Change roles to one format (#4)

selectel · Mar 1, 2024 · 2392784 · 2392784
1 parent de8f2ed
commit 2392784
Show file tree

Hide file tree

Showing 10 changed files with 139 additions and 155 deletions.
diff --git a/examples/serviceuser-create-update-delete/main.go b/examples/serviceuser-create-update-delete/main.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 
 	"github.com/selectel/iam-go"
+	"github.com/selectel/iam-go/service/roles"
 	"github.com/selectel/iam-go/service/serviceusers"
 )
 
@@ -43,7 +44,7 @@ func main() {
 		Enabled:  true,
 		Name:     name,
 		Password: password,
-		Roles:    []serviceusers.Role{{Scope: serviceusers.Account, RoleName: serviceusers.Billing}},
+		Roles:    []roles.Role{{Scope: roles.Account, RoleName: roles.Billing}},
 	})
 	// Handle the error.
 	if err != nil {

diff --git a/examples/transfer-role/main.go b/examples/transfer-role/main.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 
 	"github.com/selectel/iam-go"
+	"github.com/selectel/iam-go/service/roles"
 	"github.com/selectel/iam-go/service/users"
 )
 
@@ -45,7 +46,7 @@ func main() {
 	var chosenUser *users.User
 	for _, user := range allUsers {
 		for _, role := range user.Roles {
-			if role.RoleName == users.Billing && user.ID != "account_root" {
+			if role.RoleName == roles.Billing && user.ID != "account_root" {
 				chosenUser = &user
 				break
 			}
@@ -67,7 +68,7 @@ func main() {
 	err = usersAPI.UnassignRoles(
 		ctx,
 		chosenUser.ID,
-		[]users.Role{{Scope: users.Account, RoleName: users.Billing}},
+		[]roles.Role{{Scope: roles.Account, RoleName: roles.Billing}},
 	)
 
 	// Handle the error.
@@ -83,7 +84,7 @@ func main() {
 	err = usersAPI.AssignRoles(
 		ctx,
 		userID,
-		[]users.Role{{Scope: users.Account, RoleName: users.Billing}},
+		[]roles.Role{{Scope: roles.Account, RoleName: roles.Billing}},
 	)
 
 	// Handle the error.

diff --git a/examples/user-create-delete/main.go b/examples/user-create-delete/main.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 
 	"github.com/selectel/iam-go"
+	"github.com/selectel/iam-go/service/roles"
 	"github.com/selectel/iam-go/service/users"
 )
 
@@ -23,7 +24,6 @@ func main() {
 		iam.WithAuthOpts(&iam.AuthOpts{KeystoneToken: token}),
 		iam.WithUserAgentPrefix(prefix),
 	)
-
 	// Handle the error.
 	if err != nil {
 		fmt.Println(err)
@@ -41,7 +41,7 @@ func main() {
 		AuthType:   users.Local,
 		Email:      email,
 		Federation: nil,
-		Roles:      []users.Role{{Scope: users.Account, RoleName: users.Billing}},
+		Roles:      []roles.Role{{Scope: roles.Account, RoleName: roles.Billing}},
 	})
 	// Handle the error.
 	if err != nil {

diff --git a/service/roles/schemas.go b/service/roles/schemas.go
@@ -0,0 +1,46 @@
+package roles
+
+// Name represents a role, which can be assigned to a user or a service user.
+// For additional information, see
+// https://docs.selectel.ru/control-panel-actions/users-and-roles/user-types-and-roles/#user-roles.
+type Name string
+
+const (
+	// Account owner.
+	AccountOwner Name = "account_owner"
+
+	// User administrator.
+	IAMAdmin Name = "iam_admin"
+
+	// Account/Project administrator.
+	Member Name = "member"
+
+	// Account/Project reader.
+	Reader Name = "reader"
+
+	// Billing administrator.
+	Billing Name = "billing"
+
+	// Object storage administrator. Can be assigned only to a service user.
+	ObjectStorageAdmin Name = "object_storage:admin"
+
+	// Object storage user. Can be assigned only to a service user.
+	ObjectStorageUser Name = "object_storage_user"
+)
+
+// Scope represents a scope of a role.
+type Scope string
+
+const (
+	// Project scope.
+	Project Scope = "project"
+
+	// Account scope.
+	Account Scope = "account"
+)
+
+type Role struct {
+	ProjectID string `json:"project_id,omitempty"`
+	RoleName  Name   `json:"role_name"`
+	Scope     Scope  `json:"scope"`
+}
diff --git a/service/serviceusers/requests.go b/service/serviceusers/requests.go
@@ -9,6 +9,7 @@ import (
 
 	"github.com/selectel/iam-go/iamerrors"
 	"github.com/selectel/iam-go/internal/client"
+	"github.com/selectel/iam-go/service/roles"
 )
 
 const apiVersion = "iam/v1"
@@ -187,7 +188,7 @@ func (su *ServiceUsers) Update(ctx context.Context, userID string, input UpdateR
 }
 
 // AssignRoles adds new roles for a Service User with the given userID.
-func (su *ServiceUsers) AssignRoles(ctx context.Context, userID string, roles []Role) error {
+func (su *ServiceUsers) AssignRoles(ctx context.Context, userID string, roles []roles.Role) error {
 	if userID == "" {
 		return iamerrors.Error{Err: iamerrors.ErrUserIDRequired, Desc: "No userID was provided."}
 	}
@@ -202,7 +203,7 @@ func (su *ServiceUsers) AssignRoles(ctx context.Context, userID string, roles []
 }
 
 // UnassignRoles removes roles from a Service User with the given userID.
-func (su *ServiceUsers) UnassignRoles(ctx context.Context, userID string, roles []Role) error {
+func (su *ServiceUsers) UnassignRoles(ctx context.Context, userID string, roles []roles.Role) error {
 	if userID == "" {
 		return iamerrors.Error{Err: iamerrors.ErrUserIDRequired, Desc: "No userID was provided."}
 	}
@@ -216,7 +217,7 @@ func (su *ServiceUsers) UnassignRoles(ctx context.Context, userID string, roles
 	return su.manageRoles(ctx, http.MethodDelete, userID, roles)
 }
 
-func (su *ServiceUsers) manageRoles(ctx context.Context, method string, userID string, roles []Role) error {
+func (su *ServiceUsers) manageRoles(ctx context.Context, method string, userID string, roles []roles.Role) error {
 	path, err := url.JoinPath(apiVersion, "service_users", userID, "roles")
 	if err != nil {
 		return iamerrors.Error{Err: iamerrors.ErrInternalAppError, Desc: err.Error()}

diff --git a/service/serviceusers/requests_test.go b/service/serviceusers/requests_test.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/selectel/iam-go/iamerrors"
 	"github.com/selectel/iam-go/internal/client"
+	"github.com/selectel/iam-go/service/roles"
 	"github.com/selectel/iam-go/service/serviceusers/testdata"
 )
 
@@ -41,8 +42,8 @@ func TestList(t *testing.T) {
 					Name:    "test",
 					Enabled: true,
 					ID:      "123",
-					Roles: []Role{
-						{Scope: Account, RoleName: Member},
+					Roles: []roles.Role{
+						{Scope: roles.Account, RoleName: roles.Member},
 					},
 				},
 			},
@@ -115,8 +116,8 @@ func TestGet(t *testing.T) {
 				Name:    "test",
 				Enabled: true,
 				ID:      "123",
-				Roles: []Role{
-					{Scope: Account, RoleName: Member},
+				Roles: []roles.Role{
+					{Scope: roles.Account, RoleName: roles.Member},
 				},
 			},
 			expectedError: nil,
@@ -235,7 +236,7 @@ func TestCreate(t *testing.T) {
 		enabled  bool
 		name     string
 		password string
-		roles    []Role
+		roles    []roles.Role
 	}
 	tests := []struct {
 		name             string
@@ -250,8 +251,8 @@ func TestCreate(t *testing.T) {
 				enabled:  true,
 				name:     "test",
 				password: "Qazwsxedc123",
-				roles: []Role{
-					{Scope: Account, RoleName: Member},
+				roles: []roles.Role{
+					{Scope: roles.Account, RoleName: roles.Member},
 				},
 			},
 			prepare: func() {
@@ -265,8 +266,8 @@ func TestCreate(t *testing.T) {
 				Name:    "test",
 				Enabled: true,
 				ID:      "123",
-				Roles: []Role{
-					{Scope: Account, RoleName: Member},
+				Roles: []roles.Role{
+					{Scope: roles.Account, RoleName: roles.Member},
 				},
 			},
 			expectedError: nil,
@@ -277,8 +278,8 @@ func TestCreate(t *testing.T) {
 				enabled:  true,
 				name:     "test",
 				password: "123",
-				roles: []Role{
-					{Scope: Account, RoleName: Member},
+				roles: []roles.Role{
+					{Scope: roles.Account, RoleName: roles.Member},
 				},
 			},
 			prepare: func() {
@@ -300,8 +301,8 @@ func TestCreate(t *testing.T) {
 				enabled:  true,
 				name:     "test",
 				password: "123",
-				roles: []Role{
-					{Scope: Account, RoleName: Member},
+				roles: []roles.Role{
+					{Scope: roles.Account, RoleName: roles.Member},
 				},
 			},
 			prepare: func() {
@@ -434,7 +435,7 @@ func TestUpdate(t *testing.T) {
 func TestAssignRoles(t *testing.T) {
 	type args struct {
 		userID string
-		roles  []Role
+		roles  []roles.Role
 	}
 	tests := []struct {
 		name          string
@@ -446,8 +447,8 @@ func TestAssignRoles(t *testing.T) {
 			name: "Test AssignRoles return output",
 			args: args{
 				userID: "123",
-				roles: []Role{
-					{Scope: Account, RoleName: Member},
+				roles: []roles.Role{
+					{Scope: roles.Account, RoleName: roles.Member},
 				},
 			},
 			prepare: func() {
@@ -464,8 +465,8 @@ func TestAssignRoles(t *testing.T) {
 			name: "Test AssignRoles return error",
 			args: args{
 				userID: "123",
-				roles: []Role{
-					{Scope: Account, RoleName: Member},
+				roles: []roles.Role{
+					{Scope: roles.Account, RoleName: roles.Member},
 				},
 			},
 			prepare: func() {
@@ -506,7 +507,7 @@ func TestAssignRoles(t *testing.T) {
 func TestUnassignRoles(t *testing.T) {
 	type args struct {
 		userID string
-		roles  []Role
+		roles  []roles.Role
 	}
 	tests := []struct {
 		name          string
@@ -518,8 +519,8 @@ func TestUnassignRoles(t *testing.T) {
 			name: "Test UnassignRoles return output",
 			args: args{
 				userID: "123",
-				roles: []Role{
-					{Scope: Account, RoleName: Member},
+				roles: []roles.Role{
+					{Scope: roles.Account, RoleName: roles.Member},
 				},
 			},
 			prepare: func() {
@@ -536,8 +537,8 @@ func TestUnassignRoles(t *testing.T) {
 			name: "Test UnassignRoles return error",
 			args: args{
 				userID: "123",
-				roles: []Role{
-					{Scope: Account, RoleName: Member},
+				roles: []roles.Role{
+					{Scope: roles.Account, RoleName: roles.Member},
 				},
 			},
 			prepare: func() {

diff --git a/service/serviceusers/schemas.go b/service/serviceusers/schemas.go
@@ -1,60 +1,21 @@
 package serviceusers
 
-type RoleName string
-
-const (
-	// Account owner.
-	AccountOwner RoleName = "account_owner"
-
-	// User administrator.
-	IAMAdmin RoleName = "iam_admin"
-
-	// Account/Project administrator.
-	Member RoleName = "member"
-
-	// Account/Project reader.
-	Reader RoleName = "reader"
-
-	// Billing administrator.
-	Billing RoleName = "billing"
-
-	// Object storage administrator.
-	ObjectStorageAdmin RoleName = "object_storage:admin"
-
-	// Object storage user.
-	ObjectStorageUser RoleName = "object_storage_user"
-)
-
-type Scope string
-
-const (
-	// Project scope.
-	Project Scope = "project"
-
-	// Account scope.
-	Account Scope = "account"
-)
+import "github.com/selectel/iam-go/service/roles"
 
 // ServiceUser represents a Selectel Service User.
 type ServiceUser struct {
-	ID      string `json:"id"`
-	Enabled bool   `json:"enabled"`
-	Name    string `json:"name"`
-	Roles   []Role `json:"roles"`
-}
-
-type Role struct {
-	ProjectID string   `json:"project_id,omitempty"`
-	RoleName  RoleName `json:"role_name"`
-	Scope     Scope    `json:"scope"`
+	ID      string       `json:"id"`
+	Enabled bool         `json:"enabled"`
+	Name    string       `json:"name"`
+	Roles   []roles.Role `json:"roles"`
 }
 
 // CreateRequest is used to set options for Create method.
 type CreateRequest struct {
 	Enabled  bool
 	Name     string
 	Password string
-	Roles    []Role
+	Roles    []roles.Role
 }
 
 // UpdateRequest is used to set options for Update method.
@@ -65,10 +26,10 @@ type UpdateRequest struct {
 }
 
 type createRequest struct {
-	Enabled  bool   `json:"enabled,omitempty"`
-	Name     string `json:"name,omitempty"`
-	Password string `json:"password,omitempty"`
-	Roles    []Role `json:"roles,omitempty"`
+	Enabled  bool         `json:"enabled,omitempty"`
+	Name     string       `json:"name,omitempty"`
+	Password string       `json:"password,omitempty"`
+	Roles    []roles.Role `json:"roles,omitempty"`
 }
 
 type updateRequest struct {
@@ -78,7 +39,7 @@ type updateRequest struct {
 }
 
 type manageRolesRequest struct {
-	Roles []Role `json:"roles"`
+	Roles []roles.Role `json:"roles"`
 }
 
 type listResponse struct {