/
client.go
129 lines (117 loc) · 2.87 KB
/
client.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
package main
import (
"context"
"github.com/gogo/protobuf/types"
"github.com/gunsluo/go-example/attribute/acpb"
"github.com/gunsluo/go-example/attribute/group"
"github.com/sirupsen/logrus"
"google.golang.org/grpc"
)
func main() {
conn, err := grpc.Dial("127.0.0.1:19000", grpc.WithInsecure())
if err != nil {
panic(err)
}
acClient := acpb.NewAccessControlClient(conn)
{
/*
value := &acpb.StringAttributeValue{Value: "chengdu"}
any, err := types.MarshalAny(value)
if err != nil {
panic(err)
}
*/
cs := group.Conditions{
&group.Condition{
Name: "region",
Type: "StringEqualCondition",
Options: &group.ConditionOption{
Attributes: []*group.Attribute{
&group.Attribute{
Name: "equals",
Required: true,
Type: "string",
Value: "chengdu",
},
},
},
},
}
conditions, err := group.ConvertPrettyConditions(cs)
if err != nil {
panic(err)
}
_, err = acClient.UpsertPredefinedPolicies(context.Background(),
&acpb.UpsertPredefinedPoliciesRequest{
Policies: []*acpb.PredefinedPolicy{
&acpb.PredefinedPolicy{
Name: "test:pp",
Description: "this is a test pp",
Resources: []string{"r1", "r2"},
Actions: []string{"a1", "a2"},
Conditions: conditions,
/*
Conditions: []*acpb.Condition{
&acpb.Condition{
Name: "region",
Type: "StringEqualCondition",
Options: &acpb.ConditionOption{
Attributes: []*acpb.Attribute{
&acpb.Attribute{
Name: "equals",
Required: true,
Value: &acpb.AttributeValue{
Type: acpb.ATTRIBUTE_TYPE_STRING,
Value: any,
},
},
},
},
},
},
*/
},
},
})
if err != nil {
logrus.WithError(err).Fatal("unable to upsert pp")
}
logrus.Info("upsert pp: ok")
}
{
value := &acpb.StringAttributeValue{Value: "beijing"}
any, err := types.MarshalAny(value)
if err != nil {
panic(err)
}
_, err = acClient.UpsertPoliciesUsingDTO(context.Background(),
&acpb.UpsertPoliciesUsingDTORequest{
Dtos: []*acpb.PolicyDTO{
&acpb.PolicyDTO{
Id: "test:p:beijing",
Description: "this is test policy",
PpName: "test:pp",
Effect: "allow",
Subjects: []string{"ji"},
AttributeValues: map[string]*acpb.PolicyDTO_Attributes{
"region": &acpb.PolicyDTO_Attributes{
Values: map[string]*acpb.AttributeValue{
"equals": &acpb.AttributeValue{
Type: acpb.ATTRIBUTE_TYPE_STRING,
Value: any,
},
},
},
},
//Conditions: "",
//Meta: "",
},
},
})
if err != nil {
logrus.WithError(err).Fatal("unable to upsert pp")
}
logrus.Info("upsert p use dto: ok")
}
conn.Close()
}