Documentation
¶
Overview ¶
Package user manages user accounts and their team membership.
Index ¶
- Variables
- func NewTeamMembershipCommand(apiclient *otfapi.Client) *cobra.Command
- func NewUserCommand(apiClient *otfapi.Client) *cobra.Command
- type CreateUserOptions
- type CreateUserTokenOptions
- type ListOptions
- type NewUserOption
- type Options
- type Service
- func (a *Service) AddHandlers(r *mux.Router)
- func (a *Service) AddTeamMembership(ctx context.Context, teamID resource.TfeID, usernames []Username) error
- func (a *Service) Create(ctx context.Context, username string, opts ...NewUserOption) (*User, error)
- func (a *Service) CreateToken(ctx context.Context, opts CreateUserTokenOptions) (*UserToken, []byte, error)
- func (a *Service) Delete(ctx context.Context, username Username) error
- func (a *Service) DeleteToken(ctx context.Context, tokenID resource.TfeID) error
- func (a *Service) GetUser(ctx context.Context, spec UserSpec) (*User, error)
- func (a *Service) List(ctx context.Context) ([]*User, error)
- func (a *Service) ListOrganizationUsers(ctx context.Context, organization organization.Name) ([]*User, error)
- func (a *Service) ListTeamUsers(ctx context.Context, teamID resource.TfeID) ([]*User, error)
- func (a *Service) ListTokens(ctx context.Context) ([]*UserToken, error)
- func (f Service) NewUserToken(username Username, opts CreateUserTokenOptions) (*UserToken, []byte, error)
- func (a *Service) RemoveTeamMembership(ctx context.Context, teamID resource.TfeID, usernames []Username) error
- func (a *Service) SetSiteAdmins(ctx context.Context, usernames ...string) error
- func (a *Service) UpdateAvatar(ctx context.Context, username Username, avatarURL string) error
- type TFECreateUserOptions
- type TFEOrganizationMembership
- type TFEOrganizationMembershipCreateOptions
- type TFEOrganizationMembershipStatus
- type TFETwoFactor
- type TFEUser
- type User
- func (u *User) CanAccess(action authz.Action, req authz.Request) bool
- func (u *User) IsOwner(organization resource.ID) bool
- func (u *User) IsSiteAdmin() bool
- func (u *User) IsTeamMember(teamID resource.TfeID) bool
- func (u *User) Organizations() []organization.Name
- func (u *User) PictureURL() *string
- func (u *User) String() string
- type UserSpec
- type UserToken
- type Username
Constants ¶
This section is empty.
Variables ¶
var ( SiteAdminUsername = Username{/* contains filtered or unexported fields */} // SiteAdminID is the hardcoded user id for the site admin user. The ID must // be the same as the hardcoded value in the database migrations. SiteAdminID = resource.MustHardcodeTfeID(resource.UserKind, "36atQC2oGQng7pVz") SiteAdmin = User{ID: SiteAdminID, Username: SiteAdminUsername} )
var ErrCannotDeleteOnlyOwner = errors.New("cannot remove the last owner")
Functions ¶
Types ¶
type CreateUserOptions ¶
type CreateUserOptions struct {
Username string `json:"username"`
}
type CreateUserTokenOptions ¶
type CreateUserTokenOptions struct {
Description string
}
CreateUserTokenOptions are options for creating a user token via the service endpoint
type ListOptions ¶ added in v0.3.17
type ListOptions struct {
resource.PageOptions
Organization organization.Name `schema:"name"`
}
ListOptions are options for the ListUsers endpoint.
type NewUserOption ¶
type NewUserOption func(*User)
func WithTeams ¶
func WithTeams(memberships ...*team.Team) NewUserOption
type Service ¶ added in v0.2.2
type Service struct {
logr.Logger
*authz.Authorizer
// contains filtered or unexported fields
}
func NewService ¶
func (*Service) AddHandlers ¶ added in v0.2.2
func (*Service) AddTeamMembership ¶ added in v0.2.2
func (a *Service) AddTeamMembership(ctx context.Context, teamID resource.TfeID, usernames []Username) error
AddTeamMembership adds users to a team. If a user does not exist then the user is created first.
func (*Service) CreateToken ¶ added in v0.2.2
func (a *Service) CreateToken(ctx context.Context, opts CreateUserTokenOptions) (*UserToken, []byte, error)
CreateToken creates a user token. Only users can create a user token, and they can only create a token for themselves.
func (*Service) DeleteToken ¶ added in v0.2.2
func (*Service) ListOrganizationUsers ¶ added in v0.2.2
func (a *Service) ListOrganizationUsers(ctx context.Context, organization organization.Name) ([]*User, error)
ListOrganizationUsers lists an organization's users
func (*Service) ListTeamUsers ¶ added in v0.2.2
ListTeamUsers lists users that are members of the given team. The caller needs either organization-wide authority to call this endpoint, or they need to be a member of the team.
func (*Service) ListTokens ¶ added in v0.2.2
func (Service) NewUserToken ¶ added in v0.2.2
func (f Service) NewUserToken(username Username, opts CreateUserTokenOptions) (*UserToken, []byte, error)
func (*Service) RemoveTeamMembership ¶ added in v0.2.2
func (a *Service) RemoveTeamMembership(ctx context.Context, teamID resource.TfeID, usernames []Username) error
RemoveTeamMembership removes users from a team.
func (*Service) SetSiteAdmins ¶ added in v0.2.2
SetSiteAdmins authoritatively promotes users with the given usernames to site admins. If no such users exist then they are created. Any unspecified users that are currently site admins are demoted.
type TFECreateUserOptions ¶ added in v0.3.17
type TFECreateUserOptions struct {
// Type is a public field utilized by JSON:API to
// set the resource type via the field tag.
// It is not a user-defined value and does not need to be set.
// https://jsonapi.org/format/#crud-creating
Type string `jsonapi:"primary,users"`
Username *string `jsonapi:"attribute" json:"username"`
}
CreateUserOptions represents the options for creating a user.
type TFEOrganizationMembership ¶ added in v0.3.17
type TFEOrganizationMembership struct {
ID resource.TfeID `jsonapi:"primary,organization-memberships"`
Status TFEOrganizationMembershipStatus `jsonapi:"attribute" json:"status"`
Email string `jsonapi:"attribute" json:"email"`
// Relations
Organization *organization.TFEOrganization `jsonapi:"relationship" json:"organization"`
User *TFEUser `jsonapi:"relationship" json:"user"`
Teams []*team.TFETeam `jsonapi:"relationship" json:"teams"`
}
TFEOrganizationMembership represents a Terraform Enterprise organization membership.
type TFEOrganizationMembershipCreateOptions ¶ added in v0.3.17
type TFEOrganizationMembershipCreateOptions struct {
// Type is a public field utilized by JSON:API to
// set the resource type via the field tag.
// It is not a user-defined value and does not need to be set.
// https://jsonapi.org/format/#crud-creating
Type string `jsonapi:"primary,organization-memberships"`
// Required: User's email address.
Email *string `jsonapi:"attribute" json:"email"`
}
TFEOrganizationMembershipCreateOptions represents the options for creating an organization membership.
type TFEOrganizationMembershipStatus ¶ added in v0.3.17
type TFEOrganizationMembershipStatus string
TFEOrganizationMembershipStatus represents an organization membership status.
const ( OrganizationMembershipActive TFEOrganizationMembershipStatus = "active" OrganizationMembershipInvited TFEOrganizationMembershipStatus = "invited" )
type TFETwoFactor ¶ added in v0.3.17
type TFETwoFactor struct {
Enabled bool `jsonapi:"attribute" json:"enabled"`
Verified bool `jsonapi:"attribute" json:"verified"`
}
TFETwoFactor represents the organization permissions.
type TFEUser ¶ added in v0.3.17
type TFEUser struct {
ID resource.TfeID `jsonapi:"primary,users"`
AvatarURL string `jsonapi:"attribute" json:"avatar-url"`
Email string `jsonapi:"attribute" json:"email"`
IsServiceAccount bool `jsonapi:"attribute" json:"is-service-account"`
TwoFactor *TFETwoFactor `jsonapi:"attribute" json:"two-factor"`
UnconfirmedEmail string `jsonapi:"attribute" json:"unconfirmed-email"`
Username string `jsonapi:"attribute" json:"username"`
V2Only bool `jsonapi:"attribute" json:"v2-only"`
}
TFEUser represents an OTF user.
type User ¶
type User struct {
ID resource.TfeID `jsonapi:"primary,users" json:"user_id"`
CreatedAt time.Time `jsonapi:"attribute" json:"created-at"`
UpdatedAt time.Time `jsonapi:"attribute" json:"updated-at"`
SiteAdmin bool `jsonapi:"attribute" json:"site-admin"`
// username is globally unique
Username Username `jsonapi:"attribute" json:"username"`
// user belongs to many teams
Teams []*team.Team
// AvatarURL is the URL of an avatar depicting user.
AvatarURL *string
}
User represents an OTF user account.
func NewTestUser ¶ added in v0.3.18
func UserFromContext ¶
UserFromContext retrieves a user from a context
func (*User) IsSiteAdmin ¶
IsSiteAdmin determines whether user is a site admin. A user is a site admin in either of two cases: (1) their account has been promoted to site admin (think sudo) (2) the account is *the* site admin (think root)
func (*User) IsTeamMember ¶
IsTeamMember determines whether user is a member of the given team.
func (*User) Organizations ¶
func (u *User) Organizations() []organization.Name
Organizations returns the user's membership of organizations (indirectly via their membership of teams).
NOTE: always returns a non-nil slice
func (*User) PictureURL ¶ added in v0.3.25
PictureURL avoids an import cycle with the UI components package, allowing the layout template to retrieve the current user's avatar URL.
type UserSpec ¶
type UserToken ¶
type UserToken struct {
ID resource.TfeID `db:"token_id"`
CreatedAt time.Time `db:"created_at"`
Description string
Username Username // Token belongs to a user
}
UserToken provides information about an API token for a user.
type Username ¶ added in v0.3.18
type Username struct {
// contains filtered or unexported fields
}
Username of an OTF user.
Source Files