1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
|
package policies
import (
"net/url"
"strings"
"github.com/gophercloud/gophercloud"
"github.com/gophercloud/gophercloud/pagination"
)
const policyTypeMaxLength = 255
// ListOptsBuilder allows extensions to add additional parameters to
// the List request
type ListOptsBuilder interface {
ToPolicyListQuery() (string, error)
}
// ListOpts provides options to filter the List results.
type ListOpts struct {
// Type filters the response by MIME media type
// of the serialized policy blob.
Type string `q:"type"`
// Filters filters the response by custom filters such as
// 'type__contains=foo'
Filters map[string]string `q:"-"`
}
// ToPolicyListQuery formats a ListOpts into a query string.
func (opts ListOpts) ToPolicyListQuery() (string, error) {
q, err := gophercloud.BuildQueryString(opts)
if err != nil {
return "", err
}
params := q.Query()
for k, v := range opts.Filters {
i := strings.Index(k, "__")
if i > 0 && i < len(k)-2 {
params.Add(k, v)
} else {
return "", InvalidListFilter{FilterName: k}
}
}
q = &url.URL{RawQuery: params.Encode()}
return q.String(), err
}
// List enumerates the policies to which the current token has access.
func List(client *gophercloud.ServiceClient, opts ListOptsBuilder) pagination.Pager {
url := listURL(client)
if opts != nil {
query, err := opts.ToPolicyListQuery()
if err != nil {
return pagination.Pager{Err: err}
}
url += query
}
return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page {
return PolicyPage{pagination.LinkedPageBase{PageResult: r}}
})
}
// CreateOptsBuilder allows extensions to add additional parameters to
// the Create request.
type CreateOptsBuilder interface {
ToPolicyCreateMap() (map[string]interface{}, error)
}
// CreateOpts provides options used to create a policy.
type CreateOpts struct {
// Type is the MIME media type of the serialized policy blob.
Type string `json:"type" required:"true"`
// Blob is the policy rule as a serialized blob.
Blob []byte `json:"-" required:"true"`
// Extra is free-form extra key/value pairs to describe the policy.
Extra map[string]interface{} `json:"-"`
}
// ToPolicyCreateMap formats a CreateOpts into a create request.
func (opts CreateOpts) ToPolicyCreateMap() (map[string]interface{}, error) {
if len(opts.Type) > policyTypeMaxLength {
return nil, StringFieldLengthExceedsLimit{
Field: "type",
Limit: policyTypeMaxLength,
}
}
b, err := gophercloud.BuildRequestBody(opts, "policy")
if err != nil {
return nil, err
}
if v, ok := b["policy"].(map[string]interface{}); ok {
v["blob"] = string(opts.Blob)
if opts.Extra != nil {
for key, value := range opts.Extra {
v[key] = value
}
}
}
return b, nil
}
// Create creates a new Policy.
func Create(client *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult) {
b, err := opts.ToPolicyCreateMap()
if err != nil {
r.Err = err
return
}
resp, err := client.Post(createURL(client), &b, &r.Body, &gophercloud.RequestOpts{
OkCodes: []int{201},
})
_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
return
}
// Get retrieves details on a single policy, by ID.
func Get(client *gophercloud.ServiceClient, policyID string) (r GetResult) {
resp, err := client.Get(getURL(client, policyID), &r.Body, nil)
_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
return
}
// UpdateOptsBuilder allows extensions to add additional parameters to
// the Update request.
type UpdateOptsBuilder interface {
ToPolicyUpdateMap() (map[string]interface{}, error)
}
// UpdateOpts provides options for updating a policy.
type UpdateOpts struct {
// Type is the MIME media type of the serialized policy blob.
Type string `json:"type,omitempty"`
// Blob is the policy rule as a serialized blob.
Blob []byte `json:"-"`
// Extra is free-form extra key/value pairs to describe the policy.
Extra map[string]interface{} `json:"-"`
}
// ToPolicyUpdateMap formats a UpdateOpts into an update request.
func (opts UpdateOpts) ToPolicyUpdateMap() (map[string]interface{}, error) {
if len(opts.Type) > policyTypeMaxLength {
return nil, StringFieldLengthExceedsLimit{
Field: "type",
Limit: policyTypeMaxLength,
}
}
b, err := gophercloud.BuildRequestBody(opts, "policy")
if err != nil {
return nil, err
}
if v, ok := b["policy"].(map[string]interface{}); ok {
if len(opts.Blob) != 0 {
v["blob"] = string(opts.Blob)
}
if opts.Extra != nil {
for key, value := range opts.Extra {
v[key] = value
}
}
}
return b, nil
}
// Update updates an existing Role.
func Update(client *gophercloud.ServiceClient, policyID string, opts UpdateOptsBuilder) (r UpdateResult) {
b, err := opts.ToPolicyUpdateMap()
if err != nil {
r.Err = err
return
}
resp, err := client.Patch(updateURL(client, policyID), &b, &r.Body, &gophercloud.RequestOpts{
OkCodes: []int{200},
})
_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
return
}
// Delete deletes a policy.
func Delete(client *gophercloud.ServiceClient, policyID string) (r DeleteResult) {
resp, err := client.Delete(deleteURL(client, policyID), nil)
_, r.Header, r.Err = gophercloud.ParseResponse(resp, err)
return
}
|
