roles

package
v1.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 27, 2024 License: Apache-2.0 Imports: 6 Imported by: 59

Documentation

Overview

Package roles provides information and interaction with the roles API resource for the OpenStack Identity service.

Example to List Roles 

listOpts := roles.ListOpts{
	DomainID: "default",
}

allPages, err := roles.List(identityClient, listOpts).AllPages()
if err != nil {
	panic(err)
}

allRoles, err := roles.ExtractRoles(allPages)
if err != nil {
	panic(err)
}

for _, role := range allRoles {
	fmt.Printf("%+v\n", role)
}

Example to Create a Role 

createOpts := roles.CreateOpts{
	Name:             "read-only-admin",
	DomainID:         "default",
	Extra: map[string]interface{}{
		"description": "this role grants read-only privilege cross tenant",
	}
}

role, err := roles.Create(identityClient, createOpts).Extract()
if err != nil {
	panic(err)
}

Example to Update a Role 

roleID := "0fe36e73809d46aeae6705c39077b1b3"

updateOpts := roles.UpdateOpts{
	Name: "read only admin",
}

role, err := roles.Update(identityClient, roleID, updateOpts).Extract()
if err != nil {
	panic(err)
}

Example to Delete a Role 

roleID := "0fe36e73809d46aeae6705c39077b1b3"
err := roles.Delete(identityClient, roleID).ExtractErr()
if err != nil {
	panic(err)
}

Example to List Role Assignments 

listOpts := roles.ListAssignmentsOpts{
	UserID:         "97061de2ed0647b28a393c36ab584f39",
	ScopeProjectID: "9df1a02f5eb2416a9781e8b0c022d3ae",
}

allPages, err := roles.ListAssignments(identityClient, listOpts).AllPages()
if err != nil {
	panic(err)
}

allRoles, err := roles.ExtractRoleAssignments(allPages)
if err != nil {
	panic(err)
}

for _, role := range allRoles {
	fmt.Printf("%+v\n", role)
}

Example to List Role Assignments for a User on a Project 

projectID := "a99e9b4e620e4db09a2dfb6e42a01e66"
userID := "9df1a02f5eb2416a9781e8b0c022d3ae"
listAssignmentsOnResourceOpts := roles.ListAssignmentsOnResourceOpts{
	UserID:    userID,
	ProjectID: projectID,
}

allPages, err := roles.ListAssignmentsOnResource(identityClient, listAssignmentsOnResourceOpts).AllPages()
if err != nil {
	panic(err)
}

allRoles, err := roles.ExtractRoles(allPages)
if err != nil {
	panic(err)
}

for _, role := range allRoles {
	fmt.Printf("%+v\n", role)
}

Example to Assign a Role to a User in a Project 

projectID := "a99e9b4e620e4db09a2dfb6e42a01e66"
userID := "9df1a02f5eb2416a9781e8b0c022d3ae"
roleID := "9fe2ff9ee4384b1894a90878d3e92bab"

err := roles.Assign(identityClient, roleID, roles.AssignOpts{
	UserID:    userID,
	ProjectID: projectID,
}).ExtractErr()

if err != nil {
	panic(err)
}

Example to Unassign a Role From a User in a Project 

projectID := "a99e9b4e620e4db09a2dfb6e42a01e66"
userID := "9df1a02f5eb2416a9781e8b0c022d3ae"
roleID := "9fe2ff9ee4384b1894a90878d3e92bab"

err := roles.Unassign(identityClient, roleID, roles.UnassignOpts{
	UserID:    userID,
	ProjectID: projectID,
}).ExtractErr()

if err != nil {
	panic(err)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func List 

func List(client *gophercloud.ServiceClient, opts ListOptsBuilder) pagination.Pager

List enumerates the roles to which the current token has access.

func ListAssignments 

func ListAssignments(client *gophercloud.ServiceClient, opts ListAssignmentsOptsBuilder) pagination.Pager

ListAssignments enumerates the roles assigned to a specified resource.

func ListAssignmentsOnResource 

func ListAssignmentsOnResource(client *gophercloud.ServiceClient, opts ListAssignmentsOnResourceOpts) pagination.Pager

ListAssignmentsOnResource is the operation responsible for listing role assignments for a user/group on a project/domain.

Types

type AssignOpts 

type AssignOpts struct {
	// UserID is the ID of a user to assign a role
	// Note: exactly one of UserID or GroupID must be provided
	UserID string `xor:"GroupID"`

	// GroupID is the ID of a group to assign a role
	// Note: exactly one of UserID or GroupID must be provided
	GroupID string `xor:"UserID"`

	// ProjectID is the ID of a project to assign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	ProjectID string `xor:"DomainID"`

	// DomainID is the ID of a domain to assign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	DomainID string `xor:"ProjectID"`
}

AssignOpts provides options to assign a role

type AssignedRole 

type AssignedRole struct {
	ID   string `json:"id,omitempty"`
	Name string `json:"name,omitempty"`
}

AssignedRole represents a Role in an assignment.

type AssignmentResult 

type AssignmentResult struct {
	gophercloud.ErrResult
}

AssignmentResult represents the result of an assign operation. Call ExtractErr method to determine if the request succeeded or failed.

func Assign 

func Assign(client *gophercloud.ServiceClient, roleID string, opts AssignOpts) (r AssignmentResult)

Assign is the operation responsible for assigning a role to a user/group on a project/domain.

type CreateOpts 

type CreateOpts struct {
	// Name is the name of the new role.
	Name string `json:"name" required:"true"`

	// DomainID is the ID of the domain the role belongs to.
	DomainID string `json:"domain_id,omitempty"`

	// Extra is free-form extra key/value pairs to describe the role.
	Extra map[string]interface{} `json:"-"`
}

CreateOpts provides options used to create a role.

func (CreateOpts) ToRoleCreateMap 

func (opts CreateOpts) ToRoleCreateMap() (map[string]interface{}, error)

ToRoleCreateMap formats a CreateOpts into a create request.

type CreateOptsBuilder 

type CreateOptsBuilder interface {
	ToRoleCreateMap() (map[string]interface{}, error)
}

CreateOptsBuilder allows extensions to add additional parameters to the Create request.

type CreateResult 

type CreateResult struct {
	// contains filtered or unexported fields
}

CreateResult is the response from a Create operation. Call its Extract method to interpret it as a Role

func Create 

func Create(client *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult)

Create creates a new Role.

func (CreateResult) Extract 

func (r CreateResult) Extract() (*Role, error)

Extract interprets any roleResults as a Role.

type DeleteResult 

type DeleteResult struct {
	gophercloud.ErrResult
}

DeleteResult is the response from a Delete operation. Call its ExtractErr to determine if the request succeeded or failed.

func Delete 

func Delete(client *gophercloud.ServiceClient, roleID string) (r DeleteResult)

Delete deletes a role.

type Domain 

type Domain struct {
	ID   string `json:"id,omitempty"`
	Name string `json:"name,omitempty"`
}

Domain represents a domain in a role assignment scope.

type GetResult 

type GetResult struct {
	// contains filtered or unexported fields
}

GetResult is the response from a Get operation. Call its Extract method to interpret it as a Role.

func Get 

func Get(client *gophercloud.ServiceClient, id string) (r GetResult)

Get retrieves details on a single role, by ID.

func (GetResult) Extract 

func (r GetResult) Extract() (*Role, error)

Extract interprets any roleResults as a Role.

type Group 

type Group struct {
	Domain Domain `json:"domain,omitempty"`
	ID     string `json:"id,omitempty"`
	Name   string `json:"name,omitempty"`
}

Group represents a group in a role assignment scope.

type InvalidListFilter 

type InvalidListFilter struct {
	FilterName string
}

InvalidListFilter is returned by the ToUserListQuery method when validation of a filter does not pass

func (InvalidListFilter) Error 

func (e InvalidListFilter) Error() string

type ListAssignmentsOnResourceOpts 

type ListAssignmentsOnResourceOpts struct {
	// UserID is the ID of a user to assign a role
	// Note: exactly one of UserID or GroupID must be provided
	UserID string `xor:"GroupID"`

	// GroupID is the ID of a group to assign a role
	// Note: exactly one of UserID or GroupID must be provided
	GroupID string `xor:"UserID"`

	// ProjectID is the ID of a project to assign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	ProjectID string `xor:"DomainID"`

	// DomainID is the ID of a domain to assign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	DomainID string `xor:"ProjectID"`
}

ListAssignmentsOnResourceOpts provides options to list role assignments for a user/group on a project/domain

type ListAssignmentsOpts 

type ListAssignmentsOpts struct {
	// GroupID is the group ID to query.
	GroupID string `q:"group.id"`

	// RoleID is the specific role to query assignments to.
	RoleID string `q:"role.id"`

	// ScopeDomainID filters the results by the given domain ID.
	ScopeDomainID string `q:"scope.domain.id"`

	// ScopeProjectID filters the results by the given Project ID.
	ScopeProjectID string `q:"scope.project.id"`

	// UserID filterst he results by the given User ID.
	UserID string `q:"user.id"`

	// Effective lists effective assignments at the user, project, and domain
	// level, allowing for the effects of group membership.
	Effective *bool `q:"effective"`

	// IncludeNames indicates whether to include names of any returned entities.
	// Requires microversion 3.6 or later.
	IncludeNames *bool `q:"include_names"`

	// IncludeSubtree indicates whether to include relevant assignments in the project hierarchy below the project
	// specified in the ScopeProjectID. Specify DomainID in ScopeProjectID to get a list for all projects in the domain.
	// Requires microversion 3.6 or later.
	IncludeSubtree *bool `q:"include_subtree"`
}

ListAssignmentsOpts allows you to query the ListAssignments method. Specify one of or a combination of GroupId, RoleId, ScopeDomainId, ScopeProjectId, and/or UserId to search for roles assigned to corresponding entities.

func (ListAssignmentsOpts) ToRolesListAssignmentsQuery 

func (opts ListAssignmentsOpts) ToRolesListAssignmentsQuery() (string, error)

ToRolesListAssignmentsQuery formats a ListAssignmentsOpts into a query string.

type ListAssignmentsOptsBuilder 

type ListAssignmentsOptsBuilder interface {
	ToRolesListAssignmentsQuery() (string, error)
}

ListAssignmentsOptsBuilder allows extensions to add additional parameters to the ListAssignments request.

type ListOpts 

type ListOpts struct {
	// DomainID filters the response by a domain ID.
	DomainID string `q:"domain_id"`

	// Name filters the response by role name.
	Name string `q:"name"`

	// Filters filters the response by custom filters such as
	// 'name__contains=foo'
	Filters map[string]string `q:"-"`
}

ListOpts provides options to filter the List results.

func (ListOpts) ToRoleListQuery 

func (opts ListOpts) ToRoleListQuery() (string, error)

ToRoleListQuery formats a ListOpts into a query string.

type ListOptsBuilder 

type ListOptsBuilder interface {
	ToRoleListQuery() (string, error)
}

ListOptsBuilder allows extensions to add additional parameters to the List request

type Project 

type Project struct {
	Domain Domain `json:"domain,omitempty"`
	ID     string `json:"id,omitempty"`
	Name   string `json:"name,omitempty"`
}

Project represents a project in a role assignment scope.

type Role 

type Role struct {
	// DomainID is the domain ID the role belongs to.
	DomainID string `json:"domain_id"`

	// ID is the unique ID of the role.
	ID string `json:"id"`

	// Links contains referencing links to the role.
	Links map[string]interface{} `json:"links"`

	// Name is the role name
	Name string `json:"name"`

	// Extra is a collection of miscellaneous key/values.
	Extra map[string]interface{} `json:"-"`
}

Role grants permissions to a user.

func ExtractRoles 

func ExtractRoles(r pagination.Page) ([]Role, error)

ExtractProjects returns a slice of Roles contained in a single page of results.

func (*Role) UnmarshalJSON 

func (r *Role) UnmarshalJSON(b []byte) error

type RoleAssignment 

type RoleAssignment struct {
	Role  AssignedRole `json:"role,omitempty"`
	Scope Scope        `json:"scope,omitempty"`
	User  User         `json:"user,omitempty"`
	Group Group        `json:"group,omitempty"`
}

RoleAssignment is the result of a role assignments query.

func ExtractRoleAssignments 

func ExtractRoleAssignments(r pagination.Page) ([]RoleAssignment, error)

ExtractRoleAssignments extracts a slice of RoleAssignments from a Collection acquired from List.

type RoleAssignmentPage 

type RoleAssignmentPage struct {
	pagination.LinkedPageBase
}

RoleAssignmentPage is a single page of RoleAssignments results.

func (RoleAssignmentPage) IsEmpty 

func (r RoleAssignmentPage) IsEmpty() (bool, error)

IsEmpty returns true if the RoleAssignmentPage contains no results.

func (RoleAssignmentPage) NextPageURL 

func (r RoleAssignmentPage) NextPageURL() (string, error)

NextPageURL uses the response's embedded link reference to navigate to the next page of results.

type RolePage 

type RolePage struct {
	pagination.LinkedPageBase
}

RolePage is a single page of Role results.

func (RolePage) IsEmpty 

func (r RolePage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of Roles contains any results.

func (RolePage) NextPageURL 

func (r RolePage) NextPageURL() (string, error)

NextPageURL extracts the "next" link from the links section of the result.

type Scope 

type Scope struct {
	Domain  Domain  `json:"domain,omitempty"`
	Project Project `json:"project,omitempty"`
}

Scope represents a scope in a Role assignment.

type UnassignOpts 

type UnassignOpts struct {
	// UserID is the ID of a user to unassign a role
	// Note: exactly one of UserID or GroupID must be provided
	UserID string `xor:"GroupID"`

	// GroupID is the ID of a group to unassign a role
	// Note: exactly one of UserID or GroupID must be provided
	GroupID string `xor:"UserID"`

	// ProjectID is the ID of a project to unassign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	ProjectID string `xor:"DomainID"`

	// DomainID is the ID of a domain to unassign a role on
	// Note: exactly one of ProjectID or DomainID must be provided
	DomainID string `xor:"ProjectID"`
}

UnassignOpts provides options to unassign a role

type UnassignmentResult 

type UnassignmentResult struct {
	gophercloud.ErrResult
}

UnassignmentResult represents the result of an unassign operation. Call ExtractErr method to determine if the request succeeded or failed.

func Unassign 

func Unassign(client *gophercloud.ServiceClient, roleID string, opts UnassignOpts) (r UnassignmentResult)

Unassign is the operation responsible for unassigning a role from a user/group on a project/domain.

type UpdateOpts 

type UpdateOpts struct {
	// Name is the name of the new role.
	Name string `json:"name,omitempty"`

	// Extra is free-form extra key/value pairs to describe the role.
	Extra map[string]interface{} `json:"-"`
}

UpdateOpts provides options for updating a role.

func (UpdateOpts) ToRoleUpdateMap 

func (opts UpdateOpts) ToRoleUpdateMap() (map[string]interface{}, error)

ToRoleUpdateMap formats a UpdateOpts into an update request.

type UpdateOptsBuilder 

type UpdateOptsBuilder interface {
	ToRoleUpdateMap() (map[string]interface{}, error)
}

UpdateOptsBuilder allows extensions to add additional parameters to the Update request.

type UpdateResult 

type UpdateResult struct {
	// contains filtered or unexported fields
}

UpdateResult is the response from an Update operation. Call its Extract method to interpret it as a Role.

func Update 

func Update(client *gophercloud.ServiceClient, roleID string, opts UpdateOptsBuilder) (r UpdateResult)

Update updates an existing Role.

func (UpdateResult) Extract 

func (r UpdateResult) Extract() (*Role, error)

Extract interprets any roleResults as a Role.

type User 

type User struct {
	Domain Domain `json:"domain,omitempty"`
	ID     string `json:"id,omitempty"`
	Name   string `json:"name,omitempty"`
}

User represents a user in a role assignment scope.

Source Files

View all Source files

Directories

Path Synopsis
roles unit tests
 roles unit tests

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.