/
set_org_role_command.go
95 lines (80 loc) · 3.04 KB
/
set_org_role_command.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
package v7
import (
"code.cloudfoundry.org/cli/api/cloudcontroller/ccerror"
"code.cloudfoundry.org/cli/api/cloudcontroller/ccv3/constant"
"code.cloudfoundry.org/cli/cf/errors"
"code.cloudfoundry.org/cli/command/flag"
"code.cloudfoundry.org/cli/command/translatableerror"
)
type SetOrgRoleCommand struct {
BaseCommand
Args flag.OrgRoleArgs `positional-args:"yes"`
IsClient bool `long:"client" description:"Assign an org role to a client-id of a (non-user) service account"`
Origin string `long:"origin" description:"Indicates the identity provider to be used for authentication"`
usage interface{} `usage:"CF_NAME set-org-role USERNAME ORG ROLE\n CF_NAME set-org-role USERNAME ORG ROLE [--client]\n CF_NAME set-org-role USERNAME ORG ROLE [--origin ORIGIN]\n\nROLES:\n OrgManager - Invite and manage users, select and change plans, and set spending limits\n BillingManager - Create and manage the billing account and payment info\n OrgAuditor - Read-only access to org info and reports"`
relatedCommands interface{} `related_commands:"org-users, set-space-role"`
}
func (cmd *SetOrgRoleCommand) Execute(args []string) error {
err := cmd.validateFlags()
if err != nil {
return err
}
err = cmd.SharedActor.CheckTarget(false, false)
if err != nil {
return err
}
currentUser, err := cmd.Config.CurrentUser()
if err != nil {
return err
}
cmd.UI.DisplayTextWithFlavor("Assigning role {{.RoleType}} to user {{.TargetUserName}} in org {{.OrgName}} as {{.CurrentUserName}}...", map[string]interface{}{
"RoleType": cmd.Args.Role.Role,
"TargetUserName": cmd.Args.Username,
"OrgName": cmd.Args.Organization,
"CurrentUserName": currentUser.Name,
})
roleType, err := convertRoleType(cmd.Args.Role)
if err != nil {
return err
}
org, warnings, err := cmd.Actor.GetOrganizationByName(cmd.Args.Organization)
cmd.UI.DisplayWarnings(warnings)
if err != nil {
return err
}
warnings, err = cmd.Actor.CreateOrgRole(roleType, org.GUID, cmd.Args.Username, cmd.Origin, cmd.IsClient)
cmd.UI.DisplayWarnings(warnings)
if err != nil {
if _, ok := err.(ccerror.RoleAlreadyExistsError); ok {
cmd.UI.DisplayWarning("User '{{.TargetUserName}}' already has role '{{.RoleType}}' in org '{{.OrgName}}'.", map[string]interface{}{
"RoleType": cmd.Args.Role.Role,
"TargetUserName": cmd.Args.Username,
"OrgName": cmd.Args.Organization,
})
} else {
return err
}
}
cmd.UI.DisplayOK()
return nil
}
func (cmd SetOrgRoleCommand) validateFlags() error {
if cmd.IsClient && cmd.Origin != "" {
return translatableerror.ArgumentCombinationError{
Args: []string{"--client", "--origin"},
}
}
return nil
}
func convertRoleType(givenRole flag.OrgRole) (constant.RoleType, error) {
switch givenRole.Role {
case "OrgAuditor":
return constant.OrgAuditorRole, nil
case "OrgManager":
return constant.OrgManagerRole, nil
case "BillingManager":
return constant.OrgBillingManagerRole, nil
default:
return "", errors.New("Invalid role type.")
}
}