forked from hashicorp/go-tfe
-
Notifications
You must be signed in to change notification settings - Fork 0
/
admin_organization.go
255 lines (206 loc) · 8.67 KB
/
admin_organization.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
package tfe
import (
"context"
"fmt"
"net/url"
)
// Compile-time proof of interface implementation.
var _ AdminOrganizations = (*adminOrganizations)(nil)
// AdminOrganizations describes all of the admin organization related methods that the Terraform
// Enterprise API supports. Note that admin settings are only available in Terraform Enterprise.
//
// TFE API docs: https://www.terraform.io/docs/cloud/api/admin/organizations.html
type AdminOrganizations interface {
// List all the organizations visible to the current user.
List(ctx context.Context, options *AdminOrganizationListOptions) (*AdminOrganizationList, error)
// Read attributes of an existing organization via admin API.
Read(ctx context.Context, organization string) (*AdminOrganization, error)
// Update attributes of an existing organization via admin API.
Update(ctx context.Context, organization string, options AdminOrganizationUpdateOptions) (*AdminOrganization, error)
// Delete an organization by its name via admin API
Delete(ctx context.Context, organization string) error
// ListModuleConsumers lists specific organizations in the Terraform Enterprise installation that have permission to use an organization's modules.
ListModuleConsumers(ctx context.Context, organization string, options *AdminOrganizationListModuleConsumersOptions) (*AdminOrganizationList, error)
// UpdateModuleConsumers specifies a list of organizations that can use modules from the sharing organization's private registry. Setting a list of module consumers will turn off global module sharing for an organization.
UpdateModuleConsumers(ctx context.Context, organization string, consumerOrganizations []string) error
}
// adminOrganizations implements AdminOrganizations.
type adminOrganizations struct {
client *Client
}
// AdminOrganization represents a Terraform Enterprise organization returned from the Admin API.
type AdminOrganization struct {
Name string `jsonapi:"primary,organizations"`
AccessBetaTools bool `jsonapi:"attr,access-beta-tools"`
ExternalID string `jsonapi:"attr,external-id"`
GlobalModuleSharing *bool `jsonapi:"attr,global-module-sharing"`
IsDisabled bool `jsonapi:"attr,is-disabled"`
NotificationEmail string `jsonapi:"attr,notification-email"`
SsoEnabled bool `jsonapi:"attr,sso-enabled"`
TerraformBuildWorkerApplyTimeout string `jsonapi:"attr,terraform-build-worker-apply-timeout"`
TerraformBuildWorkerPlanTimeout string `jsonapi:"attr,terraform-build-worker-plan-timeout"`
TerraformWorkerSudoEnabled bool `jsonapi:"attr,terraform-worker-sudo-enabled"`
WorkspaceLimit *int `jsonapi:"attr,workspace-limit"`
// Relations
Owners []*User `jsonapi:"relation,owners"`
}
// AdminOrganizationUpdateOptions represents the admin options for updating an organization.
// https://www.terraform.io/docs/cloud/api/admin/organizations.html#request-body
type AdminOrganizationUpdateOptions struct {
AccessBetaTools *bool `jsonapi:"attr,access-beta-tools,omitempty"`
GlobalModuleSharing *bool `jsonapi:"attr,global-module-sharing,omitempty"`
IsDisabled *bool `jsonapi:"attr,is-disabled,omitempty"`
TerraformBuildWorkerApplyTimeout *string `jsonapi:"attr,terraform-build-worker-apply-timeout,omitempty"`
TerraformBuildWorkerPlanTimeout *string `jsonapi:"attr,terraform-build-worker-plan-timeout,omitempty"`
TerraformWorkerSudoEnabled bool `jsonapi:"attr,terraform-worker-sudo-enabled,omitempty"`
WorkspaceLimit *int `jsonapi:"attr,workspace-limit,omitempty"`
}
// AdminOrganizationList represents a list of organizations via Admin API.
type AdminOrganizationList struct {
*Pagination
Items []*AdminOrganization
}
// AdminOrgIncludeOpt represents the available options for include query params.
// https://www.terraform.io/docs/cloud/api/admin/organizations.html#available-related-resources
type AdminOrgIncludeOpt string
const AdminOrgOwners AdminOrgIncludeOpt = "owners"
// AdminOrganizationListOptions represents the options for listing organizations via Admin API.
type AdminOrganizationListOptions struct {
ListOptions
// Optional: A query string used to filter organizations.
// Any organizations with a name or notification email partially matching this value will be returned.
Query string `url:"q,omitempty"`
// Optional: A list of relations to include. See available resources
// https://www.terraform.io/docs/cloud/api/admin/organizations.html#available-related-resources
Include []AdminOrgIncludeOpt `url:"include,omitempty"`
}
// AdminOrganizationListModuleConsumersOptions represents the options for listing organization module consumers through the Admin API
type AdminOrganizationListModuleConsumersOptions struct {
ListOptions
}
type AdminOrganizationID struct {
ID string `jsonapi:"primary,organizations"`
}
// List all the organizations visible to the current user.
func (s *adminOrganizations) List(ctx context.Context, options *AdminOrganizationListOptions) (*AdminOrganizationList, error) {
if err := options.valid(); err != nil {
return nil, err
}
u := "admin/organizations"
req, err := s.client.NewRequest("GET", u, options)
if err != nil {
return nil, err
}
orgl := &AdminOrganizationList{}
err = req.Do(ctx, orgl)
if err != nil {
return nil, err
}
return orgl, nil
}
// ListModuleConsumers lists specific organizations in the Terraform Enterprise installation that have permission to use an organization's modules.
func (s *adminOrganizations) ListModuleConsumers(ctx context.Context, organization string, options *AdminOrganizationListModuleConsumersOptions) (*AdminOrganizationList, error) {
if !validStringID(&organization) {
return nil, ErrInvalidOrg
}
u := fmt.Sprintf("admin/organizations/%s/relationships/module-consumers", url.QueryEscape(organization))
req, err := s.client.NewRequest("GET", u, nil)
if err != nil {
return nil, err
}
orgl := &AdminOrganizationList{}
err = req.Do(ctx, orgl)
if err != nil {
return nil, err
}
return orgl, nil
}
// Read an organization by its name.
func (s *adminOrganizations) Read(ctx context.Context, organization string) (*AdminOrganization, error) {
if !validStringID(&organization) {
return nil, ErrInvalidOrg
}
u := fmt.Sprintf("admin/organizations/%s", url.QueryEscape(organization))
req, err := s.client.NewRequest("GET", u, nil)
if err != nil {
return nil, err
}
org := &AdminOrganization{}
err = req.Do(ctx, org)
if err != nil {
return nil, err
}
return org, nil
}
// Update an organization by its name.
func (s *adminOrganizations) Update(ctx context.Context, organization string, options AdminOrganizationUpdateOptions) (*AdminOrganization, error) {
if !validStringID(&organization) {
return nil, ErrInvalidOrg
}
u := fmt.Sprintf("admin/organizations/%s", url.QueryEscape(organization))
req, err := s.client.NewRequest("PATCH", u, &options)
if err != nil {
return nil, err
}
org := &AdminOrganization{}
err = req.Do(ctx, org)
if err != nil {
return nil, err
}
return org, nil
}
// UpdateModuleConsumers updates an organization to specify a list of organizations that can use modules from the sharing organization's private registry.
func (s *adminOrganizations) UpdateModuleConsumers(ctx context.Context, organization string, consumerOrganizationIDs []string) error {
if !validStringID(&organization) {
return ErrInvalidOrg
}
u := fmt.Sprintf("admin/organizations/%s/relationships/module-consumers", url.QueryEscape(organization))
var organizations []*AdminOrganizationID
for _, id := range consumerOrganizationIDs {
if !validStringID(&id) {
return ErrInvalidOrg
}
organizations = append(organizations, &AdminOrganizationID{ID: id})
}
req, err := s.client.NewRequest("PATCH", u, organizations)
if err != nil {
return err
}
err = req.Do(ctx, nil)
if err != nil {
return err
}
return nil
}
// Delete an organization by its name.
func (s *adminOrganizations) Delete(ctx context.Context, organization string) error {
if !validStringID(&organization) {
return ErrInvalidOrg
}
u := fmt.Sprintf("admin/organizations/%s", url.QueryEscape(organization))
req, err := s.client.NewRequest("DELETE", u, nil)
if err != nil {
return err
}
return req.Do(ctx, nil)
}
func (o *AdminOrganizationListOptions) valid() error {
if o == nil {
return nil // nothing to validate
}
if err := validateAdminOrgIncludeParams(o.Include); err != nil {
return err
}
return nil
}
func validateAdminOrgIncludeParams(params []AdminOrgIncludeOpt) error {
for _, p := range params {
switch p {
case AdminOrgOwners:
// do nothing
default:
return ErrInvalidIncludeValue
}
}
return nil
}