-
Notifications
You must be signed in to change notification settings - Fork 22
/
users.go
154 lines (134 loc) · 5.05 KB
/
users.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
package uaa
import (
"bytes"
"encoding/json"
"errors"
"fmt"
"net/http"
"strconv"
"strings"
)
// UsersEndpoint is the path to the users resource.
const UsersEndpoint string = "/Users"
// Meta describes the version and timestamps for a resource.
type Meta struct {
Version int `json:"version,omitempty"`
Created string `json:"created,omitempty"`
LastModified string `json:"lastModified,omitempty"`
}
// UserName is a person's name.
type UserName struct {
FamilyName string `json:"familyName,omitempty"`
GivenName string `json:"givenName,omitempty"`
}
// Email is an email address.
type Email struct {
Value string `json:"value,omitempty"`
Primary *bool `json:"primary,omitempty"`
}
// UserGroup is a group that a user belongs to.
type UserGroup struct {
Value string `json:"value,omitempty"`
Display string `json:"display,omitempty"`
Type string `json:"type,omitempty"`
}
// Approval is a record of the user's explicit approval or rejection for an
// application's request for delegated permissions.
type Approval struct {
UserID string `json:"userId,omitempty"`
ClientID string `json:"clientId,omitempty"`
Scope string `json:"scope,omitempty"`
Status string `json:"status,omitempty"`
LastUpdatedAt string `json:"lastUpdatedAt,omitempty"`
ExpiresAt string `json:"expiresAt,omitempty"`
}
// PhoneNumber is a phone number for a user.
type PhoneNumber struct {
Value string `json:"value"`
}
// User is a UAA user
// http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#get-3.
type User struct {
ID string `json:"id,omitempty"`
Password string `json:"password,omitempty"`
ExternalID string `json:"externalId,omitempty"`
Meta *Meta `json:"meta,omitempty"`
Username string `json:"userName,omitempty"`
Name *UserName `json:"name,omitempty"`
Emails []Email `json:"emails,omitempty"`
Groups []UserGroup `json:"groups,omitempty"`
Approvals []Approval `json:"approvals,omitempty"`
PhoneNumbers []PhoneNumber `json:"phoneNumbers,omitempty"`
Active *bool `json:"active,omitempty"`
Verified *bool `json:"verified,omitempty"`
Origin string `json:"origin,omitempty"`
ZoneID string `json:"zoneId,omitempty"`
PasswordLastModified string `json:"passwordLastModified,omitempty"`
PreviousLogonTime int `json:"previousLogonTime,omitempty"`
LastLogonTime int `json:"lastLogonTime,omitempty"`
Schemas []string `json:"schemas,omitempty"`
}
// Identifier returns the field used to uniquely identify a User.
func (u User) Identifier() string {
return u.ID
}
// paginatedUserList is the response from the API for a single page of users.
type paginatedUserList struct {
Page
Resources []User `json:"resources"`
Schemas []string `json:"schemas"`
}
// GetUserByUsername gets the user with the given username
// http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#list-with-attribute-filtering.
func (a *API) GetUserByUsername(username, origin, attributes string) (*User, error) {
if username == "" {
return nil, errors.New("username cannot be blank")
}
filter := fmt.Sprintf(`userName eq "%v"`, username)
help := fmt.Sprintf("user %v not found", username)
if origin != "" {
filter = fmt.Sprintf(`%s and origin eq "%v"`, filter, origin)
help = fmt.Sprintf(`%s in origin %v`, help, origin)
}
users, err := a.ListAllUsers(filter, "", attributes, "")
if err != nil {
return nil, err
}
if len(users) == 0 {
return nil, errors.New(help)
}
if len(users) > 1 && origin == "" {
var foundOrigins []string
for _, user := range users {
foundOrigins = append(foundOrigins, user.Origin)
}
msgTmpl := "Found users with username %v in multiple origins %v."
msg := fmt.Sprintf(msgTmpl, username, "["+strings.Join(foundOrigins, ", ")+"]")
return nil, errors.New(msg)
}
return &users[0], nil
}
// DeactivateUser deactivates the user with the given user ID
// http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#patch.
func (a *API) DeactivateUser(userID string, userMetaVersion int) error {
return a.setActive(false, userID, userMetaVersion)
}
// ActivateUser activates the user with the given user ID
// http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#patch.
func (a *API) ActivateUser(userID string, userMetaVersion int) error {
return a.setActive(true, userID, userMetaVersion)
}
func (a *API) setActive(active bool, userID string, userMetaVersion int) error {
if userID == "" {
return errors.New("userID cannot be blank")
}
u := urlWithPath(*a.TargetURL, fmt.Sprintf("%s/%s", UsersEndpoint, userID))
user := &User{}
user.Active = &active
extraHeaders := map[string]string{"If-Match": strconv.Itoa(userMetaVersion)}
j, err := json.Marshal(user)
if err != nil {
return err
}
return a.doJSONWithHeaders(http.MethodPatch, &u, extraHeaders, bytes.NewBuffer([]byte(j)), nil, true)
}