-
Notifications
You must be signed in to change notification settings - Fork 1
/
credential_controller.go
151 lines (119 loc) · 6.01 KB
/
credential_controller.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
package pracredential
import (
"fmt"
"net/http"
"strings"
"github.com/zscaler/zscaler-sdk-go/v2/zpa/services"
"github.com/zscaler/zscaler-sdk-go/v2/zpa/services/common"
)
const (
mgmtConfig = "/mgmtconfig/v1/admin/customers/"
credentialEndpoint = "/credential"
)
type Credential struct {
// The unique identifier of the privileged credential
ID string `json:"id,omitempty"`
//The name of the privileged credential.
Name string `json:"name,omitempty"`
// The description of the privileged credential.
Description string `json:"description,omitempty"`
// The time the privileged credential was last reset.
LastCredentialResetTime string `json:"lastCredentialResetTime,omitempty"`
// The protocol type that was designated for that particular privileged credential.
// The protocol type options are SSH, RDP, and VNC. Each protocol type has its own credential requirements.
CredentialType string `json:"credentialType,omitempty"`
// The password that is used to protect the SSH private key. This field is optional.
Passphrase string `json:"passphrase,omitempty"`
// The password associated with the username for the login you want to use for the privileged credential.
Password string `json:"password,omitempty"`
// The SSH private key associated with the username for the login you want to use for the privileged credential.
PrivateKey string `json:"privateKey,omitempty"`
// The domain name associated with the username.
// You can also include the domain name as part of the username.
// The domain name only needs to be specified with logging in to an RDP console that is connected to an Active Directory Domain.
UserDomain string `json:"userDomain,omitempty"`
// The username for the login you want to use for the privileged credential.
UserName string `json:"userName,omitempty"`
// The time the privileged credential is created.
CreationTime string `json:"creationTime,omitempty"`
// The unique identifier of the tenant who modified the privileged credential.
ModifiedBy string `json:"modifiedBy,omitempty"`
// The time the privileged credential is modified.
ModifiedTime string `json:"modifiedTime,omitempty"`
// The unique identifier of the Microtenant for the ZPA tenant.
// If you are within the Default Microtenant, pass microtenantId as 0 when making requests to retrieve data from the Default Microtenant.
// Pass microtenantId as null to retrieve data from all customers associated with the tenant.
MicroTenantID string `json:"microtenantId,omitempty"`
// The name of the Microtenant.
MicroTenantName string `json:"microtenantName,omitempty"`
// The unique identifier of the target Microtenant that the privileged credential is being moved to.
TargetMicrotenantId string `json:"targetMicrotenantId,omitempty"`
}
func Get(service *services.Service, credentialID string) (*Credential, *http.Response, error) {
v := new(Credential)
relativeURL := fmt.Sprintf("%s/%s", mgmtConfig+service.Client.Config.CustomerID+credentialEndpoint, credentialID)
resp, err := service.Client.NewRequestDo("GET", relativeURL, common.Filter{MicroTenantID: service.MicroTenantID()}, nil, v)
if err != nil {
return nil, nil, err
}
return v, resp, nil
}
func GetByName(service *services.Service, credentialName string) (*Credential, *http.Response, error) {
relativeURL := mgmtConfig + service.Client.Config.CustomerID + credentialEndpoint
list, resp, err := common.GetAllPagesGenericWithCustomFilters[Credential](service.Client, relativeURL, common.Filter{Search: credentialName, MicroTenantID: service.MicroTenantID()})
if err != nil {
return nil, nil, err
}
for _, cred := range list {
if strings.EqualFold(cred.Name, credentialName) {
return &cred, resp, nil
}
}
return nil, resp, fmt.Errorf("no credential controller named '%s' was found", credentialName)
}
func Create(service *services.Service, credential *Credential) (*Credential, *http.Response, error) {
v := new(Credential)
resp, err := service.Client.NewRequestDo("POST", mgmtConfig+service.Client.Config.CustomerID+credentialEndpoint, common.Filter{MicroTenantID: service.MicroTenantID()}, credential, &v)
if err != nil {
return nil, nil, err
}
return v, resp, nil
}
func Update(service *services.Service, credentialID string, credentialRequest *Credential) (*http.Response, error) {
relativeURL := fmt.Sprintf("%v/%v", mgmtConfig+service.Client.Config.CustomerID+credentialEndpoint, credentialID)
resp, err := service.Client.NewRequestDo("PUT", relativeURL, common.Filter{MicroTenantID: service.MicroTenantID()}, credentialRequest, nil)
if err != nil {
return nil, err
}
return resp, err
}
func Delete(service *services.Service, credentialID string) (*http.Response, error) {
relativeURL := fmt.Sprintf("%v/%v", mgmtConfig+service.Client.Config.CustomerID+credentialEndpoint, credentialID)
resp, err := service.Client.NewRequestDo("DELETE", relativeURL, common.Filter{MicroTenantID: service.MicroTenantID()}, nil, nil)
if err != nil {
return nil, err
}
return resp, err
}
func CredentialMove(service *services.Service, credentialID string, targetMicrotenantId string) (*http.Response, error) {
// Construct the URL using the credentialEndpoint const and append "/move"
relativeURL := fmt.Sprintf("%s%s%s/%s/move", mgmtConfig, service.Client.Config.CustomerID, credentialEndpoint, credentialID)
// Append the targetMicrotenantId as a query parameter
if targetMicrotenantId != "" {
relativeURL += "?targetMicrotenantId=" + targetMicrotenantId
}
// Make the POST request with an empty body since the API expects an empty body for this operation
resp, err := service.Client.NewRequestDo("POST", relativeURL, nil, nil, nil)
if err != nil {
return nil, err
}
return resp, nil
}
func GetAll(service *services.Service) ([]Credential, *http.Response, error) {
relativeURL := mgmtConfig + service.Client.Config.CustomerID + credentialEndpoint
list, resp, err := common.GetAllPagesGenericWithCustomFilters[Credential](service.Client, relativeURL, common.Filter{MicroTenantID: service.MicroTenantID()})
if err != nil {
return nil, nil, err
}
return list, resp, nil
}