add project policy api

aliyun · Oct 24, 2022 · f4b0897 · f4b0897
1 parent e3cd89c
commit f4b0897
Show file tree

Hide file tree

Showing 4 changed files with 168 additions and 0 deletions.
diff --git a/client_interface.go b/client_interface.go
@@ -321,4 +321,11 @@ type ClientInterface interface {
 	ListExport(project, logstore, name, displayName string, offset, size int) (exports []*Export, total, count int, error error)
 	DeleteExport(project string, name string) error
 	RestartExport(project string, export *Export) error
+
+	// UpdateProjectPolicy updates project's policy.
+	UpdateProjectPolicy(project string, policy string) error
+	// DeleteProjectPolicy deletes project's policy.
+	DeleteProjectPolicy(project string) error
+	// GetProjectPolicy return project's policy.
+	GetProjectPolicy(project string) (string, error)
 }
diff --git a/client_project_policy.go b/client_project_policy.go
@@ -0,0 +1,51 @@
+package sls
+
+import (
+	"fmt"
+	"io/ioutil"
+)
+
+func (c *Client) GetProjectPolicy(project string) (policy string, err error) {
+	h := map[string]string{
+		"x-log-bodyrawsize": "0",
+		"Content-Type":      "application/json",
+	}
+	uri := "/policy"
+	r, err := c.request(project, "GET", uri, h, nil)
+	if err != nil {
+		return "", err
+	}
+	defer r.Body.Close()
+	buf, _ := ioutil.ReadAll(r.Body)
+	policy = string(buf)
+	return policy, nil
+}
+
+func (c *Client) UpdateProjectPolicy(project string, policy string) error {
+	body := []byte(policy)
+	h := map[string]string{
+		"x-log-bodyrawsize": fmt.Sprintf("%v", len(body)),
+		"Content-Type":      "application/json",
+	}
+	uri := "/policy"
+	r, err := c.request(project, "POST", uri, h, body)
+	if err != nil {
+		return err
+	}
+	r.Body.Close()
+	return nil
+}
+
+func (c *Client) DeleteProjectPolicy(project string) error {
+	h := map[string]string{
+		"x-log-bodyrawsize": "0",
+		"Content-Type":      "application/json",
+	}
+	uri := "/policy"
+	r, err := c.request(project, "DELETE", uri, h, nil)
+	if err != nil {
+		return err
+	}
+	r.Body.Close()
+	return nil
+}
diff --git a/client_project_policy_test.go b/client_project_policy_test.go
@@ -0,0 +1,80 @@
+package sls
+
+import (
+	"os"
+	"testing"
+
+	"github.com/stretchr/testify/suite"
+)
+
+func TestProjectPolicy(t *testing.T) {
+	suite.Run(t, new(ProjectPolicyTestSuite))
+}
+
+type ProjectPolicyTestSuite struct {
+	suite.Suite
+	endpoint        string
+	projectName     string
+	accessKeyID     string
+	accessKeySecret string
+	client          Client
+	policy          string
+	newPolicy       string
+}
+
+func (s *ProjectPolicyTestSuite) SetupSuite() {
+	s.endpoint = os.Getenv("LOG_TEST_ENDPOINT")
+	s.projectName = os.Getenv("LOG_TEST_PROJECT")
+	s.accessKeyID = os.Getenv("LOG_TEST_ACCESS_KEY_ID")
+	s.accessKeySecret = os.Getenv("LOG_TEST_ACCESS_KEY_SECRET")
+	s.client.AccessKeyID = s.accessKeyID
+	s.client.AccessKeySecret = s.accessKeySecret
+	s.client.Endpoint = s.endpoint
+	s.policy = `
+{
+  "Statement": [
+    {
+      "Action": [
+        "log:Post*"
+      ],
+      "Effect": "Deny",
+      "Resource": "acs:log:*:*:project/test-project-policy/*"
+    }
+  ],
+  "Version": "1"
+}`
+	s.newPolicy = `
+{
+  "Statement": [
+    {
+      "Action": [
+        "log:Post*"
+      ],
+      "Effect": "Allow",
+      "Resource": "acs:log:*:*:project/test-project-policy/*"
+    }
+  ],
+  "Version": "1"
+}`
+}
+
+func (s *ProjectPolicyTestSuite) TearDownSuite() {
+}
+
+func (s *ProjectPolicyTestSuite) TestClient_CURDProjectPolicy() {
+	err := s.client.UpdateProjectPolicy(s.projectName, s.policy)
+	s.Require().Nil(err)
+	policy, err := s.client.GetProjectPolicy(s.projectName)
+	s.Require().Nil(err)
+	s.Require().Equal(policy, s.policy)
+	err = s.client.UpdateProjectPolicy(s.projectName, s.newPolicy)
+	s.Require().Nil(err)
+	newPolicy, err := s.client.GetProjectPolicy(s.projectName)
+	s.Require().Nil(err)
+	s.Require().Equal(newPolicy, s.newPolicy)
+	err = s.client.DeleteProjectPolicy(s.projectName)
+	s.Require().Nil(err)
+	policy, err = s.client.GetProjectPolicy(s.projectName)
+	s.Require().Nil(err)
+	s.Require().Empty(policy)
+}
diff --git a/token_auto_update_client.go b/token_auto_update_client.go
@@ -1604,3 +1604,33 @@ func (c *TokenAutoUpdateClient) GetMetricStore(project, name string) (metricStor
 	}
 	return
 }
+
+func (c *TokenAutoUpdateClient) UpdateProjectPolicy(project, policy string) (err error) {
+	for i := 0; i < c.maxTryTimes; i++ {
+		err = c.logClient.UpdateProjectPolicy(project, policy)
+		if !c.processError(err) {
+			return
+		}
+	}
+	return
+}
+
+func (c *TokenAutoUpdateClient) DeleteProjectPolicy(project string) (err error) {
+	for i := 0; i < c.maxTryTimes; i++ {
+		err = c.logClient.DeleteProjectPolicy(project)
+		if !c.processError(err) {
+			return
+		}
+	}
+	return
+}
+
+func (c *TokenAutoUpdateClient) GetProjectPolicy(project string) (policy string, err error) {
+	for i := 0; i < c.maxTryTimes; i++ {
+		policy, err = c.logClient.GetProjectPolicy(project)
+		if !c.processError(err) {
+			return
+		}
+	}
+	return
+}