models

package
v0.3.10-0-alpha.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 28, 2022 License: Apache-2.0 Imports: 53 Imported by: 13

Documentation

Index

Constants

View Source
const (
	ROLE_DEFAULT_DOMAIN_ID = "<<null>>"
)

Variables

View Source
var (
	IdentityQuota               SIdentityQuota
	IdentityQuotaManager        *SQuotaManager
	IdentityUsageManager        *SQuotaManager
	IdentityPendingUsageManager *SQuotaManager
)

Functions

func AddAdhocHandlers

func AddAdhocHandlers(version string, app *appsrv.Application)

func AutoSyncIdentityProviderTask

func AutoSyncIdentityProviderTask(ctx context.Context, userCred mcclient.TokenCredential, isStart bool)

func GetConfigs

func GetConfigs(model db.IModel, sensitive bool, whiteList, blackList map[string][]string) (api.TConfigs, error)

func GetDefaultAdminCred

func GetDefaultAdminCred() mcclient.TokenCredential

func GetDefaultClient

func GetDefaultClient() *mcclient.Client

func GetDefaultClientSession

func GetDefaultClientSession(ctx context.Context, token mcclient.TokenCredential, region string) *mcclient.ClientSession

func GetUserLangForKeyStone

func GetUserLangForKeyStone(uids []string) (map[string]string, error)

func InitDB

func InitDB() error

func InitSyncWorkers

func InitSyncWorkers()

func NewServiceConfigSession

func NewServiceConfigSession() common_options.IServiceConfigSession

func NormalizeProjectName

func NormalizeProjectName(name string) string

func Usage

func Usage(result rbacutils.SPolicyResult) map[string]int

func VerifyPassword

func VerifyPassword(user *api.SUserExtended, passwd string) error

Types

type IIdentityModel

type IIdentityModel interface {
	db.IStandaloneModel

	GetIIdentityModelManager() IIdentityModelManager

	GetIIdentityModel() IIdentityModel
}

type IIdentityModelManager

type IIdentityModelManager interface {
	db.IStandaloneModelManager

	GetIIdentityModelManager() IIdentityModelManager
}

+onecloud:swagger-gen-ignore

type SAssignment

type SAssignment struct {
	db.SResourceBase

	// 关联类型,分为四类:'UserProject','GroupProject','UserDomain','GroupDomain'
	Type string `width:"16" charset:"ascii" nullable:"false" primary:"true" list:"admin"`
	// 用户或者用户组ID
	ActorId string `width:"64" charset:"ascii" nullable:"false" primary:"true" list:"admin"`
	// 项目或者域ID
	TargetId string `width:"64" charset:"ascii" nullable:"false" primary:"true" list:"admin"`
	// 角色ID
	RoleId string `width:"64" charset:"ascii" nullable:"false" primary:"true" list:"admin"`

	Inherited tristate.TriState `primary:"true" list:"admin"`
}

type SAssignmentManager

type SAssignmentManager struct {
	db.SResourceBaseManager
}

+onecloud:swagger-gen-ignore

var AssignmentManager *SAssignmentManager

func (*SAssignmentManager) FetchAll

func (manager *SAssignmentManager) FetchAll(
	userId, groupId, roleId, domainId, projectId string, projectDomainId string,
	userStrs, groupStrs, roleStrs, domainStrs, projectStrs, projectDomainStrs []string,
	includeNames, effective, includeSub, includeSystem, includePolicies bool,
	limit, offset int) ([]api.SRoleAssignment, int64, error)

func (*SAssignmentManager) FetchUserProjectRoles

func (manager *SAssignmentManager) FetchUserProjectRoles(userId, projId string) ([]SRole, error)

func (*SAssignmentManager) InitializeData

func (manager *SAssignmentManager) InitializeData() error

func (*SAssignmentManager) ProjectAddUser

func (manager *SAssignmentManager) ProjectAddUser(ctx context.Context, userCred mcclient.TokenCredential, project *SProject, user *SUser, role *SRole) error

type SConfigOption

type SConfigOption struct {
	db.SResourceBase
	db.SRecordChecksumResourceBase

	ResType string `width:"32" charset:"ascii" nullable:"false" default:"identity_provider" primary:"true"`
	ResId   string `name:"domain_id" width:"64" charset:"ascii" primary:"true"`
	Group   string `width:"191" charset:"utf8" primary:"true"`
	Option  string `width:"191" charset:"utf8" primary:"true"`

	Value jsonutils.JSONObject `nullable:"false"`
}

type SConfigOptionManager

type SConfigOptionManager struct {
	db.SResourceBaseManager
	db.SRecordChecksumResourceBaseManager
	IsSensitive bool
}

+onecloud:swagger-gen-ignore

var (
	SensitiveConfigManager   *SConfigOptionManager
	WhitelistedConfigManager *SConfigOptionManager
)

type SCredential

type SCredential struct {
	db.SStandaloneResourceBase

	UserId    string `width:"64" charset:"ascii" nullable:"false" list:"user" create:"required"`
	ProjectId string `width:"64" charset:"ascii" nullable:"true" list:"user" create:"required"`
	Type      string `width:"255" charset:"utf8" nullable:"false" list:"user" create:"required"`
	KeyHash   string `width:"64" charset:"ascii" nullable:"false" create:"required"`

	Extra *jsonutils.JSONDict `nullable:"true" list:"admin"`

	EncryptedBlob string `nullable:"false" create:"required"`

	Enabled tristate.TriState `default:"true" list:"user" update:"user" create:"optional"`
}

func (*SCredential) GetAccessKeySecret

func (self *SCredential) GetAccessKeySecret() (*api.SAccessKeySecretBlob, error)

func (*SCredential) GetOwnerId

func (self *SCredential) GetOwnerId() mcclient.IIdentityProvider

func (*SCredential) ValidateDeleteCondition

func (self *SCredential) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SCredential) ValidateUpdateData

type SCredentialManager

var CredentialManager *SCredentialManager

func (*SCredentialManager) DeleteAll

func (manager *SCredentialManager) DeleteAll(ctx context.Context, userCred mcclient.TokenCredential, uid string, credType string) error

func (*SCredentialManager) FetchCredentials

func (manager *SCredentialManager) FetchCredentials(uid string, credType string) ([]SCredential, error)

func (*SCredentialManager) FetchCustomizeColumns

func (manager *SCredentialManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.CredentialDetails

func (*SCredentialManager) FetchOwnerId

func (*SCredentialManager) FilterByOwner

func (*SCredentialManager) InitializeData

func (manager *SCredentialManager) InitializeData() error

func (*SCredentialManager) ListItemFilter

func (manager *SCredentialManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.CredentialListInput,
) (*sqlchemy.SQuery, error)

用户信用凭证列表

func (*SCredentialManager) OrderByExtraFields

func (manager *SCredentialManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.CredentialListInput,
) (*sqlchemy.SQuery, error)

func (*SCredentialManager) QueryDistinctExtraField

func (manager *SCredentialManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SCredentialManager) ResourceScope

func (manager *SCredentialManager) ResourceScope() rbacutils.TRbacScope

func (*SCredentialManager) ValidateCreateData

type SDomain

type SDomain struct {
	db.SStandaloneResourceBase

	// 额外信息
	Extra *jsonutils.JSONDict `nullable:"true"`

	// 改域是否启用
	Enabled tristate.TriState `default:"true" list:"admin" update:"admin" create:"admin_optional"`

	// 是否为域
	IsDomain tristate.TriState `default:"false"`

	DomainId string `width:"64" charset:"ascii" default:"default" nullable:"false" index:"true"`
	ParentId string `width:"64" charset:"ascii"`
}

func (*SDomain) AllowPerformUnlinkIdp

func (domain *SDomain) AllowPerformUnlinkIdp(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.UserUnlinkIdpInput,
) bool

func (*SDomain) CustomizeCreate

func (domain *SDomain) CustomizeCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject) error

func (*SDomain) Delete

func (domain *SDomain) Delete(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SDomain) DeleteUserGroups

func (domain *SDomain) DeleteUserGroups(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SDomain) GetGroupCount

func (domain *SDomain) GetGroupCount() (int, error)

func (*SDomain) GetIdpCount

func (domain *SDomain) GetIdpCount() (int, error)

func (*SDomain) GetPolicyCount

func (domain *SDomain) GetPolicyCount() (int, error)

func (*SDomain) GetProjectCount

func (domain *SDomain) GetProjectCount() (int, error)

func (*SDomain) GetRoleCount

func (domain *SDomain) GetRoleCount() (int, error)

func (*SDomain) GetUserCount

func (domain *SDomain) GetUserCount() (int, error)

func (*SDomain) IsReadOnly

func (domain *SDomain) IsReadOnly() bool

func (*SDomain) PerformUnlinkIdp

func (domain *SDomain) PerformUnlinkIdp(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.UserUnlinkIdpInput,
) (jsonutils.JSONObject, error)

domain和IDP的指定entityId解除关联

func (*SDomain) PostCreate

func (domain *SDomain) PostCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SDomain) PostDelete

func (domain *SDomain) PostDelete(ctx context.Context, userCred mcclient.TokenCredential)

func (*SDomain) PostUpdate

func (domain *SDomain) PostUpdate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SDomain) UnlinkIdp

func (domain *SDomain) UnlinkIdp(idpId string) error

func (*SDomain) ValidateDeleteCondition

func (domain *SDomain) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SDomain) ValidatePurgeCondition

func (domain *SDomain) ValidatePurgeCondition(ctx context.Context) error

func (*SDomain) ValidateUpdateCondition

func (domain *SDomain) ValidateUpdateCondition(ctx context.Context) error

func (*SDomain) ValidateUpdateData

func (domain *SDomain) ValidateUpdateData(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.DomainUpdateInput) (api.DomainUpdateInput, error)

type SDomainManager

type SDomainManager struct {
	db.SStandaloneResourceBaseManager
}
var (
	DomainManager *SDomainManager
)

func (*SDomainManager) FetchCustomizeColumns

func (manager *SDomainManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.DomainDetails

func (*SDomainManager) FetchDomain

func (manager *SDomainManager) FetchDomain(domainId string, domainName string) (*SDomain, error)

func (*SDomainManager) FetchDomainById

func (manager *SDomainManager) FetchDomainById(domainId string) (*SDomain, error)

func (*SDomainManager) FetchDomainByIdOrName

func (manager *SDomainManager) FetchDomainByIdOrName(domain string) (*SDomain, error)

func (*SDomainManager) FetchDomainByName

func (manager *SDomainManager) FetchDomainByName(domainName string) (*SDomain, error)

func (*SDomainManager) InitializeData

func (manager *SDomainManager) InitializeData() error

func (*SDomainManager) ListItemFilter

func (manager *SDomainManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.DomainListInput,
) (*sqlchemy.SQuery, error)

域列表

func (*SDomainManager) OrderByExtraFields

func (manager *SDomainManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.DomainListInput,
) (*sqlchemy.SQuery, error)

func (*SDomainManager) Query

func (manager *SDomainManager) Query(fields ...string) *sqlchemy.SQuery

func (*SDomainManager) QueryDistinctExtraField

func (manager *SDomainManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SDomainManager) ValidateCreateData

func (manager *SDomainManager) ValidateCreateData(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	ownerId mcclient.IIdentityProvider,
	query jsonutils.JSONObject,
	input api.DomainCreateInput,
) (api.DomainCreateInput, error)

type SEnabledIdentityBaseResource

type SEnabledIdentityBaseResource struct {
	SIdentityBaseResource

	Enabled tristate.TriState `default:"true" list:"user" update:"domain" create:"domain_optional"`
}

func (*SEnabledIdentityBaseResource) ValidateDeleteCondition

func (self *SEnabledIdentityBaseResource) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SEnabledIdentityBaseResource) ValidateUpdateData

type SEnabledIdentityBaseResourceManager

type SEnabledIdentityBaseResourceManager struct {
	SIdentityBaseResourceManager
}

+onecloud:swagger-gen-ignore

func NewEnabledIdentityBaseResourceManager

func NewEnabledIdentityBaseResourceManager(dt interface{}, tableName string, keyword string, keywordPlural string) SEnabledIdentityBaseResourceManager

func (*SEnabledIdentityBaseResourceManager) FetchCustomizeColumns

func (manager *SEnabledIdentityBaseResourceManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.EnabledIdentityBaseResourceDetails

func (*SEnabledIdentityBaseResourceManager) ListItemFilter

func (*SEnabledIdentityBaseResourceManager) OrderByExtraFields

func (*SEnabledIdentityBaseResourceManager) QueryDistinctExtraField

func (manager *SEnabledIdentityBaseResourceManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

type SEndpoint

type SEndpoint struct {
	db.SStandaloneResourceBase

	LegacyEndpointId     string              `width:"64" charset:"ascii" nullable:"true"`
	Interface            string              `width:"8" charset:"ascii" nullable:"false" list:"admin" create:"admin_required"`
	ServiceId            string              `width:"64" charset:"ascii" nullable:"false" list:"admin" create:"admin_required"`
	Url                  string              `charset:"utf8" nullable:"false" list:"admin" update:"admin" create:"admin_required"`
	Extra                *jsonutils.JSONDict `nullable:"true"`
	Enabled              tristate.TriState   `default:"true" list:"admin" update:"admin" create:"admin_optional"`
	RegionId             string              `width:"255" charset:"utf8" nullable:"true" list:"admin" create:"admin_required"`
	ServiceCertificateId string              `nullable:"true" create:"admin_optional" update:"admin"`
}

func (*SEndpoint) PostCreate

func (endpoint *SEndpoint) PostCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SEndpoint) PostDelete

func (endpoint *SEndpoint) PostDelete(ctx context.Context, userCred mcclient.TokenCredential)

func (*SEndpoint) PostUpdate

func (endpoint *SEndpoint) PostUpdate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SEndpoint) ValidateDeleteCondition

func (endpoint *SEndpoint) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SEndpoint) ValidateUpdateData

func (endpoint *SEndpoint) ValidateUpdateData(
	ctx context.Context, userCred mcclient.TokenCredential,
	query jsonutils.JSONObject, data *jsonutils.JSONDict,
) (*jsonutils.JSONDict, error)

type SEndpointExtended

type SEndpointExtended struct {
	Id          string
	Name        string
	Interface   string
	Url         string
	Region      string
	RegionId    string
	ServiceId   string
	ServiceType string
	ServiceName string
}

type SEndpointManager

type SEndpointManager struct {
	db.SStandaloneResourceBaseManager
	SServiceResourceBaseManager
	SRegionResourceBaseManager
	// contains filtered or unexported fields
}
var EndpointManager *SEndpointManager

func (*SEndpointManager) FetchAll

func (manager *SEndpointManager) FetchAll() (SServiceCatalog, error)

func (*SEndpointManager) FetchCustomizeColumns

func (manager *SEndpointManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.EndpointDetails

func (*SEndpointManager) InitializeData

func (manager *SEndpointManager) InitializeData() error

func (*SEndpointManager) IsEtcdInformerBackend

func (manager *SEndpointManager) IsEtcdInformerBackend(ep *SEndpoint) bool

func (*SEndpointManager) ListItemFilter

func (manager *SEndpointManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.EndpointListInput,
) (*sqlchemy.SQuery, error)

服务地址列表

func (*SEndpointManager) OrderByExtraFields

func (manager *SEndpointManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.EndpointListInput,
) (*sqlchemy.SQuery, error)

func (*SEndpointManager) QueryDistinctExtraField

func (manager *SEndpointManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SEndpointManager) SetEtcdInformerBackend

func (manager *SEndpointManager) SetEtcdInformerBackend(ep *SEndpoint) error

func (*SEndpointManager) SetInformerBackend

func (manager *SEndpointManager) SetInformerBackend() error

func (*SEndpointManager) SetInformerBackendByEndpoint

func (manager *SEndpointManager) SetInformerBackendByEndpoint(ep *SEndpoint)

func (*SEndpointManager) SetInformerBackendUntilSuccess

func (manager *SEndpointManager) SetInformerBackendUntilSuccess(ep *SEndpoint)

func (*SEndpointManager) ValidateCreateData

func (manager *SEndpointManager) ValidateCreateData(
	ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider,
	query jsonutils.JSONObject, data *jsonutils.JSONDict,
) (*jsonutils.JSONDict, error)

type SFederatedUser

type SFederatedUser struct {
	db.SResourceBase

	Id          int    `nullable:"false" primary:"true" auto_increment:"true"`
	UserId      string `width:"64" charset:"ascii" nullable:"false" index:"true"`
	IdpId       string `width:"64" charset:"ascii" nullable:"false" index:"true"`
	ProtocolId  string `width:"64" charset:"ascii" nullable:"false" index:"true"`
	UniqueId    string `width:"255" charset:"ascii" nullable:"false"`
	DisplayName string `width:"255" charset:"utf8" nullable:"true"`
}

type SFederatedUserManager

type SFederatedUserManager struct {
	db.SResourceBaseManager
}

+onecloud:swagger-gen-ignore

var (
	FederatedUserManager *SFederatedUserManager
)

type SFederationProtocol

type SFederationProtocol struct {
	db.SModelBase

	Id        string `width:"64" charset:"ascii" nullable:"false" primary:"true"`
	IdpId     string `width:"64" charset:"ascii" nullable:"false" primary:"true"`
	MappingId string `width:"64" charset:"ascii" nullable:"false"`
}

type SFederationProtocolManager

type SFederationProtocolManager struct {
	db.SModelBaseManager
}

+onecloud:swagger-gen-ignore

var (
	FederationProtocolManager *SFederationProtocolManager
)

type SFernetKey

type SFernetKey struct {
	db.SModelBase

	Type  string `width:"36" charset:"ascii" nullable:"false" primary:"true"`
	Index int    `nullable:"false" primary:"true"`
	Key   string `width:"64" charset:"ascii" nullable:"false"`
}

type SFernetKeyManager

type SFernetKeyManager struct {
	db.SModelBaseManager
}

+onecloud:swagger-gen-ignore

var (
	FernetKeyManager *SFernetKeyManager
)

func (*SFernetKeyManager) InitializeData

func (manager *SFernetKeyManager) InitializeData() error

type SGroup

type SGroup struct {
	SIdentityBaseResource

	// 用户组的显示名称
	Displayname string `with:"128" charset:"utf8" nullable:"true" list:"domain" update:"domain" create:"domain_optional"`
}

func (*SGroup) AllowPerformAddUsers

func (group *SGroup) AllowPerformAddUsers(ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.PerformGroupAddUsersInput,
) bool

func (*SGroup) AllowPerformJoin

func (group *SGroup) AllowPerformJoin(ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.SJoinProjectsInput,
) bool

func (*SGroup) AllowPerformLeave

func (group *SGroup) AllowPerformLeave(ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.SLeaveProjectsInput,
) bool

func (*SGroup) AllowPerformRemoveUsers

func (group *SGroup) AllowPerformRemoveUsers(ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.PerformGroupRemoveUsersInput,
) bool

func (*SGroup) Delete

func (group *SGroup) Delete(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SGroup) GetProjectCount

func (group *SGroup) GetProjectCount() (int, error)

func (*SGroup) GetUsages

func (group *SGroup) GetUsages() []db.IUsage

func (*SGroup) GetUserCount

func (group *SGroup) GetUserCount() (int, error)

func (*SGroup) IsReadOnly

func (group *SGroup) IsReadOnly() bool

func (*SGroup) LinkedWithIdp

func (group *SGroup) LinkedWithIdp(idpId string) bool

func (*SGroup) PerformAddUsers

func (group *SGroup) PerformAddUsers(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.PerformGroupAddUsersInput,
) (jsonutils.JSONObject, error)

组添加用户

func (*SGroup) PerformJoin

func (group *SGroup) PerformJoin(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.SJoinProjectsInput,
) (jsonutils.JSONObject, error)

组加入项目

func (*SGroup) PerformLeave

func (group *SGroup) PerformLeave(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.SLeaveProjectsInput,
) (jsonutils.JSONObject, error)

组退出项目

func (*SGroup) PerformRemoveUsers

func (group *SGroup) PerformRemoveUsers(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.PerformGroupRemoveUsersInput,
) (jsonutils.JSONObject, error)

组删除用户

func (*SGroup) PostCreate

func (group *SGroup) PostCreate(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	ownerId mcclient.IIdentityProvider,
	query jsonutils.JSONObject,
	data jsonutils.JSONObject,
)

func (*SGroup) UnlinkIdp

func (group *SGroup) UnlinkIdp(idpId string) error

func (*SGroup) ValidateDeleteCondition

func (group *SGroup) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SGroup) ValidateUpdateCondition

func (group *SGroup) ValidateUpdateCondition(ctx context.Context) error

func (*SGroup) ValidateUpdateData

func (group *SGroup) ValidateUpdateData(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.GroupUpdateInput) (api.GroupUpdateInput, error)

type SGroupManager

type SGroupManager struct {
	SIdentityBaseResourceManager
}
var GroupManager *SGroupManager

func (*SGroupManager) FetchCustomizeColumns

func (manager *SGroupManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.GroupDetails

func (*SGroupManager) FetchGroupsInDomain

func (manager *SGroupManager) FetchGroupsInDomain(domainId string, excludes []string) ([]SGroup, error)

func (*SGroupManager) FilterByOwner

func (manager *SGroupManager) FilterByOwner(q *sqlchemy.SQuery, owner mcclient.IIdentityProvider, scope rbacutils.TRbacScope) *sqlchemy.SQuery

func (*SGroupManager) GetContextManagers

func (manager *SGroupManager) GetContextManagers() [][]db.IModelManager

func (*SGroupManager) ListItemFilter

func (manager *SGroupManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.GroupListInput,
) (*sqlchemy.SQuery, error)

用户组列表

func (*SGroupManager) NamespaceScope

func (manager *SGroupManager) NamespaceScope() rbacutils.TRbacScope

func (*SGroupManager) OrderByExtraFields

func (manager *SGroupManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.GroupListInput,
) (*sqlchemy.SQuery, error)

func (*SGroupManager) QueryDistinctExtraField

func (manager *SGroupManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SGroupManager) RegisterExternalGroup

func (manager *SGroupManager) RegisterExternalGroup(ctx context.Context, idpId string, domainId string, groupId string, groupName string) (*SGroup, error)

func (*SGroupManager) ValidateCreateData

func (manager *SGroupManager) ValidateCreateData(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	ownerId mcclient.IIdentityProvider,
	query jsonutils.JSONObject,
	input api.GroupCreateInput,
) (api.GroupCreateInput, error)

type SGroupResourceBaseManager

type SGroupResourceBaseManager struct{}

func (*SGroupResourceBaseManager) ListItemFilter

type SIdentityBaseResource

type SIdentityBaseResource struct {
	db.SStandaloneResourceBase
	db.SDomainizedResourceBase

	// 额外信息
	Extra *jsonutils.JSONDict `nullable:"true"`
}

func (*SIdentityBaseResource) CustomizeCreate

func (*SIdentityBaseResource) GetDomain

func (model *SIdentityBaseResource) GetDomain() *SDomain

func (*SIdentityBaseResource) GetIIdentityModel

func (model *SIdentityBaseResource) GetIIdentityModel() IIdentityModel

func (*SIdentityBaseResource) GetIIdentityModelManager

func (model *SIdentityBaseResource) GetIIdentityModelManager() IIdentityModelManager

func (*SIdentityBaseResource) PostCreate

func (*SIdentityBaseResource) PostDelete

func (model *SIdentityBaseResource) PostDelete(ctx context.Context, userCred mcclient.TokenCredential)

func (*SIdentityBaseResource) PostUpdate

func (*SIdentityBaseResource) ValidateUpdateData

type SIdentityBaseResourceManager

type SIdentityBaseResourceManager struct {
	db.SStandaloneResourceBaseManager
	db.SDomainizedResourceBaseManager
}

+onecloud:swagger-gen-ignore

func NewIdentityBaseResourceManager

func NewIdentityBaseResourceManager(dt interface{}, tableName string, keyword string, keywordPlural string) SIdentityBaseResourceManager

func (*SIdentityBaseResourceManager) FetchByIdOrName

func (manager *SIdentityBaseResourceManager) FetchByIdOrName(userCred mcclient.IIdentityProvider, idStr string) (db.IModel, error)

func (*SIdentityBaseResourceManager) FetchByName

func (manager *SIdentityBaseResourceManager) FetchByName(userCred mcclient.IIdentityProvider, idStr string) (db.IModel, error)

func (*SIdentityBaseResourceManager) FetchCustomizeColumns

func (manager *SIdentityBaseResourceManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.IdentityBaseResourceDetails

func (*SIdentityBaseResourceManager) GetIIdentityModelManager

func (manager *SIdentityBaseResourceManager) GetIIdentityModelManager() IIdentityModelManager

func (*SIdentityBaseResourceManager) GetPropertyDomainTagValuePairs

func (manager *SIdentityBaseResourceManager) GetPropertyDomainTagValuePairs(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
) (jsonutils.JSONObject, error)

func (*SIdentityBaseResourceManager) GetPropertyDomainTagValueTree

func (manager *SIdentityBaseResourceManager) GetPropertyDomainTagValueTree(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
) (jsonutils.JSONObject, error)

func (*SIdentityBaseResourceManager) ListItemExportKeys

func (*SIdentityBaseResourceManager) ListItemFilter

func (*SIdentityBaseResourceManager) OrderByExtraFields

func (*SIdentityBaseResourceManager) QueryDistinctExtraField

func (manager *SIdentityBaseResourceManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

type SIdentityProvider

type SIdentityProvider struct {
	db.SEnabledStatusStandaloneResourceBase

	db.SDomainizedResourceBase `default:""`

	Driver   string `width:"32" charset:"ascii" nullable:"false" list:"domain" create:"domain_required"`
	Template string `width:"32" charset:"ascii" nullable:"true" list:"domain" create:"domain_optional"`

	TargetDomainId string `width:"64" charset:"ascii" nullable:"true" list:"domain" create:"admin_optional"`

	// 是否自动创建项目
	AutoCreateProject tristate.TriState `default:"true" list:"domain" create:"domain_optional" update:"domain"`
	// 是否自动创建用户
	AutoCreateUser tristate.TriState `list:"domain" create:"domain_optional" update:"domain"`

	ErrorCount int `list:"domain"`

	SyncStatus    string    `width:"10" charset:"ascii" default:"idle" list:"domain"`
	LastSync      time.Time `list:"domain"` // = Column(DateTime, nullable=True)
	LastSyncEndAt time.Time `list:"domain"`

	SyncIntervalSeconds int `create:"domain_optional" update:"domain"`

	// 认证源图标
	IconUri string `width:"256" charset:"utf8" nullable:"true" list:"user" create:"domain_optional" update:"domain"`
	// 是否是SSO登录方式
	IsSso tristate.TriState `list:"domain"`
	// 是否是缺省SSO登录方式
	IsDefault tristate.TriState `list:"domain"`
}

func (*SIdentityProvider) AllowGetDetailsConfig

func (self *SIdentityProvider) AllowGetDetailsConfig(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject) bool

func (*SIdentityProvider) AllowGetDetailsSamlMetadata

func (idp *SIdentityProvider) AllowGetDetailsSamlMetadata(ctx context.Context, userCred mcclient.TokenCredential, query api.GetIdpSamlMetadataInput) bool

func (*SIdentityProvider) AllowGetDetailsSsoRedirectUri

func (idp *SIdentityProvider) AllowGetDetailsSsoRedirectUri(ctx context.Context, userCred mcclient.TokenCredential, query api.GetIdpSsoRedirectUriInput) bool

func (*SIdentityProvider) AllowPerformConfig

func (ident *SIdentityProvider) AllowPerformConfig(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.PerformConfigInput) bool

配置认证源

func (*SIdentityProvider) AllowPerformSync

func (self *SIdentityProvider) AllowPerformSync(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, data jsonutils.JSONObject) bool

func (*SIdentityProvider) CanSync

func (self *SIdentityProvider) CanSync() bool

func (*SIdentityProvider) CustomizeCreate

func (*SIdentityProvider) CustomizeDelete

func (self *SIdentityProvider) CustomizeDelete(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, data jsonutils.JSONObject) error

func (*SIdentityProvider) Delete

func (self *SIdentityProvider) Delete(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SIdentityProvider) GetDetailsConfig

func (self *SIdentityProvider) GetDetailsConfig(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject) (jsonutils.JSONObject, error)

func (*SIdentityProvider) GetDetailsSamlMetadata

func (*SIdentityProvider) GetDetailsSsoCallbackUri

func (*SIdentityProvider) GetDetailsSsoRedirectUri

func (*SIdentityProvider) GetDomainCount

func (self *SIdentityProvider) GetDomainCount() (int, error)

func (*SIdentityProvider) GetGroupCount

func (self *SIdentityProvider) GetGroupCount() (int, error)

func (*SIdentityProvider) GetPolicyCount

func (self *SIdentityProvider) GetPolicyCount() (int, error)

func (*SIdentityProvider) GetProjectCount

func (self *SIdentityProvider) GetProjectCount() (int, error)

func (*SIdentityProvider) GetRoleCount

func (self *SIdentityProvider) GetRoleCount() (int, error)

func (*SIdentityProvider) GetSingleDomain

func (self *SIdentityProvider) GetSingleDomain(ctx context.Context, extId string, extName string, extDesc string, createDefaultProject bool) (*SDomain, error)

func (*SIdentityProvider) GetUserCount

func (self *SIdentityProvider) GetUserCount() (int, error)

func (*SIdentityProvider) MarkConnected

func (ident *SIdentityProvider) MarkConnected(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SIdentityProvider) MarkDisconnected

func (ident *SIdentityProvider) MarkDisconnected(ctx context.Context, userCred mcclient.TokenCredential, reason error) error

func (*SIdentityProvider) NeedSync

func (self *SIdentityProvider) NeedSync() bool

func (*SIdentityProvider) PerformConfig

配置认证源

func (*SIdentityProvider) PerformDefaultSso

func (*SIdentityProvider) PerformDisable

func (*SIdentityProvider) PerformEnable

func (*SIdentityProvider) PerformSync

手动同步认证源

func (*SIdentityProvider) PostCreate

func (*SIdentityProvider) Purge

func (self *SIdentityProvider) Purge(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SIdentityProvider) RealDelete

func (self *SIdentityProvider) RealDelete(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SIdentityProvider) SetSyncStatus

func (ident *SIdentityProvider) SetSyncStatus(ctx context.Context, userCred mcclient.TokenCredential, status string) error

func (*SIdentityProvider) SyncOrCreateDomain

func (self *SIdentityProvider) SyncOrCreateDomain(ctx context.Context, extId string, extName string, extDesc string, createDefaultProject bool) (*SDomain, error)

func (*SIdentityProvider) SyncOrCreateDomainAndUser

func (idp *SIdentityProvider) SyncOrCreateDomainAndUser(ctx context.Context, extDomainId, extDomainName string, extUsrId, extUsrName string) (*SDomain, *SUser, error)

func (*SIdentityProvider) SyncOrCreateUser

func (self *SIdentityProvider) SyncOrCreateUser(ctx context.Context, extId string, extName string, domainId string, enableDefault bool, syncUserInfo func(*SUser)) (*SUser, error)

func (*SIdentityProvider) TryUserJoinProject

func (idp *SIdentityProvider) TryUserJoinProject(attrConf api.SIdpAttributeOptions, ctx context.Context, usr *SUser, domainId string, attrs map[string][]string)

func (*SIdentityProvider) ValidateDeleteCondition

func (self *SIdentityProvider) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SIdentityProvider) ValidateUpdateCondition

func (self *SIdentityProvider) ValidateUpdateCondition(ctx context.Context) error

type SIdentityProviderManager

var (
	IdentityProviderManager *SIdentityProviderManager
)

func (*SIdentityProviderManager) CheckUniqueness

func (manager *SIdentityProviderManager) CheckUniqueness(extIdpId string, domainId string, driver string, template string, group string, option string, value jsonutils.JSONObject) (bool, error)

func (*SIdentityProviderManager) FetchCustomizeColumns

func (manager *SIdentityProviderManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.IdentityProviderDetails

func (*SIdentityProviderManager) FetchEnabledProviders

func (manager *SIdentityProviderManager) FetchEnabledProviders(driver string) ([]SIdentityProvider, error)

func (*SIdentityProviderManager) FetchIdentityProviderById

func (manager *SIdentityProviderManager) FetchIdentityProviderById(idstr string) (*SIdentityProvider, error)

func (*SIdentityProviderManager) FetchIdentityProvidersByUserId

func (manager *SIdentityProviderManager) FetchIdentityProvidersByUserId(uid string, drivers []string) ([]SIdentityProvider, error)

func (*SIdentityProviderManager) FetchPasswordProtectedIdpIdsQuery

func (manager *SIdentityProviderManager) FetchPasswordProtectedIdpIdsQuery() *sqlchemy.SSubQuery

func (*SIdentityProviderManager) InitializeData

func (manager *SIdentityProviderManager) InitializeData() error

func (*SIdentityProviderManager) ListItemFilter

func (*SIdentityProviderManager) OrderByExtraFields

func (*SIdentityProviderManager) QueryDistinctExtraField

func (manager *SIdentityProviderManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SIdentityProviderManager) ValidateCreateData

type SIdentityQuota

type SIdentityQuota struct {
	quotas.SQuotaBase

	quotas.SBaseDomainQuotaKeys

	User    int `default:"-1" allow_zero:"true" json:"user"`
	Group   int `default:"-1" allow_zero:"true" json:"group"`
	Project int `default:"-1" allow_zero:"true" json:"project"`
	Role    int `default:"-1" allow_zero:"true" json:"role"`
	Policy  int `default:"-1" allow_zero:"true" json:"policy"`
}

func (*SIdentityQuota) Add

func (self *SIdentityQuota) Add(quota quotas.IQuota)

func (*SIdentityQuota) Allocable

func (self *SIdentityQuota) Allocable(request quotas.IQuota) int

func (*SIdentityQuota) Exceed

func (used *SIdentityQuota) Exceed(request quotas.IQuota, quota quotas.IQuota) error

func (*SIdentityQuota) FetchSystemQuota

func (self *SIdentityQuota) FetchSystemQuota()

func (*SIdentityQuota) FetchUsage

func (self *SIdentityQuota) FetchUsage(ctx context.Context) error

func (*SIdentityQuota) GetKeys

func (self *SIdentityQuota) GetKeys() quotas.IQuotaKeys

func (*SIdentityQuota) IsEmpty

func (self *SIdentityQuota) IsEmpty() bool

func (*SIdentityQuota) ResetNegative

func (self *SIdentityQuota) ResetNegative()

func (*SIdentityQuota) SetKeys

func (self *SIdentityQuota) SetKeys(keys quotas.IQuotaKeys)

func (*SIdentityQuota) Sub

func (self *SIdentityQuota) Sub(quota quotas.IQuota)

func (*SIdentityQuota) ToJSON

func (self *SIdentityQuota) ToJSON(prefix string) jsonutils.JSONObject

func (*SIdentityQuota) Update

func (self *SIdentityQuota) Update(quota quotas.IQuota)

type SIdentityQuotaDetail

type SIdentityQuotaDetail struct {
	SIdentityQuota

	quotas.SBaseDomainQuotaDetailKeys
}

域的认证配额详情

func GetIdentityQuota

func GetIdentityQuota(query quotas.SBaseQuotaQueryInput) *SIdentityQuotaDetail

获取指定域的认证配额

func ListIdentityQuotas

func ListIdentityQuotas(query quotas.SBaseQuotaQueryInput) *SIdentityQuotaDetail

获取所有域的域配额

func SetIdentityQuotas

func SetIdentityQuotas(input SetIdentityQuotaInput) *SIdentityQuotaDetail

设置域的认证配额

type SIdmapping

type SIdmapping struct {
	db.SResourceBase

	PublicId    string `width:"64" charset:"ascii" nullable:"false" primary:"false"`
	IdpId       string `name:"domain_id" width:"64" charset:"ascii" nullable:"false" primary:"true"`
	IdpEntityId string `name:"local_id" width:"128" charset:"utf8" nullable:"false" primary:"true"`
	EntityType  string `width:"10" charset:"ascii" nullable:"false" primary:"true"`
}

type SIdmappingManager

type SIdmappingManager struct {
	db.SResourceBaseManager
}

+onecloud:swagger-gen-ignore

var IdmappingManager *SIdmappingManager

func (*SIdmappingManager) FetchByIdpAndEntityId

func (manager *SIdmappingManager) FetchByIdpAndEntityId(ctx context.Context, idpId string, entityId string, entityType string) (string, error)

func (*SIdmappingManager) FetchEntities

func (manager *SIdmappingManager) FetchEntities(idStr string, entType string) ([]SIdmapping, error)

func (*SIdmappingManager) FetchFirstEntity

func (manager *SIdmappingManager) FetchFirstEntity(idStr string, entType string) (*SIdmapping, error)

func (*SIdmappingManager) FetchPublicIdsExcludes

func (manager *SIdmappingManager) FetchPublicIdsExcludes(idpId string, entityType string, excludes []string) ([]string, error)

func (*SIdmappingManager) FetchPublicIdsExcludesQuery

func (manager *SIdmappingManager) FetchPublicIdsExcludesQuery(idpId string, entityType string, excludes []string) *sqlchemy.SQuery

func (*SIdmappingManager) RegisterIdMap

func (manager *SIdmappingManager) RegisterIdMap(ctx context.Context, idpId string, entityId string, entityType string) (string, error)

func (*SIdmappingManager) RegisterIdMapWithId

func (manager *SIdmappingManager) RegisterIdMapWithId(ctx context.Context, idpId string, entityId string, entityType string, publicId string) (string, error)

type SIdpRemoteIds

type SIdpRemoteIds struct {
	db.SModelBase

	IdpId    string `width:"64" charset:"ascii" nullable:"true"`
	RemoteId string `width:"255" charset:"ascii" nullable:"false" primary:"true"`
}

type SIdpRemoteIdsManager

type SIdpRemoteIdsManager struct {
	db.SModelBaseManager
}

+onecloud:swagger-gen-ignore

var (
	IdpRemoteIdsManager *SIdpRemoteIdsManager
)

type SImpliedRole

type SImpliedRole struct {
	db.SModelBase

	PriorRoleId   string `width:"64" charset:"ascii" nullable:"false" primary:"true"`
	ImpliedRoleId string `width:"64" charset:"ascii" nullable:"false" primary:"true"`
}

type SImpliedRoleManager

type SImpliedRoleManager struct {
	db.SModelBaseManager
}

+onecloud:swagger-gen-ignore

var (
	ImpliedRoleManager *SImpliedRoleManager
)

type SLocalUser

type SLocalUser struct {
	db.SResourceBase

	Id              int       `nullable:"false" primary:"true" auto_increment:"true"`
	UserId          string    `width:"64" charset:"ascii" nullable:"false" index:"true"`
	DomainId        string    `width:"64" charset:"ascii" nullable:"false" index:"true"`
	Name            string    `width:"255" charset:"utf8" nullable:"false"`
	FailedAuthCount int       `nullable:"true"`
	FailedAuthAt    time.Time `nullable:"true"`

	NeedResetPassword tristate.TriState `default:"false" list:"domain"`
	ResetHint         string            `width:"16" charset:"ascii" list:"domain"`
}

func (*SLocalUser) ClearFailedAuth

func (usr *SLocalUser) ClearFailedAuth() error

func (*SLocalUser) GetId

func (user *SLocalUser) GetId() string

func (*SLocalUser) GetName

func (user *SLocalUser) GetName() string

func (*SLocalUser) SaveFailedAuth

func (usr *SLocalUser) SaveFailedAuth() error

type SLocalUserManager

type SLocalUserManager struct {
	db.SResourceBaseManager
}

+onecloud:swagger-gen-ignore

var LocalUserManager *SLocalUserManager

func (*SLocalUserManager) CreateByInsertOrUpdate

func (manager *SLocalUserManager) CreateByInsertOrUpdate() bool

func (*SLocalUserManager) FetchLocalUserById

func (manager *SLocalUserManager) FetchLocalUserById(localId int) (*SLocalUser, error)

type SNonlocalUser

type SNonlocalUser struct {
	db.SModelBase

	DomainId string `width:"64" charset:"ascii" primary:"true"`
	Name     string `width:"191" charset:"utf8" primary:"true"`
	UserId   string `width:"64" charset:"ascii" nullable:"false" index:"true"`
}

type SNonlocalUserManager

type SNonlocalUserManager struct {
	db.SModelBaseManager
}

+onecloud:swagger-gen-ignore

var NonlocalUserManager *SNonlocalUserManager

type SPassword

type SPassword struct {
	db.SResourceBase

	Id           int       `primary:"true" auto_increment:"true"`
	LocalUserId  int       `nullable:"false" index:"true"`
	Password     string    `width:"128" charset:"ascii" nullable:"true"`
	ExpiresAt    time.Time `nullable:"true"`
	SelfService  bool      `nullable:"false" default:"false"`
	PasswordHash string    `width:"255" charset:"ascii" nullable:"true"`
	CreatedAtInt int64     `nullable:"false" default:"0"`
	ExpiresAtInt int64     `nullable:"true"`
}

func (*SPassword) IsExpired

func (passwd *SPassword) IsExpired() bool

type SPasswordManager

type SPasswordManager struct {
	db.SResourceBaseManager
}

+onecloud:swagger-gen-ignore

var PasswordManager *SPasswordManager

func (*SPasswordManager) CreateByInsertOrUpdate

func (manager *SPasswordManager) CreateByInsertOrUpdate() bool

func (*SPasswordManager) FetchLastPassword

func (manager *SPasswordManager) FetchLastPassword(localUserId int) (*SPassword, error)

type SPolicy

type SPolicy struct {
	SEnabledIdentityBaseResource
	db.SSharableBaseResource `"is_public=>create":"domain_optional" "public_scope=>create":"domain_optional"`

	// swagger:ignore
	// Deprecated
	Type string `width:"255" charset:"utf8" nullable:"false" list:"user" create:"domain_required" update:"domain"`

	// 权限定义
	Blob jsonutils.JSONObject `nullable:"false" list:"user" create:"domain_required" update:"domain"`

	// 权限范围
	Scope rbacutils.TRbacScope `nullable:"true" list:"user" create:"domain_required" update:"domain"`

	// 是否为系统权限
	IsSystem tristate.TriState `default:"false" list:"domain" update:"admin" create:"admin_optional"`

	// 匹配的项目标签
	ProjectTags tagutils.TTagSet `nullable:"true" list:"user" update:"domain" create:"domain_optional"`

	// 匹配的域标签
	DomainTags tagutils.TTagSet `nullable:"true" list:"user" update:"admin" create:"admin_optional"`

	// 匹配的资源标签
	ObjectTags tagutils.TTagSet `nullable:"true" list:"user" update:"domain" create:"domain_optional"`
}

func (*SPolicy) AllowPerformBindRole

func (policy *SPolicy) AllowPerformBindRole(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input apis.PerformPublicDomainInput) bool

func (*SPolicy) AllowPerformPrivate

func (policy *SPolicy) AllowPerformPrivate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input apis.PerformPrivateInput) bool

func (*SPolicy) AllowPerformPublic

func (policy *SPolicy) AllowPerformPublic(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input apis.PerformPublicDomainInput) bool

func (*SPolicy) CustomizeCreate

func (policy *SPolicy) CustomizeCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject) error

func (*SPolicy) Delete

func (policy *SPolicy) Delete(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SPolicy) GetChangeOwnerCandidateDomainIds

func (policy *SPolicy) GetChangeOwnerCandidateDomainIds() []string

func (*SPolicy) GetI18N

func (policy *SPolicy) GetI18N(ctx context.Context) *jsonutils.JSONDict

func (*SPolicy) GetRequiredSharedDomainIds

func (policy *SPolicy) GetRequiredSharedDomainIds() []string

func (*SPolicy) GetSharableTargetDomainIds

func (policy *SPolicy) GetSharableTargetDomainIds() []string

func (*SPolicy) GetSharedDomains

func (policy *SPolicy) GetSharedDomains() []string

func (*SPolicy) GetUsages

func (policy *SPolicy) GetUsages() []db.IUsage

func (*SPolicy) IsSharable

func (policy *SPolicy) IsSharable(reqUsrId mcclient.IIdentityProvider) bool

func (*SPolicy) IsShared

func (policy *SPolicy) IsShared() bool

func (*SPolicy) PerformBindRole

func (policy *SPolicy) PerformBindRole(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.PolicyBindRoleInput) (jsonutils.JSONObject, error)

绑定角色

func (*SPolicy) PerformPrivate

func (policy *SPolicy) PerformPrivate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input apis.PerformPrivateInput) (jsonutils.JSONObject, error)

设置policy为私有

func (*SPolicy) PerformPublic

共享Policy

func (*SPolicy) PostCreate

func (policy *SPolicy) PostCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SPolicy) PostDelete

func (policy *SPolicy) PostDelete(ctx context.Context, userCred mcclient.TokenCredential)

func (*SPolicy) PostUpdate

func (policy *SPolicy) PostUpdate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SPolicy) ValidateDeleteCondition

func (policy *SPolicy) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SPolicy) ValidateUpdateData

func (policy *SPolicy) ValidateUpdateData(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.PolicyUpdateInput) (api.PolicyUpdateInput, error)

type SPolicyManager

var PolicyManager *SPolicyManager

func (*SPolicyManager) FetchCustomizeColumns

func (manager *SPolicyManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.PolicyDetails

func (*SPolicyManager) FetchEnabledPolicies

func (manager *SPolicyManager) FetchEnabledPolicies() ([]SPolicy, error)

func (*SPolicyManager) FilterByOwner

func (manager *SPolicyManager) FilterByOwner(q *sqlchemy.SQuery, owner mcclient.IIdentityProvider, scope rbacutils.TRbacScope) *sqlchemy.SQuery

func (*SPolicyManager) InitializeData

func (manager *SPolicyManager) InitializeData() error

func (*SPolicyManager) ListItemFilter

func (manager *SPolicyManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.PolicyListInput,
) (*sqlchemy.SQuery, error)

权限策略列表

func (*SPolicyManager) OrderByExtraFields

func (manager *SPolicyManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.PolicyListInput,
) (*sqlchemy.SQuery, error)

func (*SPolicyManager) QueryDistinctExtraField

func (manager *SPolicyManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SPolicyManager) ValidateCreateData

func (manager *SPolicyManager) ValidateCreateData(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	ownerId mcclient.IIdentityProvider,
	query jsonutils.JSONObject,
	input api.PolicyCreateInput,
) (api.PolicyCreateInput, error)

type SProject

type SProject struct {
	SIdentityBaseResource

	// 上级项目或域的ID
	ParentId string `width:"64" charset:"ascii" list:"domain" create:"domain_optional"`

	// 该项目是否为域(domain)
	IsDomain tristate.TriState `default:"false"`
}

func (*SProject) AllowPerformJoin

func (project *SProject) AllowPerformJoin(ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.SProjectAddUserGroupInput,
) bool

func (*SProject) AllowPerformLeave

func (project *SProject) AllowPerformLeave(ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	data jsonutils.JSONObject,
) bool

func (*SProject) CustomizeCreate

func (model *SProject) CustomizeCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject) error

func (*SProject) FetchExtend

func (proj *SProject) FetchExtend() (*SProjectExtended, error)

func (*SProject) GetGroupCount

func (proj *SProject) GetGroupCount() (int, error)

func (*SProject) GetUsages

func (project *SProject) GetUsages() []db.IUsage

func (*SProject) GetUserCount

func (proj *SProject) GetUserCount() (int, error)

func (*SProject) IsAdminProject

func (proj *SProject) IsAdminProject() bool

func (*SProject) PerformJoin

将用户或组加入项目

func (*SProject) PerformLeave

将用户或组移出项目

func (*SProject) PostCreate

func (self *SProject) PostCreate(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	ownerId mcclient.IIdentityProvider,
	query jsonutils.JSONObject,
	data jsonutils.JSONObject,
)

func (*SProject) ValidateDeleteCondition

func (proj *SProject) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SProject) ValidateUpdateData

func (proj *SProject) ValidateUpdateData(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.ProjectUpdateInput) (api.ProjectUpdateInput, error)

type SProjectExtended

type SProjectExtended struct {
	SProject

	DomainName string
}

type SProjectManager

type SProjectManager struct {
	SIdentityBaseResourceManager
}
var ProjectManager *SProjectManager

func (*SProjectManager) FetchCustomizeColumns

func (manager *SProjectManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.ProjectDetails

func (*SProjectManager) FetchProject

func (manager *SProjectManager) FetchProject(projectId, projectName string, domainId, domainName string) (*SProject, error)

func (*SProjectManager) FetchProjectById

func (manager *SProjectManager) FetchProjectById(projectId string) (*SProject, error)

func (*SProjectManager) FetchProjectByName

func (manager *SProjectManager) FetchProjectByName(projectName string, domainId, domainName string) (*SProject, error)

func (*SProjectManager) FetchUserProjects

func (manager *SProjectManager) FetchUserProjects(userId string) ([]SProjectExtended, error)

func (*SProjectManager) GetContextManagers

func (manager *SProjectManager) GetContextManagers() [][]db.IModelManager

func (*SProjectManager) InitializeData

func (manager *SProjectManager) InitializeData() error

func (*SProjectManager) ListItemFilter

func (manager *SProjectManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.ProjectListInput,
) (*sqlchemy.SQuery, error)

项目列表

func (*SProjectManager) NewProject

func (manager *SProjectManager) NewProject(ctx context.Context, projectName string, desc string, domainId string) (*SProject, error)

func (*SProjectManager) OrderByExtraFields

func (manager *SProjectManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.ProjectListInput,
) (*sqlchemy.SQuery, error)

func (*SProjectManager) Query

func (manager *SProjectManager) Query(fields ...string) *sqlchemy.SQuery

func (*SProjectManager) QueryDistinctExtraField

func (manager *SProjectManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SProjectManager) ValidateCreateData

type SProjectResourceBaseManager

type SProjectResourceBaseManager struct{}

+onecloud:swagger-gen-ignore

func (*SProjectResourceBaseManager) ListItemFilter

type SQuotaManager

type SQuotaManager struct {
	quotas.SQuotaBaseManager
}

func (*SQuotaManager) FetchIdNames

func (manager *SQuotaManager) FetchIdNames(ctx context.Context, idMap map[string]map[string]string) (map[string]map[string]string, error)

func (*SQuotaManager) FetchOwnerId

func (manager *SQuotaManager) FetchOwnerId(ctx context.Context, data jsonutils.JSONObject) (mcclient.IIdentityProvider, error)

type SRegion

type SRegion struct {
	db.SStandaloneResourceBase

	ParentRegionId string `width:"255" charset:"ascii" nulable:"true"`
	Extra          *jsonutils.JSONDict
}

func (*SRegion) CustomizeCreate

func (region *SRegion) CustomizeCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject) error

func (*SRegion) GetEndpointCount

func (region *SRegion) GetEndpointCount() (int, error)

func (*SRegion) ValidateDeleteCondition

func (region *SRegion) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

type SRegionManager

type SRegionManager struct {
	db.SStandaloneResourceBaseManager
}
var RegionManager *SRegionManager

func (*SRegionManager) FetchCustomizeColumns

func (manager *SRegionManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.RegionDetails

func (*SRegionManager) InitializeData

func (manager *SRegionManager) InitializeData() error

func (*SRegionManager) ListItemFilter

func (manager *SRegionManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.RegionListInput,
) (*sqlchemy.SQuery, error)

区域列表

func (*SRegionManager) OrderByExtraFields

func (manager *SRegionManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.RegionListInput,
) (*sqlchemy.SQuery, error)

func (*SRegionManager) QueryDistinctExtraField

func (manager *SRegionManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SRegionManager) ValidateCreateData

func (manager *SRegionManager) ValidateCreateData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data *jsonutils.JSONDict) (*jsonutils.JSONDict, error)

type SRegionResourceBaseManager

type SRegionResourceBaseManager struct{}

func (*SRegionResourceBaseManager) ListItemFilter

type SRole

type SRole struct {
	SIdentityBaseResource    `"name->update":""`
	db.SSharableBaseResource `"is_public=>create":"domain_optional" "public_scope=>create":"domain_optional"`
}

func (*SRole) AllowPerformAddPolicy

func (role *SRole) AllowPerformAddPolicy(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.RolePerformAddPolicyInput) bool

func (*SRole) AllowPerformPrivate

func (role *SRole) AllowPerformPrivate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input apis.PerformPrivateInput) bool

func (*SRole) AllowPerformPublic

func (role *SRole) AllowPerformPublic(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input apis.PerformPublicDomainInput) bool

func (*SRole) AllowPerformRemovePolicy

func (role *SRole) AllowPerformRemovePolicy(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.RolePerformRemovePolicyInput) bool

func (*SRole) AllowPerformSetPolicies

func (role *SRole) AllowPerformSetPolicies(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.RolePerformSetPoliciesInput) bool

func (*SRole) CustomizeCreate

func (role *SRole) CustomizeCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject) error

func (*SRole) Delete

func (role *SRole) Delete(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SRole) DeleteInContext

func (role *SRole) DeleteInContext(ctx context.Context, userCred mcclient.TokenCredential, ctxObjs []db.IModel, query jsonutils.JSONObject, data jsonutils.JSONObject) (jsonutils.JSONObject, error)

func (*SRole) GetChangeOwnerCandidateDomainIds

func (role *SRole) GetChangeOwnerCandidateDomainIds() []string

func (*SRole) GetGroupCount

func (role *SRole) GetGroupCount() (int, error)

func (*SRole) GetI18N

func (role *SRole) GetI18N(ctx context.Context) *jsonutils.JSONDict

func (*SRole) GetProjectCount

func (role *SRole) GetProjectCount() (int, error)

func (*SRole) GetRequiredSharedDomainIds

func (role *SRole) GetRequiredSharedDomainIds() []string

func (*SRole) GetSharableTargetDomainIds

func (role *SRole) GetSharableTargetDomainIds() []string

func (*SRole) GetSharedDomains

func (role *SRole) GetSharedDomains() []string

func (*SRole) GetUsages

func (role *SRole) GetUsages() []db.IUsage

func (*SRole) GetUserCount

func (role *SRole) GetUserCount() (int, error)

func (*SRole) IsSharable

func (role *SRole) IsSharable(reqUsrId mcclient.IIdentityProvider) bool

func (*SRole) IsShared

func (role *SRole) IsShared() bool

func (*SRole) IsSystemRole

func (role *SRole) IsSystemRole() bool

func (*SRole) PerformAddPolicy

func (*SRole) PerformPrivate

func (role *SRole) PerformPrivate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input apis.PerformPrivateInput) (jsonutils.JSONObject, error)

func (*SRole) PerformPublic

func (*SRole) PerformRemovePolicy

func (role *SRole) PerformRemovePolicy(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.RolePerformRemovePolicyInput) (jsonutils.JSONObject, error)

func (*SRole) PerformSetPolicies

func (role *SRole) PerformSetPolicies(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.RolePerformSetPoliciesInput) (jsonutils.JSONObject, error)

func (*SRole) PostCreate

func (role *SRole) PostCreate(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	ownerId mcclient.IIdentityProvider,
	query jsonutils.JSONObject,
	data jsonutils.JSONObject,
)

func (*SRole) UpdateInContext

func (role *SRole) UpdateInContext(ctx context.Context, userCred mcclient.TokenCredential, ctxObjs []db.IModel, query jsonutils.JSONObject, data jsonutils.JSONObject) (jsonutils.JSONObject, error)

func (*SRole) ValidateDeleteCondition

func (role *SRole) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SRole) ValidateUpdateData

func (role *SRole) ValidateUpdateData(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.RoleUpdateInput) (api.RoleUpdateInput, error)

type SRoleManager

var RoleManager *SRoleManager

func (*SRoleManager) FetchCustomizeColumns

func (manager *SRoleManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.RoleDetails

func (*SRoleManager) FetchRole

func (manager *SRoleManager) FetchRole(roleId, roleName string, domainId, domainName string) (*SRole, error)

func (*SRoleManager) FetchRoleById

func (manager *SRoleManager) FetchRoleById(roleId string) (*SRole, error)

func (*SRoleManager) FetchRoleByName

func (manager *SRoleManager) FetchRoleByName(roleName string, domainId, domainName string) (*SRole, error)

func (*SRoleManager) FilterByOwner

func (manager *SRoleManager) FilterByOwner(q *sqlchemy.SQuery, owner mcclient.IIdentityProvider, scope rbacutils.TRbacScope) *sqlchemy.SQuery

func (*SRoleManager) GetContextManagers

func (manager *SRoleManager) GetContextManagers() [][]db.IModelManager

func (*SRoleManager) InitializeData

func (manager *SRoleManager) InitializeData() error

func (*SRoleManager) ListItemFilter

func (manager *SRoleManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.RoleListInput,
) (*sqlchemy.SQuery, error)

角色列表

func (*SRoleManager) OrderByExtraFields

func (manager *SRoleManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.RoleListInput,
) (*sqlchemy.SQuery, error)

func (*SRoleManager) QueryDistinctExtraField

func (manager *SRoleManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SRoleManager) ValidateCreateData

func (manager *SRoleManager) ValidateCreateData(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	ownerId mcclient.IIdentityProvider,
	query jsonutils.JSONObject,
	input api.RoleCreateInput,
) (api.RoleCreateInput, error)

type SRolePolicy

type SRolePolicy struct {
	db.SResourceBase

	// 角色ID, 主键
	RoleId string `width:"128" charset:"ascii" primary:"true" list:"domain" create:"domain_optional"`
	// 项目ID,主键
	ProjectId string `width:"128" charset:"ascii" primary:"true" list:"domain" create:"domain_optional"`
	// 权限ID, 主键
	PolicyId string `width:"128" charset:"ascii" primary:"true" list:"domain" create:"domain_required"`
	// 是否需要认证
	Auth tristate.TriState `default:"true" list:"domain" create:"domain_optional"`
	// 匹配的IP白名单
	Ips string `list:"domain" create:"domain_optional" update:"domain"`
	// 匹配开始时间
	ValidSince time.Time `list:"domain" create:"domain_optional" update:"domain"`
	// 匹配结束时间
	ValidUntil time.Time `list:"domain" create:"domain_optional" update:"domain"`
}

func (*SRolePolicy) GetId

func (rp *SRolePolicy) GetId() string

func (*SRolePolicy) GetName

func (rp *SRolePolicy) GetName() string

func (*SRolePolicy) GetPolicy

func (rp *SRolePolicy) GetPolicy() *SPolicy

func (*SRolePolicy) GetProject

func (rp *SRolePolicy) GetProject() *SProject

func (*SRolePolicy) GetRole

func (rp *SRolePolicy) GetRole() *SRole

func (*SRolePolicy) MatchIP

func (rp *SRolePolicy) MatchIP(ipstr string) bool

func (*SRolePolicy) MatchTime

func (rp *SRolePolicy) MatchTime(tm time.Time) bool

type SRolePolicyManager

type SRolePolicyManager struct {
	db.SResourceBaseManager
}
var RolePolicyManager *SRolePolicyManager

func (*SRolePolicyManager) FetchCustomizeColumns

func (manager *SRolePolicyManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.RolePolicyDetails

func (*SRolePolicyManager) FilterById

func (manager *SRolePolicyManager) FilterById(q *sqlchemy.SQuery, idStr string) *sqlchemy.SQuery

func (*SRolePolicyManager) FilterByName

func (manager *SRolePolicyManager) FilterByName(q *sqlchemy.SQuery, name string) *sqlchemy.SQuery

func (*SRolePolicyManager) FilterByNotId

func (manager *SRolePolicyManager) FilterByNotId(q *sqlchemy.SQuery, idStr string) *sqlchemy.SQuery

func (*SRolePolicyManager) FilterByOwner

func (*SRolePolicyManager) GetMatchPolicyGroup

func (manager *SRolePolicyManager) GetMatchPolicyGroup(userCred rbacutils.IRbacIdentity, tm time.Time, nameOnly bool) (map[rbacutils.TRbacScope][]string, rbacutils.TPolicyGroup, error)

func (*SRolePolicyManager) GetMatchPolicyGroup2

func (manager *SRolePolicyManager) GetMatchPolicyGroup2(isGuest bool, roleIds []string, pid string, loginIp string, tm time.Time, nameOnly bool) (map[rbacutils.TRbacScope][]string, rbacutils.TPolicyGroup, error)

func (*SRolePolicyManager) GetMatchPolicyGroupByCred

func (manager *SRolePolicyManager) GetMatchPolicyGroupByCred(userCred mcclient.TokenCredential, tm time.Time, nameOnly bool) (map[rbacutils.TRbacScope][]string, rbacutils.TPolicyGroup, error)

func (*SRolePolicyManager) GetPolicyGroupByIds

func (manager *SRolePolicyManager) GetPolicyGroupByIds(policyIds []string, nameOnly bool) (map[rbacutils.TRbacScope][]string, rbacutils.TPolicyGroup, error)

func (*SRolePolicyManager) ListItemFilter

func (manager *SRolePolicyManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.RolePolicyListInput,
) (*sqlchemy.SQuery, error)

func (*SRolePolicyManager) NamespaceScope

func (manager *SRolePolicyManager) NamespaceScope() rbacutils.TRbacScope

func (*SRolePolicyManager) OrderByExtraFields

func (manager *SRolePolicyManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.RolePolicyListInput,
) (*sqlchemy.SQuery, error)

func (*SRolePolicyManager) QueryDistinctExtraField

func (manager *SRolePolicyManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

type SRoleResourceBaseManager

type SRoleResourceBaseManager struct{}

func (*SRoleResourceBaseManager) ListItemFilter

type SScopeResource

type SScopeResource struct {
	db.SModelBase

	DomainId  string `width:"64" charset:"ascii" primary:"true"`
	ProjectId string `width:"64" charset:"ascii" primary:"true"`
	OwnerId   string `width:"64" charset:"ascii" primary:"true"`
	RegionId  string `width:"32" charset:"ascii" primary:"true"`
	ServiceId string `width:"32" charset:"ascii" primary:"true"`
	Resource  string `width:"32" charset:"ascii" primary:"true"`
	Count     int
	UpdatedAt time.Time `nullable:"true" updated_at:"true"`
}

type SScopeResourceManager

type SScopeResourceManager struct {
	db.SModelBaseManager
}
var ScopeResourceManager *SScopeResourceManager

type SService

type SService struct {
	db.SStandaloneResourceBase

	Type    string              `width:"255" charset:"utf8" list:"admin" create:"admin_required"`
	Enabled tristate.TriState   `default:"true" list:"admin" update:"admin" create:"admin_optional"`
	Extra   *jsonutils.JSONDict `nullable:"true" list:"admin"`

	ConfigVersion int `list:"admin" nullable:"false" default:"0"`
}

func (*SService) AllowGetDetailsConfig

func (service *SService) AllowGetDetailsConfig(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject) bool

func (*SService) AllowPerformConfig

func (service *SService) AllowPerformConfig(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.PerformConfigInput) bool

func (*SService) GetDetailsConfig

func (service *SService) GetDetailsConfig(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject) (jsonutils.JSONObject, error)

func (*SService) GetEndpointCount

func (service *SService) GetEndpointCount() (int, error)

func (*SService) PerformConfig

func (service *SService) PerformConfig(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.PerformConfigInput) (jsonutils.JSONObject, error)

func (*SService) PostCreate

func (service *SService) PostCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SService) PostDelete

func (service *SService) PostDelete(ctx context.Context, userCred mcclient.TokenCredential)

func (*SService) PostUpdate

func (service *SService) PostUpdate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SService) ValidateDeleteCondition

func (service *SService) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

type SServiceCatalog

type SServiceCatalog []SEndpointExtended

func (SServiceCatalog) GetKeystoneCatalogV2

func (cata SServiceCatalog) GetKeystoneCatalogV2() mcclient.KeystoneServiceCatalogV2

func (SServiceCatalog) GetKeystoneCatalogV3

func (cata SServiceCatalog) GetKeystoneCatalogV3() mcclient.KeystoneServiceCatalogV3

type SServiceCertificate

type SServiceCertificate struct {
	db.SStandaloneResourceBase
	db.SCertificateResourceBase

	CaCertificate string `create:"optional" list:"admin"`
	CaPrivateKey  string `create:"optional" list:"admin"`
}

func (*SServiceCertificate) ToOutput

func (cert *SServiceCertificate) ToOutput() *api.CertificateDetails

func (*SServiceCertificate) ValidateUpdateData

func (cert *SServiceCertificate) ValidateUpdateData(
	ctx context.Context, userCred mcclient.TokenCredential,
	query jsonutils.JSONObject, data *jsonutils.JSONDict,
) (*jsonutils.JSONDict, error)

type SServiceCertificateManager

type SServiceCertificateManager struct {
	db.SStandaloneResourceBaseManager
}
var ServiceCertificateManager *SServiceCertificateManager

func (*SServiceCertificateManager) ValidateCreateData

type SServiceManager

type SServiceManager struct {
	db.SStandaloneResourceBaseManager
}
var ServiceManager *SServiceManager

func (*SServiceManager) FetchCustomizeColumns

func (manager *SServiceManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.ServiceDetails

func (*SServiceManager) InitializeData

func (manager *SServiceManager) InitializeData() error

func (*SServiceManager) ListItemFilter

func (manager *SServiceManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.ServiceListInput,
) (*sqlchemy.SQuery, error)

服务列表

func (*SServiceManager) OrderByExtraFields

func (manager *SServiceManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.RegionListInput,
) (*sqlchemy.SQuery, error)

func (*SServiceManager) QueryDistinctExtraField

func (manager *SServiceManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

type SServiceResourceBaseManager

type SServiceResourceBaseManager struct{}

func (*SServiceResourceBaseManager) ListItemFilter

type SUser

type SUser struct {
	db.SRecordChecksumResourceBase
	SEnabledIdentityBaseResource

	// 用户邮箱
	Email string `width:"64" charset:"utf8" nullable:"true" index:"true" list:"domain" update:"domain" create:"domain_optional"`
	// 用户手机号
	Mobile string `width:"20" charset:"ascii" nullable:"true" index:"true" list:"domain" update:"domain" create:"domain_optional"`

	// 显示名称,用户登录后显示在右上角菜单入口
	Displayname string `with:"128" charset:"utf8" nullable:"true" list:"domain" update:"domain" create:"domain_optional"`

	// 上次登录时间
	LastActiveAt time.Time `nullable:"true" list:"domain"`
	// 上次用户登录IP
	LastLoginIp string `nullable:"true" list:"domain"`
	// 上次用户登录方式,可能值有:web(web控制台),cli(命令行climc),API(api)
	LastLoginSource string `nullable:"true" list:"domain"`

	// 是否为系统账号,系统账号不会检查密码复杂度,默认不在列表显示
	IsSystemAccount tristate.TriState `default:"false" list:"domain" update:"admin" create:"admin_optional"`

	// deprecated
	DefaultProjectId string `width:"64" charset:"ascii" nullable:"true"`

	// 是否允许登录Web控制台,如果是用于API访问的用户,可禁用web控制台登录
	AllowWebConsole tristate.TriState `default:"true" list:"domain" update:"domain" create:"domain_optional"`
	// 是否开启MFA
	EnableMfa tristate.TriState `default:"false" list:"domain" update:"domain" create:"domain_optional"`

	// 用户的默认语言设置,默认是zh_CN
	Lang string `width:"8" charset:"ascii" nullable:"false" list:"domain" update:"domain" create:"domain_optional"`
}

func (*SUser) Delete

func (user *SUser) Delete(ctx context.Context, userCred mcclient.TokenCredential) error

func (*SUser) DeleteInContext

func (user *SUser) DeleteInContext(ctx context.Context, userCred mcclient.TokenCredential, ctxObjs []db.IModel, query jsonutils.JSONObject, data jsonutils.JSONObject) (jsonutils.JSONObject, error)

func (*SUser) GetCredentialCount

func (user *SUser) GetCredentialCount() (int, error)

func (*SUser) GetGroupCount

func (user *SUser) GetGroupCount() (int, error)

func (*SUser) GetProjectCount

func (user *SUser) GetProjectCount() (int, error)

func (*SUser) GetUsages

func (user *SUser) GetUsages() []db.IUsage

func (*SUser) IsAdminUser

func (user *SUser) IsAdminUser() bool

func (*SUser) IsLocal

func (user *SUser) IsLocal() bool

func (*SUser) LinkedWithIdp

func (user *SUser) LinkedWithIdp(idpId string) bool

func (*SUser) PerformJoin

func (user *SUser) PerformJoin(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.SJoinProjectsInput,
) (jsonutils.JSONObject, error)

用户加入项目

func (*SUser) PerformLeave

func (user *SUser) PerformLeave(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.SLeaveProjectsInput,
) (jsonutils.JSONObject, error)

用户退出项目

func (*SUser) PerformLinkIdp

func (user *SUser) PerformLinkIdp(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.UserLinkIdpInput,
) (jsonutils.JSONObject, error)

用户和IDP的指定entityId关联

func (*SUser) PerformResetCredentials

func (user *SUser) PerformResetCredentials(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.ResetCredentialInput,
) (jsonutils.JSONObject, error)

用户加入项目

func (*SUser) PerformUnlinkIdp

func (user *SUser) PerformUnlinkIdp(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	input api.UserUnlinkIdpInput,
) (jsonutils.JSONObject, error)

用户和IDP的指定entityId解除关联

func (*SUser) PostCreate

func (user *SUser) PostCreate(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SUser) PostUpdate

func (user *SUser) PostUpdate(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, data jsonutils.JSONObject)

func (*SUser) UnlinkIdp

func (user *SUser) UnlinkIdp(idpId string) error

func (*SUser) UpdateInContext

func (user *SUser) UpdateInContext(ctx context.Context, userCred mcclient.TokenCredential, ctxObjs []db.IModel, query jsonutils.JSONObject, data jsonutils.JSONObject) (jsonutils.JSONObject, error)

func (*SUser) ValidateDeleteCondition

func (user *SUser) ValidateDeleteCondition(ctx context.Context, info jsonutils.JSONObject) error

func (*SUser) ValidatePurgeCondition

func (user *SUser) ValidatePurgeCondition(ctx context.Context) error

func (*SUser) ValidateUpdateCondition

func (user *SUser) ValidateUpdateCondition(ctx context.Context) error

func (*SUser) ValidateUpdateData

func (user *SUser) ValidateUpdateData(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.UserUpdateInput) (api.UserUpdateInput, error)

type SUserManager

var UserManager *SUserManager

func (*SUserManager) FetchCustomizeColumns

func (manager *SUserManager) FetchCustomizeColumns(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	query jsonutils.JSONObject,
	objs []interface{},
	fields stringutils2.SSortedStrings,
	isList bool,
) []api.UserDetails

func (*SUserManager) FetchUserExtended

func (manager *SUserManager) FetchUserExtended(userId, userName, domainId, domainName string) (*api.SUserExtended, error)

Fetch extended userinfo by Id or name + domainId or name + domainName

func (*SUserManager) FetchUsersInDomain

func (manager *SUserManager) FetchUsersInDomain(domainId string, excludes []string) ([]SUser, error)

func (*SUserManager) FilterByHiddenSystemAttributes

func (manager *SUserManager) FilterByHiddenSystemAttributes(q *sqlchemy.SQuery, userCred mcclient.TokenCredential, query jsonutils.JSONObject, scope rbacutils.TRbacScope) *sqlchemy.SQuery

func (*SUserManager) FilterByOwner

func (manager *SUserManager) FilterByOwner(q *sqlchemy.SQuery, owner mcclient.IIdentityProvider, scope rbacutils.TRbacScope) *sqlchemy.SQuery

func (*SUserManager) GetContextManagers

func (manager *SUserManager) GetContextManagers() [][]db.IModelManager

func (*SUserManager) InitializeData

func (manager *SUserManager) InitializeData() error

func (*SUserManager) ListItemFilter

func (manager *SUserManager) ListItemFilter(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.UserListInput,
) (*sqlchemy.SQuery, error)

用户列表

func (*SUserManager) LockUser

func (manager *SUserManager) LockUser(uid string, reason string) error

func (*SUserManager) NamespaceScope

func (manager *SUserManager) NamespaceScope() rbacutils.TRbacScope

func (*SUserManager) OrderByExtraFields

func (manager *SUserManager) OrderByExtraFields(
	ctx context.Context,
	q *sqlchemy.SQuery,
	userCred mcclient.TokenCredential,
	query api.UserListInput,
) (*sqlchemy.SQuery, error)

func (*SUserManager) QueryDistinctExtraField

func (manager *SUserManager) QueryDistinctExtraField(q *sqlchemy.SQuery, field string) (*sqlchemy.SQuery, error)

func (*SUserManager) TraceLoginV2

func (manager *SUserManager) TraceLoginV2(ctx context.Context, token *mcclient.TokenCredentialV2)

func (*SUserManager) TraceLoginV3

func (manager *SUserManager) TraceLoginV3(ctx context.Context, token *mcclient.TokenCredentialV3)

func (*SUserManager) ValidateCreateData

func (manager *SUserManager) ValidateCreateData(
	ctx context.Context,
	userCred mcclient.TokenCredential,
	ownerId mcclient.IIdentityProvider,
	query jsonutils.JSONObject,
	input api.UserCreateInput,
) (api.UserCreateInput, error)

type SUserOption

type SUserOption struct {
	db.SModelBase

	UserId      string `width:"64" charset:"ascii" nullable:"false" primary:"true"`
	OptionId    string `width:"4" charset:"ascii" nullable:"false" primary:"true"`
	OptionValue string `nullable:"true"`
}

type SUserOptionManager

type SUserOptionManager struct {
	db.SModelBaseManager
}

+onecloud:swagger-gen-ignore

var (
	UserOptionManager *SUserOptionManager
)

type SUserResourceBaseManager

type SUserResourceBaseManager struct{}

func (*SUserResourceBaseManager) ListItemFilter

type SUsergroupManager

type SUsergroupManager struct {
	db.SResourceBaseManager
}
var UsergroupManager *SUsergroupManager

func (*SUsergroupManager) SyncGroupUsers

func (manager *SUsergroupManager) SyncGroupUsers(ctx context.Context, userCred mcclient.TokenCredential, groupId string, userIds []string)

func (*SUsergroupManager) SyncUserGroups

func (manager *SUsergroupManager) SyncUserGroups(ctx context.Context, userCred mcclient.TokenCredential, userId string, groupIds []string)

type SUsergroupMembership

type SUsergroupMembership struct {
	db.SResourceBase

	UserId  string `width:"64" charset:"ascii" nullable:"false" primary:"true"`
	GroupId string `width:"64" charset:"ascii" nullable:"false" primary:"true"`
}

func (*SUsergroupMembership) GetId

func (membership *SUsergroupMembership) GetId() string

func (*SUsergroupMembership) GetName

func (membership *SUsergroupMembership) GetName() string

type SetIdentityQuotaInput

type SetIdentityQuotaInput struct {
	quotas.SBaseQuotaSetInput

	SIdentityQuota
}

设置域的认证配额输入参数

type TConfigOptions

type TConfigOptions []SConfigOption

func (TConfigOptions) Len

func (opts TConfigOptions) Len() int

func (TConfigOptions) Less

func (opts TConfigOptions) Less(i, j int) bool

func (TConfigOptions) Swap

func (opts TConfigOptions) Swap(i, j int)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL