-
-
Notifications
You must be signed in to change notification settings - Fork 5
/
token_policies.go
115 lines (93 loc) · 3.04 KB
/
token_policies.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
package desec
import (
"context"
"fmt"
"net/http"
)
// TokenPolicy represents a policy applied to a token.
type TokenPolicy struct {
ID string `json:"id,omitempty"`
Domain *string `json:"domain"`
SubName *string `json:"subname"`
Type *string `json:"type"`
WritePermission bool `json:"perm_write,omitempty"`
}
// TokenPoliciesService handles communication with the token policy related methods of the deSEC API.
//
// https://desec.readthedocs.io/en/latest/auth/tokens.html
type TokenPoliciesService struct {
client *Client
}
// Get retrieves token rrset's policies.
// https://desec.readthedocs.io/en/latest/auth/tokens.html#token-policy-management
func (s *TokenPoliciesService) Get(ctx context.Context, tokenID string) ([]TokenPolicy, error) {
endpoint, err := s.client.createEndpoint("auth", "tokens", tokenID, "policies", "rrsets")
if err != nil {
return nil, fmt.Errorf("failed to create endpoint: %w", err)
}
req, err := s.client.newRequest(ctx, http.MethodGet, endpoint, nil)
if err != nil {
return nil, err
}
resp, err := s.client.httpClient.Do(req)
if err != nil {
return nil, fmt.Errorf("failed to call API: %w", err)
}
defer func() { _ = resp.Body.Close() }()
if resp.StatusCode != http.StatusOK {
return nil, handleError(resp)
}
var policies []TokenPolicy
err = handleResponse(resp, &policies)
if err != nil {
return nil, err
}
return policies, nil
}
// Create creates token policy.
// https://desec.readthedocs.io/en/latest/auth/tokens.html#create-additional-tokens
func (s *TokenPoliciesService) Create(ctx context.Context, tokenID string, policy TokenPolicy) (*TokenPolicy, error) {
endpoint, err := s.client.createEndpoint("auth", "tokens", tokenID, "policies", "rrsets")
if err != nil {
return nil, fmt.Errorf("failed to create endpoint: %w", err)
}
req, err := s.client.newRequest(ctx, http.MethodPost, endpoint, policy)
if err != nil {
return nil, err
}
resp, err := s.client.httpClient.Do(req)
if err != nil {
return nil, fmt.Errorf("failed to call API: %w", err)
}
defer func() { _ = resp.Body.Close() }()
if resp.StatusCode != http.StatusCreated {
return nil, handleError(resp)
}
var tokenPolicy TokenPolicy
err = handleResponse(resp, &tokenPolicy)
if err != nil {
return nil, err
}
return &tokenPolicy, nil
}
// Delete deletes a token rrset's policy.
// https://desec.readthedocs.io/en/latest/auth/tokens.html#token-policy-management
func (s *TokenPoliciesService) Delete(ctx context.Context, tokenID, policyID string) error {
endpoint, err := s.client.createEndpoint("auth", "tokens", tokenID, "policies", "rrsets", policyID)
if err != nil {
return fmt.Errorf("failed to create endpoint: %w", err)
}
req, err := s.client.newRequest(ctx, http.MethodDelete, endpoint, nil)
if err != nil {
return err
}
resp, err := s.client.httpClient.Do(req)
if err != nil {
return fmt.Errorf("failed to call API: %w", err)
}
defer func() { _ = resp.Body.Close() }()
if resp.StatusCode != http.StatusNoContent {
return handleError(resp)
}
return nil
}