diff --git a/.secrets.baseline b/.secrets.baseline index 9206dda4..6a7a4dce 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "plugin/i18n/v1Resources/|plugin/i18n/v2Resources/|(.*test.*)|(vendor)|(go.sum)|bin/|^.secrets.baseline$", "lines": null }, - "generated_at": "2024-05-23T21:29:26Z", + "generated_at": "2024-06-06T23:07:46Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -11,6 +11,9 @@ { "name": "ArtifactoryDetector" }, + { + "name": "AzureStorageKeyDetector" + }, { "base64_limit": 4.5, "name": "Base64HighEntropyString" @@ -28,6 +31,9 @@ "ghe_instance": "github.ibm.com", "name": "GheDetector" }, + { + "name": "GitHubTokenDetector" + }, { "hex_limit": 3, "name": "HexHighEntropyString" @@ -48,6 +54,9 @@ { "name": "MailchimpDetector" }, + { + "name": "NpmDetector" + }, { "name": "PrivateKeyDetector" }, @@ -57,6 +66,9 @@ { "name": "SoftlayerDetector" }, + { + "name": "SquareOAuthDetector" + }, { "name": "StripeDetector" }, @@ -312,7 +324,7 @@ "hashed_secret": "c2a6b03f190dfb2b4aa91f8af8d477a9bc3401dc", "is_secret": false, "is_verified": false, - "line_number": 373, + "line_number": 386, "type": "Secret Keyword", "verified_result": null } diff --git a/README.md b/README.md index 82ae6802..01b576f2 100644 --- a/README.md +++ b/README.md @@ -218,9 +218,15 @@ By default, every API call made to the SoftLayer API will load in the approprait To force errors: ```go -fakeHandler := testhelpers.FakeTransportHandler{} -fakeHandler.AddApiError("SoftLayer_Tag", "getAttachedTagsForCurrentUser", 500, "BAD") -fakeSLSession := &session.Session{TransportHandler: fakeHandler,} +// In the Top level BeforeEach +fakeSession = testhelpers.NewFakeSoftlayerSession(nil) +fakeHandler = testhelpers.GetSessionHandler(fakeSession) + +// Then in a BeforeEach for the specific test... +BeforeEach(func() { + fakeHandler.AddApiError("SoftLayer_User_Customer", "getObject", + 500, "Internal Server Error") +}) ``` To force a non-default JSON file to be loaded diff --git a/bin/buildAndDeploy.py b/bin/buildAndDeploy.py index 14b19a06..3b36a3d1 100755 --- a/bin/buildAndDeploy.py +++ b/bin/buildAndDeploy.py @@ -62,6 +62,17 @@ def runTests() -> None: if re.match(r"fixtrues|vendor", mod) is None: clean_mods.append(mod) + ## GO GENERATE + go_generate = ['go', 'generate', './...'] + # Not using the 'real' command here because this looks neater. + + print(f'[turquoise2]Running: go generate ./...') + try: + subprocess.run(go_generate, check=True) + except subprocess.CalledProcessError as e: + print(f"[red]>>> Go Generate failed <<<") + sys.exit(e.returncode) + ## GO VET go_vet = ['go', 'vet'] + clean_mods # Not using the 'real' command here because this looks neater. @@ -73,16 +84,7 @@ def runTests() -> None: print(f"[red]>>> Go Vet failed <<<") sys.exit(e.returncode) - ## GO GENERATE - go_generate = ['go', 'generate', './...'] - # Not using the 'real' command here because this looks neater. - print(f'[turquoise2]Running: go generate ./...') - try: - subprocess.run(go_generate, check=True) - except subprocess.CalledProcessError as e: - print(f"[red]>>> Go Generate failed <<<") - sys.exit(e.returncode) ## GO TEST go_test = ['go', 'test'] + clean_mods diff --git a/go.mod b/go.mod index 19cdc66e..506318c5 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/nicksnyder/go-i18n/v2 v2.4.0 github.com/onsi/ginkgo/v2 v2.17.0 github.com/onsi/gomega v1.31.1 - github.com/softlayer/softlayer-go v1.1.3 + github.com/softlayer/softlayer-go v1.1.5 github.com/spf13/cobra v1.8.0 github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.7.0 @@ -32,16 +32,17 @@ require ( github.com/google/go-cmp v0.6.0 // indirect github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/kr/pretty v0.2.1 // indirect + github.com/kr/text v0.2.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-runewidth v0.0.15 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/rivo/uniseg v0.4.7 // indirect + github.com/rogpeppe/go-internal v1.9.0 // indirect github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e // indirect golang.org/x/crypto v0.21.0 // indirect golang.org/x/mod v0.16.0 // indirect - golang.org/x/net v0.22.0 // indirect + golang.org/x/net v0.23.0 // indirect golang.org/x/sys v0.18.0 // indirect golang.org/x/term v0.18.0 // indirect golang.org/x/tools v0.19.0 // indirect diff --git a/go.sum b/go.sum index 7ed00c1b..c103f77b 100644 --- a/go.sum +++ b/go.sum @@ -8,6 +8,7 @@ github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWR github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -36,11 +37,10 @@ github.com/jarcoal/httpmock v1.0.5 h1:cHtVEcTxRSX4J0je7mWPfc9BpDpqzXSJ5HbymZmyHc github.com/jarcoal/httpmock v1.0.5/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT8nX0Txik= github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= @@ -63,6 +63,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= +github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sclevine/spec v1.4.0 h1:z/Q9idDcay5m5irkZ28M7PtQM4aOISzOpj4bUPkDee8= github.com/sclevine/spec v1.4.0/go.mod h1:LvpgJaFyvQzRvc1kaDs0bulYwzC70PbiYjC4QnFHkOM= @@ -70,8 +72,8 @@ github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykE github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v1.6.7 h1:I6tZjLXD2Q1kjvNbIzB1wvQBsXmKXiVrhpRE8ZjP5jY= github.com/smartystreets/goconvey v1.6.7/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/softlayer/softlayer-go v1.1.3 h1:dfFzt5eOKIAyB/b78fHMyDu5ICx0ZtxL9NRhBlf831A= -github.com/softlayer/softlayer-go v1.1.3/go.mod h1:Pc7F57OgUKaAam7TtpqkUeqL7QyKknfiUI4R49h41/U= +github.com/softlayer/softlayer-go v1.1.5 h1:UFFtgKxiw0yIuUw93XBCFIiIMYR5eLgmm4a5DqMHXGg= +github.com/softlayer/softlayer-go v1.1.5/go.mod h1:WeJrBLoTJcaT8nO1azeyHyNpo/fDLtbpbvh+pzts+Qw= github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e h1:3OgWYFw7jxCZPcvAg+4R8A50GZ+CCkARF10lxu2qDsQ= github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e/go.mod h1:fKZCUVdirrxrBpwd9wb+lSoVixvpwAu8eHzbQB2tums= github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= diff --git a/plugin/commands/order/complex_type.go b/plugin/commands/order/complex_type.go index 0179b69d..b3870591 100644 --- a/plugin/commands/order/complex_type.go +++ b/plugin/commands/order/complex_type.go @@ -21,7 +21,6 @@ var TYPEMAP = map[string]interface{}{ "SoftLayer_Container_Product_Order_Network_Interconnect_Upgrade": &datatypes.Container_Product_Order_Network_Interconnect_Upgrade{}, "SoftLayer_Container_Product_Order_Network_LoadBalancer": &datatypes.Container_Product_Order_Network_LoadBalancer{}, "SoftLayer_Container_Product_Order_Network_LoadBalancer_AsAService": &datatypes.Container_Product_Order_Network_LoadBalancer_AsAService{}, - "SoftLayer_Container_Product_Order_Network_LoadBalancer_Global": &datatypes.Container_Product_Order_Network_LoadBalancer_Global{}, "SoftLayer_Container_Product_Order_Network_Message_Delivery": &datatypes.Container_Product_Order_Network_Message_Delivery{}, "SoftLayer_Container_Product_Order_Network_PerformanceStorage": &datatypes.Container_Product_Order_Network_PerformanceStorage{}, "SoftLayer_Container_Product_Order_Network_PerformanceStorage_Iscsi": &datatypes.Container_Product_Order_Network_PerformanceStorage_Iscsi{}, diff --git a/plugin/commands/user/details_test.go b/plugin/commands/user/details_test.go index d3e86fa6..82666af7 100644 --- a/plugin/commands/user/details_test.go +++ b/plugin/commands/user/details_test.go @@ -2,7 +2,6 @@ package user_test import ( "errors" - "fmt" "time" "github.com/IBM-Cloud/ibm-cloud-cli-sdk/testhelpers/terminal" @@ -374,7 +373,6 @@ var _ = Describe("Detail", func() { Context("user detail with correct id and logins", func() { It("return a user with logins", func() { - fmt.Println("**") err := testhelpers.RunCobraCommand(cliCommand.Command, "5555", "--logins") Expect(err).NotTo(HaveOccurred()) Expect(fakeUI.Outputs()).To(ContainSubstring("name value")) @@ -401,7 +399,6 @@ var _ = Describe("Detail", func() { Context("user detail with correct id and events", func() { It("return a user with events", func() { - fmt.Println("**") err := testhelpers.RunCobraCommand(cliCommand.Command, "5555", "--events") Expect(err).NotTo(HaveOccurred()) Expect(fakeUI.Outputs()).To(ContainSubstring("name value")) diff --git a/plugin/commands/user/permissions.go b/plugin/commands/user/permissions.go index d36291fa..83027deb 100644 --- a/plugin/commands/user/permissions.go +++ b/plugin/commands/user/permissions.go @@ -1,8 +1,11 @@ package user import ( + "bytes" "strconv" + "github.com/IBM-Cloud/ibm-cloud-cli-sdk/bluemix/terminal" + "github.com/softlayer/softlayer-go/datatypes" "github.com/spf13/cobra" "github.ibm.com/SoftLayer/softlayer-cli/plugin/errors" . "github.ibm.com/SoftLayer/softlayer-cli/plugin/i18n" @@ -22,10 +25,14 @@ func NewPermissionsCommand(sl *metadata.SoftlayerCommand) (cmd *PermissionsComma SoftlayerCommand: sl, UserManager: managers.NewUserManager(sl.Session), } - + subs := map[string]interface{}{ + "HelpUrl": "https://cloud.ibm.com/docs/account?topic=account-migrated_permissions", + } cobraCmd := &cobra.Command{ Use: "permissions " + T("USER_ID"), Short: T("View user permissions"), + Long: T(`Some permissions here may also be managed by the IBM IAM service. +See {{.HelpUrl}} for more details.`, subs), Args: metadata.OneArgs, RunE: func(cmd *cobra.Command, args []string) error { return thisCmd.Run(args) @@ -36,7 +43,19 @@ func NewPermissionsCommand(sl *metadata.SoftlayerCommand) (cmd *PermissionsComma return thisCmd } +type PermissionCollection struct { + Department string + Permissions []Permission +} + +type Permission struct { + KeyName string + Assigned string + Description string +} + func (cmd *PermissionsCommand) Run(args []string) error { + outputFormat := cmd.GetOutputFlag() id, err := strconv.Atoi(args[0]) if err != nil { return errors.NewInvalidUsageError(T("User ID should be a number.")) @@ -48,17 +67,41 @@ func (cmd *PermissionsCommand) Run(args []string) error { return errors.NewAPIError(T("Failed to get user."), err.Error(), 2) } - allPermission, err := cmd.UserManager.GetAllPermission() + allPermission, err := cmd.UserManager.GetAllPermissionDepartments() if err != nil { return errors.NewAPIError(T("Failed to get permissions."), err.Error(), 2) } + userPermissions := []PermissionCollection{} + isMasterUser := false if user.IsMasterUserFlag != nil && *user.IsMasterUserFlag { - cmd.UI.Print(T("This account is the Master User and has all permissions enabled")) + if outputFormat != "JSON" { + cmd.UI.Print(T("This account is the Master User and has all permissions enabled")) + } isMasterUser = true } + + for _, department := range allPermission { + depPerm := PermissionCollection{Department: *department.KeyName} + for _, perm := range department.Permissions { + assignedPerm := UserHasPermission(user.Permissions, *perm.KeyName) || isMasterUser + thisPerm := Permission{ + KeyName: *perm.KeyName, + Description: *perm.Description, + Assigned: strconv.FormatBool(assignedPerm), + } + depPerm.Permissions = append(depPerm.Permissions, thisPerm) + } + userPermissions = append(userPermissions, depPerm) + } + + if outputFormat == "JSON" { + return utils.PrintPrettyJSON(cmd.UI, userPermissions) + } + + table := cmd.UI.Table([]string{T("ID"), T("Role Name"), T("Description")}) for _, role := range user.Roles { @@ -71,31 +114,28 @@ func (cmd *PermissionsCommand) Run(args []string) error { table.Add("", "", "") table.Print() - tablePermission := cmd.UI.Table([]string{T("Description"), T("KeyName"), T("Assigned")}) - for _, perm := range allPermission { - var assigned bool - // Display master user as having all permissions, even though they have none, technically. - if isMasterUser { - assigned = true - } - for _, userPerm := range user.Permissions { - if perm.KeyName != nil && userPerm.KeyName != nil && *perm.KeyName == *userPerm.KeyName { - assigned = true - } - - } - flag := true - arr := []string{"ACCOUNT_SUMMARY_VIEW", "REQUEST_COMPLIANCE_REPORT", "COMPANY_EDIT", "ONE_TIME_PAYMENTS", "UPDATE_PAYMENT_DETAILS", - "EU_LIMITED_PROCESSING_MANAGE", "TICKET_ADD", "TICKET_EDIT", "TICKET_SEARCH", "TICKET_VIEW", "TICKET_VIEW_ALL"} - for i := 0; i < len(arr); i++ { - if *perm.KeyName == arr[i] { - flag = false - } - } - if flag == true { - tablePermission.Add(utils.FormatStringPointer(perm.Name), utils.FormatStringPointer(perm.KeyName), strconv.FormatBool(assigned)) + tablePermission := cmd.UI.Table([]string{T("Department"), T("Permissions")}) + for _, department := range userPermissions { + buf := new(bytes.Buffer) + headers := []string{T("KeyName"), T("Assigned"), T("Description")} + subTable := terminal.NewTable(buf, headers) + for _, perm := range department.Permissions { + subTable.Add(perm.KeyName, perm.Assigned, perm.Description) } + subTable.Print() + tablePermission.Add(department.Department, buf.String()) } tablePermission.Print() return nil } + + +func UserHasPermission(userPermissions []datatypes.User_Customer_CustomerPermission_Permission, keyName string) bool { + assigned := false + for _, userPerm := range userPermissions { + if *userPerm.KeyName == keyName { + assigned = true + } + } + return assigned +} \ No newline at end of file diff --git a/plugin/commands/user/permissions_test.go b/plugin/commands/user/permissions_test.go index 6df72290..aad0c7a3 100644 --- a/plugin/commands/user/permissions_test.go +++ b/plugin/commands/user/permissions_test.go @@ -1,14 +1,11 @@ package user_test import ( - "errors" - "github.com/IBM-Cloud/ibm-cloud-cli-sdk/testhelpers/terminal" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/softlayer/softlayer-go/datatypes" + "github.com/softlayer/softlayer-go/session" - "github.com/softlayer/softlayer-go/sl" "github.ibm.com/SoftLayer/softlayer-cli/plugin/commands/user" "github.ibm.com/SoftLayer/softlayer-cli/plugin/metadata" @@ -18,46 +15,19 @@ import ( var _ = Describe("User Permissions", func() { var ( fakeUI *terminal.FakeUI - fakeUserManager *testhelpers.FakeUserManager cliCommand *user.PermissionsCommand fakeSession *session.Session slCommand *metadata.SoftlayerCommand + fakeHandler *testhelpers.FakeTransportHandler ) BeforeEach(func() { fakeUI = terminal.NewFakeUI() - fakeUserManager = new(testhelpers.FakeUserManager) - fakeSession = testhelpers.NewFakeSoftlayerSession([]string{}) + fakeSession = testhelpers.NewFakeSoftlayerSession(nil) + fakeHandler = testhelpers.GetSessionHandler(fakeSession) slCommand = metadata.NewSoftlayerCommand(fakeUI, fakeSession) cliCommand = user.NewPermissionsCommand(slCommand) cliCommand.Command.PersistentFlags().Var(cliCommand.OutputFlag, "output", "--output=JSON for json output.") - cliCommand.UserManager = fakeUserManager - testUser := datatypes.User_Customer{ - Roles: []datatypes.User_Permission_Role{ - datatypes.User_Permission_Role{ - Id: sl.Int(123), - Name: sl.String("role name"), - Description: sl.String("description"), - }, - }, - Permissions: []datatypes.User_Customer_CustomerPermission_Permission{ - datatypes.User_Customer_CustomerPermission_Permission{ - KeyName: sl.String("KEY_PERMISSION_1"), - Name: sl.String("Permission 1"), - }, - }, - } - testAllPermissions := []datatypes.User_Customer_CustomerPermission_Permission{ - datatypes.User_Customer_CustomerPermission_Permission{ - KeyName: sl.String("KEY_PERMISSION_1"), - Name: sl.String("Permission 1"), - }, - datatypes.User_Customer_CustomerPermission_Permission{ - KeyName: sl.String("KEY_PERMISSION_2"), - Name: sl.String("Permission 2"), - }, - } - fakeUserManager.GetUserReturns(testUser, nil) - fakeUserManager.GetAllPermissionReturns(testAllPermissions, nil) + }) Describe("user permissions ", func() { @@ -78,8 +48,11 @@ var _ = Describe("User Permissions", func() { }) Context("user permissions error user", func() { + BeforeEach(func() { + fakeHandler.AddApiError("SoftLayer_User_Customer", "getObject", + 500, "Internal Server Error") + }) It("return error", func() { - fakeUserManager.GetUserReturns(datatypes.User_Customer{}, errors.New("Internal server error")) err := testhelpers.RunCobraCommand(cliCommand.Command, "123") Expect(err).To(HaveOccurred()) Expect(err.Error()).To(ContainSubstring("Failed to get user.")) @@ -87,8 +60,11 @@ var _ = Describe("User Permissions", func() { }) Context("user permissions error", func() { + BeforeEach(func() { + fakeHandler.AddApiError("SoftLayer_User_Permission_Department", "getAllObjects", + 500, "Internal Server Error") + }) It("return error", func() { - fakeUserManager.GetAllPermissionReturns([]datatypes.User_Customer_CustomerPermission_Permission{}, errors.New("Internal server error")) err := testhelpers.RunCobraCommand(cliCommand.Command, "123") Expect(err).To(HaveOccurred()) Expect(err.Error()).To(ContainSubstring("Failed to get permissions.")) @@ -99,38 +75,17 @@ var _ = Describe("User Permissions", func() { It("return user permissions", func() { err := testhelpers.RunCobraCommand(cliCommand.Command, "123") Expect(err).NotTo(HaveOccurred()) - Expect(fakeUI.Outputs()).To(ContainSubstring("ID Role Name Description")) - Expect(fakeUI.Outputs()).To(ContainSubstring("123 role name description")) - Expect(fakeUI.Outputs()).To(ContainSubstring("Description KeyName Assigned")) - Expect(fakeUI.Outputs()).To(ContainSubstring("Permission 1 KEY_PERMISSION_1 true")) - Expect(fakeUI.Outputs()).To(ContainSubstring("Permission 2 KEY_PERMISSION_2 false")) - }) - }) - - Context("hide user permissions", func() { - It("return not equal user permissions", func() { - err := testhelpers.RunCobraCommand(cliCommand.Command, "123") - Expect(err).NotTo(HaveOccurred()) - Expect(fakeUI.Outputs()).NotTo(Equal("ACCOUNT_SUMMARY_VIEW")) - Expect(fakeUI.Outputs()).To(Not(Equal("REQUEST_COMPLIANCE_REPORT"))) - Expect(fakeUI.Outputs()).To(Not(Equal("COMPANY_EDIT"))) - Expect(fakeUI.Outputs()).To(Not(Equal("ONE_TIME_PAYMENTS"))) - Expect(fakeUI.Outputs()).To(Not(Equal("UPDATE_PAYMENT_DETAILS"))) - Expect(fakeUI.Outputs()).To(Not(Equal("EU_LIMITED_PROCESSING_MANAGE"))) - Expect(fakeUI.Outputs()).To(Not(Equal("TICKET_ADD"))) - Expect(fakeUI.Outputs()).To(Not(Equal("TICKET_EDIT"))) - Expect(fakeUI.Outputs()).To(Not(Equal("TICKET_SEARCH"))) - Expect(fakeUI.Outputs()).To(Not(Equal("TICKET_VIEW"))) - Expect(fakeUI.Outputs()).To(Not(Equal("TICKET_VIEW_ALL"))) + Expect(fakeUI.Outputs()).To(ContainSubstring("ID Role Name Description")) + Expect(fakeUI.Outputs()).To(ContainSubstring("2 role name description of the role")) + Expect(fakeUI.Outputs()).To(ContainSubstring("ADMINISTRATIVE KeyName Assigned Description")) + Expect(fakeUI.Outputs()).To(ContainSubstring("ACCOUNT_BRAND_ADD false Permission to create sub brands")) + Expect(fakeUI.Outputs()).To(ContainSubstring("ACCOUNT_BILLING_SYSTEM true Permission to access account billing system type determination")) }) }) Context("user permissions - master account", func() { It("return user permissions", func() { - fakeUserManager.GetUserReturns(datatypes.User_Customer{ - IsMasterUserFlag: sl.Bool(true), - }, nil) - err := testhelpers.RunCobraCommand(cliCommand.Command, "123") + err := testhelpers.RunCobraCommand(cliCommand.Command, "12345") Expect(err).NotTo(HaveOccurred()) Expect(fakeUI.Outputs()).To(ContainSubstring("This account is the Master User and has all permissions enabled")) }) diff --git a/plugin/i18n/v2Resources/active.en-US.json b/plugin/i18n/v2Resources/active.en-US.json index fcb20cba..19f3c2ec 100644 --- a/plugin/i18n/v2Resources/active.en-US.json +++ b/plugin/i18n/v2Resources/active.en-US.json @@ -1715,6 +1715,9 @@ "Deny sharing of an image template with another account.": { "other": "Deny sharing of an image template with another account." }, + "Department": { + "other": "Department" + }, "Description": { "other": "Description" }, @@ -6014,6 +6017,9 @@ "Software not found": { "other": "Software not found" }, + "Some permissions here may also be managed by the IBM IAM service.\nSee {{.HelpUrl}} for more details.": { + "other": "Some permissions here may also be managed by the IBM IAM service.\nSee {{.HelpUrl}} for more details." + }, "Sortable": { "other": "Sortable" }, diff --git a/plugin/managers/user.go b/plugin/managers/user.go index 2982aecf..98e66e1e 100644 --- a/plugin/managers/user.go +++ b/plugin/managers/user.go @@ -32,6 +32,7 @@ type UserManager interface { GetUser(userId int, mask string) (datatypes.User_Customer, error) GetCurrentUser() (datatypes.User_Customer, error) GetAllPermission() ([]datatypes.User_Customer_CustomerPermission_Permission, error) + GetAllPermissionDepartments() ([]datatypes.User_Permission_Department, error) AddPermission(userId int, permissions []datatypes.User_Customer_CustomerPermission_Permission) (bool, error) RemovePermission(userId int, permissions []datatypes.User_Customer_CustomerPermission_Permission) (bool, error) PermissionFromUser(userId, fromUserId int) error @@ -125,6 +126,18 @@ func (u userManager) GetAllPermission() ([]datatypes.User_Customer_CustomerPermi return parsedPermission, nil } +func (u userManager) GetAllPermissionDepartments() ([]datatypes.User_Permission_Department, error) { + permissionService := services.GetUserPermissionDepartmentService(u.Session) + mask := "mask[permissions[id,description,name,keyName]]" + permissions, err := permissionService.Mask(mask).GetAllObjects() + if err != nil { + return nil, err + } + + return permissions, nil +} + + func (u userManager) AddPermission(userId int, permissions []datatypes.User_Customer_CustomerPermission_Permission) (bool, error) { return u.UserCustomerService.Id(userId).AddBulkPortalPermission(permissions) } diff --git a/plugin/testfixtures/SoftLayer_User_Customer/getObject-123.json b/plugin/testfixtures/SoftLayer_User_Customer/getObject-123.json new file mode 100644 index 00000000..30c6b16f --- /dev/null +++ b/plugin/testfixtures/SoftLayer_User_Customer/getObject-123.json @@ -0,0 +1,43 @@ +{ + "id": 123, + "permissions": [ + { + "createDate": null, + "departmentId": 1, + "description": "Permission to access account billing system type determination endpoint", + "id": 5088, + "key": null, + "keyName": "ACCOUNT_BILLING_SYSTEM", + "modifyDate": null, + "name": "Account Billing System" + }, + { + "createDate": null, + "departmentId": 3, + "description": "Add new support tickets.", + "id": 3, + "key": "T_7", + "keyName": "TICKET_ADD", + "modifyDate": null, + "name": "Add Tickets" + }, + { + "createDate": null, + "departmentId": 4, + "description": "Create, edit and delete SAML authentication records.", + "id": 3664, + "key": "SM_1", + "keyName": "SAML_AUTHENTICATION_MANAGE", + "modifyDate": null, + "name": "Manage SAML Authentication" + } + ], + "roles": [ + { + "id": 2, + "Name" : "role name", + "Description": "description of the role" + } + ], + "isMasterUserFlag": false +} diff --git a/plugin/testfixtures/SoftLayer_User_Customer/getObject-12345.json b/plugin/testfixtures/SoftLayer_User_Customer/getObject-12345.json new file mode 100644 index 00000000..d3983156 --- /dev/null +++ b/plugin/testfixtures/SoftLayer_User_Customer/getObject-12345.json @@ -0,0 +1,33 @@ +{ + "id": 123, + "permissions": [ + { + "createDate": null, + "departmentId": 1, + "description": "Permission to access account billing system type determination endpoint", + "id": 5088, + "key": null, + "keyName": "ACCOUNT_BILLING_SYSTEM", + "modifyDate": null, + "name": "Account Billing System" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Add new servers to the account.", + "id": 1267, + "key": "XX_1", + "keyName": "SERVER_ADD", + "modifyDate": null, + "name": "Add Server" + } + ], + "roles": [ + { + "id": 2, + "Name" : "role name", + "Description": "description of the role" + } + ], + "isMasterUserFlag": true +} diff --git a/plugin/testfixtures/SoftLayer_User_Customer/getObject.json b/plugin/testfixtures/SoftLayer_User_Customer/getObject.json index 1adefb62..34838896 100644 --- a/plugin/testfixtures/SoftLayer_User_Customer/getObject.json +++ b/plugin/testfixtures/SoftLayer_User_Customer/getObject.json @@ -1 +1,89 @@ -{"username": "test", "modifyDate": "2018-10-05T02:00:27+08:00", "localeId": 1, "unsuccessfulLogins": [], "locale": {"friendlyName": "English", "id": 1, "name": "English", "languageTag": "en-US"}, "secondaryPasswordModifyDate": "2018-08-31T21:02:29+08:00", "timezone": {"shortName": "CST", "offset": "-0600", "id": 114, "name": "sdfsdaf", "longName": "(GMT-06:00) America/Dallas - CST"}, "userStatusId": 22, "id": 345234, "accountId": 5342, "pptpVpnAllowedFlag": false, "city": "Markham", "savedId": "7260307", "createDate": "2018-08-31T21:02:26+08:00", "userStatus": {"name": "Active"}, "successfulLogins": [{"successFlag": true, "createDate": "2018-11-09T00:40:58+08:00", "ipAddress": "169.60.96.34", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-09T00:25:31+08:00", "ipAddress": "169.60.96.54", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-09T00:23:28+08:00", "ipAddress": "169.60.96.38", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-09T00:23:26+08:00", "ipAddress": "169.60.96.44", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-09T00:23:13+08:00", "ipAddress": "169.60.96.56", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-09T00:21:44+08:00", "ipAddress": "169.60.96.46", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-09T00:21:21+08:00", "ipAddress": "169.60.96.59", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-09T00:21:16+08:00", "ipAddress": "169.60.96.54", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-09T00:15:59+08:00", "ipAddress": "169.60.75.102", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-09T00:15:51+08:00", "ipAddress": "169.60.96.44", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-06T02:40:04+08:00", "ipAddress": "169.60.96.34", "userId": 7260307}, {"successFlag": true, "createDate": "2018-11-06T02:39:58+08:00", "ipAddress": "169.51.49.78", "userId": 7260307}, {"successFlag": true, "createDate": "2018-10-05T01:56:46+08:00", "ipAddress": "129.42.208.179", "userId": 7260307}, {"successFlag": true, "createDate": "2018-09-20T04:54:01+08:00", "ipAddress": "129.42.208.182", "userId": 7260307}, {"successFlag": true, "createDate": "2018-09-11T20:27:33+08:00", "ipAddress": "129.42.208.183", "userId": 7260307}], "state": "ON", "parentId": 146836, "postalCode": "L6G1C7", "sslVpnAllowedFlag": true, "vpnManualConfig": false, "email": "Tache.Johnson@ibm.com", "secondaryLoginManagementFlag": true, "timezoneId": 114, "iamId": "IBMid-550000P00Y", "apiAuthenticationKeys": [], "parent": {"username": "IBM278444", "id": 146836}, "companyName": "IBM - BlueMix - Internal Dev", "address1": "8200 Warden Ave", "isMasterUserFlag": false, "ibmIdLink": {"realm": "IBMid", "userId": 7260307, "createDate": "2018-09-11T20:27:28+08:00", "uniqueIdentifier": "IBMid-550000P00Y", "id": 744393, "serviceProvider": {"keyName": "BLUE_ID", "description": "Blue ID", "name": "Blue ID", "id": 348}, "serviceProviderId": 348, "destinationUserAlphanumericId": "tache%2ejohnson@ibm%2ecom", "defaultFlag": 1}, "secondaryPasswordTimeoutDays": 0, "displayName": "Tache J", "firstName": "Tache ", "iamAuthorizationFlag": false, "denyAllResourceAccessOnCreateFlag": false, "lastName": "Johnson", "forumPasswordHash": "unused", "openIdConnectUserName": "tache.johnson@ibm.com", "managedByOpenIdConnectFlag": true, "daylightSavingsTimeFlag": false, "country": "CA", "managedByFederationFlag": false} +{ + "accountId": 5342, + "address1": "11111111 aaaa Ave", + "apiAuthenticationKeys": [], + "city": "Markham", + "companyName": "IBM - BlueMix - Internal Dev", + "country": "CA", + "createDate": "2018-08-31T21:02:26+08:00", + "daylightSavingsTimeFlag": false, + "denyAllResourceAccessOnCreateFlag": false, + "displayName": "XXX J", + "email": "XXX.ASD@ibm.com", + "firstName": "XXX ", + "forumPasswordHash": "unused", + "iamAuthorizationFlag": false, + "iamId": "IBMid-550000P00Y", + "ibmIdLink": { + "createDate": "2018-09-11T20:27:28+08:00", + "defaultFlag": 1, + "destinationUserAlphanumericId": "asdfg@ibm%2ecom", + "id": 744393, + "realm": "IBMid", + "serviceProvider": { + "description": "Blue ID", + "id": 348, + "keyName": "BLUE_ID", + "name": "Blue ID" + }, + "serviceProviderId": 348, + "uniqueIdentifier": "IBMid-550000P00Y", + "userId": 7260307 + }, + "id": 345234, + "isMasterUserFlag": false, + "lastName": "ASD", + "locale": { + "friendlyName": "English", + "id": 1, + "languageTag": "en-US", + "name": "English" + }, + "localeId": 1, + "managedByFederationFlag": false, + "managedByOpenIdConnectFlag": true, + "modifyDate": "2018-10-05T02:00:27+08:00", + "openIdConnectUserName": "asdfgn@ibm.com", + "parent": { + "id": 146836, + "username": "IBM278444" + }, + "parentId": 146836, + "postalCode": "L6G1C7", + "pptpVpnAllowedFlag": false, + "savedId": "7260307", + "secondaryLoginManagementFlag": true, + "secondaryPasswordModifyDate": "2018-08-31T21:02:29+08:00", + "secondaryPasswordTimeoutDays": 0, + "sslVpnAllowedFlag": true, + "state": "ON", + "successfulLogins": [ + { + "createDate": "2018-11-09T00:40:58+08:00", + "ipAddress": "169.60.96.34", + "successFlag": true, + "userId": 7260307 + }, + { + "createDate": "2018-11-09T00:25:31+08:00", + "ipAddress": "169.60.96.54", + "successFlag": true, + "userId": 7260307 + } + ], + "timezone": { + "id": 114, + "longName": "(GMT-06:00) America/Dallas - CST", + "name": "sdfsdaf", + "offset": "-0600", + "shortName": "CST" + }, + "timezoneId": 114, + "unsuccessfulLogins": [], + "userStatus": { + "name": "Active" + }, + "userStatusId": 22, + "username": "test", + "vpnManualConfig": false +} \ No newline at end of file diff --git a/plugin/testfixtures/SoftLayer_User_Permission_Department/getAllObjects.json b/plugin/testfixtures/SoftLayer_User_Permission_Department/getAllObjects.json new file mode 100644 index 00000000..d6754ff6 --- /dev/null +++ b/plugin/testfixtures/SoftLayer_User_Permission_Department/getAllObjects.json @@ -0,0 +1,978 @@ +[ + { + "description": "Administrative", + "id": 1, + "keyName": "ADMINISTRATIVE", + "name": "Administrative", + "permissions": [ + { + "createDate": null, + "departmentId": 1, + "description": "Permission to access account billing system type determination endpoint", + "id": 5088, + "key": null, + "keyName": "ACCOUNT_BILLING_SYSTEM", + "modifyDate": null, + "name": "Account Billing System" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Activate Partner Customer Account", + "id": 1315, + "key": "A_16", + "keyName": "ACTIVATE_PARTNER_ACCOUNT", + "modifyDate": null, + "name": "Activate Partner Customer Account" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Permission to create sub brands", + "id": 1313, + "key": "A_13", + "keyName": "ACCOUNT_BRAND_ADD", + "modifyDate": null, + "name": "Add Brand Account" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Permission to create customer account.", + "id": 1312, + "key": "A_14", + "keyName": "ACCOUNT_CUSTOMER_ADD", + "modifyDate": null, + "name": "Add Customer Account" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Permission to interface with the Automated Brand Migration process", + "id": 5089, + "key": null, + "keyName": "AUTOMATED_BRAND_MIGRATION", + "modifyDate": null, + "name": "Automated Brand Migration" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Modify the account and company profile associated with this account.", + "id": 1268, + "key": "A_2", + "keyName": "COMPANY_EDIT", + "modifyDate": null, + "name": "Edit Company Profile" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Permission to manage account notes", + "id": 5087, + "key": null, + "keyName": "MANAGE_ACCOUNT_NOTE", + "modifyDate": null, + "name": "Manage Account Notes" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Manage e-mail delivery service accounts.", + "id": 1308, + "key": "NET_4", + "keyName": "NETWORK_MESSAGE_DELIVERY_MANAGE", + "modifyDate": null, + "name": "Manage E-mail Delivery Service" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Provides users ability to toggle the EU Supported account flag.", + "id": 3693, + "key": "EU_1", + "keyName": "EU_LIMITED_PROCESSING_MANAGE", + "modifyDate": null, + "name": "Manage EU Supported Account Flag" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Create and manage notification subscribers for usage warnings and overages.", + "id": 1296, + "key": "NTF_1", + "keyName": "NTF_SUBSCRIBER_MANAGE", + "modifyDate": null, + "name": "Manage Notification Subscribers" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Manage users and assign permissions.", + "id": 1266, + "key": "A_0", + "keyName": "USER_MANAGE", + "modifyDate": null, + "name": "Manage Users" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Physically Access a Customer's Colo Cage", + "id": 1319, + "key": "DA_2", + "keyName": "DATACENTER_ROOM_ACCESS", + "modifyDate": null, + "name": "Physically Access a Customer's Colo Cage" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Physically Access a Datacenter", + "id": 1318, + "key": "DA_1", + "keyName": "DATACENTER_ACCESS", + "modifyDate": null, + "name": "Physically Access a Datacenter" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Submit one-time payments for this account.", + "id": 63, + "key": "A_4", + "keyName": "ONE_TIME_PAYMENTS", + "modifyDate": null, + "name": "Submit One-Time Payments" + }, + { + "createDate": null, + "departmentId": 1, + "description": "Update the recurring monthly payment information.", + "id": 62, + "key": "A_3", + "keyName": "UPDATE_PAYMENT_DETAILS", + "modifyDate": null, + "name": "Update Payment Details" + }, + { + "createDate": null, + "departmentId": 1, + "description": "View the account summary page including invoices and payments.", + "id": 64, + "key": "A_1", + "keyName": "ACCOUNT_SUMMARY_VIEW", + "modifyDate": null, + "name": "View Account Summary" + }, + { + "createDate": null, + "departmentId": 1, + "description": "View the account-wide event log history.", + "id": 1314, + "key": "A_15", + "keyName": "USER_EVENT_LOG_VIEW", + "modifyDate": null, + "name": "View Event Log" + } + ] + }, + { + "description": "Sales", + "id": 2, + "keyName": "SALES", + "name": "Sales", + "permissions": [ + { + "createDate": null, + "departmentId": 2, + "description": "Add new servers to the account.", + "id": 1267, + "key": "XX_1", + "keyName": "SERVER_ADD", + "modifyDate": null, + "name": "Add Server" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Add and upgrade any cloud computing instances on the account.", + "id": 1303, + "key": "A_11", + "keyName": "INSTANCE_UPGRADE", + "modifyDate": null, + "name": "Add/Upgrade Cloud Instances" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Add and upgrade any services on the account.", + "id": 1271, + "key": "A_7", + "keyName": "SERVICE_ADD", + "modifyDate": null, + "name": "Add/Upgrade Services" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Add and upgrade any storage services (StorageLayer) on the account.", + "id": 1265, + "key": "A_10", + "keyName": "ADD_SERVICE_STORAGE", + "modifyDate": null, + "name": "Add/Upgrade Storage (StorageLayer)" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Cancel any servers on the account.", + "id": 1270, + "key": "A_6", + "keyName": "SERVER_CANCEL", + "modifyDate": null, + "name": "Cancel Server" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Cancel any services on the account.", + "id": 1273, + "key": "A_9", + "keyName": "SERVICE_CANCEL", + "modifyDate": null, + "name": "Cancel Services" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Upgrade any servers on the account.", + "id": 1269, + "key": "A_5", + "keyName": "SERVER_UPGRADE", + "modifyDate": null, + "name": "Upgrade Server" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Upgrade Services", + "id": 1272, + "key": "A_8", + "keyName": "SERVICE_UPGRADE", + "modifyDate": null, + "name": "Upgrade Services" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Permission to view billing ACH information.", + "id": 5085, + "key": null, + "keyName": "VIEW_ACH_INFO", + "modifyDate": null, + "name": "View Billing ACH Information" + }, + { + "createDate": null, + "departmentId": 2, + "description": "Permission to view an order with reseller pricing.", + "id": 5086, + "key": null, + "keyName": "VIEW_RESELLER_ORDER", + "modifyDate": null, + "name": "View reseller order pricing" + } + ] + }, + { + "description": "Support", + "id": 3, + "keyName": "SUPPORT", + "name": "Support", + "permissions": [ + { + "createDate": null, + "departmentId": 3, + "description": "Add new support tickets.", + "id": 3, + "key": "T_7", + "keyName": "TICKET_ADD", + "modifyDate": null, + "name": "Add Tickets" + }, + { + "createDate": null, + "departmentId": 3, + "description": "Edit support tickets.", + "id": 2, + "key": "T_8", + "keyName": "TICKET_EDIT", + "modifyDate": null, + "name": "Edit Tickets" + }, + { + "createDate": null, + "departmentId": 3, + "description": "Search through previous tickets.", + "id": 203, + "key": "T_2", + "keyName": "TICKET_SEARCH", + "modifyDate": null, + "name": "Search Tickets" + }, + { + "createDate": null, + "departmentId": 3, + "description": "View all tickets regardless of which user the ticket is assigned to.", + "id": 1321, + "key": "T_6", + "keyName": "TICKET_VIEW_ALL", + "modifyDate": null, + "name": "View All Tickets" + }, + { + "createDate": null, + "departmentId": 3, + "description": "View tickets assigned to the user.", + "id": 1, + "key": "T_1", + "keyName": "TICKET_VIEW", + "modifyDate": null, + "name": "View Tickets" + } + ] + }, + { + "description": "Security", + "id": 4, + "keyName": "SECURITY", + "name": "Security", + "permissions": [ + { + "createDate": null, + "departmentId": 4, + "description": "Add, remove, and update certificates (includes the private key).", + "id": 1325, + "key": "SE_9", + "keyName": "SECURITY_CERTIFICATE_MANAGE", + "modifyDate": null, + "name": "Manage Certificates (SSL)" + }, + { + "createDate": null, + "departmentId": 4, + "description": "Create, edit and delete SAML authentication records.", + "id": 3664, + "key": "SM_1", + "keyName": "SAML_AUTHENTICATION_MANAGE", + "modifyDate": null, + "name": "Manage SAML Authentication" + }, + { + "createDate": null, + "departmentId": 4, + "description": "Add, remove, and update SSH keys.", + "id": 1320, + "key": "SE_10", + "keyName": "CUSTOMER_SSH_KEY_MANAGEMENT", + "modifyDate": null, + "name": "Manage SSH Keys" + }, + { + "createDate": null, + "departmentId": 4, + "description": "Request compliance reports.", + "id": 2442, + "key": "COM_1", + "keyName": "REQUEST_COMPLIANCE_REPORT", + "modifyDate": null, + "name": "Request Compliance Report" + }, + { + "createDate": null, + "departmentId": 4, + "description": "View certificates (includes the private key).", + "id": 1324, + "key": "SE_8", + "keyName": "SECURITY_CERTIFICATE_VIEW", + "modifyDate": null, + "name": "View Certificates (SSL)" + }, + { + "createDate": null, + "departmentId": 4, + "description": "Request and view Vulnerability Scans.", + "id": 1295, + "key": "SE_7", + "keyName": "VULN_SCAN_MANAGE", + "modifyDate": null, + "name": "Vulnerability Scanning" + } + ] + }, + { + "description": "Devices", + "id": 5, + "keyName": "DEVICES", + "name": "Devices", + "permissions": [ + { + "createDate": null, + "departmentId": 5, + "description": "Allows a user to access virtual dedicated hosts", + "id": 3679, + "key": "ALL_3", + "keyName": "ACCESS_ALL_DEDICATEDHOSTS", + "modifyDate": null, + "name": "Access Virtual DedicatedHosts" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Add IP Addresses to a server.", + "id": 1281, + "key": "H_6", + "keyName": "IP_ADD", + "modifyDate": null, + "name": "Add IP Addresses" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Allow a user to access all guests on the account.", + "id": 1841, + "key": "ALL_2", + "keyName": "ACCESS_ALL_GUEST", + "modifyDate": null, + "name": "All Guest Access" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Allow a user to access all hardware on the account.", + "id": 1821, + "key": "ALL_1", + "keyName": "ACCESS_ALL_HARDWARE", + "modifyDate": null, + "name": "All Hardware Access" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Edit hostname and domain name for devices on the account.", + "id": 1304, + "key": "H_7", + "keyName": "HOSTNAME_EDIT", + "modifyDate": null, + "name": "Edit Hostname/Domain" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Allows users to edit Hardware Component Hard Drive Dirty Attribute.", + "id": 3742, + "key": null, + "keyName": "HARDWARE_COMPONENT_DRIVE_DIRTY_ATTRIBUTE_EDIT", + "modifyDate": null, + "name": "Hardware Component Hard Drive Dirty Attribute Edit" + }, + { + "createDate": null, + "departmentId": 5, + "description": "View Host IDS logs.", + "id": 1294, + "key": "SE_6", + "keyName": "HOST_ID_MANAGE", + "modifyDate": null, + "name": "Host IDS" + }, + { + "createDate": null, + "departmentId": 5, + "description": "View IPMI details regarding hardware and issue reboot commands through the portal.", + "id": 1277, + "key": "H_2", + "keyName": "REMOTE_MANAGEMENT", + "modifyDate": null, + "name": "IPMI Remote Management" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Allows users to manage configuration template.", + "id": 3748, + "key": null, + "keyName": "MANAGE_CONFIGURATION_TEMPLATE", + "modifyDate": null, + "name": "Manage Configuration Template" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Allows users to manage customer hardware.", + "id": 3746, + "key": null, + "keyName": "MANAGE_CUSTOMER_HARDWARE", + "modifyDate": null, + "name": "Manage Customer Hardware" + }, + { + "createDate": null, + "departmentId": 5, + "description": "View and edit monitoring information for devices.", + "id": 1278, + "key": "H_3", + "keyName": "MONITORING_MANAGE", + "modifyDate": null, + "name": "Manage Device Monitoring" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Manage Customer Post Provisioning Scripts.", + "id": 541, + "key": "SO_8", + "keyName": "CUSTOMER_POST_PROVISION_SCRIPT_MANAGEMENT", + "modifyDate": null, + "name": "Manage Provisioning Scripts" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Manage Public Image Templates.", + "id": 1323, + "key": "I_1", + "keyName": "PUBLIC_IMAGE_MANAGE", + "modifyDate": null, + "name": "Manage Public Images" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Issue OS reloads and Rescue Kernel for devices.", + "id": 1279, + "key": "H_4", + "keyName": "SERVER_RELOAD", + "modifyDate": null, + "name": "OS Reloads and Rescue Kernel" + }, + { + "createDate": null, + "departmentId": 5, + "description": "View storage details and edit storage passwords.", + "id": 1283, + "key": "NAS_2", + "keyName": "NAS_MANAGE", + "modifyDate": null, + "name": "Storage Manage" + }, + { + "createDate": null, + "departmentId": 5, + "description": "View hardware information such as IP addresses, OS type, passwords, etc. Can also update hardware passwords in the portal.", + "id": 163, + "key": "H_1", + "keyName": "HARDWARE_VIEW", + "modifyDate": null, + "name": "View Hardware Details" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Allows users to view location reservation.", + "id": 3750, + "key": null, + "keyName": "VIEW_LOCATION_RESERVATION", + "modifyDate": null, + "name": "View Location Reservation" + }, + { + "createDate": null, + "departmentId": 5, + "description": "View virtual dedicated host information. Can also migrate dedicated instances to a different virtual dedicated host.", + "id": 3684, + "key": "VH_1", + "keyName": "DEDICATED_HOST_VIEW", + "modifyDate": null, + "name": "View Virtual Dedicated Host Details" + }, + { + "createDate": null, + "departmentId": 5, + "description": "View virtual server information such as IP addresses, OS type, passwords, etc. Can also update virtual server passwords in the portal.", + "id": 1302, + "key": "VG_1", + "keyName": "VIRTUAL_GUEST_VIEW", + "modifyDate": null, + "name": "View Virtual Server Details" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Allows users to view and edit dedicated host.", + "id": 6278, + "key": null, + "keyName": "MANAGE_DEDICATED_HOST", + "modifyDate": null, + "name": "View and edit dedicated host" + }, + { + "createDate": null, + "departmentId": 5, + "description": "Allows users to view and edit virtual guest data.", + "id": 6280, + "key": null, + "keyName": "MANAGE_VIRTUAL_GUEST", + "modifyDate": null, + "name": "View and edit virtual guest" + } + ] + }, + { + "description": "Network", + "id": 6, + "keyName": "NETWORK", + "name": "Network", + "permissions": [ + { + "createDate": null, + "departmentId": 6, + "description": "When adding compute (Server or Cloud Instance), allow a Port Speed that includes access to the public network.", + "id": 3682, + "key": "NET_6", + "keyName": "PUBLIC_NETWORK_COMPUTE", + "modifyDate": null, + "name": "Add Compute with Public Network Port" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage content delivery network account.", + "id": 1298, + "key": "CDN_1", + "keyName": "CDN_ACCOUNT_MANAGE", + "modifyDate": null, + "name": "Manage CDN Account" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage content delivery network file transfers.", + "id": 1299, + "key": "CDN_2", + "keyName": "CDN_FILE_MANAGE", + "modifyDate": null, + "name": "Manage CDN File Transfers" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Add, edit, and view DNS records managed by SoftLayer.", + "id": 1275, + "key": "DNS_1", + "keyName": "DNS_MANAGE", + "modifyDate": null, + "name": "Manage DNS" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage all firewall rules.", + "id": 1322, + "key": "FW_1", + "keyName": "FIREWALL_RULE_MANAGE", + "modifyDate": null, + "name": "Manage Firewall Rules" + }, + { + "createDate": null, + "departmentId": 6, + "description": "View and edit firewall logs and settings.", + "id": 1290, + "key": "SE_2", + "keyName": "FIREWALL_MANAGE", + "modifyDate": null, + "name": "Manage Firewalls" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage IPSEC network tunnels.", + "id": 250, + "key": "NET_3", + "keyName": "NETWORK_TUNNEL_MANAGE", + "modifyDate": null, + "name": "Manage IPSEC Network Tunnels" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage load balancers.", + "id": 1289, + "key": "LBS_1", + "keyName": "LOADBALANCER_MANAGE", + "modifyDate": null, + "name": "Manage Load Balancers" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage network gateway appliances.", + "id": 1842, + "key": "GTW_1", + "keyName": "GATEWAY_MANAGE", + "modifyDate": null, + "name": "Manage Network Gateways" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage network IDs", + "id": 1293, + "key": "SE_5", + "keyName": "NETWORK_IDS_MANAGE", + "modifyDate": null, + "name": "Manage Network IDs" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage network subnet routes.", + "id": 1301, + "key": "NET_1", + "keyName": "NETWORK_ROUTE_MANAGE", + "modifyDate": null, + "name": "Manage Network Subnet Routes" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Enable and disable private network VLAN spanning.", + "id": 1297, + "key": "NET_2", + "keyName": "NETWORK_VLAN_SPANNING", + "modifyDate": null, + "name": "Manage Network VLAN Spanning" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage port status and speeds for connected devices.", + "id": 1285, + "key": "PO_1", + "keyName": "PORT_CONTROL", + "modifyDate": null, + "name": "Manage Port Control" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Permission to connect and disconnect account with the private endpoint service.", + "id": 5048, + "key": null, + "keyName": "MANAGE_PRIVATE_ENDPOINT_SERVICE", + "modifyDate": null, + "name": "Manage Private Endpoint Service" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Permission to Manage the Public Network", + "id": 3672, + "key": "MP_1", + "keyName": "MANAGE_PUBLIC_NETWORK", + "modifyDate": null, + "name": "Manage Public Network" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage security groups.", + "id": 3678, + "key": "NET_5", + "keyName": "MANAGE_SECURITY_GROUPS", + "modifyDate": null, + "name": "Manage Security Groups" + }, + { + "createDate": null, + "departmentId": 6, + "description": "Manage VPN access for all users.", + "id": 1316, + "key": "VPN_1", + "keyName": "VPN_MANAGE", + "modifyDate": null, + "name": "VPN Administration" + }, + { + "createDate": null, + "departmentId": 6, + "description": "View bandwidth statistics and graphs for hardware.", + "id": 1274, + "key": "B_1", + "keyName": "BANDWIDTH_MANAGE", + "modifyDate": null, + "name": "View Bandwidth Statistics" + }, + { + "createDate": null, + "departmentId": 6, + "description": "View content delivery network bandwidth statistics.", + "id": 1300, + "key": "CDN_3", + "keyName": "CDN_BANDWIDTH_VIEW", + "modifyDate": null, + "name": "View CDN Bandwidth Statistics" + } + ] + }, + { + "description": "Software", + "id": 7, + "keyName": "SOFTWARE", + "name": "Software", + "permissions": [ + { + "createDate": null, + "departmentId": 7, + "description": "View and edit antivirus / spyware logs and settings.", + "id": 1292, + "key": "SE_4", + "keyName": "ANTI_MALWARE_MANAGE", + "modifyDate": null, + "name": "Manage Antivirus/Spyware" + }, + { + "createDate": null, + "departmentId": 7, + "description": "Manage firewall software", + "id": 1291, + "key": "SE_3", + "keyName": "SOFTWARE_FIREWALL_MANAGE", + "modifyDate": null, + "name": "Manage Firewall Software" + }, + { + "createDate": null, + "departmentId": 7, + "description": "Permission to initiate and delete an openstack link.", + "id": 3514, + "key": null, + "keyName": "OPENSTACK_LINK", + "modifyDate": null, + "name": "Openstack Link" + }, + { + "createDate": null, + "departmentId": 7, + "description": "View Customer Software Password", + "id": 240, + "key": "SO_9", + "keyName": "VIEW_CUSTOMER_SOFTWARE_PASSWORD", + "modifyDate": null, + "name": "View Customer Software Password" + }, + { + "createDate": null, + "departmentId": 7, + "description": "View login information for Helm.", + "id": 1263, + "key": "SO_3", + "keyName": "VIEW_HELM", + "modifyDate": null, + "name": "View Helm" + }, + { + "createDate": null, + "departmentId": 7, + "description": "View login information for Plesk.", + "id": 1262, + "key": "SO_2", + "keyName": "VIEW_PLESK", + "modifyDate": null, + "name": "View Plesk" + }, + { + "createDate": null, + "departmentId": 7, + "description": "View login information for QuantaStor.", + "id": 1317, + "key": "SO_7", + "keyName": "VIEW_QUANTASTOR", + "modifyDate": null, + "name": "View QuantaStor" + }, + { + "createDate": null, + "departmentId": 7, + "description": "View login information for Urchin.", + "id": 1264, + "key": "SO_4", + "keyName": "VIEW_URCHIN", + "modifyDate": null, + "name": "View Urchin" + }, + { + "createDate": null, + "departmentId": 7, + "description": "Allows users to view and edit disk image data.", + "id": 6279, + "key": null, + "keyName": "MANAGE_DISK_IMAGE", + "modifyDate": null, + "name": "View and edit disk image" + }, + { + "createDate": null, + "departmentId": 7, + "description": "Allows users to view and edit image template.", + "id": 6277, + "key": null, + "keyName": "IMAGE_TEMPLATE_MANAGE", + "modifyDate": null, + "name": "View and edit manage image template" + }, + { + "createDate": null, + "departmentId": 7, + "description": "Allows users to view and edit software component.", + "id": 6276, + "key": null, + "keyName": "SOFTWARE_MANAGE", + "modifyDate": null, + "name": "View and edit software component" + }, + { + "createDate": null, + "departmentId": 7, + "description": "View login information for cPanel.", + "id": 1261, + "key": "SO_1", + "keyName": "VIEW_CPANEL", + "modifyDate": null, + "name": "View cPanel" + }, + { + "createDate": null, + "departmentId": 7, + "description": "View licenses", + "id": 1280, + "key": "H_5", + "keyName": "LICENSE_VIEW", + "modifyDate": null, + "name": "View licenses" + }, + { + "createDate": null, + "departmentId": 7, + "description": "Allows users to view software account license.", + "id": 6275, + "key": null, + "keyName": "SOFTWARE_LICENSE_MANAGE", + "modifyDate": null, + "name": "View software account license" + } + ] + } +] diff --git a/plugin/testhelpers/fake_user_manager.go b/plugin/testhelpers/fake_user_manager.go index 74ecabf6..25c07278 100644 --- a/plugin/testhelpers/fake_user_manager.go +++ b/plugin/testhelpers/fake_user_manager.go @@ -199,6 +199,18 @@ type FakeUserManager struct { result1 []datatypes.User_Customer_CustomerPermission_Permission result2 error } + GetAllPermissionDepartmentsStub func() ([]datatypes.User_Permission_Department, error) + getAllPermissionDepartmentsMutex sync.RWMutex + getAllPermissionDepartmentsArgsForCall []struct { + } + getAllPermissionDepartmentsReturns struct { + result1 []datatypes.User_Permission_Department + result2 error + } + getAllPermissionDepartmentsReturnsOnCall map[int]struct { + result1 []datatypes.User_Permission_Department + result2 error + } GetApiAuthenticationKeysStub func(int) ([]datatypes.User_Customer_ApiAuthentication, error) getApiAuthenticationKeysMutex sync.RWMutex getApiAuthenticationKeysArgsForCall []struct { @@ -1391,6 +1403,62 @@ func (fake *FakeUserManager) GetAllPermissionReturnsOnCall(i int, result1 []data }{result1, result2} } +func (fake *FakeUserManager) GetAllPermissionDepartments() ([]datatypes.User_Permission_Department, error) { + fake.getAllPermissionDepartmentsMutex.Lock() + ret, specificReturn := fake.getAllPermissionDepartmentsReturnsOnCall[len(fake.getAllPermissionDepartmentsArgsForCall)] + fake.getAllPermissionDepartmentsArgsForCall = append(fake.getAllPermissionDepartmentsArgsForCall, struct { + }{}) + stub := fake.GetAllPermissionDepartmentsStub + fakeReturns := fake.getAllPermissionDepartmentsReturns + fake.recordInvocation("GetAllPermissionDepartments", []interface{}{}) + fake.getAllPermissionDepartmentsMutex.Unlock() + if stub != nil { + return stub() + } + if specificReturn { + return ret.result1, ret.result2 + } + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeUserManager) GetAllPermissionDepartmentsCallCount() int { + fake.getAllPermissionDepartmentsMutex.RLock() + defer fake.getAllPermissionDepartmentsMutex.RUnlock() + return len(fake.getAllPermissionDepartmentsArgsForCall) +} + +func (fake *FakeUserManager) GetAllPermissionDepartmentsCalls(stub func() ([]datatypes.User_Permission_Department, error)) { + fake.getAllPermissionDepartmentsMutex.Lock() + defer fake.getAllPermissionDepartmentsMutex.Unlock() + fake.GetAllPermissionDepartmentsStub = stub +} + +func (fake *FakeUserManager) GetAllPermissionDepartmentsReturns(result1 []datatypes.User_Permission_Department, result2 error) { + fake.getAllPermissionDepartmentsMutex.Lock() + defer fake.getAllPermissionDepartmentsMutex.Unlock() + fake.GetAllPermissionDepartmentsStub = nil + fake.getAllPermissionDepartmentsReturns = struct { + result1 []datatypes.User_Permission_Department + result2 error + }{result1, result2} +} + +func (fake *FakeUserManager) GetAllPermissionDepartmentsReturnsOnCall(i int, result1 []datatypes.User_Permission_Department, result2 error) { + fake.getAllPermissionDepartmentsMutex.Lock() + defer fake.getAllPermissionDepartmentsMutex.Unlock() + fake.GetAllPermissionDepartmentsStub = nil + if fake.getAllPermissionDepartmentsReturnsOnCall == nil { + fake.getAllPermissionDepartmentsReturnsOnCall = make(map[int]struct { + result1 []datatypes.User_Permission_Department + result2 error + }) + } + fake.getAllPermissionDepartmentsReturnsOnCall[i] = struct { + result1 []datatypes.User_Permission_Department + result2 error + }{result1, result2} +} + func (fake *FakeUserManager) GetApiAuthenticationKeys(arg1 int) ([]datatypes.User_Customer_ApiAuthentication, error) { fake.getApiAuthenticationKeysMutex.Lock() ret, specificReturn := fake.getApiAuthenticationKeysReturnsOnCall[len(fake.getApiAuthenticationKeysArgsForCall)] @@ -2772,6 +2840,8 @@ func (fake *FakeUserManager) Invocations() map[string][][]interface{} { defer fake.getAllNotificationsMutex.RUnlock() fake.getAllPermissionMutex.RLock() defer fake.getAllPermissionMutex.RUnlock() + fake.getAllPermissionDepartmentsMutex.RLock() + defer fake.getAllPermissionDepartmentsMutex.RUnlock() fake.getApiAuthenticationKeysMutex.RLock() defer fake.getApiAuthenticationKeysMutex.RUnlock() fake.getCurrentUserMutex.RLock()