roles

package
v0.0.0-...-d823fe1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 31, 2021 License: Apache-2.0 Imports: 4 Imported by: 3

Documentation

Overview

Package roles provides information and interaction with the roles API resource for the OpenStack Identity service.

Example to List Roles 

listOpts := roles.ListOpts{
	DomainID: "default",
}

allPages, err := roles.List(identityClient, listOpts).AllPages()
if err != nil {
	panic(err)
}

allRoles, err := roles.ExtractRoles(allPages)
if err != nil {
	panic(err)
}

for _, role := range allRoles {
	fmt.Printf("%+v\n", role)
}

Example to Create a Role 

createOpts := roles.CreateOpts{
	Name:             "read-only-admin",
	DomainID:         "default",
	Extra: map[string]interface{}{
		"description": "this role grants read-only privilege cross tenant",
	}
}

role, err := roles.Create(identityClient, createOpts).Extract()
if err != nil {
	panic(err)
}

Example to Update a Role 

roleID := "0fe36e73809d46aeae6705c39077b1b3"

updateOpts := roles.UpdateOpts{
	Name: "read only admin",
}

role, err := roles.Update(identityClient, roleID, updateOpts).Extract()
if err != nil {
	panic(err)
}

Example to Delete a Role 

roleID := "0fe36e73809d46aeae6705c39077b1b3"
err := roles.Delete(identityClient, roleID).ExtractErr()
if err != nil {
	panic(err)
}

Example to List Role Assignments 

listOpts := roles.ListAssignmentsOpts{
	UserID:         "97061de2ed0647b28a393c36ab584f39",
	ScopeProjectID: "9df1a02f5eb2416a9781e8b0c022d3ae",
}

allPages, err := roles.ListAssignments(identityClient, listOpts).AllPages()
if err != nil {
	panic(err)
}

allRoles, err := roles.ExtractRoleAssignments(allPages)
if err != nil {
	panic(err)
}

for _, role := range allRoles {
	fmt.Printf("%+v\n", role)
}

Example to Assign a Role to a User in a Project 

projectID := "a99e9b4e620e4db09a2dfb6e42a01e66"
userID := "9df1a02f5eb2416a9781e8b0c022d3ae"
roleID := "9fe2ff9ee4384b1894a90878d3e92bab"

err := roles.Assign(identityClient, roleID, roles.AssignOpts{
	UserID:    userID,
	ProjectID: projectID,
}).ExtractErr()

if err != nil {
	panic(err)
}

Example to Unassign a Role From a User in a Project 

projectID := "a99e9b4e620e4db09a2dfb6e42a01e66"
userID := "9df1a02f5eb2416a9781e8b0c022d3ae"
roleID := "9fe2ff9ee4384b1894a90878d3e92bab"

err := roles.Unassign(identityClient, roleID, roles.UnassignOpts{
	UserID:    userID,
	ProjectID: projectID,
}).ExtractErr()

if err != nil {
	panic(err)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func List 

func List(client *golangsdk.ServiceClient, opts ListOptsBuilder) pagination.Pager

List enumerates the roles to which the current token has access.

func ListAssignments 

func ListAssignments(client *golangsdk.ServiceClient, opts ListAssignmentsOptsBuilder) pagination.Pager

ListAssignments enumerates the roles assigned to a specified resource.

Types

type AssignOpts 

type AssignOpts struct {
	// UserID is the ID of a user to assign a role
	// Note: exactly one of UserID or GroupID must be provided
	UserID string `xor:"GroupID"`

	// GroupID is the ID of a group to assign a role
	// Note: exactly one of UserID or GroupID must be provided
	GroupID string `xor:"UserID"`

	// ProjectID is the ID of a project to assign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	ProjectID string `xor:"DomainID"`

	// DomainID is the ID of a domain to assign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	DomainID string `xor:"ProjectID"`
}

AssignOpts provides options to assign a role

type AssignmentResult 

type AssignmentResult struct {
	golangsdk.ErrResult
}

AssignmentResult represents the result of an assign operation. Call ExtractErr method to determine if the request succeeded or failed.

func Assign 

func Assign(client *golangsdk.ServiceClient, roleID string, opts AssignOpts) (r AssignmentResult)

Assign is the operation responsible for assigning a role to a user/group on a project/domain.

type CreateOpts 

type CreateOpts struct {
	// Name is the name of the new role.
	Name string `json:"name" required:"true"`

	// DomainID is the ID of the domain the role belongs to.
	DomainID string `json:"domain_id,omitempty"`

	// Extra is free-form extra key/value pairs to describe the role.
	Extra map[string]interface{} `json:"-"`
}

CreateOpts provides options used to create a role.

func (CreateOpts) ToRoleCreateMap 

func (opts CreateOpts) ToRoleCreateMap() (map[string]interface{}, error)

ToRoleCreateMap formats a CreateOpts into a create request.

type CreateOptsBuilder 

type CreateOptsBuilder interface {
	ToRoleCreateMap() (map[string]interface{}, error)
}

CreateOptsBuilder allows extensions to add additional parameters to the Create request.

type CreateResult 

type CreateResult struct {
	// contains filtered or unexported fields
}

CreateResult is the response from a Create operation. Call its Extract method to interpret it as a Role

func Create 

func Create(client *golangsdk.ServiceClient, opts CreateOptsBuilder) (r CreateResult)

Create creates a new Role.

func (CreateResult) Extract 

func (r CreateResult) Extract() (*Role, error)

Extract interprets any roleResults as a Role.

type DeleteResult 

type DeleteResult struct {
	golangsdk.ErrResult
}

DeleteResult is the response from a Delete operation. Call its ExtractErr to determine if the request succeeded or failed.

func Delete 

func Delete(client *golangsdk.ServiceClient, roleID string) (r DeleteResult)

Delete deletes a role.

type GetResult 

type GetResult struct {
	// contains filtered or unexported fields
}

GetResult is the response from a Get operation. Call its Extract method to interpret it as a Role.

func Get 

func Get(client *golangsdk.ServiceClient, id string) (r GetResult)

Get retrieves details on a single role, by ID.

func (GetResult) Extract 

func (r GetResult) Extract() (*Role, error)

Extract interprets any roleResults as a Role.

type ListAssignmentsOpts 

type ListAssignmentsOpts struct {
	// GroupID is the group ID to query.
	GroupID string `q:"group.id"`

	// ScopeDomainID filters the results by the given domain ID.
	ScopeDomainID string `q:"scope.domain.id"`

	// ScopeProjectID filters the results by the given Project ID.
	ScopeProjectID string `q:"scope.project.id"`

	// UserID filterst he results by the given User ID.
	UserID string `q:"user.id"`
}

ListAssignmentsOpts allows you to query the ListAssignments method. Specify one of or a combination of GroupId, RoleId, ScopeDomainId, ScopeProjectId, and/or UserId to search for roles assigned to corresponding entities.

type ListAssignmentsOptsBuilder 

type ListAssignmentsOptsBuilder interface {
	// contains filtered or unexported methods
}

ListAssignmentsOptsBuilder allows extensions to add additional parameters to the ListAssignments request.

type ListOpts 

type ListOpts struct {
	// DomainID filters the response by a domain ID.
	// If this parameter is specified, only custom policies of the account will be returned.
	// If not specified, all system permissions (including system-defined policies and roles) will be returned.
	DomainID string `q:"domain_id"`

	// Name filters the response by role name.
	Name string `q:"name"`

	DisplayName string `q:"display_name"`

	// This parameter is valid only when domain_id is left blank.
	// policy: system-defined policy; role: system-defined role
	PermissionType string `q:"permission_type"`

	// Display mode of the permission. The options include domain, project, and all.
	Type string `q:"type"`

	// Service catalog, which corresponds to the catalog field in policies.
	Catalog string `q:"catalog"`
}

ListOpts provides options to filter the List results.

func (ListOpts) ToRoleListQuery 

func (opts ListOpts) ToRoleListQuery() (string, error)

ToRoleListQuery formats a ListOpts into a query string.

type ListOptsBuilder 

type ListOptsBuilder interface {
	ToRoleListQuery() (string, error)
}

ListOptsBuilder allows extensions to add additional parameters to the List request

type Policy 

type Policy struct {
	Statement []Statement `json:"Statement"`
	Version   string      `json:"Version"`
}

type Role 

type Role struct {
	// DomainID is the domain ID the role belongs to.
	DomainID string `json:"domain_id"`

	// ID is the unique ID of the role.
	ID string `json:"id"`

	// Links contains referencing links to the role.
	Links map[string]interface{} `json:"links"`

	Name        string `json:"name"`
	Description string `json:"description"`
	DisplayName string `json:"display_name"`
	Flag        string `json:"flag"`
	Catalog     string `json:"catalog"`
	Type        string `json:"type"`
	Policy      Policy `json:"policy"`

	// Extra is a collection of miscellaneous key/values.
	Extra map[string]interface{} `json:"-"`
}

Role grants permissions to a user.

func ExtractRoles 

func ExtractRoles(r pagination.Page) ([]Role, error)

ExtractProjects returns a slice of Roles contained in a single page of results.

func (*Role) UnmarshalJSON 

func (r *Role) UnmarshalJSON(b []byte) error

type RoleAssignment 

type RoleAssignment struct {
	Catalog     string `json:"catalog"`
	Description string `json:"description"`
	DisplayName string `json:"display_name"`
	ID          string `json:"id"`
	Name        string `json:"name"`
	Type        string `json:"type"`
	Policy      Policy `json:"policy"`
}

RoleAssignment is the result of a role assignments query.

func ExtractRoleAssignments 

func ExtractRoleAssignments(r pagination.Page) ([]RoleAssignment, error)

ExtractRoleAssignments extracts a slice of RoleAssignments from a Collection acquired from List.

type RoleAssignmentPage 

type RoleAssignmentPage struct {
	pagination.LinkedPageBase
}

RoleAssignmentPage is a single page of RoleAssignments results.

func (RoleAssignmentPage) IsEmpty 

func (r RoleAssignmentPage) IsEmpty() (bool, error)

IsEmpty returns true if the RoleAssignmentPage contains no results.

func (RoleAssignmentPage) NextPageURL 

func (r RoleAssignmentPage) NextPageURL() (string, error)

NextPageURL uses the response's embedded link reference to navigate to the next page of results.

type RolePage 

type RolePage struct {
	pagination.LinkedPageBase
}

RolePage is a single page of Role results.

func (RolePage) IsEmpty 

func (r RolePage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of Roles contains any results.

func (RolePage) NextPageURL 

func (r RolePage) NextPageURL() (string, error)

NextPageURL extracts the "next" link from the links section of the result.

type Statement 

type Statement struct {
	Action []string `json:"Action"`
	Effect string   `json:"Effect"`
}

type UnassignOpts 

type UnassignOpts struct {
	// UserID is the ID of a user to unassign a role
	// Note: exactly one of UserID or GroupID must be provided
	UserID string `xor:"GroupID"`

	// GroupID is the ID of a group to unassign a role
	// Note: exactly one of UserID or GroupID must be provided
	GroupID string `xor:"UserID"`

	// ProjectID is the ID of a project to unassign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	ProjectID string `xor:"DomainID"`

	// DomainID is the ID of a domain to unassign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	DomainID string `xor:"ProjectID"`
}

UnassignOpts provides options to unassign a role

type UnassignmentResult 

type UnassignmentResult struct {
	golangsdk.ErrResult
}

UnassignmentResult represents the result of an unassign operation. Call ExtractErr method to determine if the request succeeded or failed.

func Unassign 

func Unassign(client *golangsdk.ServiceClient, roleID string, opts UnassignOpts) (r UnassignmentResult)

Unassign is the operation responsible for unassigning a role from a user/group on a project/domain.

type UpdateOpts 

type UpdateOpts struct {
	// Name is the name of the new role.
	Name string `json:"name,omitempty"`

	// Extra is free-form extra key/value pairs to describe the role.
	Extra map[string]interface{} `json:"-"`
}

UpdateOpts provides options for updating a role.

func (UpdateOpts) ToRoleUpdateMap 

func (opts UpdateOpts) ToRoleUpdateMap() (map[string]interface{}, error)

ToRoleUpdateMap formats a UpdateOpts into an update request.

type UpdateOptsBuilder 

type UpdateOptsBuilder interface {
	ToRoleUpdateMap() (map[string]interface{}, error)
}

UpdateOptsBuilder allows extensions to add additional parameters to the Update request.

type UpdateResult 

type UpdateResult struct {
	// contains filtered or unexported fields
}

UpdateResult is the response from an Update operation. Call its Extract method to interpret it as a Role.

func Update 

func Update(client *golangsdk.ServiceClient, roleID string, opts UpdateOptsBuilder) (r UpdateResult)

Update updates an existing Role.

func (UpdateResult) Extract 

func (r UpdateResult) Extract() (*Role, error)

Extract interprets any roleResults as a Role.

Source Files

View all Source files

Directories

Path Synopsis
roles unit tests
 roles unit tests

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.