iam.go raw

   1  package linodego
   2  
   3  import "context"
   4  
   5  // UserRolePermissions are the account and entity permissions for the User
   6  type UserRolePermissions struct {
   7  	AccountAccess []string     `json:"account_access"`
   8  	EntityAccess  []UserAccess `json:"entity_access"`
   9  }
  10  
  11  // GetUpdateOptions converts UserRolePermissions for use in UpdateUserRolePermissions
  12  func (p *UserRolePermissions) GetUpdateOptions() UserRolePermissionsUpdateOptions {
  13  	return UserRolePermissionsUpdateOptions{
  14  		AccountAccess: p.AccountAccess,
  15  		EntityAccess:  p.EntityAccess,
  16  	}
  17  }
  18  
  19  // UserRolePermissionsUpdateOptions are fields accepted by UpdateUserRolePermissions
  20  type UserRolePermissionsUpdateOptions struct {
  21  	AccountAccess []string     `json:"account_access"`
  22  	EntityAccess  []UserAccess `json:"entity_access"`
  23  }
  24  
  25  // UserAccess is the breakdown of entities Roles
  26  type UserAccess struct {
  27  	ID    int      `json:"id"`
  28  	Type  string   `json:"type"`
  29  	Roles []string `json:"roles"`
  30  }
  31  
  32  // AccountRolePermissions are the account and entity roles for the Account
  33  type AccountRolePermissions struct {
  34  	AccountAccess []AccountAccess `json:"account_access"`
  35  	EntityAccess  []AccountAccess `json:"entity_access"`
  36  }
  37  
  38  // AccountAccess is the Roles for each Type for the Account
  39  type AccountAccess struct {
  40  	Type  string `json:"type"`
  41  	Roles []Role `json:"roles"`
  42  }
  43  
  44  // Role is the IAM Role and its Permissions
  45  type Role struct {
  46  	Name        string   `json:"name"`
  47  	Description string   `json:"description"`
  48  	Permissions []string `json:"permissions"`
  49  }
  50  
  51  // GetUserRolePermissions returns any role permissions for username
  52  func (c *Client) GetUserRolePermissions(ctx context.Context, username string) (*UserRolePermissions, error) {
  53  	return doGETRequest[UserRolePermissions](ctx, c,
  54  		formatAPIPath("iam/users/%s/role-permissions", username),
  55  	)
  56  }
  57  
  58  // UpdateUserRolePermissions updates any role permissions for username
  59  func (c *Client) UpdateUserRolePermissions(ctx context.Context, username string, opts UserRolePermissionsUpdateOptions) (*UserRolePermissions, error) {
  60  	return doPUTRequest[UserRolePermissions](ctx, c,
  61  		formatAPIPath("iam/users/%s/role-permissions", username),
  62  		opts,
  63  	)
  64  }
  65  
  66  // GetAccountRolePermissions returns the role permissions for this Account
  67  func (c *Client) GetAccountRolePermissions(ctx context.Context) (*AccountRolePermissions, error) {
  68  	return doGETRequest[AccountRolePermissions](ctx, c, "iam/role-permissions")
  69  }
  70  
  71  // GetUserAccountPermissions returns the account permissions for username
  72  func (c *Client) GetUserAccountPermissions(ctx context.Context, username string) ([]string, error) {
  73  	perms, err := doGETRequest[[]string](ctx, c,
  74  		formatAPIPath("iam/users/%s/permissions/account", username))
  75  	if err != nil || perms == nil {
  76  		return nil, err
  77  	}
  78  
  79  	return (*perms), err
  80  }
  81