithResource"`
	AllowedOperations []Operation `json:"allowedOperations,omitempty"`
}

AccessPolicy struct for AccessPolicy

type Action 

type Action struct {
	Scope        Scope  `json:"scope"`
	Operation    string `json:"operation"`
	ResourceType string `json:"resourceType"`
	ResourceName string `json:"resourceName"`
}

Action struct for Action

type AuthenticationResponse 

type AuthenticationResponse struct {
	AuthToken string  `json:"auth_token,omitempty"`
	TokenType string  `json:"token_type,omitempty"`
	ExpiresIn float32 `json:"expires_in,omitempty"`
}

AuthenticationResponse struct for AuthenticationResponse

type AuthorizationApi 

type AuthorizationApi interface {

	/*
	 * Authorize Authorize operations against resourceType for a given user.  Callable by Admins+User.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param authorizeRequest
	 * @param optional nil or *AuthorizeOpts - Optional Parameters:
	 * @param "XRequestId" (optional.String) -
	 * @return []string
	 */
	Authorize(ctx _context.Context, authorizeRequest AuthorizeRequest, localVarOptionals *AuthorizeOpts) ([]string, *_nethttp.Response, error)
}

type AuthorizationApiService 

type AuthorizationApiService service

AuthorizationApiService AuthorizationApi service

func (*AuthorizationApiService) Authorize 

func (a *AuthorizationApiService) Authorize(ctx _context.Context, authorizeRequest AuthorizeRequest, localVarOptionals *AuthorizeOpts) ([]string, *_nethttp.Response, error)

* Authorize Authorize operations against resourceType for a given user. Callable by Admins+User. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param authorizeRequest * @param optional nil or *AuthorizeOpts - Optional Parameters: * @param "XRequestId" (optional.String) - * @return []string

type AuthorizeOpts 

type AuthorizeOpts struct {
	XRequestId optional.String
}

AuthorizeOpts Optional parameters for the method 'Authorize'

type AuthorizeRequest 

type AuthorizeRequest struct {
	// The 'target' user principal.
	UserPrincipal string `json:"userPrincipal"`
	// Actions to authorize.
	Actions []Action `json:"actions"`
}

AuthorizeRequest struct for AuthorizeRequest

type BasicAuth 

type BasicAuth struct {
	UserName string `json:"userName,omitempty"`
	Password string `json:"password,omitempty"`
}

BasicAuth provides basic http authentication to a request passed via context using ContextBasicAuth

type CloudLifecycleApi 

type CloudLifecycleApi interface {

	/*
	 * DuplicateRolesForOrg Duplicate all role bindings from the source organization to the destination organization
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param sourceOrgId The UUID resource Identifier for the source organization
	 * @param duplicateRequest
	 */
	DuplicateRolesForOrg(ctx _context.Context, sourceOrgId string, duplicateRequest DuplicateRequest) (*_nethttp.Response, error)

	/*
	 * RemoveAllRoleBindingsForScope Delete all role bindings at the given scope
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param transactionId Transaction Identifier supplied by calling service, stored in reason column
	 * @param scope
	 */
	RemoveAllRoleBindingsForScope(ctx _context.Context, transactionId string, scope Scope) (*_nethttp.Response, error)

	/*
	 * ScopeUndelete Undelete all role bindings for a given scope and reason.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param scopeUndeleteRequest
	 * @return []string
	 */
	ScopeUndelete(ctx _context.Context, scopeUndeleteRequest ScopeUndeleteRequest) ([]string, *_nethttp.Response, error)

	/*
	 * UserUndelete Undelete all role bindings for a given user, org, and reason.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param userUndeleteRequest
	 * @return []string
	 */
	UserUndelete(ctx _context.Context, userUndeleteRequest UserUndeleteRequest) ([]string, *_nethttp.Response, error)
}

type CloudLifecycleApiService 

type CloudLifecycleApiService service

CloudLifecycleApiService CloudLifecycleApi service

func (*CloudLifecycleApiService) DuplicateRolesForOrg 

func (a *CloudLifecycleApiService) DuplicateRolesForOrg(ctx _context.Context, sourceOrgId string, duplicateRequest DuplicateRequest) (*_nethttp.Response, error)

* DuplicateRolesForOrg Duplicate all role bindings from the source organization to the destination organization * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param sourceOrgId The UUID resource Identifier for the source organization * @param duplicateRequest

func (*CloudLifecycleApiService) RemoveAllRoleBindingsForScope 

func (a *CloudLifecycleApiService) RemoveAllRoleBindingsForScope(ctx _context.Context, transactionId string, scope Scope) (*_nethttp.Response, error)

* RemoveAllRoleBindingsForScope Delete all role bindings at the given scope * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param transactionId Transaction Identifier supplied by calling service, stored in reason column * @param scope

func (*CloudLifecycleApiService) ScopeUndelete 

func (a *CloudLifecycleApiService) ScopeUndelete(ctx _context.Context, scopeUndeleteRequest ScopeUndeleteRequest) ([]string, *_nethttp.Response, error)

* ScopeUndelete Undelete all role bindings for a given scope and reason. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param scopeUndeleteRequest * @return []string

func (*CloudLifecycleApiService) UserUndelete 

func (a *CloudLifecycleApiService) UserUndelete(ctx _context.Context, userUndeleteRequest UserUndeleteRequest) ([]string, *_nethttp.Response, error)

* UserUndelete Undelete all role bindings for a given user, org, and reason. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param userUndeleteRequest * @return []string

type Configuration 

type Configuration struct {
	BasePath      string            `json:"basePath,omitempty"`
	Host          string            `json:"host,omitempty"`
	Scheme        string            `json:"scheme,omitempty"`
	DefaultHeader map[string]string `json:"defaultHeader,omitempty"`
	UserAgent     string            `json:"userAgent,omitempty"`
	Debug         bool              `json:"debug,omitempty"`
	Servers       []ServerConfiguration
	HTTPClient    *http.Client
}

Configuration stores the configuration of the API client

func NewConfiguration 

func NewConfiguration() *Configuration

NewConfiguration returns a new Configuration object

func (*Configuration) AddDefaultHeader 

func (c *Configuration) AddDefaultHeader(key string, value string)

AddDefaultHeader adds a new HTTP header to the default header in the request

func (*Configuration) ServerUrl 

func (c *Configuration) ServerUrl(index int, variables map[string]string) (string, error)

ServerUrl returns URL based on server settings

type DuplicateRequest 

type DuplicateRequest struct {
	// The UUID identifier for the 'target' organization.
	DestinationOrganizationId string `json:"destinationOrganizationId"`
	// The transaction identifier for this duplication.
	TransactionId string `json:"transactionId"`
}

DuplicateRequest struct for DuplicateRequest

type ErrorDetail 

type ErrorDetail struct {
	ErrorType string `json:"error_type"`
	Message   string `json:"message,omitempty"`
}

ErrorDetail struct for ErrorDetail

type ErrorResponse 

type ErrorResponse struct {
	// Optional - http status code
	StatusCode int32 `json:"status_code,omitempty"`
	// Optional - Kafka error code (typically 5 digits)
	ErrorCode int32 `json:"error_code,omitempty"`
	// Optional - Type of error
	Type string `json:"type,omitempty"`
	// Required - Top level error message
	Message string `json:"message"`
	// Optional - List of errors
	Errors []ErrorDetail `json:"errors,omitempty"`
}

ErrorResponse struct for ErrorResponse

type GenericOpenAPIError 

type GenericOpenAPIError struct {
	// contains filtered or unexported fields
}

GenericOpenAPIError Provides access to the body, error and model on returned errors.

func (GenericOpenAPIError) Body 

func (e GenericOpenAPIError) Body() []byte

Body returns the raw bytes of the response

func (GenericOpenAPIError) Error 

func (e GenericOpenAPIError) Error() string

Error returns non-empty string if there was an error.

func (GenericOpenAPIError) Model 

func (e GenericOpenAPIError) Model() interface{}

Model returns the unpacked model of the error

type ManagedRoleBinding 

type ManagedRoleBinding struct {
	RoleBinding RoleBinding `json:"roleBinding,omitempty"`
	AlterAccess bool        `json:"alterAccess,omitempty"`
}

ManagedRoleBinding A role binding and a boolean representing if the caller can alter it

type MetadataServiceOperationsApi 

type MetadataServiceOperationsApi interface {

	/*
	 * Activenodes Returns all the nodes running the Metadata Service REST API. Clients are expected to round robin call to these endpoints if they don't set up a load balancer in front of the Metadata Service nodes. Callable by authenticated users.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param protocol Should be \"http\" or \"https\".
	 * @return []string
	 */
	Activenodes(ctx _context.Context, protocol string) ([]string, *_nethttp.Response, error)

	/*
	 * MetadataClusterId Returns the ID of the Kafka cluster that MDS is running on.  Callable by LDAP users.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @return string
	 */
	MetadataClusterId(ctx _context.Context) (string, *_nethttp.Response, error)
}

type MetadataServiceOperationsApiService 

type MetadataServiceOperationsApiService service

MetadataServiceOperationsApiService MetadataServiceOperationsApi service

func (*MetadataServiceOperationsApiService) Activenodes 

func (a *MetadataServiceOperationsApiService) Activenodes(ctx _context.Context, protocol string) ([]string, *_nethttp.Response, error)

* Activenodes Returns all the nodes running the Metadata Service REST API. Clients are expected to round robin call to these endpoints if they don't set up a load balancer in front of the Metadata Service nodes. Callable by authenticated users. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param protocol Should be \"http\" or \"https\". * @return []string

func (*MetadataServiceOperationsApiService) MetadataClusterId 

func (a *MetadataServiceOperationsApiService) MetadataClusterId(ctx _context.Context) (string, *_nethttp.Response, error)

* MetadataClusterId Returns the ID of the Kafka cluster that MDS is running on. Callable by LDAP users. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @return string

type Operation 

type Operation struct {
	ResourceType string   `json:"resourceType,omitempty"`
	Operations   []string `json:"operations,omitempty"`
}

Operation struct for Operation

type RBACRoleBindingCRUDApi 

type RBACRoleBindingCRUDApi interface {

	/*
	 * AddRoleForPrincipal Binds the principal to a role for a specific cluster or in the given scope. Callable by Admins.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param principal Fully-qualified KafkaPrincipal string for a user.
	 * @param roleName The name of the role to bind the user to.
	 * @param scope
	 */
	AddRoleForPrincipal(ctx _context.Context, principal string, roleName string, scope Scope) (*_nethttp.Response, error)

	/*
	 * AddRoleResourcesForPrincipal Incrementally grant the resources to the principal at the given scope/cluster using the given role.
	 *
	 * Callable by Admins+ResourceOwners.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param principal Fully-qualified KafkaPrincipal string for a user.
	 * @param roleName The name of the role.
	 * @param resourcesRequest
	 */
	AddRoleResourcesForPrincipal(ctx _context.Context, principal string, roleName string, resourcesRequest ResourcesRequest) (*_nethttp.Response, error)

	/*
	 * DeleteAllRolesForPrincipal Remove all roles for the principal at the given scope and all contained scopes. Callable by Admins.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param principal Fully-qualified KafkaPrincipal string for a user.
	 * @param scope
	 */
	DeleteAllRolesForPrincipal(ctx _context.Context, principal string, scope Scope) (*_nethttp.Response, error)

	/*
	 * DeleteRoleForPrincipal Remove the role from the principal at the given scope/cluster. No-op if the user doesn't have the role.  Callable by Admins.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param principal Fully-qualified KafkaPrincipal string for a user.
	 * @param roleName The name of the role.
	 * @param scope
	 */
	DeleteRoleForPrincipal(ctx _context.Context, principal string, roleName string, scope Scope) (*_nethttp.Response, error)

	/*
	 * GetRoleResourcesForPrincipal Look up the rolebindings for the principal at the given scope/cluster using the given role.
	 *
	 * Callable by Admins and ResourceOwners.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param principal Fully-qualified KafkaPrincipal string for a user.
	 * @param roleName The name of the role.
	 * @param scope
	 * @return []ResourcePattern
	 */
	GetRoleResourcesForPrincipal(ctx _context.Context, principal string, roleName string, scope Scope) ([]ResourcePattern, *_nethttp.Response, error)

	/*
	 * RemoveRoleResourcesForPrincipal Incrementally remove the resources from the principal at the given scope/cluster using the given role.
	 *
	 * Callable by Admins+ResourceOwners.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param principal Fully-qualified KafkaPrincipal string for a user.
	 * @param roleName The name of the role.
	 * @param resourcesRequest
	 */
	RemoveRoleResourcesForPrincipal(ctx _context.Context, principal string, roleName string, resourcesRequest ResourcesRequest) (*_nethttp.Response, error)

	/*
	 * SetRoleResourcesForPrincipal Overwrite existing resource grants.
	 *
	 * Callable by Admins+ResourceOwners.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param principal Fully-qualified KafkaPrincipal string for a user.
	 * @param roleName The name of the role.
	 * @param resourcesRequest
	 */
	SetRoleResourcesForPrincipal(ctx _context.Context, principal string, roleName string, resourcesRequest ResourcesRequest) (*_nethttp.Response, error)
}

type RBACRoleBindingCRUDApiService 

type RBACRoleBindingCRUDApiService service

RBACRoleBindingCRUDApiService RBACRoleBindingCRUDApi service

func (*RBACRoleBindingCRUDApiService) AddRoleForPrincipal 

func (a *RBACRoleBindingCRUDApiService) AddRoleForPrincipal(ctx _context.Context, principal string, roleName string, scope Scope) (*_nethttp.Response, error)

* AddRoleForPrincipal Binds the principal to a role for a specific cluster or in the given scope. Callable by Admins. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param principal Fully-qualified KafkaPrincipal string for a user. * @param roleName The name of the role to bind the user to. * @param scope

func (*RBACRoleBindingCRUDApiService) AddRoleResourcesForPrincipal 

func (a *RBACRoleBindingCRUDApiService) AddRoleResourcesForPrincipal(ctx _context.Context, principal string, roleName string, resourcesRequest ResourcesRequest) (*_nethttp.Response, error)

* AddRoleResourcesForPrincipal Incrementally grant the resources to the principal at the given scope/cluster using the given role. * * Callable by Admins+ResourceOwners. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param principal Fully-qualified KafkaPrincipal string for a user. * @param roleName The name of the role. * @param resourcesRequest

func (*RBACRoleBindingCRUDApiService) DeleteAllRolesForPrincipal 

func (a *RBACRoleBindingCRUDApiService) DeleteAllRolesForPrincipal(ctx _context.Context, principal string, scope Scope) (*_nethttp.Response, error)

* DeleteAllRolesForPrincipal Remove all roles for the principal at the given scope and all contained scopes. Callable by Admins. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param principal Fully-qualified KafkaPrincipal string for a user. * @param scope

func (*RBACRoleBindingCRUDApiService) DeleteRoleForPrincipal 

func (a *RBACRoleBindingCRUDApiService) DeleteRoleForPrincipal(ctx _context.Context, principal string, roleName string, scope Scope) (*_nethttp.Response, error)

* DeleteRoleForPrincipal Remove the role from the principal at the given scope/cluster. No-op if the user doesn't have the role. Callable by Admins. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param principal Fully-qualified KafkaPrincipal string for a user. * @param roleName The name of the role. * @param scope

func (*RBACRoleBindingCRUDApiService) GetRoleResourcesForPrincipal 

func (a *RBACRoleBindingCRUDApiService) GetRoleResourcesForPrincipal(ctx _context.Context, principal string, roleName string, scope Scope) ([]ResourcePattern, *_nethttp.Response, error)

* GetRoleResourcesForPrincipal Look up the rolebindings for the principal at the given scope/cluster using the given role. * * Callable by Admins and ResourceOwners. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param principal Fully-qualified KafkaPrincipal string for a user. * @param roleName The name of the role. * @param scope * @return []ResourcePattern

func (*RBACRoleBindingCRUDApiService) RemoveRoleResourcesForPrincipal 

func (a *RBACRoleBindingCRUDApiService) RemoveRoleResourcesForPrincipal(ctx _context.Context, principal string, roleName string, resourcesRequest ResourcesRequest) (*_nethttp.Response, error)

* RemoveRoleResourcesForPrincipal Incrementally remove the resources from the principal at the given scope/cluster using the given role. * * Callable by Admins+ResourceOwners. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param principal Fully-qualified KafkaPrincipal string for a user. * @param roleName The name of the role. * @param resourcesRequest

func (*RBACRoleBindingCRUDApiService) SetRoleResourcesForPrincipal 

func (a *RBACRoleBindingCRUDApiService) SetRoleResourcesForPrincipal(ctx _context.Context, principal string, roleName string, resourcesRequest ResourcesRequest) (*_nethttp.Response, error)

* SetRoleResourcesForPrincipal Overwrite existing resource grants. * * Callable by Admins+ResourceOwners. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param principal Fully-qualified KafkaPrincipal string for a user. * @param roleName The name of the role. * @param resourcesRequest

type RBACRoleBindingSummariesApi 

type RBACRoleBindingSummariesApi interface {

	/*
	 * LookupPrincipalsWithRole Look up the KafkaPrincipals who have the given role for the given scope.  Callable by Admins.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param roleName Role name to look up.
	 * @param scope
	 * @return []string
	 */
	LookupPrincipalsWithRole(ctx _context.Context, roleName string, scope Scope) ([]string, *_nethttp.Response, error)

	/*
	 * LookupPrincipalsWithRoleOnResource Look up the KafkaPrincipals who have the given role on the specified resource for the given scope.
	 *
	 * Callable by Admins.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param roleName Role name to look up.
	 * @param resourceType Type of resource to look up.
	 * @param resourceName Name of resource to look up.
	 * @param scope
	 * @return []string
	 */
	LookupPrincipalsWithRoleOnResource(ctx _context.Context, roleName string, resourceType string, resourceName string, scope Scope) ([]string, *_nethttp.Response, error)

	/*
	 * ManagedNonResourceRoleBindingsAtScope Returns all non-resource rolebindings in the given scope for all users (not just the calling user) that the calling user has permission to see. A user can see, but not alter rolebindings for scopes that they have Describe access on, and alter rolebindings for scopes that they have Alter access on. Callable by Admins+Users.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param scope
	 * @return []ManagedRoleBinding
	 */
	ManagedNonResourceRoleBindingsAtScope(ctx _context.Context, scope Scope) ([]ManagedRoleBinding, *_nethttp.Response, error)

	/*
	 * MyAllowedResources List all resource patterns of the specified resourceType that the caller is allowed to perform the specified operation on. If the caller is not allowed to perform the operation on any resources, the list will be empty. Overlapping resource patterns will be \"squashed\" to eliminate redundancy, for example if you have access on both the prefix \"topic-*\" and the literal \"topic-1\", only \"topic-*\" will be returned.  Callable by Admins+Users.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param resourceType The type of resource we want patterns for.
	 * @param operation The operation we want to check.
	 * @param scope
	 * @return []ResourcePattern
	 */
	MyAllowedResources(ctx _context.Context, resourceType string, operation string, scope Scope) ([]ResourcePattern, *_nethttp.Response, error)

	/*
	 * MyRoleBindings List all rolebindings for the specifed principal in the scope and all contained scopes. Be aware that this simply looks at the rolebinding data, and does not mean that the scopes actually exist. Callable by Admins+Users.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param principal Fully-qualified KafkaPrincipal string for a user.
	 * @param scope
	 * @return []ScopeRoleBindingMapping
	 */
	MyRoleBindings(ctx _context.Context, principal string, scope Scope) ([]ScopeRoleBindingMapping, *_nethttp.Response, error)
}

type RBACRoleBindingSummariesApiService 

type RBACRoleBindingSummariesApiService service

RBACRoleBindingSummariesApiService RBACRoleBindingSummariesApi service

func (*RBACRoleBindingSummariesApiService) LookupPrincipalsWithRole 

func (a *RBACRoleBindingSummariesApiService) LookupPrincipalsWithRole(ctx _context.Context, roleName string, scope Scope) ([]string, *_nethttp.Response, error)

* LookupPrincipalsWithRole Look up the KafkaPrincipals who have the given role for the given scope. Callable by Admins. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param roleName Role name to look up. * @param scope * @return []string

func (*RBACRoleBindingSummariesApiService) LookupPrincipalsWithRoleOnResource 

func (a *RBACRoleBindingSummariesApiService) LookupPrincipalsWithRoleOnResource(ctx _context.Context, roleName string, resourceType string, resourceName string, scope Scope) ([]string, *_nethttp.Response, error)

* LookupPrincipalsWithRoleOnResource Look up the KafkaPrincipals who have the given role on the specified resource for the given scope. * * Callable by Admins. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param roleName Role name to look up. * @param resourceType Type of resource to look up. * @param resourceName Name of resource to look up. * @param scope * @return []string

func (*RBACRoleBindingSummariesApiService) ManagedNonResourceRoleBindingsAtScope 

func (a *RBACRoleBindingSummariesApiService) ManagedNonResourceRoleBindingsAtScope(ctx _context.Context, scope Scope) ([]ManagedRoleBinding, *_nethttp.Response, error)

* ManagedNonResourceRoleBindingsAtScope Returns all non-resource rolebindings in the given scope for all users (not just the calling user) that the calling user has permission to see. A user can see, but not alter rolebindings for scopes that they have Describe access on, and alter rolebindings for scopes that they have Alter access on. Callable by Admins+Users. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param scope * @return []ManagedRoleBinding

func (*RBACRoleBindingSummariesApiService) MyAllowedResources 

func (a *RBACRoleBindingSummariesApiService) MyAllowedResources(ctx _context.Context, resourceType string, operation string, scope Scope) ([]ResourcePattern, *_nethttp.Response, error)

* MyAllowedResources List all resource patterns of the specified resourceType that the caller is allowed to perform the specified operation on. If the caller is not allowed to perform the operation on any resources, the list will be empty. Overlapping resource patterns will be \"squashed\" to eliminate redundancy, for example if you have access on both the prefix \"topic-*\" and the literal \"topic-1\", only \"topic-*\" will be returned. Callable by Admins+Users. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param resourceType The type of resource we want patterns for. * @param operation The operation we want to check. * @param scope * @return []ResourcePattern

func (*RBACRoleBindingSummariesApiService) MyRoleBindings 

func (a *RBACRoleBindingSummariesApiService) MyRoleBindings(ctx _context.Context, principal string, scope Scope) ([]ScopeRoleBindingMapping, *_nethttp.Response, error)

* MyRoleBindings List all rolebindings for the specifed principal in the scope and all contained scopes. Be aware that this simply looks at the rolebinding data, and does not mean that the scopes actually exist. Callable by Admins+Users. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param principal Fully-qualified KafkaPrincipal string for a user. * @param scope * @return []ScopeRoleBindingMapping

type RBACRoleDefinitionsApi 

type RBACRoleDefinitionsApi interface {

	/*
	 * RoleDetail List the resourceType and operations allowed for a given role. Callable by Users.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param roleName Role name to look up.
	 * @param optional nil or *RoleDetailOpts - Optional Parameters:
	 * @param "Namespace" (optional.String) -  Return the role definitions available in the specified namespace. If no namespace is specified, return the public roles. May be a comma-separated list.
	 * @return Role
	 */
	RoleDetail(ctx _context.Context, roleName string, localVarOptionals *RoleDetailOpts) (Role, *_nethttp.Response, error)

	/*
	 * Rolenames Returns the names of all the roles defined in the system. For information and developer purposes. Callable by Users.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param optional nil or *RolenamesOpts - Optional Parameters:
	 * @param "Namespace" (optional.String) -  Return the role names available in the specified namespace. If no namespace is specified, return the public roles. May be a comma-separated list.
	 * @return []string
	 */
	Rolenames(ctx _context.Context, localVarOptionals *RolenamesOpts) ([]string, *_nethttp.Response, error)

	/*
	 * Roles Returns all the public roles defined in the system.  For information and developer purposes. Callable by Users.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @param optional nil or *RolesOpts - Optional Parameters:
	 * @param "Namespace" (optional.String) -  Return the role definitions available in the specified namespace. If no namespace is specified, return the public roles. May be a comma-separated list.
	 * @return []Role
	 */
	Roles(ctx _context.Context, localVarOptionals *RolesOpts) ([]Role, *_nethttp.Response, error)
}

type RBACRoleDefinitionsApiService 

type RBACRoleDefinitionsApiService service

RBACRoleDefinitionsApiService RBACRoleDefinitionsApi service

func (*RBACRoleDefinitionsApiService) RoleDetail 

func (a *RBACRoleDefinitionsApiService) RoleDetail(ctx _context.Context, roleName string, localVarOptionals *RoleDetailOpts) (Role, *_nethttp.Response, error)

* RoleDetail List the resourceType and operations allowed for a given role. Callable by Users. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param roleName Role name to look up. * @param optional nil or *RoleDetailOpts - Optional Parameters: * @param "Namespace" (optional.String) - Return the role definitions available in the specified namespace. If no namespace is specified, return the public roles. May be a comma-separated list. * @return Role

func (*RBACRoleDefinitionsApiService) Rolenames 

func (a *RBACRoleDefinitionsApiService) Rolenames(ctx _context.Context, localVarOptionals *RolenamesOpts) ([]string, *_nethttp.Response, error)

* Rolenames Returns the names of all the roles defined in the system. For information and developer purposes. Callable by Users. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param optional nil or *RolenamesOpts - Optional Parameters: * @param "Namespace" (optional.String) - Return the role names available in the specified namespace. If no namespace is specified, return the public roles. May be a comma-separated list. * @return []string

func (*RBACRoleDefinitionsApiService) Roles 

func (a *RBACRoleDefinitionsApiService) Roles(ctx _context.Context, localVarOptionals *RolesOpts) ([]Role, *_nethttp.Response, error)

* Roles Returns all the public roles defined in the system. For information and developer purposes. Callable by Users. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @param optional nil or *RolesOpts - Optional Parameters: * @param "Namespace" (optional.String) - Return the role definitions available in the specified namespace. If no namespace is specified, return the public roles. May be a comma-separated list. * @return []Role

type ResourcePattern 

type ResourcePattern struct {
	ResourceType string `json:"resourceType"`
	Name         string `json:"name"`
	PatternType  string `json:"patternType"`
}

ResourcePattern struct for ResourcePattern

type ResourcesRequest 

type ResourcesRequest struct {
	Scope            Scope             `json:"scope"`
	ResourcePatterns []ResourcePattern `json:"resourcePatterns"`
}

ResourcesRequest struct for ResourcesRequest

type Role 

type Role struct {
	Name     string         `json:"name,omitempty"`
	Policies []AccessPolicy `json:"policies,omitempty"`
}

Role struct for Role

type RoleBinding 

type RoleBinding struct {
	Principal string            `json:"principal,omitempty"`
	Role      string            `json:"role,omitempty"`
	Scope     Scope             `json:"scope,omitempty"`
	Resources []ResourcePattern `json:"resources,omitempty"`
}

RoleBinding A binding that says the principal has the role on the resources in the scope

type RoleDetailOpts 

type RoleDetailOpts struct {
	Namespace optional.String
}

RoleDetailOpts Optional parameters for the method 'RoleDetail'

type RolenamesOpts 

type RolenamesOpts struct {
	Namespace optional.String
}

RolenamesOpts Optional parameters for the method 'Rolenames'

type RolesOpts 

type RolesOpts struct {
	Namespace optional.String
}

RolesOpts Optional parameters for the method 'Roles'

type Scope 

type Scope struct {
	Path     []string      `json:"path,omitempty"`
	Clusters ScopeClusters `json:"clusters,omitempty"`
}

Scope struct for Scope

type ScopeClusters 

type ScopeClusters struct {
	KafkaCluster          string `json:"kafka-cluster,omitempty"`
	ConnectCluster        string `json:"connect-cluster,omitempty"`
	KsqlCluster           string `json:"ksql-cluster,omitempty"`
	SchemaRegistryCluster string `json:"schema-registry-cluster,omitempty"`
}

ScopeClusters struct for ScopeClusters

type ScopeRoleBindingMapping 

type ScopeRoleBindingMapping struct {
	Scope        Scope                                   `json:"scope,omitempty"`
	Rolebindings map[string]map[string][]ResourcePattern `json:"rolebindings,omitempty"`
}

ScopeRoleBindingMapping struct for ScopeRoleBindingMapping

type ScopeUndeleteRequest 

type ScopeUndeleteRequest struct {
	// The crn for a given scope.
	Crn       string `json:"crn"`
	Reason    string `json:"reason"`
	NewReason string `json:"newReason,omitempty"`
}

ScopeUndeleteRequest struct for ScopeUndeleteRequest

type ServerConfiguration 

type ServerConfiguration struct {
	Url         string
	Description string
	Variables   map[string]ServerVariable
}

ServerConfiguration stores the information about a server

type ServerVariable 

type ServerVariable struct {
	Description  string
	DefaultValue string
	EnumValues   []string
}

ServerVariable stores the information about a server variable

type TokensAndAuthenticationApi 

type TokensAndAuthenticationApi interface {

	/*
	 * GetToken Get a token. This is here for testing purposes. Real users get tokens from cc-auth-service.
	 *
	 * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
	 * @return AuthenticationResponse
	 */
	GetToken(ctx _context.Context) (AuthenticationResponse, *_nethttp.Response, error)
}

type TokensAndAuthenticationApiService 

type TokensAndAuthenticationApiService service

TokensAndAuthenticationApiService TokensAndAuthenticationApi service

func (*TokensAndAuthenticationApiService) GetToken 

func (a *TokensAndAuthenticationApiService) GetToken(ctx _context.Context) (AuthenticationResponse, *_nethttp.Response, error)

* GetToken Get a token. This is here for testing purposes. Real users get tokens from cc-auth-service. * * @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). * @return AuthenticationResponse

type UserUndeleteRequest 

type UserUndeleteRequest struct {
	// The UUID identifier for the target organization.
	OrgId string `json:"orgId"`
	// The user identifier for undeletion.
	User      string `json:"user"`
	Reason    string `json:"reason"`
	NewReason string `json:"newReason,omitempty"`
}

UserUndeleteRequest struct for UserUndeleteRequest

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.