roles

package
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 28, 2023 License: Apache-2.0 Imports: 2 Imported by: 24

Documentation

Overview

Package roles provides functionality to interact with and control roles on the API.

A role represents a personality that a user can assume when performing a specific set of operations. If a role includes a set of rights and privileges, a user assuming that role inherits those rights and privileges.

When a token is generated, the list of roles that user can assume is returned back to them. Services that are being called by that user determine how they interpret the set of roles a user has and to which operations or resources each role grants access.

It is up to individual services such as Compute or Image to assign meaning to these roles. As far as the Identity service is concerned, a role is an arbitrary name assigned by the user.

Example to List Roles

allPages, err := roles.List(identityClient).AllPages()
if err != nil {
	panic(err)
}

allRoles, err := roles.ExtractRoles(allPages)
if err != nil {
	panic(err)
}

for _, role := range allRoles {
	fmt.Printf("%+v\n", role)
}

Example to Grant a Role to a User

tenantID := "a99e9b4e620e4db09a2dfb6e42a01e66"
userID := "9df1a02f5eb2416a9781e8b0c022d3ae"
roleID := "9fe2ff9ee4384b1894a90878d3e92bab"

err := roles.AddUser(identityClient, tenantID, userID, roleID).ExtractErr()
if err != nil {
	panic(err)
}

Example to Remove a Role from a User

tenantID := "a99e9b4e620e4db09a2dfb6e42a01e66"
userID := "9df1a02f5eb2416a9781e8b0c022d3ae"
roleID := "9fe2ff9ee4384b1894a90878d3e92bab"

err := roles.DeleteUser(identityClient, tenantID, userID, roleID).ExtractErr()
if err != nil {
	panic(err)
}

Index

Constants

View Source
const (
	ExtPath  = "OS-KSADM"
	RolePath = "roles"
	UserPath = "users"
)

Variables

This section is empty.

Functions

func List

List is the operation responsible for listing all available global roles that a user can adopt.

Types

type Role

type Role struct {
	// ID is the unique ID for the role.
	ID string

	// Name is the human-readable name of the role.
	Name string

	// Description is the description of the role.
	Description string

	// ServiceID is the associated service for this role.
	ServiceID string
}

Role represents an API role resource.

func ExtractRoles

func ExtractRoles(r pagination.Page) ([]Role, error)

ExtractRoles returns a slice of roles contained in a single page of results.

type RolePage

type RolePage struct {
	pagination.SinglePageBase
}

RolePage is a single page of a user Role collection.

func (RolePage) IsEmpty

func (r RolePage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of Roles contains any results.

type UserRoleResult

type UserRoleResult struct {
	gophercloud.ErrResult
}

UserRoleResult represents the result of either an AddUserRole or a DeleteUserRole operation. Call its ExtractErr method to determine if the request succeeded or failed.

func AddUser

func AddUser(client *gophercloud.ServiceClient, tenantID, userID, roleID string) (r UserRoleResult)

AddUser is the operation responsible for assigning a particular role to a user. This is confined to the scope of the user's tenant - so the tenant ID is a required argument.

func DeleteUser

func DeleteUser(client *gophercloud.ServiceClient, tenantID, userID, roleID string) (r UserRoleResult)

DeleteUser is the operation responsible for deleting a particular role from a user. This is confined to the scope of the user's tenant - so the tenant ID is a required argument.

Directories

Path Synopsis
roles unit tests
roles unit tests

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL