forked from cloudfoundry/cli
-
Notifications
You must be signed in to change notification settings - Fork 0
/
security_group.go
218 lines (183 loc) · 6.81 KB
/
security_group.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
package ccv2
import (
"encoding/json"
"code.cloudfoundry.org/cli/api/cloudcontroller"
"code.cloudfoundry.org/cli/api/cloudcontroller/ccerror"
"code.cloudfoundry.org/cli/api/cloudcontroller/ccv2/internal"
)
// SecurityGroupLifecycle represents the lifecycle phase of a security group
// binding.
type SecurityGroupLifecycle string
const (
// SecurityGroupLifecycleRunning indicates the lifecycle phase running.
SecurityGroupLifecycleRunning SecurityGroupLifecycle = "running"
// SecurityGroupLifecycleStaging indicates the lifecycle phase staging.
SecurityGroupLifecycleStaging SecurityGroupLifecycle = "staging"
)
type SecurityGroupRule struct {
Description string
Destination string
Ports string
Protocol string
}
type SecurityGroup struct {
GUID string
Name string
Rules []SecurityGroupRule
RunningDefault bool
StagingDefault bool
}
// UnmarshalJSON helps unmarshal a Cloud Controller Security Group response
func (securityGroup *SecurityGroup) UnmarshalJSON(data []byte) error {
var ccSecurityGroup struct {
Metadata internal.Metadata `json:"metadata"`
Entity struct {
GUID string `json:"guid"`
Name string `json:"name"`
Rules []struct {
Description string `json:"description"`
Destination string `json:"destination"`
Ports string `json:"ports"`
Protocol string `json:"protocol"`
} `json:"rules"`
RunningDefault bool `json:"running_default"`
StagingDefault bool `json:"staging_default"`
} `json:"entity"`
}
if err := json.Unmarshal(data, &ccSecurityGroup); err != nil {
return err
}
securityGroup.GUID = ccSecurityGroup.Metadata.GUID
securityGroup.Name = ccSecurityGroup.Entity.Name
securityGroup.Rules = make([]SecurityGroupRule, len(ccSecurityGroup.Entity.Rules))
for i, ccRule := range ccSecurityGroup.Entity.Rules {
securityGroup.Rules[i].Description = ccRule.Description
securityGroup.Rules[i].Destination = ccRule.Destination
securityGroup.Rules[i].Ports = ccRule.Ports
securityGroup.Rules[i].Protocol = ccRule.Protocol
}
securityGroup.RunningDefault = ccSecurityGroup.Entity.RunningDefault
securityGroup.StagingDefault = ccSecurityGroup.Entity.StagingDefault
return nil
}
func (client *Client) AssociateSpaceWithRunningSecurityGroup(securityGroupGUID string, spaceGUID string) (Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.PutRunningSecurityGroupSpaceRequest,
URIParams: Params{
"security_group_guid": securityGroupGUID,
"space_guid": spaceGUID,
},
})
if err != nil {
return nil, err
}
response := cloudcontroller.Response{}
err = client.connection.Make(request, &response)
return response.Warnings, err
}
func (client *Client) AssociateSpaceWithStagingSecurityGroup(securityGroupGUID string, spaceGUID string) (Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.PutStagingSecurityGroupSpaceRequest,
URIParams: Params{
"security_group_guid": securityGroupGUID,
"space_guid": spaceGUID,
},
})
if err != nil {
return nil, err
}
response := cloudcontroller.Response{}
err = client.connection.Make(request, &response)
return response.Warnings, err
}
func (client *Client) GetSecurityGroups(queries []Query) ([]SecurityGroup, Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.GetSecurityGroupsRequest,
Query: FormatQueryParameters(queries),
})
if err != nil {
return nil, nil, err
}
var securityGroupsList []SecurityGroup
warnings, err := client.paginate(request, SecurityGroup{}, func(item interface{}) error {
if securityGroup, ok := item.(SecurityGroup); ok {
securityGroupsList = append(securityGroupsList, securityGroup)
} else {
return ccerror.UnknownObjectInListError{
Expected: SecurityGroup{},
Unexpected: item,
}
}
return nil
})
return securityGroupsList, warnings, err
}
// GetSpaceRunningSecurityGroupsBySpace returns the running Security Groups
// associated with the provided Space GUID.
func (client *Client) GetSpaceRunningSecurityGroupsBySpace(spaceGUID string, queries []Query) ([]SecurityGroup, Warnings, error) {
return client.getSpaceSecurityGroupsBySpaceAndLifecycle(spaceGUID, internal.GetSpaceRunningSecurityGroupsRequest, queries)
}
// GetSpaceStagingSecurityGroupsBySpace returns the staging Security Groups
// associated with the provided Space GUID.
func (client *Client) GetSpaceStagingSecurityGroupsBySpace(spaceGUID string, queries []Query) ([]SecurityGroup, Warnings, error) {
return client.getSpaceSecurityGroupsBySpaceAndLifecycle(spaceGUID, internal.GetSpaceStagingSecurityGroupsRequest, queries)
}
func (client *Client) getSpaceSecurityGroupsBySpaceAndLifecycle(spaceGUID string, lifecycle string, queries []Query) ([]SecurityGroup, Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: lifecycle,
URIParams: map[string]string{"space_guid": spaceGUID},
Query: FormatQueryParameters(queries),
})
if err != nil {
return nil, nil, err
}
var securityGroupsList []SecurityGroup
warnings, err := client.paginate(request, SecurityGroup{}, func(item interface{}) error {
if securityGroup, ok := item.(SecurityGroup); ok {
securityGroupsList = append(securityGroupsList, securityGroup)
} else {
return ccerror.UnknownObjectInListError{
Expected: SecurityGroup{},
Unexpected: item,
}
}
return err
})
return securityGroupsList, warnings, err
}
// RemoveSpaceRunningFromSecurityGroup disassociates a security group in the
// running phase fo the lifecycle, specified by its GUID, from a space, which
// is also specified by its GUID.
func (client *Client) RemoveSpaceFromRunningSecurityGroup(securityGroupGUID string, spaceGUID string) (Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.DeleteRunningSecurityGroupSpaceRequest,
URIParams: Params{
"security_group_guid": securityGroupGUID,
"space_guid": spaceGUID,
},
})
if err != nil {
return nil, err
}
response := cloudcontroller.Response{}
err = client.connection.Make(request, &response)
return response.Warnings, err
}
// RemoveSpaceStagingFromSecurityGroup disassociates a security group in the
// staging phase fo the lifecycle, specified by its GUID, from a space, which
// is also specified by its GUID.
func (client *Client) RemoveSpaceFromStagingSecurityGroup(securityGroupGUID string, spaceGUID string) (Warnings, error) {
request, err := client.newHTTPRequest(requestOptions{
RequestName: internal.DeleteStagingSecurityGroupSpaceRequest,
URIParams: Params{
"security_group_guid": securityGroupGUID,
"space_guid": spaceGUID,
},
})
if err != nil {
return nil, err
}
response := cloudcontroller.Response{}
err = client.connection.Make(request, &response)
return response.Warnings, err
}