1package api 2 3import ( 4 "fmt" 5 "time" 6) 7 8// ACLPolicies is used to query the ACL Policy endpoints. 9type ACLPolicies struct { 10 client *Client 11} 12 13// ACLPolicies returns a new handle on the ACL policies. 14func (c *Client) ACLPolicies() *ACLPolicies { 15 return &ACLPolicies{client: c} 16} 17 18// List is used to dump all of the policies. 19func (a *ACLPolicies) List(q *QueryOptions) ([]*ACLPolicyListStub, *QueryMeta, error) { 20 var resp []*ACLPolicyListStub 21 qm, err := a.client.query("/v1/acl/policies", &resp, q) 22 if err != nil { 23 return nil, nil, err 24 } 25 return resp, qm, nil 26} 27 28// Upsert is used to create or update a policy 29func (a *ACLPolicies) Upsert(policy *ACLPolicy, q *WriteOptions) (*WriteMeta, error) { 30 if policy == nil || policy.Name == "" { 31 return nil, fmt.Errorf("missing policy name") 32 } 33 wm, err := a.client.write("/v1/acl/policy/"+policy.Name, policy, nil, q) 34 if err != nil { 35 return nil, err 36 } 37 return wm, nil 38} 39 40// Delete is used to delete a policy 41func (a *ACLPolicies) Delete(policyName string, q *WriteOptions) (*WriteMeta, error) { 42 if policyName == "" { 43 return nil, fmt.Errorf("missing policy name") 44 } 45 wm, err := a.client.delete("/v1/acl/policy/"+policyName, nil, q) 46 if err != nil { 47 return nil, err 48 } 49 return wm, nil 50} 51 52// Info is used to query a specific policy 53func (a *ACLPolicies) Info(policyName string, q *QueryOptions) (*ACLPolicy, *QueryMeta, error) { 54 if policyName == "" { 55 return nil, nil, fmt.Errorf("missing policy name") 56 } 57 var resp ACLPolicy 58 wm, err := a.client.query("/v1/acl/policy/"+policyName, &resp, q) 59 if err != nil { 60 return nil, nil, err 61 } 62 return &resp, wm, nil 63} 64 65// ACLTokens is used to query the ACL token endpoints. 66type ACLTokens struct { 67 client *Client 68} 69 70// ACLTokens returns a new handle on the ACL tokens. 71func (c *Client) ACLTokens() *ACLTokens { 72 return &ACLTokens{client: c} 73} 74 75// Bootstrap is used to get the initial bootstrap token 76func (a *ACLTokens) Bootstrap(q *WriteOptions) (*ACLToken, *WriteMeta, error) { 77 var resp ACLToken 78 wm, err := a.client.write("/v1/acl/bootstrap", nil, &resp, q) 79 if err != nil { 80 return nil, nil, err 81 } 82 return &resp, wm, nil 83} 84 85// List is used to dump all of the tokens. 86func (a *ACLTokens) List(q *QueryOptions) ([]*ACLTokenListStub, *QueryMeta, error) { 87 var resp []*ACLTokenListStub 88 qm, err := a.client.query("/v1/acl/tokens", &resp, q) 89 if err != nil { 90 return nil, nil, err 91 } 92 return resp, qm, nil 93} 94 95// Create is used to create a token 96func (a *ACLTokens) Create(token *ACLToken, q *WriteOptions) (*ACLToken, *WriteMeta, error) { 97 if token.AccessorID != "" { 98 return nil, nil, fmt.Errorf("cannot specify Accessor ID") 99 } 100 var resp ACLToken 101 wm, err := a.client.write("/v1/acl/token", token, &resp, q) 102 if err != nil { 103 return nil, nil, err 104 } 105 return &resp, wm, nil 106} 107 108// Update is used to update an existing token 109func (a *ACLTokens) Update(token *ACLToken, q *WriteOptions) (*ACLToken, *WriteMeta, error) { 110 if token.AccessorID == "" { 111 return nil, nil, fmt.Errorf("missing accessor ID") 112 } 113 var resp ACLToken 114 wm, err := a.client.write("/v1/acl/token/"+token.AccessorID, 115 token, &resp, q) 116 if err != nil { 117 return nil, nil, err 118 } 119 return &resp, wm, nil 120} 121 122// Delete is used to delete a token 123func (a *ACLTokens) Delete(accessorID string, q *WriteOptions) (*WriteMeta, error) { 124 if accessorID == "" { 125 return nil, fmt.Errorf("missing accessor ID") 126 } 127 wm, err := a.client.delete("/v1/acl/token/"+accessorID, nil, q) 128 if err != nil { 129 return nil, err 130 } 131 return wm, nil 132} 133 134// Info is used to query a token 135func (a *ACLTokens) Info(accessorID string, q *QueryOptions) (*ACLToken, *QueryMeta, error) { 136 if accessorID == "" { 137 return nil, nil, fmt.Errorf("missing accessor ID") 138 } 139 var resp ACLToken 140 wm, err := a.client.query("/v1/acl/token/"+accessorID, &resp, q) 141 if err != nil { 142 return nil, nil, err 143 } 144 return &resp, wm, nil 145} 146 147// Self is used to query our own token 148func (a *ACLTokens) Self(q *QueryOptions) (*ACLToken, *QueryMeta, error) { 149 var resp ACLToken 150 wm, err := a.client.query("/v1/acl/token/self", &resp, q) 151 if err != nil { 152 return nil, nil, err 153 } 154 return &resp, wm, nil 155} 156 157// ACLPolicyListStub is used to for listing ACL policies 158type ACLPolicyListStub struct { 159 Name string 160 Description string 161 CreateIndex uint64 162 ModifyIndex uint64 163} 164 165// ACLPolicy is used to represent an ACL policy 166type ACLPolicy struct { 167 Name string 168 Description string 169 Rules string 170 CreateIndex uint64 171 ModifyIndex uint64 172} 173 174// ACLToken represents a client token which is used to Authenticate 175type ACLToken struct { 176 AccessorID string 177 SecretID string 178 Name string 179 Type string 180 Policies []string 181 Global bool 182 CreateTime time.Time 183 CreateIndex uint64 184 ModifyIndex uint64 185} 186 187type ACLTokenListStub struct { 188 AccessorID string 189 Name string 190 Type string 191 Policies []string 192 Global bool 193 CreateTime time.Time 194 CreateIndex uint64 195 ModifyIndex uint64 196} 197