// Copyright 2023 Yunion // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package ksyun import ( "time" api "yunion.io/x/cloudmux/pkg/apis/cloudid" "yunion.io/x/cloudmux/pkg/cloudprovider" "yunion.io/x/cloudmux/pkg/multicloud" "yunion.io/x/pkg/errors" ) type SUser struct { multicloud.SBaseClouduser client *SKsyunClient UserId string Path string UserName string RealName string CreateDate time.Time Phone string CountryMobileCode string Email string PhoneVerified string EmailVerified string Remark string Krn string PasswordResetRequired bool EnableMFA int UpdateDate time.Time } func (user *SUser) GetGlobalId() string { return user.UserName } func (user *SUser) GetName() string { return user.UserName } func (user *SUser) GetEmailAddr() string { return user.Email } func (user *SUser) GetInviteUrl() string { return "" } func (user *SUser) Delete() error { return user.client.DeleteUser(user.UserName) } func (user *SUser) GetICloudgroups() ([]cloudprovider.ICloudgroup, error) { groups, err := user.client.ListGroupsForUser(user.UserName) if err != nil { return nil, err } ret := []cloudprovider.ICloudgroup{} for i := range groups { groups[i].client = user.client ret = append(ret, &groups[i]) } return ret, nil } func (user *SUser) GetICloudpolicies() ([]cloudprovider.ICloudpolicy, error) { policies, err := user.client.ListAttachedUserPolicies(user.UserName) if err != nil { return nil, err } ret := []cloudprovider.ICloudpolicy{} for i := range policies { policies[i].client = user.client ret = append(ret, &policies[i]) } return ret, nil } func (user *SUser) IsConsoleLogin() bool { profile, err := user.client.GetLoginProfile(user.UserName) if err != nil { return false } return profile.ConsoleLogin } func (user *SUser) ResetPassword(password string) error { return user.client.UpdateLoginProfile(user.UserName, password) } func (client *SKsyunClient) UpdateLoginProfile(name, password string) error { params := map[string]interface{}{ "UserName": name, "Password": password, "ViewAllProject": "true", } _, err := client.iamRequest("", "UpdateLoginProfile", params) return err } type LoginProfile struct { PasswordResetRequired bool ConsoleLogin bool LastLoginDate time.Time } func (client *SKsyunClient) GetLoginProfile(name string) (*LoginProfile, error) { params := map[string]interface{}{ "UserName": name, } resp, err := client.iamRequest("", "GetLoginProfile", params) if err != nil { return nil, err } ret := &LoginProfile{} err = resp.Unmarshal(ret, "LoginProfile") if err != nil { return nil, err } return ret, nil } func (user *SUser) AttachPolicy(policyName string, policyType api.TPolicyType) error { return user.client.AttachUserPolicy(user.UserName, policyName) } func (user *SUser) DetachPolicy(policyName string, policyType api.TPolicyType) error { return user.client.DetachUserPolicy(user.UserName, policyName) } func (client *SKsyunClient) GetUsers() ([]SUser, error) { params := map[string]interface{}{ "MaxItems": "100", } ret := []SUser{} for { resp, err := client.iamRequest("", "ListUsers", params) if err != nil { return nil, err } part := struct { Users struct { Member []SUser } Marker string }{} err = resp.Unmarshal(&part) if err != nil { return nil, err } ret = append(ret, part.Users.Member...) if len(part.Users.Member) == 0 || len(part.Marker) == 0 { break } params["Marker"] = part.Marker } return ret, nil } func (client *SKsyunClient) DeleteUser(name string) error { params := map[string]interface{}{ "UserName": name, } _, err := client.iamRequest("", "DeleteUser", params) return err } func (client *SKsyunClient) GetICloudusers() ([]cloudprovider.IClouduser, error) { users, err := client.GetUsers() if err != nil { return nil, err } ret := []cloudprovider.IClouduser{} for i := range users { users[i].client = client ret = append(ret, &users[i]) } return ret, nil } func (client *SKsyunClient) CreateIClouduser(opts *cloudprovider.SClouduserCreateConfig) (cloudprovider.IClouduser, error) { user, err := client.CreateUser(opts) if err != nil { return nil, err } return user, nil } func (client *SKsyunClient) CreateUser(opts *cloudprovider.SClouduserCreateConfig) (*SUser, error) { params := map[string]interface{}{ "UserName": opts.Name, "Remark": opts.Desc, "Email": opts.Email, "Phone": opts.MobilePhone, "Password": opts.Password, } resp, err := client.iamRequest("", "CreateUser", params) if err != nil { return nil, err } ret := &SUser{client: client} err = resp.Unmarshal(ret, "User") if err != nil { return nil, err } return ret, nil } func (client *SKsyunClient) ListGroupsForUser(name string) ([]SGroup, error) { params := map[string]interface{}{ "UserName": name, "MaxItems": "100", } ret := []SGroup{} for { resp, err := client.iamRequest("", "ListGroupsForUser", params) if err != nil { return nil, err } part := struct { Groups struct { Memeber []SGroup } Marker string }{} err = resp.Unmarshal(&part) if err != nil { return nil, err } ret = append(ret, part.Groups.Memeber...) if len(part.Marker) == 0 || len(part.Groups.Memeber) == 0 { break } params["Marker"] = part.Marker } return ret, nil } func (client *SKsyunClient) ListAttachedUserPolicies(name string) ([]SPolicy, error) { params := map[string]interface{}{ "UserName": name, "MaxItems": "100", } ret := []SPolicy{} for { resp, err := client.iamRequest("", "ListAttachedUserPolicies", params) if err != nil { return nil, err } part := struct { AttachedPolicies struct { Member []SPolicy } Marker string }{} err = resp.Unmarshal(&part) if err != nil { return nil, errors.Wrapf(err, "Unmarshal") } ret = append(ret, part.AttachedPolicies.Member...) if len(part.Marker) == 0 || len(part.AttachedPolicies.Member) == 0 { break } params["Marker"] = part.Marker } return ret, nil } func (client *SKsyunClient) AttachUserPolicy(name, policy string) error { params := map[string]interface{}{ "UserName": name, "PolicyKrn": policy, } _, err := client.iamRequest("", "AttachUserPolicy", params) return err } func (client *SKsyunClient) DetachUserPolicy(name, policy string) error { params := map[string]interface{}{ "UserName": name, "PolicyKrn": policy, } _, err := client.iamRequest("", "DetachUserPolicy", params) return err } func (client *SKsyunClient) GetIClouduserByName(name string) (cloudprovider.IClouduser, error) { user, err := client.GetUser(name) if err != nil { return nil, err } return user, nil } func (client *SKsyunClient) GetUser(name string) (*SUser, error) { params := map[string]interface{}{ "UserName": name, } resp, err := client.iamRequest("", "GetUser", params) if err != nil { return nil, err } ret := &SUser{client: client} err = resp.Unmarshal(ret, "User") if err != nil { return nil, err } return ret, nil }