team

package
v0.4.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 1, 2025 License: MPL-2.0 Imports: 28 Imported by: 0

Documentation

Overview

Package team manages teams, which are groups of users with shared privileges.

templ: version: v0.3.943

Index

Constants

View Source 
const TeamTokenKind resource.Kind = "tt"

Variables

View Source 
var ErrRemovingOwnersTeamNotPermitted = errors.New("the owners team cannot be deleted")

Functions

func NewTeamCommand 

func NewTeamCommand(apiClient *otfapi.Client) *cobra.Command

Types

type Client 

type Client struct {
	*otfapi.Client
}

func (*Client) Create added in v0.2.2 

func (c *Client) Create(ctx context.Context, organization organization.Name, opts CreateTeamOptions) (*Team, error)

Create creates a team via HTTP/JSONAPI.

func (*Client) Delete added in v0.2.2 

func (c *Client) Delete(ctx context.Context, id resource.TfeID) error

Delete deletes a team via HTTP/JSONAPI.

func (*Client) Get added in v0.2.2 

func (c *Client) Get(ctx context.Context, organization organization.Name, name string) (*Team, error)

Get retrieves a team via HTTP/JSONAPI.

type CreateTeamOptions 

type CreateTeamOptions struct {
	// Name of team to create
	Name *string `json:"name" schema:"name,required"`

	OrganizationAccessOptions

	// TFE fields that OTF does not support but persists merely to pass the
	// go-tfe integration tests
	SSOTeamID  *string
	Visibility *string
}

type CreateTokenOptions 

type CreateTokenOptions struct {
	TeamID resource.TfeID
	Expiry *time.Time
}

CreateTokenOptions are options for creating an team token via the service endpoint

type ListOptions added in v0.3.17 

type ListOptions struct {
	resource.PageOptions
	Organization organization.Name `schema:"organization_name"`
}

type Model added in v0.3.17 

type Model struct {
	ID                    resource.TfeID    `db:"team_id"`
	Name                  string            `db:"name"`
	CreatedAt             time.Time         `db:"created_at"`
	ManageWorkspaces      bool              `db:"permission_manage_workspaces"`
	ManageVCS             bool              `db:"permission_manage_vcs"`
	ManageModules         bool              `db:"permission_manage_modules"`
	Organization          organization.Name `db:"organization_name"`
	SSOTeamID             *string           `db:"sso_team_id"`
	Visibility            string
	ManagePolicies        bool `db:"permission_manage_policies"`
	ManagePolicyOverrides bool `db:"permission_manage_policy_overrides"`
	ManageProviders       bool `db:"permission_manage_providers"`
}

Order of fields must match order of columns

func (Model) ToTeam added in v0.3.17 

func (m Model) ToTeam() *Team

type Options 

type Options struct {
	*sql.DB
	*tfeapi.Responder
	logr.Logger

	OrganizationService *organization.Service
	TokensService       *tokens.Service
	Authorizer          *authz.Authorizer
}

type OrganizationAccessOptions 

type OrganizationAccessOptions struct {
	ManageWorkspaces *bool
	ManageVCS        *bool
	ManageModules    *bool

	// TFE fields that OTF does not support but persists merely to pass the
	// go-tfe integration tests
	ManageProviders       *bool
	ManagePolicies        *bool
	ManagePolicyOverrides *bool
}

OrganizationAccessOptions defines access to be granted upon team creation or to grant/rescind to/from an existing team.

type Service added in v0.2.2 

type Service struct {
	logr.Logger
	*authz.Authorizer
	// contains filtered or unexported fields
}

func NewService 

func NewService(opts Options) *Service

func (*Service) AddHandlers added in v0.2.2 

func (a *Service) AddHandlers(r *mux.Router)

func (*Service) AfterCreateTeam added in v0.2.2 

func (a *Service) AfterCreateTeam(hook func(context.Context, *Team) error)

func (*Service) Create added in v0.2.2 

func (a *Service) Create(ctx context.Context, organization organization.Name, opts CreateTeamOptions) (*Team, error)

func (*Service) CreateTeamToken added in v0.2.2 

func (a *Service) CreateTeamToken(ctx context.Context, opts CreateTokenOptions) (*Token, []byte, error)

func (*Service) Delete added in v0.2.2 

func (a *Service) Delete(ctx context.Context, teamID resource.TfeID) error

func (*Service) DeleteTeamToken added in v0.2.2 

func (a *Service) DeleteTeamToken(ctx context.Context, teamID resource.TfeID) error

func (*Service) Get added in v0.2.2 

func (a *Service) Get(ctx context.Context, organization organization.Name, name string) (*Team, error)

func (*Service) GetByID added in v0.2.2 

func (a *Service) GetByID(ctx context.Context, teamID resource.TfeID) (*Team, error)

func (*Service) GetTeamByTokenID added in v0.2.2 

func (a *Service) GetTeamByTokenID(ctx context.Context, tokenID resource.TfeID) (*Team, error)

func (*Service) GetTeamToken added in v0.2.2 

func (a *Service) GetTeamToken(ctx context.Context, teamID resource.TfeID) (*Token, error)

func (*Service) List added in v0.2.2 

func (a *Service) List(ctx context.Context, organization organization.Name) ([]*Team, error)

List lists teams in the organization.

func (Service) NewTeamToken added in v0.2.2 

func (f Service) NewTeamToken(opts CreateTokenOptions) (*Token, []byte, error)

func (*Service) Update added in v0.2.2 

func (a *Service) Update(ctx context.Context, teamID resource.TfeID, opts UpdateTeamOptions) (*Team, error)

type TFEOrganizationAccess added in v0.3.17 

type TFEOrganizationAccess struct {
	ManagePolicies        bool `jsonapi:"attribute" json:"manage-policies"`
	ManagePolicyOverrides bool `jsonapi:"attribute" json:"manage-policy-overrides"`
	ManageWorkspaces      bool `jsonapi:"attribute" json:"manage-workspaces"`
	ManageVCSSettings     bool `jsonapi:"attribute" json:"manage-vcs-settings"`
	ManageProviders       bool `jsonapi:"attribute" json:"manage-providers"`
	ManageModules         bool `jsonapi:"attribute" json:"manage-modules"`
	ManageRunTasks        bool `jsonapi:"attribute" json:"manage-run-tasks"`
	ManageProjects        bool `jsonapi:"attribute" json:"manage-projects"`
	ReadWorkspaces        bool `jsonapi:"attribute" json:"read-workspaces"`
	ReadProjects          bool `jsonapi:"attribute" json:"read-projects"`
	ManageMembership      bool `jsonapi:"attribute" json:"manage-membership"`
}

TFEOrganizationAccess represents the team's permissions on its organization

type TFEOrganizationAccessOptions added in v0.3.17 

type TFEOrganizationAccessOptions struct {
	ManagePolicies        *bool `json:"manage-policies,omitempty"`
	ManagePolicyOverrides *bool `json:"manage-policy-overrides,omitempty"`
	ManageWorkspaces      *bool `json:"manage-workspaces,omitempty"`
	ManageVCSSettings     *bool `json:"manage-vcs-settings,omitempty"`
	ManageProviders       *bool `json:"manage-providers,omitempty"`
	ManageModules         *bool `json:"manage-modules,omitempty"`
	ManageRunTasks        *bool `json:"manage-run-tasks,omitempty"`
	ManageProjects        *bool `json:"manage-projects,omitempty"`
	ReadWorkspaces        *bool `json:"read-workspaces,omitempty"`
	ReadProjects          *bool `json:"read-projects,omitempty"`
	ManageMembership      *bool `json:"manage-membership,omitempty"`
}

OrganizationAccessOptions represents the organization access options of a team.

type TFETeam added in v0.3.17 

type TFETeam struct {
	ID                 resource.TfeID         `jsonapi:"primary,teams"`
	Name               string                 `jsonapi:"attribute" json:"name"`
	OrganizationAccess *TFEOrganizationAccess `jsonapi:"attribute" json:"organization-access"`
	Visibility         string                 `jsonapi:"attribute" json:"visibility"`
	Permissions        *TFETeamPermissions    `jsonapi:"attribute" json:"permissions"`
	UserCount          int                    `jsonapi:"attribute" json:"users-count"`
	SSOTeamID          *string                `jsonapi:"attribute" json:"sso-team-id"`

	// Relations
	Users []*TFEUser `jsonapi:"relationship" json:"users"`
}

TFETeam represents an otf team.

type TFETeamCreateOptions added in v0.3.17 

type TFETeamCreateOptions struct {
	// Type is a public field utilized by JSON:API to
	// set the resource type via the field tag.
	// It is not a user-defined value and does not need to be set.
	// https://jsonapi.org/format/#crud-creating
	Type string `jsonapi:"primary,teams"`

	// Name of the team.
	Name *string `jsonapi:"attribute" json:"name"`

	// Optional: Unique Identifier to control team membership via SAML
	SSOTeamID *string `jsonapi:"attribute" json:"sso-team-id,omitempty"`

	// The team's organization access
	OrganizationAccess *TFEOrganizationAccessOptions `jsonapi:"attribute" json:"organization-access,omitempty"`

	// The team's visibility ("secret", "organization")
	Visibility *string `jsonapi:"attribute" json:"visibility,omitempty"`
}

TFETeamCreateOptions represents the options for creating a team.

type TFETeamPermissions added in v0.3.17 

type TFETeamPermissions struct {
	CanDestroy          bool `jsonapi:"attribute" json:"can-destroy"`
	CanUpdateMembership bool `jsonapi:"attribute" json:"can-update-membership"`
}

TFETeamPermissions represents the current user's permissions on the team.

type TFETeamUpdateOptions added in v0.3.17 

type TFETeamUpdateOptions struct {
	// Type is a public field utilized by JSON:API to
	// set the resource type via the field tag.
	// It is not a user-defined value and does not need to be set.
	// https://jsonapi.org/format/#crud-creating
	Type string `jsonapi:"primary,teams"`

	// Optional: New name for the team
	Name *string `jsonapi:"attribute" json:"name,omitempty"`

	// Optional: Unique Identifier to control team membership via SAML
	SSOTeamID *string `jsonapi:"attribute" json:"sso-team-id,omitempty"`

	// Optional: The team's organization access
	OrganizationAccess *TFEOrganizationAccessOptions `jsonapi:"attribute" json:"organization-access,omitempty"`

	// Optional: The team's visibility ("secret", "organization")
	Visibility *string `jsonapi:"attribute" json:"visibility,omitempty"`
}

TFETeamUpdateOptions represents the options for updating a team.

type TFEUser added in v0.3.17 

type TFEUser struct {
	ID resource.TfeID `jsonapi:"primary,users"`
}

type Team 

type Team struct {
	ID        resource.TfeID `jsonapi:"primary,teams" db:"team_id"`
	Name      string         `jsonapi:"attribute" json:"name" db:"name"`
	CreatedAt time.Time      `jsonapi:"attribute" json:"created-at" db:"created_at"`

	ManageWorkspaces bool `db:"permission_manage_workspaces"` // admin access on all workspaces
	ManageVCS        bool `db:"permission_manage_vcs"`        // manage VCS providers
	ManageModules    bool `db:"permission_manage_modules"`    // manage module registry

	Organization organization.Name `jsonapi:"attribute" json:"organization" db:"organization_name"`

	// TFE fields that OTF does not support but persists merely to pass the
	// go-tfe integration tests
	SSOTeamID  *string `db:"sso_team_id"`
	Visibility string

	// TFE fields that OTF does not support but persists merely to pass the
	// go-tfe integration tests
	ManagePolicies        bool `db:"permission_manage_policies"`
	ManagePolicyOverrides bool `db:"permission_manage_policy_overrides"`
	ManageProviders       bool `db:"permission_manage_providers"`
}

Team is a group of users sharing a level of authorization.

func (*Team) CanAccess added in v0.3.6 

func (t *Team) CanAccess(action authz.Action, req authz.Request) bool

func (*Team) IsOwner 

func (t *Team) IsOwner(organization resource.ID) bool

func (*Team) IsOwners 

func (t *Team) IsOwners() bool

func (*Team) String 

func (t *Team) String() string

func (*Team) Update 

func (t *Team) Update(opts UpdateTeamOptions) error

type Token 

type Token struct {
	ID        resource.TfeID `db:"team_token_id"`
	CreatedAt time.Time      `db:"created_at"`
	// Token belongs to a team
	TeamID resource.TfeID `db:"team_id"`
	// Optional expiry.
	Expiry *time.Time
	// Description
	//
	// TODO: unused; create migration to remove from db.
	Description *string `db:"description"`
}

Token provides information about an API token for a team.

func (*Token) LogValue 

func (t *Token) LogValue() slog.Value

type UpdateTeamOptions 

type UpdateTeamOptions struct {
	Name *string

	OrganizationAccessOptions

	// TFE fields that OTF does not support but persists merely to pass the
	// go-tfe integration tests
	SSOTeamID  *string
	Visibility *string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.