-
Notifications
You must be signed in to change notification settings - Fork 1
/
praapproval.go
163 lines (135 loc) · 6.84 KB
/
praapproval.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
package praapproval
import (
"fmt"
"net/http"
"strings"
"github.com/zscaler/zscaler-sdk-go/v2/zpa/services"
"github.com/zscaler/zscaler-sdk-go/v2/zpa/services/common"
)
const (
mgmtConfig = "/mgmtconfig/v1/admin/customers/"
privilegedApprovalEndpoint = "/approval"
)
type PrivilegedApproval struct {
// The unique identifier of the privileged approval.
ID string `json:"id,omitempty"`
// The email address of the user that you are assigning the privileged approval to.
EmailIDs []string `json:"emailIds,omitempty"`
// The start date that the user has access to the privileged approval.
StartTime string `json:"startTime,omitempty"`
// StartTime time.Time `json:"startTime,omitempty"`
// EndTime time.Time `json:"endTime,omitempty"`
// The end date that the user no longer has access to the privileged approval.
EndTime string `json:"endTime,omitempty"`
// The status of the privileged approval. The supported values are:
// INVALID: The privileged approval is invalid.
// ACTIVE: The privileged approval is currently available for the user.
// FUTURE: The privileged approval is available for a user at a set time in the future.
// EXPIRED: The privileged approval is no longer available for the user.
Status string `json:"status,omitempty"`
// The time the privileged approval is created.
CreationTime string `json:"creationTime,omitempty"`
// The unique identifier of the tenant who modified the privileged approval.
ModifiedBy string `json:"modifiedBy,omitempty"`
// The time the privileged approval is modified.
ModifiedTime string `json:"modifiedTime,omitempty"`
// The unique identifier of the Microtenant for the ZPA tenant.
// If you are within the Default Microtenant, pass microtenantId as 0 when making requests to retrieve data from the Default Microtenant.
// Pass microtenantId as null to retrieve data from all customers associated with the tenant.
MicroTenantID string `json:"microtenantId,omitempty"`
// The name of the Microtenant.
MicroTenantName string `json:"microtenantName,omitempty"`
WorkingHours *WorkingHours `json:"workingHours"`
// The List of application segments
Applications []Applications `json:"applications"`
}
// The List of application segments
type Applications struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
}
type WorkingHours struct {
// The days of the week that you want to enable the privileged approval.
Days []string `json:"days,omitempty"`
// EndTime time.Time `json:"endTime,omitempty"`
// StartTime time.Time `json:"startTime,omitempty"`
// The start time that the user has access to the privileged approval.
StartTime string `json:"startTime,omitempty"`
// The end time that the user no longer has access to the privileged approval.
EndTime string `json:"endTime,omitempty"`
//The cron expression provided to configure the privileged approval start time working hours.
// The standard cron expression format is [Seconds][Minutes][Hours][Day of the Month][Month][Day of the Week][Year].
// For example, 0 15 10 ? * MON-FRI represents the start time working hours for 10:15 AM every Monday, Tuesday, Wednesday, Thursday and Friday.
StartTimeCron string `json:"startTimeCron,omitempty"`
// The cron expression provided to configure the privileged approval end time working hours.
// The standard cron expression format is [Seconds][Minutes][Hours][Day of the Month][Month][Day of the Week][Year].
// For example, 0 15 10 ? * MON-FRI represents the end time working hours for 10:15 AM every Monday, Tuesday, Wednesday, Thursday and Friday.
EndTimeCron string `json:"endTimeCron,omitempty"`
// The time zone for the time window of a privileged approval.
TimeZone string `json:"timeZone,omitempty"`
// TimeZone *time.Location `json:"timeZone,omitempty"`
}
func Get(service *services.Service, approvalID string) (*PrivilegedApproval, *http.Response, error) {
v := new(PrivilegedApproval)
relativeURL := fmt.Sprintf("%s/%s", mgmtConfig+service.Client.Config.CustomerID+privilegedApprovalEndpoint, approvalID)
resp, err := service.Client.NewRequestDo("GET", relativeURL, common.Filter{MicroTenantID: service.MicroTenantID()}, nil, v)
if err != nil {
return nil, nil, err
}
return v, resp, nil
}
func GetByEmailID(service *services.Service, emailID string) (*PrivilegedApproval, *http.Response, error) {
relativeURL := mgmtConfig + service.Client.Config.CustomerID + privilegedApprovalEndpoint
list, resp, err := common.GetAllPagesGenericWithCustomFilters[PrivilegedApproval](service.Client, relativeURL, common.Filter{MicroTenantID: service.MicroTenantID()})
if err != nil {
return nil, nil, err
}
for _, app := range list {
for _, appEmailID := range app.EmailIDs {
if strings.EqualFold(appEmailID, emailID) {
return &app, resp, nil
}
}
}
return nil, resp, fmt.Errorf("no privileged approval with emailID '%s' was found", emailID)
}
func Create(service *services.Service, privilegedApproval *PrivilegedApproval) (*PrivilegedApproval, *http.Response, error) {
v := new(PrivilegedApproval)
resp, err := service.Client.NewRequestDo("POST", mgmtConfig+service.Client.Config.CustomerID+privilegedApprovalEndpoint, common.Filter{MicroTenantID: service.MicroTenantID()}, privilegedApproval, &v)
if err != nil {
return nil, nil, err
}
return v, resp, nil
}
func Update(service *services.Service, approvalID string, privilegedApproval *PrivilegedApproval) (*http.Response, error) {
relativeURL := fmt.Sprintf("%v/%v", mgmtConfig+service.Client.Config.CustomerID+privilegedApprovalEndpoint, approvalID)
resp, err := service.Client.NewRequestDo("PUT", relativeURL, common.Filter{MicroTenantID: service.MicroTenantID()}, privilegedApproval, nil)
if err != nil {
return nil, err
}
return resp, err
}
func Delete(service *services.Service, approvalID string) (*http.Response, error) {
relativeURL := fmt.Sprintf("%v/%v", mgmtConfig+service.Client.Config.CustomerID+privilegedApprovalEndpoint, approvalID)
resp, err := service.Client.NewRequestDo("DELETE", relativeURL, common.Filter{MicroTenantID: service.MicroTenantID()}, nil, nil)
if err != nil {
return nil, err
}
return resp, err
}
func DeleteExpired(service *services.Service) (*http.Response, error) {
path := fmt.Sprintf("%s%s%s/expired", mgmtConfig, service.Client.Config.CustomerID, privilegedApprovalEndpoint)
resp, err := service.Client.NewRequestDo("DELETE", path, common.Filter{MicroTenantID: service.MicroTenantID()}, nil, nil)
if err != nil {
return nil, err
}
return resp, nil
}
func GetAll(service *services.Service) ([]PrivilegedApproval, *http.Response, error) {
relativeURL := mgmtConfig + service.Client.Config.CustomerID + privilegedApprovalEndpoint
list, resp, err := common.GetAllPagesGenericWithCustomFilters[PrivilegedApproval](service.Client, relativeURL, common.Filter{MicroTenantID: service.MicroTenantID()})
if err != nil {
return nil, nil, err
}
return list, resp, nil
}