[IAM] Implement federated mapping operations (#127)

[IAM] Implement federated mapping operations

Which issue this PR fixes
Fixes: #128
=== RUN   TestFederatedMappingLifecycle
--- PASS: TestFederatedMappingLifecycle (3.74s)
PASS

Process finished with exit code 0

Reviewed-by: None <None>
Reviewed-by: Anton Kachurin <[email protected]>
Reviewed-by: Anton Sidelnikov <None>

Author: lego963

acceptance/openstack/identity/v3/fed_mappings_test.go

@@ -0,0 +1,99 @@
+package v3
+
+import (
+	"os"
+	"testing"
+
+	"github.com/opentelekomcloud/gophertelekomcloud/acceptance/clients"
+	"github.com/opentelekomcloud/gophertelekomcloud/acceptance/tools"
+	"github.com/opentelekomcloud/gophertelekomcloud/openstack/identity/v3/federation/mappings"
+	th "github.com/opentelekomcloud/gophertelekomcloud/testhelper"
+)
+
+func TestFederatedMappingLifecycle(t *testing.T) {
+	if os.Getenv("OS_TENANT_ADMIN") == "" {
+		t.Skip("Policy doesn't allow iam:identityProviders:createMapping to be performed.")
+	}
+
+	client, err := clients.NewIdentityV3Client()
+	th.AssertNoErr(t, err)
+
+	createOpts := mappings.CreateOpts{
+		Rules: []mappings.RuleOpts{
+			{
+				Local: []mappings.LocalRuleOpts{
+					{
+						User: &mappings.UserOpts{
+							Name: "{0}",
+						},
+					},
+					{
+						Groups: "[\"admin\",\"manager\"]",
+					},
+				},
+				Remote: []mappings.RemoteRuleOpts{
+					{
+						Type: "uid",
+					},
+				},
+			},
+		},
+	}
+
+	mappingName := tools.RandomString("muh", 3)
+
+	mapping, err := mappings.Create(client, mappingName, createOpts).Extract()
+	th.AssertNoErr(t, err)
+
+	defer func() {
+		err = mappings.Delete(client, mapping.ID).ExtractErr()
+		th.AssertNoErr(t, err)
+	}()
+
+	th.AssertEquals(t, mappingName, mapping.ID)
+
+	got, err := mappings.Get(client, mapping.ID).Extract()
+	th.AssertNoErr(t, err)
+	th.AssertDeepEquals(t, mapping, got)
+
+	pages, err := mappings.List(client).AllPages()
+	th.AssertNoErr(t, err)
+
+	mappingList, err := mappings.ExtractMappings(pages)
+	th.AssertNoErr(t, err)
+	found := false
+	for _, m := range mappingList {
+		if m.ID == mapping.ID {
+			found = true
+			break
+		}
+	}
+	if !found {
+		t.Fatalf("created mapping not found in the list")
+	}
+
+	updateOpts := mappings.UpdateOpts{
+		Rules: []mappings.RuleOpts{
+			{
+				Local: []mappings.LocalRuleOpts{
+					{
+						User: &mappings.UserOpts{
+							Name: "samltestid-{0}",
+						},
+					},
+				},
+				Remote: []mappings.RemoteRuleOpts{
+					{
+						Type: "uid",
+					},
+				},
+			},
+		},
+	}
+	updated, err := mappings.Update(client, mapping.ID, updateOpts).Extract()
+	th.AssertNoErr(t, err)
+
+	got2, err := mappings.Get(client, mapping.ID).Extract()
+	th.AssertNoErr(t, err)
+	th.AssertDeepEquals(t, updated, got2)
+}

openstack/identity/v3/federation/mappings/requests.go

@@ -0,0 +1,129 @@
+package mappings
+
+import (
+	golangsdk "github.com/opentelekomcloud/gophertelekomcloud"
+	"github.com/opentelekomcloud/gophertelekomcloud/pagination"
+)
+
+// List enumerates the Groups to which the current token has access.
+func List(client *golangsdk.ServiceClient) pagination.Pager {
+	url := listURL(client)
+
+	return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page {
+		return MappingPage{pagination.LinkedPageBase{PageResult: r}}
+	})
+}
+
+// Get retrieves details on a single Mapping, by ID.
+func Get(client *golangsdk.ServiceClient, id string) (r GetResult) {
+	_, r.Err = client.Get(mappingURL(client, id), &r.Body, nil)
+	return
+}
+
+// CreateOptsBuilder allows extensions to add additional parameters to
+// the Create request.
+type CreateOptsBuilder interface {
+	ToMappingCreateMap() (map[string]interface{}, error)
+}
+
+// CreateOpts provides options used to create a mapping.
+type CreateOpts struct {
+	// Rules used to map federated users to local users.
+	Rules []RuleOpts `json:"rules" required:"true"`
+}
+
+type RuleOpts struct {
+	Local  []LocalRuleOpts  `json:"local" required:"true"`
+	Remote []RemoteRuleOpts `json:"remote" required:"true"`
+}
+
+type LocalRuleOpts struct {
+	User   *UserOpts  `json:"user,omitempty"`
+	Group  *GroupOpts `json:"group,omitempty"`
+	Groups string     `json:"groups,omitempty"`
+}
+
+type UserOpts struct {
+	Name string `json:"name" required:"true"`
+}
+
+type GroupOpts struct {
+	Name   string  `json:"name" required:"true"`
+	Domain *Domain `json:"domain,omitempty"`
+}
+
+type Domain struct {
+	Name string `json:"name,omitempty"`
+	ID   string `json:"id,omitempty"`
+}
+
+type RemoteRuleOpts struct {
+	Type     string   `json:"type" required:"true"`
+	NotAnyOf []string `json:"not_any_of,omitempty"`
+	AnyOneOf []string `json:"any_one_of,omitempty"`
+	Regex    *bool    `json:"regex,omitempty"`
+}
+
+// ToMappingCreateMap formats a CreateOpts into a create request.
+func (opts CreateOpts) ToMappingCreateMap() (map[string]interface{}, error) {
+	b, err := golangsdk.BuildRequestBody(opts, "mapping")
+	if err != nil {
+		return nil, err
+	}
+
+	return b, nil
+}
+
+// Create creates a new Mapping, by ID.
+func Create(client *golangsdk.ServiceClient, mappingID string, opts CreateOptsBuilder) (r CreateResult) {
+	b, err := opts.ToMappingCreateMap()
+	if err != nil {
+		r.Err = err
+		return
+	}
+	_, r.Err = client.Put(mappingURL(client, mappingID), &b, &r.Body, &golangsdk.RequestOpts{
+		OkCodes: []int{201},
+	})
+	return
+}
+
+// UpdateOptsBuilder allows extensions to add additional parameters to
+// the Update request.
+type UpdateOptsBuilder interface {
+	ToMappingUpdateMap() (map[string]interface{}, error)
+}
+
+// UpdateOpts provides options for updating a mapping.
+type UpdateOpts struct {
+	// Rules used to map federated users to local users.
+	Rules []RuleOpts `json:"rules" required:"true"`
+}
+
+// ToMappingUpdateMap formats a UpdateOpts into an update request.
+func (opts UpdateOpts) ToMappingUpdateMap() (map[string]interface{}, error) {
+	b, err := golangsdk.BuildRequestBody(opts, "mapping")
+	if err != nil {
+		return nil, err
+	}
+
+	return b, nil
+}
+
+// Update updates an existing Mapping, by ID.
+func Update(client *golangsdk.ServiceClient, mappingID string, opts UpdateOptsBuilder) (r UpdateResult) {
+	b, err := opts.ToMappingUpdateMap()
+	if err != nil {
+		r.Err = err
+		return
+	}
+	_, r.Err = client.Patch(mappingURL(client, mappingID), &b, &r.Body, &golangsdk.RequestOpts{
+		OkCodes: []int{200},
+	})
+	return
+}
+
+// Delete deletes a mapping, by ID.
+func Delete(client *golangsdk.ServiceClient, mappingID string) (r DeleteResult) {
+	_, r.Err = client.Delete(mappingURL(client, mappingID), nil)
+	return
+}

openstack/identity/v3/federation/mappings/results.go

@@ -0,0 +1,114 @@
+package mappings
+
+import (
+	golangsdk "github.com/opentelekomcloud/gophertelekomcloud"
+	"github.com/opentelekomcloud/gophertelekomcloud/pagination"
+)
+
+// Mapping helps manage mapping rules.
+type Mapping struct {
+	// ID is the unique ID of the mapping.
+	ID string `json:"id"`
+
+	// Resource Links of mappings.
+	Links map[string]interface{} `json:"links"`
+
+	// Rules used to map federated users to local users
+	Rules []Rule `json:"rules"`
+}
+
+type Rule struct {
+	Local  []LocalRule  `json:"local"`
+	Remote []RemoteRule `json:"remote"`
+}
+
+type LocalRule struct {
+	User  User  `json:"user"`
+	Group Group `json:"group"`
+}
+
+type User struct {
+	Name string `json:"name"`
+}
+
+type Group struct {
+	Name string `json:"name"`
+}
+
+type RemoteRule struct {
+	Type     string   `json:"type"`
+	NotAnyOf []string `json:"not_any_of"`
+}
+
+type mappingResult struct {
+	golangsdk.Result
+}
+
+// GetResult is the response from a Get operation. Call its Extract method
+// to interpret it as a Mapping.
+type GetResult struct {
+	mappingResult
+}
+
+// CreateResult is the response from a Create operation. Call its Extract method
+// to interpret it as a Mapping.
+type CreateResult struct {
+	mappingResult
+}
+
+// UpdateResult is the response from an Update operation. Call its Extract
+// method to interpret it as a Mapping.
+type UpdateResult struct {
+	mappingResult
+}
+
+// DeleteResult is the response from a Delete operation. Call its ExtractErr to
+// determine if the request succeeded or failed.
+type DeleteResult struct {
+	golangsdk.ErrResult
+}
+
+// MappingPage is a single page of Mapping results.
+type MappingPage struct {
+	pagination.LinkedPageBase
+}
+
+// IsEmpty determines whether or not a page of Mappings contains any results.
+func (r MappingPage) IsEmpty() (bool, error) {
+	mappings, err := ExtractMappings(r)
+	return len(mappings) == 0, err
+}
+
+// NextPageURL extracts the next/previous/self links from the links section of the result.
+func (r MappingPage) NextPageURL() (string, error) {
+	var s struct {
+		Links struct {
+			Next     string `json:"next"`
+			Previous string `json:"previous"`
+			Self     string `json:"self"`
+		} `json:"links"`
+	}
+	err := r.ExtractInto(&s)
+	if err != nil {
+		return "", err
+	}
+	return s.Links.Next, err
+}
+
+// ExtractMappings returns a slice of Mappings contained in a linked page of results.
+func ExtractMappings(r pagination.Page) ([]Mapping, error) {
+	var s struct {
+		Mappings []Mapping `json:"mappings"`
+	}
+	err := (r.(MappingPage)).ExtractInto(&s)
+	return s.Mappings, err
+}
+
+// Extract interprets any group results as a Mapping.
+func (r mappingResult) Extract() (*Mapping, error) {
+	var s struct {
+		Mapping *Mapping `json:"mapping"`
+	}
+	err := r.ExtractInto(&s)
+	return s.Mapping, err
+}

openstack/identity/v3/federation/mappings/urls.go

@@ -0,0 +1,16 @@
+package mappings
+
+import (
+	golangsdk "github.com/opentelekomcloud/gophertelekomcloud"
+	"github.com/opentelekomcloud/gophertelekomcloud/openstack/identity/v3/federation"
+)
+
+const rootPath = "mappings"
+
+func listURL(client *golangsdk.ServiceClient) string {
+	return client.ServiceURL(federation.BaseURL, rootPath)
+}
+
+func mappingURL(client *golangsdk.ServiceClient, mappingID string) string {
+	return client.ServiceURL(federation.BaseURL, rootPath, mappingID)
+}