Documentation ¶
Index ¶
- Constants
- Variables
- func IsValidLabel(val string) bool
- func IsValidOrgType(orgType TOrgType) bool
- func JoinLabels(seg ...string) string
- func MergeServiceConfigOptions(opts ...map[string][]string) map[string][]string
- func SplitLabel(label string) []string
- type CertificateDetails
- type CredentialCreateInput
- type CredentialDetails
- type CredentialListInput
- type CredentialUpdateInput
- type DomainCreateInput
- type DomainDetails
- type DomainListInput
- type DomainUpdateInput
- type DomainUsage
- type EnabledIdentityBaseResourceCreateInput
- type EnabledIdentityBaseResourceDetails
- type EnabledIdentityBaseResourceListInput
- type EnabledIdentityBaseUpdateInput
- type EndpointDetails
- type EndpointListInput
- type ExternalResourceInfo
- type GetIdpSamlMetadataInput
- type GetIdpSamlMetadataOutput
- type GetIdpSsoCallbackUriInput
- type GetIdpSsoCallbackUriOutput
- type GetIdpSsoRedirectUriInput
- type GetIdpSsoRedirectUriOutput
- type GroupCreateInput
- type GroupDetails
- type GroupFilterListInput
- type GroupListInput
- type GroupUpdateInput
- type IRbacIdentityWithUserId
- type IdentityBaseResourceCreateInput
- type IdentityBaseResourceDetails
- type IdentityBaseResourceListInput
- type IdentityBaseUpdateInput
- type IdentityProviderCreateInput
- type IdentityProviderDetails
- type IdentityProviderListInput
- type IdentityProviderUpdateInput
- type IdpResourceInfo
- type OrganizationCreateInput
- type OrganizationListInput
- type OrganizationNodeListInput
- type OrganizationNodePerformBindInput
- type OrganizationNodeUpdateInput
- type OrganizationPerformAddLevelsInput
- type OrganizationPerformAddNodeInput
- type OrganizationPerformCleanInput
- type OrganizationPerformSyncInput
- type OrganizationUpdateInput
- type PerformConfigInput
- type PerformDefaultSsoInput
- type PerformGroupAddUsersInput
- type PerformGroupRemoveUsersInput
- type PolicyBindRoleInput
- type PolicyCreateInput
- type PolicyDetails
- type PolicyListInput
- type PolicyTagInput
- type PolicyUpdateInput
- type ProjectCleanInput
- type ProjectCreateInput
- type ProjectDetails
- type ProjectFilterListInput
- type ProjectListInput
- type ProjectUpdateInput
- type RAInputObject
- type RegionDetails
- type RegionFilterListInput
- type RegionListInput
- type ResetCredentialInput
- type RoleAssignmentsInput
- type RoleAssignmentsOutput
- type RoleCreateInput
- type RoleDetails
- type RoleFilterListInput
- type RoleListInput
- type RolePerformAddPolicyInput
- type RolePerformRemovePolicyInput
- type RolePerformSetPoliciesInput
- type RolePolicyDetails
- type RolePolicyListInput
- type RoleUpdateInput
- type SAccessKeySecretBlob
- type SAccessKeySecretInfo
- type SAssignment
- type SCASIdpConfigOptions
- type SConfigOption
- type SCredential
- type SDomain
- type SDomainObject
- type SDomainObjectWithMetadata
- type SEnabledIdentityBaseResource
- type SEndpoint
- type SFederatedUser
- type SFederationProtocol
- type SFernetKey
- type SFetchDomainObject
- type SFetchDomainObjectWithMetadata
- type SGroup
- type SGroupRole
- type SIdentityBaseResource
- type SIdentityObject
- type SIdentityProvider
- type SIdmapping
- type SIdpAttributeOptions
- type SIdpRemoteIds
- type SImpliedRole
- type SJoinProjectsInput
- type SLDAPIdpConfigBaseOptions
- type SLDAPIdpConfigMultiDomainOptions
- type SLDAPIdpConfigOptions
- type SLDAPIdpConfigSingleDomainOptions
- type SLeaveProjectsInput
- type SLocalUser
- type SNonlocalUser
- type SOAuth2IdpConfigOptions
- type SOIDCAzureConfigOptions
- type SOIDCDexConfigOptions
- type SOIDCGithubConfigOptions
- type SOIDCGoogleConfigOptions
- type SOIDCIdpConfigOptions
- type SOrganization
- type SOrganizationDetails
- type SOrganizationInfo
- type SOrganizationNode
- type SOrganizationNodeDetails
- type SOrganizationNodeInfo
- type SPassword
- type SPolicy
- type SProject
- type SProjectAddUserGroupInput
- type SProjectExtended
- type SProjectOrganization
- type SProjectOrganizationNode
- type SProjectRemoveUserGroupInput
- type SProjectRole
- type SProjectSetAdminInput
- type SRegion
- type SRole
- type SRoleAssignment
- type SRolePolicy
- type SSAMLAzureADConfigOptions
- type SSAMLIdpBaseConfigOptions
- type SSAMLIdpConfigOptions
- type SSAMLTestIdpConfigOptions
- type SScopeResource
- type SService
- type SServiceCertificate
- type STokenCache
- type SUser
- type SUserExtended
- type SUserGroup
- type SUserOption
- type SUserRole
- type ServiceDetails
- type ServiceFilterListInput
- type ServiceListInput
- type TConfigs
- type TOrgType
- type UserCreateInput
- type UserDetails
- type UserFilterListInput
- type UserLinkIdpInput
- type UserListInput
- type UserUnlinkIdpInput
- type UserUpdateInput
- type UserUsage
Constants ¶
const ( DEFAULT_PROJECT = "default" ACCESS_SECRET_TYPE = "aksk" TOTP_TYPE = "totp" RECOVERY_SECRETS_TYPE = "recovery_secret" OIDC_CREDENTIAL_TYPE = "oidc" ENCRYPT_KEY_TYPE = "enc_key" )
const ( QueryScopeOne = "one" QUeryScopeSub = "sub" )
const ( IdpTemplateMSSingleDomain = "msad_one_domain" IdpTemplateMSMultiDomain = "msad_multi_domain" IdpTemplateOpenLDAPSingleDomain = "openldap_one_domain" IdpTemplateSAMLTest = "samltest_saml" IdpTemplateAzureADSAML = "azure_ad_saml" IdpTemplateDex = "dex_oidc" IdpTemplateGithub = "github_oidc" IdpTemplateAzureOAuth2 = "azure_oidc" IdpTemplateGoogle = "google_oidc" IdpTemplateAlipay = "alipay_oauth2" IdpTemplateWechat = "wechat_oauth2" IdpTemplateDingtalk = "dingtalk_oauth2" IdpTemplateFeishu = "feishu_oauth2" IdpTemplateQywechat = "qywechat_oauth2" IdpTemplateBingoIAM = "bingoiam_oauth2" )
const ( SERVICE_TYPE = apis.SERVICE_TYPE_KEYSTONE DEFAULT_DOMAIN_ID = "default" DEFAULT_DOMAIN_NAME = "Default" DefaultRemoteDomainId = "default_domain" DEFAULT_IDP_ID = DEFAULT_DOMAIN_ID SystemAdminUser = "sysadmin" SystemAdminProject = "system" SystemAdminRole = "admin" AUTH_METHOD_PASSWORD = "password" AUTH_METHOD_TOKEN = "token" AUTH_METHOD_AKSK = "aksk" AUTH_METHOD_CAS = "cas" AUTH_METHOD_SAML = "saml" AUTH_METHOD_OIDC = "oidc" AUTH_METHOD_OAuth2 = "oauth2" AUTH_METHOD_VERIFY = "verify" AUTH_TOKEN_HEADER = "X-Auth-Token" AUTH_SUBJECT_TOKEN_HEADER = "X-Subject-Token" AssignmentUserProject = "UserProject" AssignmentGroupProject = "GroupProject" AssignmentUserDomain = "UserDomain" AssignmentGroupDomain = "GroupDomain" EndpointInterfacePublic = "public" EndpointInterfaceInternal = "internal" EndpointInterfaceAdmin = "admin" EndpointInterfaceConsole = "console" EndpointInterfaceApigateway = "apigateway" KeystoneDomainRoot = "<<keystone.domain.root>>" IdMappingEntityUser = "user" IdMappingEntityGroup = "group" IdMappingEntityDomain = "domain" IdentityDriverSQL = "sql" IdentityDriverLDAP = "ldap" IdentityDriverCAS = "cas" IdentityDriverSAML = "saml" IdentityDriverOIDC = "oidc" // OpenID Connect IdentityDriverOAuth2 = "oauth2" // OAuth2.0 IdentityDriverStatusConnected = "connected" IdentityDriverStatusDisconnected = "disconnected" IdentityDriverStatusDeleting = "deleting" IdentityDriverStatusDeleteFailed = "delete_fail" IdentityProviderSyncLocal = "local" IdentityProviderSyncFull = "full" IdentityProviderSyncOnAuth = "auth" IdentitySyncStatusQueued = "queued" IdentitySyncStatusSyncing = "syncing" IdentitySyncStatusIdle = "idle" MinimalSyncIntervalSeconds = 5 * 60 // 5 minutes AUTH_TOKEN_LENGTH = 64 )
const ( FernetKeyForToken = "token" FernetKeyForCredential = "credential" )
const ( TAG_UPDATE_POLICY_ADD = "add" TAG_UPDATE_POLICY_REMOVE = "remove" TAG_UPDATE_POLICY_REPLACE = "replace" )
const ( AZURE_CLOUD_ENV_CHINA = "china" AZURE_CLOUD_ENV_GLOBAL = "global" )
const ( OrganizationLabelSeparator = "/" OrganizationRootParent = "<-root-org-node->" OrganizationStatusInit = "init" OrganizationStatusReady = "ready" OrganizationStatusSync = "sync" OrganizationStatusSyncFailed = "sync_failed" )
const ( OrgTypeProject = TOrgType("project") OrgTypeDomain = TOrgType("domain") OrgTypeObject = TOrgType("object") )
const ( IDENTITY_PROVIDER_TABLE = "identity_provider" IDENTITY_PROVIDER_RESOURCE_TYPE = "identity_provider" IDENTITY_PROVIDER_RESOURCE_TYPES = "identity_providers" )
const ( ROLE_SET_POLICY_ACTION_REPLACE = "replace" ROLE_SET_POLICY_ACTION_UPDATE = "update" ROLE_SET_POLICY_ACTION_DEFAULT = ROLE_SET_POLICY_ACTION_REPLACE )
const ( PasswordResetHintAdminReset = "admin_reset" PasswordResetHintExpire = "expire" )
Variables ¶
var ( AUTH_METHODS = []string{AUTH_METHOD_PASSWORD, AUTH_METHOD_TOKEN, AUTH_METHOD_AKSK, AUTH_METHOD_CAS} PASSWORD_PROTECTED_IDPS = []string{ IdentityDriverSQL, IdentityDriverLDAP, } SensitiveDomainConfigMap = map[string][]string{ "ldap": { "password", }, } CommonWhitelistOptionMap = map[string][]string{ "default": { "enable_quota_check", "default_quota_value", "non_default_domain_projects", "time_zone", "domainized_namespace", "api_server", "customized_private_prefixes", "global_http_proxy", "global_https_proxy", "ignore_nonrunning_guests", "platform_name", "enable_cloud_shell", "platform_names", "enable_change_owner_auto_rename", }, } ServiceBlacklistOptionMap = map[string][]string{ "default": { "help", "version", "config", "pid_file", "region", "application_id", "log_level", "log_verbose_level", "temp_path", "address", "port", "port_v2", "admin_port", "notify_admin_users", "session_endpoint_type", "admin_password", "admin_project", "admin_project_domain", "admin_user", "admin_domain", "auth_url", "enable_ssl", "ssl_certfile", "ssl_keyfile", "ssl_ca_certs", "is_slave_node", "config_sync_period_seconds", "enable_app_profiling", "sql_connection", "clickhouse", "ops_log_with_clickhouse", "db_checksum_skip_init", "db_checksum_tables", "enable_db_checksum_tables", "db_checksum_hash_algorithm", "auto_sync_table", "exit_after_db_init", "global_virtual_resource_namespace", "debug_sqlchemy", "lockman_method", "etcd_lock_prefix", "etcd_lock_ttl", "etcd_endpoints", "etcd_username", "etcd_password", "etcd_use_tls", "etcd_skip_tls_verify", "etcd_cacert", "etcd_cert", "etcd_key", "splitable_max_duration_hours", "splitable_max_keep_segments", "ops_log_max_keep_months", "disable_local_vpc", "bootstrap_admin_user_password", "reset_admin_user_password", "fernet_key_repository", "listen_interface", "access_address", "listen_address", "tftp_root", "baremetals_path", "ipmi_lan_port_shared", "zone", "dhcp_lease_time", "dhcp_renewal_time", "enable_general_guest_dhcp", "force_dhcp_probe_ipmi", "tftp_block_size_in_bytes", "tftp_max_timeout_retries", "enable_grub_tftp_download", "lengthy_worker_count", "short_worker_count", "cache_path", "enable_pxe_boot", "boot_iso_path", "deploy_server_socket_path", "enable_remote_executor", "executor_socket_path", "running_mode", }, } )
var ( IdpTemplateDriver = map[string]string{ IdpTemplateMSSingleDomain: IdentityDriverLDAP, IdpTemplateMSMultiDomain: IdentityDriverLDAP, IdpTemplateOpenLDAPSingleDomain: IdentityDriverLDAP, IdpTemplateSAMLTest: IdentityDriverSAML, IdpTemplateAzureADSAML: IdentityDriverSAML, IdpTemplateDex: IdentityDriverOIDC, IdpTemplateGithub: IdentityDriverOIDC, IdpTemplateAzureOAuth2: IdentityDriverOIDC, IdpTemplateGoogle: IdentityDriverOIDC, IdpTemplateAlipay: IdentityDriverOAuth2, IdpTemplateFeishu: IdentityDriverOAuth2, IdpTemplateDingtalk: IdentityDriverOAuth2, IdpTemplateWechat: IdentityDriverOAuth2, IdpTemplateQywechat: IdentityDriverOAuth2, IdpTemplateBingoIAM: IdentityDriverOAuth2, } )
var ( OrganizationTypes = []TOrgType{ OrgTypeProject, OrgTypeDomain, OrgTypeObject, } )
Functions ¶
func IsValidLabel ¶
func IsValidOrgType ¶
func JoinLabels ¶
func SplitLabel ¶
Types ¶
type CertificateDetails ¶
type CredentialCreateInput ¶
type CredentialDetails ¶
type CredentialDetails struct { apis.StandaloneResourceDetails SCredential Blob string `json:"blob"` User string `json:"user"` Domain string `json:"domain"` DomainId string `json:"domain_id"` }
type CredentialListInput ¶
type CredentialListInput struct { apis.StandaloneResourceListInput UserFilterListInput ProjectFilterListInput Type []string `json:"type"` Enabled *bool `json:"enabled"` }
type CredentialUpdateInput ¶
type CredentialUpdateInput struct { apis.StandaloneResourceBaseUpdateInput // enabled Enabled *bool `json:"enabled"` }
type DomainCreateInput ¶
type DomainCreateInput struct { apis.StandaloneResourceCreateInput // 显示名 Displayname string `json:"displayname"` // 是否启用 Enabled *bool `json:"enabled"` }
type DomainDetails ¶
type DomainDetails struct { apis.StandaloneResourceDetails IdpResourceInfo SDomain DomainUsage // 归属该域的外部资源统计信息 ExternalResourceInfo }
type DomainListInput ¶
type DomainListInput struct { apis.StandaloneResourceListInput Enabled *bool `json:"enabled"` // 按IDP过滤 IdpId string `json:"idp_id"` // 按IDP_ENTITY_ID过滤 IdpEntityId string `json:"idp_entity_id"` // domain tags filter imposed by policy PolicyDomainTags tagutils.TTagSetList `json:"policy_domain_tags"` }
type DomainUpdateInput ¶
type DomainUpdateInput struct { apis.StandaloneResourceBaseUpdateInput // 显示名 Displayname string `json:"displayname"` // 是否启用 Enabled *bool `json:"enabled"` }
type DomainUsage ¶
type DomainUsage struct { // 归属域的用户数量 UserCount int `json:"user_count"` // 归属域的用户组数量 GroupCount int `json:"group_count"` // 归属域的项目数量 ProjectCount int `json:"project_count"` // 归属域的角色数量 RoleCount int `json:"role_count"` // 归属域的权限策略数量 PolicyCount int `json:"policy_count"` // 归属域的认证源数量 IdpCount int `json:"idp_count"` }
type EnabledIdentityBaseResourceCreateInput ¶
type EnabledIdentityBaseResourceCreateInput struct { IdentityBaseResourceCreateInput Enabled *bool `json:"enabled"` }
type EnabledIdentityBaseResourceDetails ¶
type EnabledIdentityBaseResourceDetails struct {
IdentityBaseResourceDetails
}
type EnabledIdentityBaseResourceListInput ¶
type EnabledIdentityBaseResourceListInput struct { IdentityBaseResourceListInput apis.EnabledResourceBaseListInput }
type EnabledIdentityBaseUpdateInput ¶
type EnabledIdentityBaseUpdateInput struct { IdentityBaseUpdateInput // 是否启用 Enabled *bool `json:"enabled"` }
type EndpointDetails ¶
type EndpointDetails struct { apis.StandaloneResourceDetails SEndpoint CertificateDetails // 服务名称,例如keystone, glance, region等 ServiceName string `json:"service_name"` // 服务类型,例如identity, image, compute等 ServiceType string `json:"service_type"` }
type EndpointListInput ¶
type EndpointListInput struct { apis.StandaloneResourceListInput ServiceFilterListInput RegionFilterListInput // 以Endpoint接口类型过滤,可能值为: internal, internalURL, public, publicURL, admin, adminURL, console Interface string `json:"interface"` // 是否启用 Enabled *bool `json:"enabled"` }
type ExternalResourceInfo ¶
type GetIdpSamlMetadataInput ¶
type GetIdpSamlMetadataOutput ¶
type GetIdpSamlMetadataOutput struct { // SAML 2.0 SP metadata Metadata string `json:"metadata"` }
type GetIdpSsoCallbackUriInput ¶
type GetIdpSsoCallbackUriInput struct { // SSO回调地址 RedirectUri string `json:"redirect_uri"` }
type GroupCreateInput ¶
type GroupCreateInput struct { IdentityBaseResourceCreateInput // display name Displayname string `json:"displayname"` }
type GroupDetails ¶
type GroupDetails struct { IdentityBaseResourceDetails IdpResourceInfo SGroup // 用户数量 UserCount int `json:"user_count"` // 项目数量 ProjectCount int `json:"project_count"` }
type GroupFilterListInput ¶
type GroupFilterListInput struct { // 组归属域 GroupDomainId string `json:"group_domain_id"` // swagger:ignore // Deprecated GroupDomain string `json:"group_domain" yunion-deprecated-by:"group_domain_id"` // filter by group GroupId string `json:"group_id"` // swagger:ignore // Deprecated // filter by group_id Group string `json:"group" yunion-deprecated-by:"group_id"` }
type GroupListInput ¶
type GroupListInput struct { IdentityBaseResourceListInput UserFilterListInput ProjectFilterListInput // 名称过滤 Displayname string `json:"displayname"` // 按IDP过滤 IdpId string `json:"idp_id"` }
type GroupUpdateInput ¶
type GroupUpdateInput struct { IdentityBaseUpdateInput // display name Displayname string `json:"displayname"` }
type IRbacIdentityWithUserId ¶
type IRbacIdentityWithUserId interface { rbacutils.IRbacIdentity GetUserId() string }
type IdentityBaseResourceCreateInput ¶
type IdentityBaseResourceCreateInput struct { apis.StandaloneResourceCreateInput apis.DomainizedResourceCreateInput }
type IdentityBaseResourceDetails ¶
type IdentityBaseResourceDetails struct { apis.StandaloneResourceDetails apis.DomainizedResourceInfo }
type IdentityBaseResourceListInput ¶
type IdentityBaseResourceListInput struct { apis.StandaloneResourceListInput apis.DomainizedResourceListInput }
type IdentityBaseUpdateInput ¶
type IdentityBaseUpdateInput struct {
apis.StandaloneResourceBaseUpdateInput
}
type IdentityProviderCreateInput ¶
type IdentityProviderCreateInput struct { apis.EnabledStatusStandaloneResourceCreateInput // 后端驱动名称 Driver string `json:"driver" ignore:"true"` // 模板名称 Template string `json:"template" ignore:"true"` // 归属域 OwnerDomainId string `json:"owner_domain_id"` // 默认导入用户和组的域 TargetDomainId string `json:"target_domain_id"` // swagger:ignore // Deprecated TargetDomain string `json:"target_domain" yunion-deprecated-by:"target_domain_id"` // 新建域的时候是否自动新建第一个项目 AutoCreateProject *bool `json:"auto_create_project"` // 当用户不存在时,是否自动新建用户 AutoCreateUser *bool `json:"auto_create_user"` // 自动同步间隔,单位:秒 SyncIntervalSeconds *int `json:"sync_interval_seconds"` // 配置信息 Config TConfigs `json:"config" ignore:"true"` // 图标URL IconUri string `json:"icon_uri"` }
type IdentityProviderDetails ¶
type IdentityProviderDetails struct { apis.EnabledStatusStandaloneResourceDetails apis.DomainizedResourceInfo // 认证源账号信息同步周期 SyncIntervalSeconds int `json:"sync_interval_seconds"` // 认证源的目标域名称 TargetDomain string `json:"target_domain"` // 该认证源关联的所有域的角色数量 RoleCount int `json:"role_count,allowempty"` // 该认证源关联的所有域的用户数量 UserCount int `json:"user_count,allowempty"` // 该认证源关联的所有域的权限策略数量 PolicyCount int `json:"policy_count,allowempty"` // 该认证源关联的所有域的数量 DomainCount int `json:"domain_count,allowempty"` // 该认证源关联的所有域的项目数量 ProjectCount int `json:"project_count,allowempty"` // 该认证源关联的所有域的组数量 GroupCount int `json:"group_count,allowempty"` SIdentityProvider }
type IdentityProviderListInput ¶
type IdentityProviderListInput struct { apis.EnabledStatusStandaloneResourceListInput apis.DomainizedResourceListInput // 以驱动类型过滤 Driver []string `json:"driver"` // 以模板过滤 Template []string `json:"template"` // 以同步状态过滤 SyncStatus []string `json:"sync_status"` // 过滤支持SSO的认证源,如果值为all,则列出所有的全局认证源,否则可出sso为域ID的域认证源 // example: all SsoDomain string `json:"sso_domain"` AutoCreateProject *bool `json:"auto_create_project"` AutoCreateUser *bool `json:"auto_create_user"` }
type IdentityProviderUpdateInput ¶
type IdentityProviderUpdateInput struct { apis.EnabledStatusStandaloneResourceBaseUpdateInput // 当认证后用户加入项目不存在时是否自动创建项目 AutoCreateProject *bool `json:"auto_create_project"` // 当认证后用户不存在时是否自动创建用户 AutoCreateUser *bool `json:"auto_create_user"` SyncIntervalSeconds *int `json:"sync_interval_seconds"` // 图标URL IconUri string `json:"icon_uri"` }
type IdpResourceInfo ¶
type IdpResourceInfo struct { // 认证源ID IdpId string `json:"idp_id"` // 认证源名称 Idp string `json:"idp"` // 该资源在认证源的原始ID IdpEntityId string `json:"idp_entity_id"` // 认证源类型, 例如sql, cas, ldap等 IdpDriver string `json:"idp_driver"` // 是否是SSO登录方式 IsSso bool `json:"is_sso"` // 认证源模板 Template string `json:"template"` }
type OrganizationCreateInput ¶
type OrganizationCreateInput struct { EnabledIdentityBaseResourceCreateInput apis.SharableResourceBaseCreateInput apis.StatusBaseResourceCreateInput Type TOrgType `json:"type"` // swagger: ignore Level int `json:"level,omitzero"` // key Key []string `json:"key"` // keys // swagger: ignore Keys string `json:"keys"` }
type OrganizationListInput ¶
type OrganizationListInput struct { EnabledIdentityBaseResourceListInput apis.SharableResourceBaseListInput apis.StatusResourceBaseListInput Type []TOrgType `json:"type"` Key string `json:"key"` }
type OrganizationNodeListInput ¶
type OrganizationNodeListInput struct { apis.StandaloneResourceListInput OrgId string `json:"org_id"` OrgType TOrgType `json:"org_type"` Level int `json:"level"` // domain tags filter imposed by policy PolicyDomainTags tagutils.TTagSetList `json:"policy_domain_tags"` // project tags filter imposed by policy PolicyProjectTags tagutils.TTagSetList `json:"policy_project_tags"` // object tags filter imposed by policy PolicyObjectTags tagutils.TTagSetList `json:"policy_object_tags"` }
type OrganizationNodeUpdateInput ¶
type OrganizationNodeUpdateInput struct { apis.StandaloneResourceBaseUpdateInput Weight *int `json:"weight"` }
type OrganizationPerformAddLevelsInput ¶
type OrganizationPerformAddLevelsInput struct { Key []string `json:"key" help:"add keys"` OrganizationPerformAddNodeInput }
type OrganizationPerformCleanInput ¶
type OrganizationPerformCleanInput struct { }
type OrganizationUpdateInput ¶
type OrganizationUpdateInput struct {
EnabledIdentityBaseUpdateInput
}
type PerformConfigInput ¶
type PerformConfigInput struct { // 更新配置的方式 // example: update // // | action | 含义 | // |---------|-----------------------------------------------| // | update | 增量更新配置 | // | remove | 删除指定配置 | // | replace | 全量替换配置,如果action为空,则默认为replace | // Action string `json:"action"` // 配置信息 Config TConfigs `json:"config"` }
type PerformDefaultSsoInput ¶
type PerformDefaultSsoInput struct {
Enable *bool `json:"enable" help:"enable default sso" negative:"disable"`
}
type PolicyBindRoleInput ¶
type PolicyCreateInput ¶
type PolicyCreateInput struct { EnabledIdentityBaseResourceCreateInput apis.SharableResourceBaseCreateInput // Deprecated // swagger:ignore Type string `json:"type"` // policy Blob jsonutils.JSONObject `json:"blob"` // 生效范围,project|domain|system Scope rbacscope.TRbacScope `json:"scope"` // 是否为系统权限 IsSystem *bool `json:"is_system"` PolicyTagInput }
type PolicyDetails ¶
type PolicyDetails struct { EnabledIdentityBaseResourceDetails apis.SharableResourceBaseInfo SPolicy OrgNodes []SOrganizationNodeInfo }
type PolicyListInput ¶
type PolicyListInput struct { EnabledIdentityBaseResourceListInput apis.SharableResourceBaseListInput // 以类型查询 Type []string `json:"type"` // 是否显示系统权限 IsSystem *bool `json:"is_system"` // filter policies by role id RoleId string `json:"role_id"` // swagger: ignore // Deprecated Role string `json:"role" yunion-deprecated-by:"role_id"` }
type PolicyTagInput ¶
type PolicyTagInput struct { // 匹配的资源标签 ObjectTags tagutils.TTagSet `json:"object_tags,allowempty"` // 匹配的项目标签 ProjectTags tagutils.TTagSet `json:"project_tags,allowempty"` // 匹配的域标签 DomainTags tagutils.TTagSet `json:"domain_tags,allowempty"` // 组织架构节点ID OrgNodeId []string `json:"org_node_id,allowempty"` }
type PolicyUpdateInput ¶
type PolicyUpdateInput struct { EnabledIdentityBaseUpdateInput // Deprecated // swagger:ignore Type string `json:"type"` // Policy内容 Blob jsonutils.JSONObject `json:"blob"` // 生效范围,project|domain|system Scope rbacscope.TRbacScope `json:"scope"` // 是否为系统权限 IsSystem *bool `json:"is_system"` PolicyTagInput // Policy tag更新策略,可能的值为:add|remove|remove,默认为add TagUpdatePolicy string `json:"tag_update_policy"` }
type ProjectCleanInput ¶
type ProjectCleanInput struct { }
type ProjectCreateInput ¶
type ProjectCreateInput struct { IdentityBaseResourceCreateInput // 显示名称 Displayname string `json:"displayname"` }
type ProjectDetails ¶
type ProjectDetails struct { IdentityBaseResourceDetails SProject // 项目管理员名称 Admin string `json:"admin"` // 项目管理员域ID AdminDomainId string `json:"admin_domain_id"` // 项目管理员域名称 AdminDomain string `json:"admin_domain"` // 加入项目的用户组数量 GroupCount int `json:"group_count"` // 加入项目的用户数量 UserCount int `json:"user_count"` // 归属该项目的外部资源统计信息 ExternalResourceInfo Organization *SProjectOrganization }
type ProjectFilterListInput ¶
type ProjectFilterListInput struct { // 项目归属域 ProjectDomainId string `json:"project_domain_id"` // swagger:ignore // Deprecated ProjectDomain string `json:"project_domain" yunion-deprecated-by:"project_domain_id"` // 以项目(ID或Name)过滤列表结果 ProjectId string `json:"project_id"` // swagger:ignore // Deprecated // filter by project_id Project string `json:"project" yunion-deprecated-by:"project_id"` // swagger:ignore // Deprecated // filter by tenant Tenant string `json:"tenant" yunion-deprecated-by:"project_id"` // swagger:ignore // Deprecated // filter by tenant_id TenantId string `json:"tenant_id" yunion-deprecated-by:"project_id"` }
type ProjectListInput ¶
type ProjectListInput struct { IdentityBaseResourceListInput UserFilterListInput GroupFilterListInput // filter projects by Identity Provider IdpId string `json:"idp_id"` // 过滤出指定用户或者组可以加入的项目 Jointable *bool `json:"jointable"` // project tags filter imposed by policy PolicyProjectTags tagutils.TTagSetList `json:"policy_project_tags"` // 通过项目管理员id过滤 AdminId []string `json:"admin_id"` }
type ProjectUpdateInput ¶
type ProjectUpdateInput struct { IdentityBaseUpdateInput // 显示名称 Displayname string `json:"displayname"` }
type RAInputObject ¶
type RAInputObject struct {
Id string `json:"id"`
}
type RegionDetails ¶
type RegionDetails struct { apis.StandaloneResourceDetails SRegion EndpointCount int `json:"endpoint_count"` }
type RegionFilterListInput ¶
type RegionListInput ¶
type RegionListInput struct {
apis.StandaloneResourceListInput
}
type ResetCredentialInput ¶
type ResetCredentialInput struct { // 密钥的类型 Type string `json:"type"` }
type RoleAssignmentsInput ¶
type RoleAssignmentsInput struct { User RAInputObject `json:"user"` Group RAInputObject `json:"group"` Role RAInputObject `json:"role"` Scope struct { Project RAInputObject `json:"project"` Domain RAInputObject `json:"domain"` } `json:"scope"` Users []string `json:"users"` Groups []string `json:"groups"` Roles []string `json:"roles"` Projects []string `json:"projects"` Domains []string `json:"domains"` ProjectDomainId string `json:"project_domain_id"` ProjectDomains []string `json:"project_domains"` IncludeNames *bool `json:"include_names"` Effective *bool `json:"effective"` IncludeSubtree *bool `json:"include_subtree"` IncludeSystem *bool `json:"include_system"` IncludePolicies *bool `json:"include_policies"` Limit *int `json:"limit"` Offset *int `json:"offset"` }
type RoleAssignmentsOutput ¶
type RoleAssignmentsOutput struct { RoleAssignments []SRoleAssignment `json:"role_assignments,allowempty"` Total int64 `json:"total"` Limit int `json:"limit"` Offset int `json:"offset"` }
type RoleCreateInput ¶
type RoleCreateInput struct { IdentityBaseResourceCreateInput apis.SharableResourceBaseCreateInput }
type RoleDetails ¶
type RoleDetails struct { IdentityBaseResourceDetails apis.SharableResourceBaseInfo SRole // 具有该角色的用户数量 UserCount int `json:"user_count"` // 具有该角色的用户组数量 GroupCount int `json:"group_count"` // 有该角色的用户或组的项目的数量 ProjectCount int `json:"project_count"` // 该角色匹配的权限的名称列表 MatchPolicies []string `json:"match_policies"` // 不同级别的权限的名称列表 Policies map[rbacscope.TRbacScope][]string `json:"policies"` }
type RoleFilterListInput ¶
type RoleFilterListInput struct { // 角色归属域 RoleDomainId string `json:"role_domain_id"` // swagger:ignore // Deprecated RoleDomain string `json:"role_domain" yunion-deprecated-by:"role_domain_id"` // filter by role RoleId string `json:"role_id"` // swagger:ignore // Deprecated // filter by role_id Role string `json:"role" yunion-deprecated-by:"role_id"` }
type RoleListInput ¶
type RoleListInput struct { IdentityBaseResourceListInput apis.SharableResourceBaseListInput ProjectFilterListInput UserFilterListInput GroupFilterListInput }
type RolePerformSetPoliciesInput ¶
type RolePerformSetPoliciesInput struct { // 操作:replace|update, 默认为replace Action string `json:"action"` // 权限列表 Policies []RolePerformAddPolicyInput `json:"policies"` }
type RolePolicyDetails ¶
type RolePolicyDetails struct { apis.ResourceBaseDetails Id string `json:"id"` Name string `json:"name"` Role string `json:"role"` Project string `json:"project"` Policy string `json:"policy"` Scope rbacscope.TRbacScope `json:"scope"` Description string `json:"description"` SRolePolicy }
type RolePolicyListInput ¶
type RoleUpdateInput ¶
type RoleUpdateInput struct {
IdentityBaseUpdateInput
}
type SAccessKeySecretBlob ¶
func (SAccessKeySecretBlob) IsValid ¶
func (info SAccessKeySecretBlob) IsValid() bool
type SAccessKeySecretInfo ¶
type SAccessKeySecretInfo struct { AccessKey string SAccessKeySecretBlob }
type SAssignment ¶
type SAssignment struct { apis.SResourceBase // 关联类型,分为四类:'UserProject','GroupProject','UserDomain','GroupDomain' Type string `json:"type"` // 用户或者用户组ID ActorId string `json:"actor_id"` // 项目或者域ID TargetId string `json:"target_id"` // 角色ID RoleId string `json:"role_id"` Inherited *bool `json:"inherited,omitempty"` }
SAssignment is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SAssignment.
type SCASIdpConfigOptions ¶
type SCASIdpConfigOptions struct { // https://cas.example.org/cas/ CASServerURL string `json:"cas_server_url"` // Deprecated CasProjectAttribute string `json:"cas_project_attribute" "deprecated-by":"project_attribute"` // Deprecated AutoCreateCasProject tristate.TriState `json:"auto_create_cas_project"` // Deprecated DefaultCasProjectId string `json:"default_cas_project_id" "deprecated-by":"default_project_id"` // Deprecated CasRoleAttribute string `json:"cas_role_attribute" "deprected-by":"role_attribute"` // Deprecated DefaultCasRoleId string `json:"default_cas_role_id" "deprecated-by":"default_role_id"` SIdpAttributeOptions }
type SConfigOption ¶
type SConfigOption struct { apis.SResourceBase apis.SRecordChecksumResourceBase ResType string `json:"res_type"` ResId string `json:"domain_id"` Group string `json:"group"` Option string `json:"option"` Value jsonutils.JSONObject `json:"value"` }
SConfigOption is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SConfigOption.
type SCredential ¶
type SCredential struct { apis.SStandaloneResourceBase UserId string `json:"user_id"` ProjectId string `json:"project_id"` Type string `json:"type"` KeyHash string `json:"key_hash"` Extra *jsonutils.JSONDict `json:"extra"` EncryptedBlob string `json:"encrypted_blob"` Enabled *bool `json:"enabled,omitempty"` }
SCredential is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SCredential.
type SDomain ¶
type SDomain struct { apis.SStandaloneResourceBase apis.SPendingDeletedBase // 额外信息 Extra *jsonutils.JSONDict `json:"extra"` // 改域是否启用 Enabled *bool `json:"enabled,omitempty"` // 是否为域 IsDomain *bool `json:"is_domain,omitempty"` DomainId string `json:"domain_id"` ParentId string `json:"parent_id"` AdminId string `json:"admin_id"` }
SDomain is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SDomain.
type SDomainObject ¶
type SDomainObject struct { SIdentityObject // 归属域信息 Domain SIdentityObject `json:"domain"` }
type SDomainObjectWithMetadata ¶
type SDomainObjectWithMetadata struct { SDomainObject // 标签信息 Metadata map[string]string `json:"metadata"` }
type SEnabledIdentityBaseResource ¶
type SEnabledIdentityBaseResource struct { SIdentityBaseResource apis.SEnabledResourceBase }
SEnabledIdentityBaseResource is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SEnabledIdentityBaseResource.
type SEndpoint ¶
type SEndpoint struct { apis.SStandaloneResourceBase LegacyEndpointId string `json:"legacy_endpoint_id"` Interface string `json:"interface"` ServiceId string `json:"service_id"` Url string `json:"url"` Extra *jsonutils.JSONDict `json:"extra"` Enabled *bool `json:"enabled,omitempty"` RegionId string `json:"region_id"` ServiceCertificateId string `json:"service_certificate_id"` }
SEndpoint is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SEndpoint.
type SFederatedUser ¶
type SFederatedUser struct { apis.SResourceBase Id int `json:"id"` UserId string `json:"user_id"` IdpId string `json:"idp_id"` ProtocolId string `json:"protocol_id"` UniqueId string `json:"unique_id"` DisplayName string `json:"display_name"` }
SFederatedUser is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SFederatedUser.
type SFederationProtocol ¶
type SFederationProtocol struct { Id string `json:"id"` IdpId string `json:"idp_id"` MappingId string `json:"mapping_id"` }
SFederationProtocol is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SFederationProtocol.
type SFernetKey ¶
type SFernetKey struct { Type string `json:"type"` Index int `json:"index"` Key string `json:"key"` }
SFernetKey is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SFernetKey.
type SFetchDomainObject ¶
type SFetchDomainObject struct { SIdentityObject // 归属域名称 Domain string `json:"domain"` // 归属域ID DomainId string `json:"domain_id"` }
type SFetchDomainObjectWithMetadata ¶
type SFetchDomainObjectWithMetadata struct { SFetchDomainObject // 项目标签 Metadata map[string]string `json:"metadata"` }
type SGroup ¶
type SGroup struct { SIdentityBaseResource // 用户组的显示名称 Displayname string `json:"displayname"` }
SGroup is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SGroup.
type SGroupRole ¶
type SIdentityBaseResource ¶
type SIdentityBaseResource struct { apis.SStandaloneResourceBase apis.SDomainizedResourceBase apis.SPendingDeletedBase // 额外信息 Extra *jsonutils.JSONDict `json:"extra"` }
SIdentityBaseResource is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SIdentityBaseResource.
type SIdentityObject ¶
type SIdentityProvider ¶
type SIdentityProvider struct { apis.SEnabledStatusStandaloneResourceBase apis.SDomainizedResourceBase Driver string `json:"driver"` Template string `json:"template"` TargetDomainId string `json:"target_domain_id"` // 是否自动创建项目 AutoCreateProject *bool `json:"auto_create_project,omitempty"` // 是否自动创建用户 AutoCreateUser *bool `json:"auto_create_user,omitempty"` ErrorCount int `json:"error_count"` SyncStatus string `json:"sync_status"` LastSync time.Time `json:"last_sync"` // = Column(DateTime, nullable=True) LastSyncEndAt time.Time `json:"last_sync_end_at"` SyncIntervalSeconds int `json:"sync_interval_seconds"` // 认证源图标 IconUri string `json:"icon_uri"` // 是否是SSO登录方式 IsSso *bool `json:"is_sso,omitempty"` // 是否是缺省SSO登录方式 IsDefault *bool `json:"is_default,omitempty"` }
SIdentityProvider is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SIdentityProvider.
type SIdmapping ¶
type SIdmapping struct { apis.SResourceBase PublicId string `json:"public_id"` IdpId string `json:"domain_id"` IdpEntityId string `json:"local_id"` EntityType string `json:"entity_type"` }
SIdmapping is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SIdmapping.
type SIdpAttributeOptions ¶
type SIdpAttributeOptions struct { DomainNameAttribute string `json:"domain_name_attribute"` DomainIdAttribute string `json:"domain_id_attribute"` UserNameAttribute string `json:"user_name_attribute"` UserIdAttribute string `json:"user_id_attribute"` UserDisplaynameAttribtue string `json:"user_displayname_attribute"` UserEmailAttribute string `json:"user_email_attribute"` UserMobileAttribute string `json:"user_mobile_attribute"` ProjectAttribute string `json:"project_attribute"` RolesAttribute string `json:"roles_attribute"` DefaultProjectId string `json:"default_project_id"` DefaultRoleId string `json:"default_role_id"` }
func (*SIdpAttributeOptions) Update ¶
func (a *SIdpAttributeOptions) Update(a2 SIdpAttributeOptions)
type SIdpRemoteIds ¶
SIdpRemoteIds is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SIdpRemoteIds.
type SImpliedRole ¶
type SImpliedRole struct { PriorRoleId string `json:"prior_role_id"` ImpliedRoleId string `json:"implied_role_id"` }
SImpliedRole is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SImpliedRole.
type SJoinProjectsInput ¶
type SJoinProjectsInput struct { Projects []string `json:"projects"` Roles []string `json:"roles"` // 启用用户, 仅用户禁用时生效 Enabled bool }
func (SJoinProjectsInput) Validate ¶
func (input SJoinProjectsInput) Validate() error
type SLDAPIdpConfigBaseOptions ¶
type SLDAPIdpConfigBaseOptions struct { Url string `json:"url,omitempty" help:"LDAP server URL" required:"true"` Suffix string `json:"suffix,omitempty" required:"true"` User string `json:"user,omitempty" required:"true"` Password string `json:"password,omitempty" required:"true"` DisableUserOnImport bool `json:"disable_user_on_import"` }
type SLDAPIdpConfigMultiDomainOptions ¶
type SLDAPIdpConfigMultiDomainOptions struct { SLDAPIdpConfigBaseOptions DomainTreeDN string `json:"domain_tree_dn,omitempty" help:"Base domain tree distinguished name" required:"true"` }
type SLDAPIdpConfigOptions ¶
type SLDAPIdpConfigOptions struct { Url string `json:"url,omitempty" help:"LDAP server URL" required:"true"` Suffix string `json:"suffix,omitempty" required:"true"` QueryScope string `json:"query_scope,omitempty" help:"Query scope" choices:"one|sub"` User string `json:"user,omitempty"` Password string `json:"password,omitempty"` DisableUserOnImport bool `json:"disable_user_on_import"` DomainTreeDN string `json:"domain_tree_dn,omitempty" help:"Domain tree root node dn(distinguished name)"` DomainFilter string `json:"domain_filter,omitempty"` DomainObjectclass string `json:"domain_objectclass,omitempty"` DomainIdAttribute string `json:"domain_id_attribute,omitempty"` DomainNameAttribute string `json:"domain_name_attribute,omitempty"` DomainQueryScope string `json:"domain_query_scope,omitempty" help:"Query scope" choices:"one|sub"` UserTreeDN string `json:"user_tree_dn,omitempty" help:"User tree distinguished name"` UserFilter string `json:"user_filter,omitempty"` UserObjectclass string `json:"user_objectclass,omitempty"` UserIdAttribute string `json:"user_id_attribute,omitempty"` UserNameAttribute string `json:"user_name_attribute,omitempty"` UserEnabledAttribute string `json:"user_enabled_attribute,omitempty"` UserEnabledMask int64 `json:"user_enabled_mask,allowzero" default:"-1"` UserEnabledDefault string `json:"user_enabled_default,omitempty"` UserEnabledInvert bool `json:"user_enabled_invert,allowfalse"` UserAdditionalAttribute []string `json:"user_additional_attribute_mapping,omitempty" token:"user_additional_attribute"` UserQueryScope string `json:"user_query_scope,omitempty" help:"Query scope" choices:"one|sub"` GroupTreeDN string `json:"group_tree_dn,omitempty" help:"Group tree distinguished name"` GroupFilter string `json:"group_filter,omitempty"` GroupObjectclass string `json:"group_objectclass,omitempty"` GroupIdAttribute string `json:"group_id_attribute,omitempty"` GroupNameAttribute string `json:"group_name_attribute,omitempty"` GroupMemberAttribute string `json:"group_member_attribute,omitempty"` GroupMembersAreIds bool `json:"group_members_are_ids,allowfalse"` GroupQueryScope string `json:"group_query_scope,omitempty" help:"Query scope" choices:"one|sub"` }
type SLDAPIdpConfigSingleDomainOptions ¶
type SLDAPIdpConfigSingleDomainOptions struct { SLDAPIdpConfigBaseOptions UserTreeDN string `json:"user_tree_dn,omitempty" help:"Base user tree distinguished name" required:"true"` GroupTreeDN string `json:"group_tree_dn,omitempty" help:"Base group tree distinguished name" required:"true"` }
type SLeaveProjectsInput ¶
type SLeaveProjectsInput struct {
ProjectRoles []SProjectRole `json:"project_roles"`
}
func (SLeaveProjectsInput) Validate ¶
func (input SLeaveProjectsInput) Validate() error
type SLocalUser ¶
type SLocalUser struct { apis.SResourceBase Id int `json:"id"` UserId string `json:"user_id"` DomainId string `json:"domain_id"` Name string `json:"name"` FailedAuthCount int `json:"failed_auth_count"` NeedResetPassword *bool `json:"need_reset_password,omitempty"` ResetHint string `json:"reset_hint"` }
SLocalUser is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SLocalUser.
type SNonlocalUser ¶
type SNonlocalUser struct { DomainId string `json:"domain_id"` Name string `json:"name"` UserId string `json:"user_id"` }
SNonlocalUser is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SNonlocalUser.
type SOAuth2IdpConfigOptions ¶
type SOAuth2IdpConfigOptions struct { AppId string `json:"app_id"` Secret string `json:"secret"` SIdpAttributeOptions }
OAuth2.0
type SOIDCAzureConfigOptions ¶
type SOIDCAzureConfigOptions struct { ClientId string `json:"client_id"` ClientSecret string `json:"client_secret"` TenantId string `json:"tenant_id"` CloudEnv string `json:"cloud_env"` SIdpAttributeOptions }
type SOIDCDexConfigOptions ¶
type SOIDCDexConfigOptions struct { ClientId string `json:"client_id"` ClientSecret string `json:"client_secret"` Endpoint string `json:"endpoint"` SIdpAttributeOptions }
type SOIDCGithubConfigOptions ¶
type SOIDCGithubConfigOptions struct { ClientId string `json:"client_id"` ClientSecret string `json:"client_secret"` SIdpAttributeOptions }
type SOIDCGoogleConfigOptions ¶
type SOIDCGoogleConfigOptions struct { ClientId string `json:"client_id"` ClientSecret string `json:"client_secret"` SIdpAttributeOptions }
type SOIDCIdpConfigOptions ¶
type SOIDCIdpConfigOptions struct { ClientId string `json:"client_id"` ClientSecret string `json:"client_secret"` Scopes []string `json:"scopes"` Endpoint string `json:"endpoint"` AuthUrl string `json:"auth_url"` TokenUrl string `json:"token_url"` UserinfoUrl string `json:"userinfo_url"` TimeoutSecs int `json:"timeout_secs"` SIdpAttributeOptions }
OpenID Connect Config Options
type SOrganization ¶
type SOrganization struct { SEnabledIdentityBaseResource apis.SSharableBaseResource apis.SStatusResourceBase Type string `json:"type"` Keys string `json:"keys"` Level int `json:"level"` }
SOrganization is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SOrganization.
type SOrganizationDetails ¶
type SOrganizationDetails struct { EnabledIdentityBaseResourceDetails apis.SharableResourceBaseInfo SOrganization }
type SOrganizationInfo ¶
type SOrganizationInfo struct { Keys []string `json:"levels,omitempty"` Tags map[string]string `json:"tags,omitempty"` }
func (*SOrganizationInfo) IsZero ¶
func (info *SOrganizationInfo) IsZero() bool
func (*SOrganizationInfo) String ¶
func (info *SOrganizationInfo) String() string
type SOrganizationNode ¶
type SOrganizationNode struct { apis.SStandaloneResourceBase apis.SPendingDeletedBase OrgId string `json:"org_id"` FullLabel string `json:"full_label"` Level int `json:"level"` Weight int `json:"weight"` }
SOrganizationNode is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SOrganizationNode.
type SOrganizationNodeDetails ¶
type SOrganizationNodeDetails struct { apis.StandaloneResourceDetails SOrganizationNode Tags tagutils.TTagSet `json:"tags"` Organization string `json:"organization"` Type TOrgType `json:"type"` }
type SOrganizationNodeInfo ¶
type SPassword ¶
type SPassword struct { apis.SResourceBase Id int `json:"id"` LocalUserId int `json:"local_user_id"` Password string `json:"password"` SelfService bool `json:"self_service"` PasswordHash string `json:"password_hash"` CreatedAtInt int64 `json:"created_at_int"` ExpiresAtInt int64 `json:"expires_at_int"` }
SPassword is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SPassword.
type SPolicy ¶
type SPolicy struct { SEnabledIdentityBaseResource apis.SSharableBaseResource // swagger:ignore // Deprecated Type string `json:"type"` // 权限定义 Blob jsonutils.JSONObject `json:"blob"` // 权限范围 Scope string `json:"scope"` // 是否为系统权限 IsSystem *bool `json:"is_system,omitempty"` // 匹配的项目标签 ProjectTags []tagutils.STag `json:"project_tags"` // 匹配的域标签 DomainTags []tagutils.STag `json:"domain_tags"` // 匹配的资源标签 ObjectTags []tagutils.STag `json:"object_tags"` // 匹配的组织架构节点 OrgNodeId []string `json:"org_node_id"` }
SPolicy is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SPolicy.
type SProject ¶
type SProject struct { SIdentityBaseResource // 上级项目或域的ID ParentId string `json:"parent_id"` // 该项目是否为域(domain) IsDomain *bool `json:"is_domain,omitempty"` AdminId string `json:"admin_id"` }
SProject is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SProject.
type SProjectAddUserGroupInput ¶
type SProjectAddUserGroupInput struct { Users []string Groups []string Roles []string EnableAllUsers bool }
func (SProjectAddUserGroupInput) Validate ¶
func (input SProjectAddUserGroupInput) Validate() error
type SProjectExtended ¶
SProjectExtended is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SProjectExtended.
type SProjectOrganization ¶
type SProjectOrganization struct { Id string Name string Keys []string Nodes []SProjectOrganizationNode }
type SProjectRemoveUserGroupInput ¶
type SProjectRemoveUserGroupInput struct { UserRoles []SUserRole GroupRoles []SGroupRole }
func (SProjectRemoveUserGroupInput) Validate ¶
func (input SProjectRemoveUserGroupInput) Validate() error
type SProjectRole ¶
type SProjectSetAdminInput ¶
type SProjectSetAdminInput struct {
UserId string
}
type SRegion ¶
type SRegion struct { apis.SStandaloneResourceBase ParentRegionId string `json:"parent_region_id"` Extra *jsonutils.JSONDict `json:"extra"` }
SRegion is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SRegion.
type SRole ¶
type SRole struct { SIdentityBaseResource apis.SSharableBaseResource }
SRole is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SRole.
type SRoleAssignment ¶
type SRoleAssignment struct { // 归属范围 Scope struct { // 归属域信息 Domain SIdentityObject `json:"domain"` // 归属项目信息,归属范围为项目时有值 Project SDomainObjectWithMetadata `json:"project"` } `json:"scope"` // 用户信息 User SDomainObject `json:"user"` // 用户组信息 Group SDomainObject `json:"group"` // 用户加入项目的角色信息 Role SDomainObject `json:"role"` // 用户角色关联的权限信息 Policies struct { // 关联的项目权限名称列表 Project []string `json:"project"` // 关联的域权限名称列表 Domain []string `json:"domain"` // 关联的系统权限名称列表 System []string `json:"system"` } `json:"policies"` }
func (*SRoleAssignment) GetLoginIp ¶
func (ra *SRoleAssignment) GetLoginIp() string
func (*SRoleAssignment) GetProjectId ¶
func (ra *SRoleAssignment) GetProjectId() string
func (*SRoleAssignment) GetRoleIds ¶
func (ra *SRoleAssignment) GetRoleIds() []string
func (*SRoleAssignment) GetTokenString ¶
func (ra *SRoleAssignment) GetTokenString() string
type SRolePolicy ¶
type SRolePolicy struct { apis.SResourceBase // 角色ID, 主键 RoleId string `json:"role_id"` // 项目ID,主键 ProjectId string `json:"project_id"` // 权限ID, 主键 PolicyId string `json:"policy_id"` // 是否需要认证 Auth *bool `json:"auth,omitempty"` // 匹配的IP白名单 Ips string `json:"ips"` // 匹配开始时间 ValidSince time.Time `json:"valid_since"` // 匹配结束时间 ValidUntil time.Time `json:"valid_until"` }
SRolePolicy is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SRolePolicy.
type SSAMLAzureADConfigOptions ¶
type SSAMLAzureADConfigOptions struct { TenantId string `json:"tenant_id"` SSAMLIdpBaseConfigOptions SIdpAttributeOptions }
type SSAMLIdpBaseConfigOptions ¶
type SSAMLIdpBaseConfigOptions struct {
AllowIdpInit *bool `json:"allow_idp_init"`
}
type SSAMLIdpConfigOptions ¶
type SSAMLIdpConfigOptions struct { EntityId string `json:"entity_id"` RedirectSSOUrl string `json:"redirect_sso_url"` SSAMLIdpBaseConfigOptions SIdpAttributeOptions }
type SSAMLTestIdpConfigOptions ¶
type SSAMLTestIdpConfigOptions struct { // empty SSAMLIdpBaseConfigOptions }
type SScopeResource ¶
type SScopeResource struct { DomainId string `json:"domain_id"` ProjectId string `json:"project_id"` OwnerId string `json:"owner_id"` RegionId string `json:"region_id"` ServiceId string `json:"service_id"` Resource string `json:"resource"` Count int `json:"count"` }
SScopeResource is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SScopeResource.
type SService ¶
type SService struct { apis.SStandaloneResourceBase Type string `json:"type"` Enabled *bool `json:"enabled,omitempty"` Extra *jsonutils.JSONDict `json:"extra"` ConfigVersion int `json:"config_version"` }
SService is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SService.
type SServiceCertificate ¶
type SServiceCertificate struct { apis.SStandaloneResourceBase apis.SCertificateResourceBase CaCertificate string `json:"ca_certificate"` CaPrivateKey string `json:"ca_private_key"` }
SServiceCertificate is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SServiceCertificate.
type STokenCache ¶
type STokenCache struct { apis.SStandaloneAnonResourceBase Valid bool `json:"valid"` Method string `json:"method"` AuditIds string `json:"audit_ids"` UserId string `json:"user_id"` ProjectId string `json:"project_id"` DomainId string `json:"domain_id"` Source string `json:"source"` Ip string `json:"ip"` }
STokenCache is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.STokenCache.
type SUser ¶
type SUser struct { apis.SRecordChecksumResourceBase SEnabledIdentityBaseResource // 用户邮箱 Email string `json:"email"` // 用户手机号 Mobile string `json:"mobile"` // 显示名称,用户登录后显示在右上角菜单入口 Displayname string `json:"displayname"` // 上次登录时间 LastActiveAt time.Time `json:"last_active_at"` // 上次用户登录IP LastLoginIp string `json:"last_login_ip"` // 上次用户登录方式,可能值有:web(web控制台),cli(命令行climc),API(api) LastLoginSource string `json:"last_login_source"` // 是否为系统账号,系统账号不会检查密码复杂度,默认不在列表显示 IsSystemAccount *bool `json:"is_system_account,omitempty"` // deprecated DefaultProjectId string `json:"default_project_id"` // 是否允许登录Web控制台,如果是用于API访问的用户,可禁用web控制台登录 AllowWebConsole *bool `json:"allow_web_console,omitempty"` // 是否开启MFA EnableMfa *bool `json:"enable_mfa,omitempty"` // 用户的默认语言设置,默认是zh_CN Lang string `json:"lang"` }
SUser is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SUser.
type SUserExtended ¶
type SUserExtended struct { Id string Name string Enabled bool DefaultProjectId string CreatedAt time.Time LastActiveAt time.Time DomainId string IsSystemAccount bool Displayname string Email string Mobile string LocalId int LocalName string LocalFailedAuthCount int DomainName string DomainEnabled bool IsLocal bool AuditIds []string }
type SUserOption ¶
type SUserOption struct { UserId string `json:"user_id"` OptionId string `json:"option_id"` OptionValue string `json:"option_value"` }
SUserOption is an autogenerated struct via yunion.io/x/onecloud/pkg/keystone/models.SUserOption.
type ServiceDetails ¶
type ServiceDetails struct { apis.StandaloneResourceDetails SService EndpointCount int `json:"endpoint_count"` }
type ServiceFilterListInput ¶
type ServiceFilterListInput struct { // 服务类型过滤 ServiceType string `json:"service_type"` // 服务名称或ID过滤 ServiceId string `json:"service_id"` // swagger:ignore // Deprecated // filter by service_id Service string `json:"service" yunion-deprecated-by:"service_id"` // 以服务名称排序 OrderByService string `json:"order_by_service"` }
type ServiceListInput ¶
type ServiceListInput struct { apis.StandaloneResourceListInput // 以Service Type过滤 Type []string `json:"type"` // 是否启用/禁用 Enabled *bool `json:"enabled"` }
type UserCreateInput ¶
type UserCreateInput struct { EnabledIdentityBaseResourceCreateInput Email string `json:"email"` Mobile string `json:"mobile"` Displayname string `json:"displayname"` IsSystemAccount *bool `json:"is_system_account"` AllowWebConsole *bool `json:"allow_web_console"` EnableMfa *bool `json:"enable_mfa"` Password string `json:"password"` SkipPasswordComplexityCheck *bool `json:"skip_password_complexity_check"` IdpId string `json:"idp_id"` IdpEntityId string `json:"idp_entity_id"` Lang string `json:"lang"` }
type UserDetails ¶
type UserDetails struct { EnabledIdentityBaseResourceDetails SUser UserUsage // 归属该用户的外部资源统计信息 ExternalResourceInfo // 用户归属的的项目信息 Projects []SFetchDomainObjectWithMetadata `json:"projects"` // 用户归属的组 Groups []SUserGroup `json:"groups"` }
type UserFilterListInput ¶
type UserFilterListInput struct { // 用户归属域 UserDomainId string `json:"user_domain_id"` // swagger:ignore // Deprecated UserDomain string `json:"user_domain" yunion-deprecated-by:"user_domain_id"` // filter by user UserId string `json:"user_id"` // swagger:ignore // Deprecated // filter by user_id User string `json:"user" yunion-deprecated-by:"user_id"` }
type UserLinkIdpInput ¶
type UserListInput ¶
type UserListInput struct { EnabledIdentityBaseResourceListInput GroupFilterListInput ProjectFilterListInput RoleFilterListInput // 角色生效所在的域 RoleAssignmentDomainId string `json:"role_assignment_domain_id"` // 角色生效所在的项目 RoleAssignmentProjectId string `json:"role_assignment_project_id"` // email Email string `json:"email"` // mobile Mobile string `json:"mobile"` // displayname Displayname string `json:"displayname"` // 是否允许web控制台登录 AllowWebConsole *bool `json:"allow_web_console"` // 是否开启MFA认证 EnableMfa *bool `json:"enable_mfa"` // 关联IDP IdpId string `json:"idp_id"` // 按IDP_ENTITY_ID过滤 IdpEntityId string `json:"idp_entity_id"` }
type UserUnlinkIdpInput ¶
type UserUnlinkIdpInput UserLinkIdpInput
type UserUpdateInput ¶
type UserUpdateInput struct { EnabledIdentityBaseUpdateInput Email string `json:"email"` Mobile string `json:"mobile"` Displayname string `json:"displayname"` IsSystemAccount *bool `json:"is_system_account"` AllowWebConsole *bool `json:"allow_web_console"` EnableMfa *bool `json:"enable_mfa"` Password string `json:"password"` SkipPasswordComplexityCheck *bool `json:"skip_password_complexity_check"` Lang string `json:"lang"` }
type UserUsage ¶
type UserUsage struct { // 用户归属用户组的数量 GroupCount int `json:"group_count"` // 用户归属项目的数量 ProjectCount int `json:"project_count"` // 归属该用户的密钥凭证(含AKSK,TOTP,Secret等)的数量 CredentialCount int `json:"credential_count"` // 连续登录失败的次数 FailedAuthCount int `json:"failed_auth_count"` // 上传登录失败的时间 FailedAuthAt time.Time `json:"failed_auth_at"` // 登录后是否需要重置密码 NeedResetPassword bool `json:"need_reset_password"` // 重置密码原因: admin_reset|expire PasswordResetHint string `json:"password_reset_hint"` // 密码过期时间(如果开启了密码过期) PasswordExpiresAt time.Time `json:"password_expires_at"` // 该用户是否为本地用户(SQL维护的用户) IsLocal bool `json:"is_local"` // 该用户关联的外部认证源的认证信息 Idps []IdpResourceInfo `json:"idps"` }
Source Files ¶
- aksk.go
- assignments.go
- cas.go
- config.go
- consts.go
- credential.go
- doc.go
- domain.go
- endpoint.go
- fernet.go
- group.go
- identityprovider.go
- input.go
- oauth2.go
- oidc.go
- organization.go
- output.go
- policy.go
- project.go
- region.go
- resource.go
- role.go
- rolepolicy.go
- saml.go
- service.go
- user.go
- usrext.go
- zz_generated.model.go