forked from cloudfoundry/cli
-
Notifications
You must be signed in to change notification settings - Fork 0
/
security_group.go
213 lines (184 loc) · 7.03 KB
/
security_group.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
package ccv2
import (
"code.cloudfoundry.org/cli/api/cloudcontroller"
"code.cloudfoundry.org/cli/api/cloudcontroller/ccerror"
"code.cloudfoundry.org/cli/api/cloudcontroller/ccv2/internal"
)
// SecurityGroup represents a Cloud Controller Security Group.
type SecurityGroup struct {
// GUID is the unique Security Group identifier.
GUID string
// Name is the Security Group's name.
Name string
// Rules are the Security Group Rules associated with this Security Group.
Rules []SecurityGroupRule
// RunningDefault is true when this Security Group is applied to all running
// apps in the CF instance.
RunningDefault bool
// StagingDefault is true when this Security Group is applied to all staging
// apps in the CF instance.
StagingDefault bool
}
// UnmarshalJSON helps unmarshal a Cloud Controller Security Group response
func (securityGroup *SecurityGroup) UnmarshalJSON(data []byte) error {
var ccSecurityGroup struct {
Metadata internal.Metadata `json:"metadata"`
Entity struct {
GUID string `json:"guid"`
Name string `json:"name"`
Rules []struct {
Description string `json:"description"`
Destination string `json:"destination"`
Ports string `json:"ports"`
Protocol string `json:"protocol"`
} `json:"rules"`
RunningDefault bool `json:"running_default"`
StagingDefault bool `json:"staging_default"`
} `json:"entity"`
}
err := cloudcontroller.DecodeJSON(data, &ccSecurityGroup)
if err != nil {
return err
}
securityGroup.GUID = ccSecurityGroup.Metadata.GUID
securityGroup.Name = ccSecurityGroup.Entity.Name
securityGroup.Rules = make([]SecurityGroupRule, len(ccSecurityGroup.Entity.Rules))
for i, ccRule := range ccSecurityGroup.Entity.Rules {
securityGroup.Rules[i].Description = ccRule.Description
securityGroup.Rules[i].Destination = ccRule.Destination
securityGroup.Rules[i].Ports = ccRule.Ports
securityGroup.Rules[i].Protocol = ccRule.Protocol
}
securityGroup.RunningDefault = ccSecurityGroup.Entity.RunningDefault
securityGroup.StagingDefault = ccSecurityGroup.Entity.StagingDefault
return nil
}
// DeleteSecurityGroupSpace disassociates a security group in the running phase
// for the lifecycle, specified by its GUID, from a space, which is also
// specified by its GUID.
func (client *Client) DeleteSecurityGroupSpace(securityGroupGUID string, spaceGUID string) (Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.DeleteSecurityGroupSpaceRequest,
URIParams: Params{
"security_group_guid": securityGroupGUID,
"space_guid": spaceGUID,
},
})
if err != nil {
return nil, err
}
response := cloudcontroller.Response{}
err = client.connection.Make(request, &response)
return response.Warnings, err
}
// DeleteSecurityGroupStagingSpace disassociates a security group in the
// staging phase fo the lifecycle, specified by its GUID, from a space, which
// is also specified by its GUID.
func (client *Client) DeleteSecurityGroupStagingSpace(securityGroupGUID string, spaceGUID string) (Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.DeleteSecurityGroupStagingSpaceRequest,
URIParams: Params{
"security_group_guid": securityGroupGUID,
"space_guid": spaceGUID,
},
})
if err != nil {
return nil, err
}
response := cloudcontroller.Response{}
err = client.connection.Make(request, &response)
return response.Warnings, err
}
// GetSecurityGroups returns a list of Security Groups based off the provided
// filters.
func (client *Client) GetSecurityGroups(filters ...Filter) ([]SecurityGroup, Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.GetSecurityGroupsRequest,
Query: ConvertFilterParameters(filters),
})
if err != nil {
return nil, nil, err
}
var securityGroupsList []SecurityGroup
warnings, err := client.paginate(request, SecurityGroup{}, func(item interface{}) error {
if securityGroup, ok := item.(SecurityGroup); ok {
securityGroupsList = append(securityGroupsList, securityGroup)
} else {
return ccerror.UnknownObjectInListError{
Expected: SecurityGroup{},
Unexpected: item,
}
}
return nil
})
return securityGroupsList, warnings, err
}
// GetSpaceSecurityGroups returns the running Security Groups associated with
// the provided Space GUID.
func (client *Client) GetSpaceSecurityGroups(spaceGUID string, filters ...Filter) ([]SecurityGroup, Warnings, error) {
return client.getSpaceSecurityGroupsBySpaceAndLifecycle(spaceGUID, internal.GetSpaceSecurityGroupsRequest, filters)
}
// GetSpaceStagingSecurityGroups returns the staging Security Groups
// associated with the provided Space GUID.
func (client *Client) GetSpaceStagingSecurityGroups(spaceGUID string, filters ...Filter) ([]SecurityGroup, Warnings, error) {
return client.getSpaceSecurityGroupsBySpaceAndLifecycle(spaceGUID, internal.GetSpaceStagingSecurityGroupsRequest, filters)
}
// UpdateSecurityGroupSpace associates a security group in the running phase
// for the lifecycle, specified by its GUID, from a space, which is also
// specified by its GUID.
func (client *Client) UpdateSecurityGroupSpace(securityGroupGUID string, spaceGUID string) (Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.PutSecurityGroupSpaceRequest,
URIParams: Params{
"security_group_guid": securityGroupGUID,
"space_guid": spaceGUID,
},
})
if err != nil {
return nil, err
}
response := cloudcontroller.Response{}
err = client.connection.Make(request, &response)
return response.Warnings, err
}
// UpdateSecurityGroupStagingSpace associates a security group in the staging
// phase for the lifecycle, specified by its GUID, from a space, which is also
// specified by its GUID.
func (client *Client) UpdateSecurityGroupStagingSpace(securityGroupGUID string, spaceGUID string) (Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.PutSecurityGroupStagingSpaceRequest,
URIParams: Params{
"security_group_guid": securityGroupGUID,
"space_guid": spaceGUID,
},
})
if err != nil {
return nil, err
}
response := cloudcontroller.Response{}
err = client.connection.Make(request, &response)
return response.Warnings, err
}
func (client *Client) getSpaceSecurityGroupsBySpaceAndLifecycle(spaceGUID string, lifecycle string, filters []Filter) ([]SecurityGroup, Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: lifecycle,
URIParams: map[string]string{"space_guid": spaceGUID},
Query: ConvertFilterParameters(filters),
})
if err != nil {
return nil, nil, err
}
var securityGroupsList []SecurityGroup
warnings, err := client.paginate(request, SecurityGroup{}, func(item interface{}) error {
if securityGroup, ok := item.(SecurityGroup); ok {
securityGroupsList = append(securityGroupsList, securityGroup)
} else {
return ccerror.UnknownObjectInListError{
Expected: SecurityGroup{},
Unexpected: item,
}
}
return err
})
return securityGroupsList, warnings, err
}